公开(公告)号：US20220413560A1

公开(公告)日：2022-12-29

申请号：US17359971

申请日：2021-06-28

Applicant: Dell Products L.P.

Inventor： Nicholas D. Grobelny ,  Jason S. Morrison ,  Patrick A. Hampton ,  Michael David ,  Ernesto Ramirez

IPC: G06F1/16 ,  G06F21/86 ,  F16B21/12

Abstract: A main housing portion of a portable information handing system. The main housing portion includes: a top cover portion; a bottom cover portion; and, an information handling system locking system, the information handling system locking system including a bottom cover locking component, the bottom cover locking component being mounted to the bottom cover, the bottom cover locking component defining a bottom cover locking portion aperture, the bottom cover locking portion aperture being aligned with the top cover aperture.

公开(公告)号：US20220200806A1

公开(公告)日：2022-06-23

申请号：US17126077

申请日：2020-12-18

Applicant: Dell Products, L.P.

Inventor： Nicholas D. Grobelny ,  Ricardo L. Martinez ,  Carlton A. Andrews ,  Charles D. Robison

IPC: H04L9/32 ,  H04L29/06 ,  H04L9/08

Abstract: Systems and methods for providing trusted local orchestration of workspaces are described. In some embodiments, an Information Handling System (IHS) may include a processor and a system memory coupled to the processor, the system memory having program instructions stored thereon that, upon execution, cause the IHS to: receive an orchestration code from a workspace orchestration service; record, using a trusted controller coupled to the processor, a log comprising: the orchestration code, and an indication of a sequence of operations performed during an instantiation of a workspace by the local management agent; provide a copy of the log to the workspace orchestration service; and establish a connection between the workspace and the workspace orchestration service in response to the workspace orchestration service's successful: (i) authentication of the orchestration code, and (ii) verification of the sequence of operations.

公开(公告)号：US20220200796A1

公开(公告)日：2022-06-23

申请号：US17126070

申请日：2020-12-18

Applicant: Dell Products, L.P.

Inventor： Charles D. Robison ,  Nicholas D. Grobelny ,  Ricardo L. Martinez

IPC: H04L9/08 ,  H04L9/14 ,  G06F9/455

Abstract: Systems and methods for multilayer encryption for user privacy compliance and corporate confidentiality are described. In some embodiments, an Information Handling System (IHS) may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution, cause the IHS to: transmit, from a workspace instantiated by a local management agent to a portal managed by an enterprise: (i) a request to store a once-encrypted document, and (ii) an indication that the once-encrypted document is encrypted with a controlvault key; receive, from the portal at the workspace, a request to encrypt the once-encrypted document with an enterprise-issued cryptographic key to produce a twice-encrypted document; and transmit, from the workspace to the portal, a copy of the twice-encrypted document.

公开(公告)号：US20220171853A1

公开(公告)日：2022-06-02

申请号：US17110043

申请日：2020-12-02

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Joseph Kozlowski ,  Charles D. Robison ,  David Konetski ,  Nicholas D. Grobelny

IPC: G06F21/57 ,  G06F21/54 ,  G06F21/60 ,  G06F21/31

Abstract: Systems and methods for bare-metal or pre-boot user-machine authentication, binding, and entitlement provisioning are described. In some embodiments, a method may include: receiving, at a first portal managed by a manufacturer of an Information Handling System (IHS): (i) user credentials associated with a user of the IHS, and (ii) device identification associated with the IHS before the IHS is shipped to the user; selecting a customer of the manufacturer associated with the device identification; forwarding an indication of the user credentials to a second portal managed by the customer; and, in response to the second portal having successfully authenticated the user, establishing an identity session with the second portal; receiving, from the IHS, a request to initiate an entitlement sequence.

公开(公告)号：US11316902B2

公开(公告)日：2022-04-26

申请号：US16671045

申请日：2019-10-31

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: H04L29/00 ,  H04L29/06

Abstract: Methods and system are provided for dynamically securing a workspace based on changes in the security context in which the workspace operates. Upon receiving a request from an IHS for access to a managed resource and receiving attributes of a risk context for the request, a risk score for the request is determined. A workspace definition that provides access to the managed resource is selected based on the risk score. A workspace definition includes security requirements for operation of the workspace by the IHS, where the security requirements are commensurate with the risk score. The workspace definition is transmitted to the IHS for operation of the workspace according to the security requirements. A risk context may include, IHS software, a physical environment in which the IHS is located, a physical location of the IHS, a classification of the requested resource, IHS hardware, and a user of the IHS.

公开(公告)号：US11240109B2

公开(公告)日：2022-02-01

申请号：US16670516

申请日：2019-10-31

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: G06F15/173 ,  H04L12/24 ,  H04L29/06 ,  H04L29/08

Abstract: Systems and methods for modernizing workspace and hardware lifecycle management in an enterprise productivity ecosystem are described. In some embodiments, a client Information Handling System (IHS) may include a processor and a memory, the memory having program instructions that, upon execution by the processor, cause the client IHS to: receive, from a workspace orchestration service, one or more files or policies configured to enable the client IHS to instantiate a first workspace based upon a first workspace definition; allow a user to execute a non-vetted application in the first workspace; determine that the first workspace is compromised; and receive, in response to the determination, from the workspace orchestration service, one or more other files or policies configured to enable the client IHS to instantiate a second workspace based upon a second workspace definition, where the second workspace definition allows execution of a vetted application corresponding to the non-vetted application.

公开(公告)号：US20210334417A1

公开(公告)日：2021-10-28

申请号：US16857351

申请日：2020-04-24

Applicant: Dell Products L.P.

Inventor： Jason S. Morrison ,  Nicholas D. Grobelny

IPC: G06F21/86 ,  G06F1/16 ,  E05B73/00 ,  E05B47/00

Abstract: An information handling system housing is secured against unauthorized access with a security device integrated in the housing that selectively enables and disables screw movement relative to threads disposed in the housing. For instance, a freewheeling nut in the housing interfaces with an actuator that selectively releases or holds the freewheeling nut relative to the housing. When released, a screw coupled to the freewheeling nut cannot rotate relative to the threads of the freewheeling nut so that the screw maintains the housing secured until the freewheeling nut is held in position to allow removal of the screw.

公开(公告)号：US20210136082A1

公开(公告)日：2021-05-06

申请号：US16670910

申请日：2019-10-31

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: H04L29/06

Abstract: Systems and methods provide multilevel authorization of workspaces using certificates, where all of the authorization levels may be authorized separately or may instead be authorized at once. A measurement of an IHS (Information Handling System) is calculated based on the identity of the IHS and based on firmware of the IHS. A measurement of the configuration of the IHS is calculated based on information for configuring the IHS for supporting workspaces and also based on the IHS measurement. A measurement of a workspace session is calculated based on properties of a session used to remotely support operation of the workspace by the IHS and also based on the configuration measurement. Workspace session data may by authorized at all three levels by evaluating the session measurement against a reference session measurement.

公开(公告)号：US10956564B2

公开(公告)日：2021-03-23

申请号：US16182236

申请日：2018-11-06

Applicant: DELL PRODUCTS L.P.

Inventor： Girish S. Dhoble ,  Ricardo L. Martinez ,  Nicholas D. Grobelny ,  Abeye Teshome

IPC: G06F21/00 ,  G06F21/54 ,  G06F21/62 ,  G06F21/57 ,  G06F12/14 ,  G06F21/60

Abstract: Systems and methods that may be implemented to use encryption to isolate SMI functions, libraries and data from each other, such as during operation of systems management mode (SMM). Isolation of SMI function, library and data (and limitation of SMI function/library privileges) may be achieved in SMI at runtime by decrypting only that code and data needed for performing the required action/s in response to a SMI received from a calling process by a host processor (e.g., CPU).

公开(公告)号：US10855619B1

公开(公告)日：2020-12-01

申请号：US16670969

申请日：2019-10-31

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: H04L29/06 ,  H04L12/911 ,  H04L12/917

Abstract: Systems and methods adjust workspaces based on available hardware resource of an IHS (Information Handling System) by which a user operates a workspace supported by a remote orchestration service. A security context and a productivity context of the IHS are determined based on reported context information. A workspace definition for providing access to a managed resource is selected based on the security context and the productivity context. A notification specifies a hardware resource of the IHS that is not used by the workspace definition, such as a microphone or camera that has not been enabled for use by workspaces. A productivity improvement that results from the updated productivity context that includes use of the first hardware resource is determined. Based on the productivity improvement, an updated workspace definition is selected that includes use of the first hardware resource in providing access to the managed resource via the IHS.