公开(公告)号：US20230049131A1

公开(公告)日：2023-02-16

申请号：US17444774

申请日：2021-08-10

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Nigel John Edwards ,  Guilherme de Campos Magalhaes

IPC: G06F11/07 ,  G06F21/56 ,  G06F21/53 ,  H04L9/32 ,  G06F21/64

Abstract: In some examples, a system receives first measurements of data items used by a build server in building an executable program, the data items copied from a data repository to a storage partition that is separate from the data repository, and the storage partition to store the data items relating to building the executable program by the build server. The system determines, based on the first measurements and according to a policy specified for the storage partition, whether a corruption of the data items used by the build server in building the executable program has occurred.

公开(公告)号：US12020010B2

公开(公告)日：2024-06-25

申请号：US17444774

申请日：2021-08-10

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Nigel John Edwards ,  Guilherme de Campos Magalhaes

IPC: G06F21/56 ,  G06F8/60 ,  G06F11/07 ,  G06F21/53 ,  G06F21/64 ,  H04L9/32

CPC classification number: G06F8/60 ,  G06F11/0751 ,  G06F21/53 ,  G06F21/563 ,  G06F21/64 ,  H04L9/3236 ,  H04L9/3247 ,  G06F2221/033

Abstract: In some examples, a system receives first measurements of data items used by a build server in building an executable program, the data items copied from a data repository to a storage partition that is separate from the data repository, and the storage partition to store the data items relating to building the executable program by the build server. The system determines, based on the first measurements and according to a policy specified for the storage partition, whether a corruption of the data items used by the build server in building the executable program has occurred.

公开(公告)号：US20240137363A1

公开(公告)日：2024-04-25

申请号：US18047785

申请日：2022-10-18

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Nigel John Edwards ,  Thomas M. Laffey ,  Ludovic Emmanuel Paul Noel Jacquin ,  Sunil James

IPC: H04L9/40

CPC classification number: H04L63/0876 ,  H04L63/0209

Abstract: In some examples, a system receives information from electronic devices comprising network devices and computing devices in a computing environment that are subject to attestations of interfaces of the network devices and the computing devices. For each interface of a given computing device being attested, the system verifies that the interface of the given computing device is connected to an interface of a corresponding network device that is being attested. For each interface of a given network device being attested, the system verifies that the interface of the given network device is connected to an interface of a corresponding computing device that is being attested or an interface of another network device that is being attested. The system detects a presence of an unauthorized electronic device in the computing environment in response to determining that an interface of a computing device being attested or an interface of a network device being attested is not connected to a corresponding interface of an electronic device being attested.

公开(公告)号：US12111937B2

公开(公告)日：2024-10-08

申请号：US18187332

申请日：2023-03-21

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Geoffrey Ndu ,  Nigel John Edwards

IPC: G06F21/54 ,  G06F21/55 ,  G06F21/56 ,  G06F21/57

CPC classification number: G06F21/577 ,  G06F21/54 ,  G06F21/552 ,  G06F21/566 ,  G06F21/572 ,  G06F2221/034

Abstract: A technique includes an operating system agent of a computer system monitoring a process to detect whether an integrity of the process has been compromised. The monitoring includes the operating system agent scanning a data structure. The process executes in a user space, and the data structure is part of an operating system kernel space. The technique includes a hardware controller of the computer system listening for a heartbeat that is generated by the operating system agent. The hardware controller takes a corrective action in response to at least one of the hardware controller detecting an interruption of the heartbeat, or the operating system agent communicating to the hardware controller a security alert for the process.

公开(公告)号：US20240126883A1

公开(公告)日：2024-04-18

申请号：US18539533

申请日：2023-12-14

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Francisco Plinio Oliveira Silveira ,  Nigel John Edwards ,  Ludovic Emmanuel Paul Noel Jacquin ,  Guilherme de Campos Magalhaes ,  Leandro Augusto Penna dos Santos ,  Rodrigo Jose da Rosa Antunes

IPC: G06F21/57

CPC classification number: G06F21/57 ,  G06F21/577 ,  G06F2221/033

Abstract: A process includes, in a computer system, acquiring a first measurement that corresponds to a software container. Acquiring the measurement includes a hardware processor of the computer system measuring a given layer of a plurality of layers of layered file system structure corresponding to the software container. The given layer includes a plurality of files, and the first measurement includes a measurement of the plurality of files. The process includes storing the first measurement in a secure memory of the computer system. A content of the secure memory is used to verify an integrity of the software container.

公开(公告)号：US20230222226A1

公开(公告)日：2023-07-13

申请号：US18187332

申请日：2023-03-21

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Geoffrey Ndu ,  Nigel John Edwards

IPC: G06F21/56 ,  G06F21/57 ,  G06F21/55 ,  G06F21/54

CPC classification number: G06F21/566 ,  G06F21/577 ,  G06F21/552 ,  G06F21/572 ,  G06F21/54 ,  G06F2221/034

Abstract: A technique includes an operating system agent of a computer system monitoring a process to detect whether an integrity of the process has been compromised. The monitoring includes the operating system agent scanning a data structure. The process executes in a user space, and the data structure is part of an operating system kernel space. The technique includes a hardware controller of the computer system listening for a heartbeat that is generated by the operating system agent. The hardware controller takes a corrective action in response to at least one of the hardware controller detecting an interruption of the heartbeat, or the operating system agent communicating to the hardware controller a security alert for the process.

公开(公告)号：US11636214B2

公开(公告)日：2023-04-25

申请号：US17118698

申请日：2020-12-11

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Geoffrey Ndu ,  Nigel John Edwards

IPC: G06F21/00 ,  G06F21/57 ,  G06F21/54 ,  G06F21/56

Abstract: A technique includes an operating system agent of a computer system monitoring a process to detect whether an integrity of the process has been compromised. The monitoring includes the operating system agent scanning a data structure. The process executes in a user space, and the data structure is part of an operating system kernel space. The technique includes a hardware controller of the computer system listening for a heartbeat that is generated by the operating system agent. The hardware controller takes a corrective action in response to at least one of the hardware controller detecting an interruption of the heartbeat, or the operating system agent communicating to the hardware controller a security alert for the process.

公开(公告)号：US20220179959A1

公开(公告)日：2022-06-09

申请号：US17113161

申请日：2020-12-07

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Francisco Plinio Oliveira Silveira ,  Nigel John Edwards ,  Ludovic Emmanuel Paul Noel Jacquin ,  Guilherme de Campos Magalhaes ,  Leandro Augusto Penna dos Santos ,  Rodrigo Jose da Rosa Antunes

IPC: G06F21/57

Abstract: A process includes, in a computer system, acquiring a first measurement that corresponds to a software container. Acquiring the measurement includes a hardware processor of the computer system measuring a given layer of a plurality of layers of layered file system structure corresponding to the software container. The given layer includes a plurality of files, and the first measurement includes a measurement of the plurality of files. The process includes storing the first measurement in a secure memory of the computer system. A content of the secure memory is used to verify an integrity of the software container.

公开(公告)号：US20240281272A1

公开(公告)日：2024-08-22

申请号：US18170720

申请日：2023-02-17

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Nigel John Edwards ,  Geoffrey Ndu ,  Jason Christopher Cohen ,  Theofrastos Koulouris

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/45579 ,  G06F2009/45583 ,  G06F2009/45591

Abstract: In some examples, a bus device includes a device controller to perform input/output (I/O) virtualization to provide a virtualized instance of the bus device. The device controller establishes a channel between the virtualized instance of the bus device and a guest operating system (OS) of a virtual machine (VM). The device controller receives, from the VM, address information relating to a portion of a memory containing information associated with a kernel of the guest OS, and obtains, for integrity inspection, the information associated with the kernel from the memory based on the address information.

公开(公告)号：US20240236089A9

公开(公告)日：2024-07-11

申请号：US18047785

申请日：2022-10-19

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Nigel John Edwards ,  Thomas M. Laffey ,  Ludovic Emmanuel Paul Noel Jacquin ,  Sunil James

IPC: H04L9/40

CPC classification number: H04L63/0876 ,  H04L63/0209

Abstract: In some examples, a system receives information from electronic devices comprising network devices and computing devices in a computing environment that are subject to attestations of interfaces of the network devices and the computing devices. For each interface of a given computing device being attested, the system verifies that the interface of the given computing device is connected to an interface of a corresponding network device that is being attested. For each interface of a given network device being attested, the system verifies that the interface of the given network device is connected to an interface of a corresponding computing device that is being attested or an interface of another network device that is being attested. The system detects a presence of an unauthorized electronic device in the computing environment in response to determining that an interface of a computing device being attested or an interface of a network device being attested is not connected to a corresponding interface of an electronic device being attested.