公开(公告)号：US20210336992A1

公开(公告)日：2021-10-28

申请号：US16860262

申请日：2020-04-28

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Suhas Shivanna ,  Sridhar Bandi ,  Yelaka Surya Prakash ,  Shiva R. Dasari

IPC: H04L29/06

Abstract: In some examples, a system receives input information relating to a security level for an information technology (IT) stack comprising a plurality of layers including a hardware layer and a software layer, where the input information is technology and product agnostic. The system discovers components of the plurality of layers of the IT stack, accesses a knowledge base that maps the security level and the discovered components to configuration instructions relating to security controls, and configures the IT stack with the security controls using the configuration instructions.

公开(公告)号：US20210034547A1

公开(公告)日：2021-02-04

申请号：US16528559

申请日：2019-07-31

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Dwight D. Riley ,  Shiva R. Dasari

IPC: G06F12/14 ,  G06F12/1081 ,  G06F3/06

Abstract: In exemplary aspects described herein, system memory is secured using protected memory regions. Portions of a system memory are assigned to endpoint devices, such as peripheral component interconnect express (PCIe) compliant devices. The portions of the system memory can include protected memory regions. The protected memory regions of the system memory assigned to each of the endpoint devices are configured to control access thereto using device identifiers and/or process identifiers, such as a process address space ID (PASID). When a transaction request is received by a device, the memory included in that request is used to determine whether it corresponds to a protected memory region. If so, the transaction request is executed if the identifiers in the request match the identifiers for which access is allowed to that protected memory region.

公开(公告)号：US10303883B2

公开(公告)日：2019-05-28

申请号：US15333779

申请日：2016-10-25

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Shiva R. Dasari ,  Nicholas Ramirez ,  Fraser John Dickin

IPC: G06F21/44 ,  G06F21/57 ,  G06F21/60

Abstract: In some examples, a computing device includes a data port, device memory to store firmware for the computing device, and verification circuitry. The verification circuitry may override operation of the data port responsive to a determination that firmware verification mode criteria are satisfied. The verification circuitry may also extract firmware data from the device memory for verification of the firmware and provide the firmware data to an external device connected to the computing device through the data port.

公开(公告)号：US20180114024A1

公开(公告)日：2018-04-26

申请号：US15333779

申请日：2016-10-25

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Shiva R. Dasari ,  Nicholas Ramirez ,  Fraser John Dickin

IPC: G06F21/57 ,  G06F21/60

CPC classification number: G06F21/572 ,  G06F21/44 ,  G06F21/575 ,  G06F21/604

Abstract: In some examples, a computing device includes a data port, device memory to store firmware for the computing device, and verification circuitry. The verification circuitry may override operation of the data port responsive to a determination that firmware verification mode criteria are satisfied. The verification circuitry may also extract firmware data from the device memory for verification of the firmware and provide the firmware data to an external device connected to the computing device through the data port.