公开(公告)号：KR20100109485A

公开(公告)日：2010-10-08

申请号：KR20100028392

申请日：2010-03-30

Applicant: INTEL CORP

Inventor： KHOSRAVI HORMUZD M ,  GOKULRANGAN VENKAT R ,  RASHEED YASSER ,  LONG MEN

IPC: G06F21/20 ,  G06F9/44 ,  G06F13/14

CPC classification number: G06F21/561 ,  G06F21/51 ,  G06F21/56 ,  G06F21/74 ,  G06F21/85 ,  G06F2221/034 ,  G06F2221/2101 ,  G06F2221/2105

Abstract: PURPOSE: A platform based verification of contents of input/output devices for deleting an infected part is provided to supply an alarm about the infected parts by verifying the contents of I/O device. CONSTITUTION: A platform hardware receives an interruption from I/O(Input/Output) device(210). The platform hardware detects the contents of the I/O device before the contents of the I/O device is exposed to a host OS(Operating System)(250). If there are the infected parts, the platform hardware offers the emergency signal to a user or the platform hardware deletes the infected parts(280).

Abstract translation: 目的：通过验证输入/输出设备内容的删除感染部分的基于平台的验证，通过验证I / O设备的内容来提供有关感染部位的警报。 构成：平台硬件从I / O（输入/输出）设备（210）接收中断。 平台硬件在将I / O设备的内容暴露给主机OS（操作系统）（250）之前检测I / O设备的内容。 如果有感染部分，平台硬件向用户提供紧急信号，或者平台硬件会删除受感染部分（280）。

公开(公告)号：JP2011123875A

公开(公告)日：2011-06-23

申请号：JP2010242568

申请日：2010-10-28

Applicant: Intel Corp ,  インテル・コーポレーション

Inventor： KHOSRAVI HORMUZD M ,  ILLENDULA AJITH K ,  SMITH NED M ,  RASHEED YASSER ,  ZENTI TRACIE L ,  JORGENSEN BRYAN K

IPC: G06F13/14

CPC classification number: G06F9/4416 ,  G06F13/105 ,  G06F13/4027

Abstract: PROBLEM TO BE SOLVED: To use hardware to remotely provide a platform with a bus device ID, as well as software updates, software, and drivers.
SOLUTION: A management engine may be used to trap configuration cycles during a boot process and thereafter in response to operating system enumeration. As a result, a virtual bus device can be created. The bus device may be used to provide software to the platform even when the operating system is corrupted or non-functional.
COPYRIGHT: (C)2011,JPO&INPIT

Abstract translation: 要解决的问题：使用硬件远程提供具有总线设备ID的平台，以及软件更新，软件和驱动程序。 解决方案：管理引擎可用于在启动过程中捕获配置周期，此后可响应操作系统枚举。 结果，可以创建虚拟总线设备。 总线设备可用于向平台提供软件，即使操作系统损坏或不起作用。 版权所有（C）2011，JPO＆INPIT

公开(公告)号：JP2011129105A

公开(公告)日：2011-06-30

申请号：JP2010252817

申请日：2010-11-11

Applicant: Intel Corp ,  インテル・コーポレーション

Inventor： KHOSRAVI HORMUZD M ,  ILLENDULA AJITH K ,  SMITH NED M ,  RASHEED YASSER ,  JORGENSEN BRYAN K ,  ZENTI TRACIE L

IPC: G06F9/445 ,  G06F11/00 ,  G06F13/00

CPC classification number: G06F8/61 ,  G06F8/65

Abstract: PROBLEM TO BE SOLVED: To provide efficient software distribution and update service regardless of the state or physical location of a computer even if the computer has already been shipped and is in use.
SOLUTION: The software distribution service SDS 20 queries a third party data store 3PDS and connects to a server 14, and downloads and installs a software client 18 or a barebones installer for the update software. The SDS verifies the downloaded package with the client 18 using a hash value stored in the 3PDS, as indicated in block 36. The SDS or the update server 14 (for example, a gateway 16) marks the appropriate region in the 3PDS with a flag, indicating that no further download is needed and that the download has been completed.
COPYRIGHT: (C)2011,JPO&INPIT

Abstract translation: 要解决的问题：即使计算机已经运输和使用，即使计算机的状态或物理位置，即使提供高效的软件分发和更新服务。

解决方案：软件分发服务SDS 20查询第三方数据存储3PDS并连接到服务器14，并下载并安装软件客户端18或更新软件的准系统安装程序。 如方框36所示，SDS使用存储在3PDS中的散列值，使用客户端18验证下载的包.SDS或更新服务器14（例如，网关16）用标志标记3PDS中的适当区域 ，表示不需要进一步下载，并且下载已经完成。 版权所有（C）2011，JPO＆INPIT

公开(公告)号：JP2011070654A

公开(公告)日：2011-04-07

申请号：JP2010173785

申请日：2010-08-02

Applicant: Intel Corp ,  インテル・コーポレーション

Inventor： SAHITA RAVI L ,  DURHAM DAVID M ,  ORRIN STEVE ,  RASHEED YASSER ,  MULGAONKAR PRASANNA G ,  SCHMITZ PAUL S ,  KHOSRAVI HORMUZD M

IPC: G06F21/22

CPC classification number: G06F21/53 ,  G06F21/55

Abstract: PROBLEM TO BE SOLVED: To protect a computer platform from malware. SOLUTION: An IB agent 108 that operates from an OS kernel 106 protects a platform 100 by interaction with an OOB agent 110. The IB agent 108 operates under a distrusted OS environment. On the other hand, in cooperation with a manageability engine 140, the OOB agent 110 runs beneath the OS, e.g., in virtualized, trusted memory space that is not part of the OS memory space. A secure OOB channel includes a network interface 144 in the management engine 140 and a virtual redirect block 142. The network interface 144 provides the network interface for the service 122 to communicate with the platform, even when an OS is not active. The management engine 140 can communicate with the service 122, when a malware may have compromised the integrity of the IB channel. COPYRIGHT: (C)2011,JPO&INPIT

Abstract translation: 要解决的问题：保护计算机平台免受恶意软件攻击。 解决方案：从OS内核106操作的IB代理108通过与OOB代理110的交互来保护平台100.IB代理108在不信任的OS环境下操作。 另一方面，与可管理性引擎140协作，OOB代理110在OS之下运行，例如在不是OS存储器空间的虚拟的可信存储器空间中。 安全的OOB信道包括管理引擎140中的网络接口144和虚拟重定向块142.即使当OS不活动时，网络接口144提供用于服务122与平台通信的网络接口。 当恶意软件可能损害IB信道的完整性时，管理引擎140可以与服务122进行通信。 版权所有（C）2011，JPO＆INPIT

公开(公告)号：JP2010244536A

公开(公告)日：2010-10-28

申请号：JP2010074573

申请日：2010-03-29

Applicant: Intel Corp ,  インテル・コーポレーション

Inventor： KHOSRAVI HORMUZD M ,  GOKULRANGAN VENKAT R ,  RASHEED YASSER ,  LONG MEN

IPC: G06F21/22

CPC classification number: G06F21/561 ,  G06F21/51 ,  G06F21/56 ,  G06F21/74 ,  G06F21/85 ,  G06F2221/034 ,  G06F2221/2101 ,  G06F2221/2105

Abstract: PROBLEM TO BE SOLVED: To delete a file infected with malware/worm/virus of an input-output device. SOLUTION: A platform includes platform hardware 150, which may verify the contents of the I/O device 190-N. The platform hardware 150 may include components such as a manageability engine 340 and a verification engine that are used to verify the contents of the I/O 190-N device even before the contents of the I/O device 190-N are exposed to an operating system 120 supported by a host. The platform components may delete the infected portions of the contents of I/O device 190-N if the verification process indicates that the contents of the I/O device 190-N include the infected portions. COPYRIGHT: (C)2011,JPO&INPIT

Abstract translation: 要解决的问题：删除感染恶意软件/蠕虫/病毒的输入输出设备的文件。 解决方案：平台包括平台硬件150，其可以验证I / O设备190-N的内容。 平台硬件150可以包括即使在I / O设备190-N的内容暴露于I / O设备190-N之前用于验证I / O 190-N设备的内容的诸如可管理性引擎340和验证引擎的组件 由主机支持的操作系统120。 如果验证过程指示I / O设备190-N的内容包括感染部分，则平台组件可以删除I / O设备190-N的内容的感染部分。 版权所有（C）2011，JPO＆INPIT

公开(公告)号：WO2011146857A3

公开(公告)日：2012-04-05

申请号：PCT/US2011037374

申请日：2011-05-20

Applicant: INTEL CORP ,  KHOSRAVI HORMUZD M ,  EDWARDS DAVID A ,  GOKULRANGAN VENKAT R ,  RASHEED YASSER

Inventor： KHOSRAVI HORMUZD M ,  EDWARDS DAVID A ,  GOKULRANGAN VENKAT R ,  RASHEED YASSER

IPC: G06F21/20 ,  G06F15/16 ,  H04L9/32

CPC classification number: G06F21/64 ,  G06F21/567 ,  G06F21/606 ,  G06F21/85 ,  G06F2213/0038

Abstract: A method and device for providing a secure scan of a data storage device from a remote server are disclosed. In some embodiments, a computing device may include an in-band processor configured to execute an operating system and at least one host driver, communication circuitry configured to communicate with a remote server, and an out-of-band (OOB) processor capable of communicating with the remote server using the communication circuitry irrespective of the state of the operating system. The OOB processor may be configured to receive a block read request from the remote server, instruct the at least one host driver to send a storage command to a data storage device, receive data retrieved from the data storage device and authentication metadata generated by the data storage device, and transmit the data and the authentication metadata to the remote server.

Abstract translation: 公开了一种从远程服务器提供数据存储设备的安全扫描的方法和设备。 在一些实施例中，计算设备可以包括带内处理器，其被配置为执行操作系统和至少一个主机驱动器，被配置为与远程服务器通信的通信电路和能够与远程服务器通信的带外（OOB） 使用通信电路与远程服务器通信，而与操作系统的状态无关。 OOB处理器可以被配置为从远程服务器接收块读取请求，指示至少一个主机驱动程序向数据存储设备发送存储命令，接收从数据存储设备检索的数据和由数据生成的认证元数据 存储设备，并将数据和认证元数据传输到远程服务器。

公开(公告)号：EP2795519A4

公开(公告)日：2015-09-02

申请号：EP11878212

申请日：2011-12-22

Applicant: INTEL CORP

Inventor： BERGER MICHAEL ,  KATARIA MUKESH ,  TRIPP JEFFREY M ,  RASHEED YASSER ,  BIRNBAUM DAVID ,  HUYNH HUNG P ,  KUPERMANN ELI ,  GEDEON MAZEN G ,  RESCH JOSHUA M

IPC: G06F21/30 ,  G06F21/10 ,  G06F21/70 ,  G06F21/88 ,  H04W12/12

CPC classification number: G06F21/70 ,  G06F21/88 ,  H04W12/12

Abstract: A platform including a security system is described. The security system comprises, in one embodiment, a multi-state system having a plurality of modes, available whenever the platform has a source of power. The modes comprise an unarmed mode, in which the security system is not protecting the platform, an armed mode, in which the platform is protected, the armed mode reached from the unarmed mode, after an arming command, and a suspecting mode, in which the platform is suspecting theft, the suspecting mode reached from the armed mode, when a risk behavior is detected.