-
公开(公告)号:US12105609B2
公开(公告)日:2024-10-01
申请号:US18354912
申请日:2023-07-19
Applicant: Dell Products, L.P.
Inventor: Carlton A. Andrews , Girish S. Dhoble , Nicholas D. Grobelny , David Konetski , Joseph Kozlowski , Ricardo L. Martinez , Charles D. Robison
CPC classification number: G06F11/3055 , G06F11/3452 , G06F11/3466 , G06F21/552 , G06F21/577
Abstract: Systems and methods for modernizing workspace and hardware lifecycle management in an enterprise productivity ecosystem are described. In some embodiments, a client Information Handling System (IHS) may include a processor, and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the client IHS to: transmit, by a local management agent to a workspace orchestration service, an access request and context information; receive, at the local management agent from the workspace orchestration service, one or more files or policies configured to enable the local management agent to instantiate a workspace based upon a workspace definition, wherein the workspace orchestration service is configured to: (i) calculate a security target and a productivity target based upon the access request and the context information, and (ii) create the workspace definition based upon the security target and the productivity target; and instantiate the workspace.
-
公开(公告)号:US12072982B2
公开(公告)日:2024-08-27
申请号:US17837329
申请日:2022-06-10
Applicant: Dell Products L.P.
Inventor: Shekar Babu Suryanarayana , Anand Prakash Joshi , Amy Christine Nelson , Nicholas D. Grobelny
CPC classification number: G06F21/572 , G06F21/54 , G06F21/575 , G06F21/602
Abstract: A virtual BIOS engine may be configured to, during runtime of an operating system, in response to an operating system event for updating firmware, load onto an isolated compute domain of the processor to emulate firmware update processes of a non-transitory computer-readable media with a virtual non-transitory computer-readable media and emulate the firmware update processes of the cryptoprocessor with a virtual cryptoprocessor, extract a firmware payload to the virtual non-transitory computer-readable media, and execute a virtual trust chain to measure the firmware payload in the virtual non-transitory computer-readable media.
-
公开(公告)号:US20240250947A1
公开(公告)日:2024-07-25
申请号:US18157094
申请日:2023-01-20
Applicant: Dell Products, L.P.
Inventor: Nicholas D. Grobelny
IPC: H04L9/40
CPC classification number: H04L63/102 , H04L63/08 , H04L63/107
Abstract: Systems and methods provide endorsement of workspaces operating on Information Handling Systems (IHSs). A primary workspace definition is received by an IHS from a remote orchestrator. A primary workspace is instantiated on the IHS based upon the primary workspace definition, where the primary workspace provides access to a protected resource. The primary workspace definition received from the remote orchestrator identifies applications for operation within the primary workspace and also includes one or more endorsements for each of the applications. Instructions for operation of a applications are validated against an endorsement from the workspace definition. Applications are initiated for use within the workspace upon successful validation of the instructions.
-
公开(公告)号:US12003623B2
公开(公告)日:2024-06-04
申请号:US17126070
申请日:2020-12-18
Applicant: Dell Products, L.P.
Inventor: Charles D. Robison , Nicholas D. Grobelny , Ricardo L. Martinez
CPC classification number: H04L9/0852 , G06F9/45558 , H04L9/14 , G06F2009/45587
Abstract: Systems and methods for multilayer encryption for user privacy compliance and corporate confidentiality are described. In some embodiments, an Information Handling System (IHS) may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution, cause the IHS to: transmit, from a workspace instantiated by a local management agent to a portal managed by an enterprise: (i) a request to store a once-encrypted document, and (ii) an indication that the once-encrypted document is encrypted with a controlvault key; receive, from the portal at the workspace, a request to encrypt the once-encrypted document with an enterprise-issued cryptographic key to produce a twice-encrypted document; and transmit, from the workspace to the portal, a copy of the twice-encrypted document.
-
公开(公告)号:US11977669B2
公开(公告)日:2024-05-07
申请号:US17667938
申请日:2022-02-09
Applicant: Dell Products L.P.
Inventor: Jason Scott Morrison , Nicholas D. Grobelny , Mark Andrew Schwager
CPC classification number: G06F21/86 , G06F1/1658 , G06F21/82
Abstract: Methods and systems for securing data processing systems are disclosed. A data processing system may be operably connected to other devices via ports. When operably connected, some devices connected via the ports may cause undesired actions to be performed. To limit physical access to the ports, a security apparatus may be used to lock the ports. The security apparatus may transition between states where it may be inserted into openings for the ports and may be locked to the openings for the ports. When so locked, physical access to the ports may be limited.
-
Patent Agency Ranking
公开(公告)号:US20240037216A1
公开(公告)日:2024-02-01
申请号:US17875067
申请日:2022-07-27
Applicant: DELL PRODUCTS L.P.
Inventor: Nicholas D. Grobelny , Sumanth Vidyadhara , Richard M. Tonry , Amy C. Nelson
CPC classification number: G06F21/53 , H04L9/3073 , H04L9/3268 , G06F21/572 , G06F2221/033
Abstract: Systems and methods are provided that may be implemented to provide a basic input/output system (BIOS) with the ability to authenticate and then execute one-time unique instructions that are previously left behind (i.e., stored) in public memory of an information handling system by a containerized computing environment session that is no longer executing on the information handling system. The disclosed systems and methods may be so implemented to share with the system BIOS privileged instructions to identify which executables are authorized for execution on a targeted information handling system. The privileged instructions may be previously created and optionally stored together with an executable code in system public memory, and these instructions may provide instructions on how to execute the executable code.
-
47.发明公开公开(公告)号:US20240020212A1
公开(公告)日:2024-01-18
申请号:US18354912
申请日:2023-07-19
Applicant: Dell Products, L.P.
Inventor: Carlton A. Andrews , Girish S. Dhoble , Nicholas D. Grobelny , David Konetski , Joseph Kozlowski , Ricardo L. Martinez , Charles D. Robison
CPC classification number: G06F11/3055 , G06F21/552 , G06F21/577 , G06F11/3466 , G06F11/3452
Abstract: Systems and methods for modernizing workspace and hardware lifecycle management in an enterprise productivity ecosystem are described. In some embodiments, a client Information Handling System (IHS) may include a processor, and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the client IHS to: transmit, by a local management agent to a workspace orchestration service, an access request and context information; receive, at the local management agent from the workspace orchestration service, one or more files or policies configured to enable the local management agent to instantiate a workspace based upon a workspace definition, wherein the workspace orchestration service is configured to: (i) calculate a security target and a productivity target based upon the access request and the context information, and (ii) create the workspace definition based upon the security target and the productivity target; and instantiate the workspace.
-
公开(公告)号:US11803454B2
公开(公告)日:2023-10-31
申请号:US17246378
申请日:2021-04-30
Applicant: Dell Products L.P.
Inventor: Sumanth Vidyadhara , Nicholas D. Grobelny , Lip Vui Kan , Ricardo L. Martinez
CPC classification number: G06F11/26 , G06F8/60 , G06F9/4401 , G06F9/445 , G06F11/2284 , G06F21/575 , G06F2221/033
Abstract: Establishing a diagnostic OS for an information handling system platform performing a UEFI BIOS boot to place the platform in a pre-OS state. Upon detecting a particular POST error and/or a platform configuration policy, an embedded OS kernel may be launched into a DRTM-authenticated measured launch environment (MLE). Additional objects for the diagnostic OS may be downloaded. The additional objects may include an initial ramdisk (initrd) module and one or more applications specific to the particular diagnostic OS. The diagnostic OS may be launched as follows: for each diagnostic OS application, launching the application and extending a measurement of the application into a DRTM PCR. Launching the diagnostic OS may include launching an initrd module and extending a measurement of the initrd module into the DRTM PCR. A measurement of embedded OS kernel may be extended into the TPM and the embedded OS kernel may validate the UEFI BIOS sequence.
-
公开(公告)号:US11762750B2
公开(公告)日:2023-09-19
申请号:US17820100
申请日:2022-08-16
Applicant: Dell Products, L.P.
Inventor: Carlton A. Andrews , Girish S. Dhoble , Nicholas D. Grobelny , David Konetski , Joseph Kozlowski , Ricardo L. Martinez , Charles D. Robison
CPC classification number: G06F11/3055 , G06F11/3452 , G06F11/3466 , G06F21/552 , G06F21/577
Abstract: Systems and methods for modernizing workspace and hardware lifecycle management in an enterprise productivity ecosystem are described. In some embodiments, a client Information Handling System (IHS) may include a processor, and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the client IHS to: transmit, by a local management agent to a workspace orchestration service, an access request and context information; receive, at the local management agent from the workspace orchestration service, one or more files or policies configured to enable the local management agent to instantiate a workspace based upon a workspace definition, wherein the workspace orchestration service is configured to: (i) calculate a security target and a productivity target based upon the access request and the context information, and (ii) create the workspace definition based upon the security target and the productivity target; and instantiate the workspace.
-
公开(公告)号:US11704402B2
公开(公告)日:2023-07-18
申请号:US16526467
申请日:2019-07-30
Applicant: DELL PRODUCTS L.P.
Inventor: Nicholas D. Grobelny , Richard M. Tonry , Balasingh P. Samuel
IPC: G06F21/44 , G06F9/4401 , G06F21/57
CPC classification number: G06F21/44 , G06F9/4411 , G06F21/575
Abstract: Systems and methods are disclosed herein that may implement an information handling system including a gateway and a peripheral device monitor. The gateway may interface peripheral devices and control access of host resources of the information handling system by any of the peripheral devices. The peripheral device monitor may detect connection of an unverified peripheral device to the gateway, perform a trust verification process with the unverified peripheral device, control the gateway to enable access of the host resources by the unverified peripheral device when the unverified peripheral device becomes verified, and control the gateway to prevent access to the host resources by the unverified peripheral device when the unverified peripheral device fails the trust verification process. The trust verification process may include validating a device certificate and verifying a digest of boot code of the peripheral device. The peripheral device monitor may perform a verification failure procedure when the unverified peripheral device fails the trust verification process.
-
-
-
-
-
-
-
-
-
Search Results
110
records
(took 0.025 seconds)
