53rd week of 2009 patent applcation highlights part 76 |
Patent application number | Title | Published |
20090327681 | SELF TEST INITIALIZATION - A system to perform an information handling system (IHS) initialization includes one or more subsystems to receive a command to power on the IHS, initialize a processor cache memory to emulate a random access memory (RAM), determine whether a manufacturing self test is being performed on the IHS, and in response to the manufacturing self test being performed, complete the initialization without a complete memory initialization. | 2009-12-31 |
20090327682 | System and Method for Transferring Configuration Information to an Embedded Device Using a Command Line Interface - A system and method is disclosed for transferring configuration information to an embedded device associated with an option ROM during those periods in which the option ROM is disabled. The method of the present invention involves the enumeration of PCI devices within the system and the determination of whether the PCI devices are associated with an option ROM and whether the option ROM is enabled. If the embedded device is associated with an option ROM and if the option ROM is not enabled, the option ROM is loaded to a shadow memory and the command-line interface of the option ROM is called to transfer configuration data to the embedded device. The option ROM is later removed from shadow memory to remove the footprint of the option ROM in shadow memory. | 2009-12-31 |
20090327683 | SYSTEM AND METHOD TO ACCELERATE ACCESS TO NETWORK DATA USING A NETWORKING UNIT ACCESSIBLE NON-VOLATILE STORAGE - In some embodiments, the invention involves a network controller having a pattern matching unit to identify whether boot file requested from a network accessible storage device for booting are stored locally in non-volatile memory accessible to the network controller. When required boot files are stored locally, the locally stored files are sent to the processor to boot the operating system. In an embodiment, retrieved boot files are automatically cached by the network controller in the accessible non-volatile memory. In other embodiments, a service operates to ensure coherency between locally store boot files and the boot filed stored on the network accessible storage. In another embodiment, data other than boot files may be stored and retrieved from the non-volatile memory. Other embodiments are described and claimed. | 2009-12-31 |
20090327684 | Apparatus and method for secure boot environment - In some embodiments, a processor-based system may include at least one processor, at least one memory coupled to the at least one processor, a boot block stored at a first memory location, a capsule update stored at a second memory location, a startup authenticated code module to ensure the integrity of the boot block upon a restart of the processor-based system, code which is executable by the processor-based system to cause the processor-based system to validate the boot block with the startup authenticated code module upon the restart of the processor-based system, and, if the boot block is successfully validated, to validate the capsule update for the processor-based system with the startup authenticated code module. Other embodiments are disclosed and claimed. | 2009-12-31 |
20090327685 | Efficient root booting with solid state drives and redirection write snapshots - A system and method for root booting includes a plurality of computing devices that each boot from a read-only base volume of an attached storage device that includes data common to the computing devices. The attached storage device also includes a plurality of volumes, each dedicated to one of the computing devices, which are redirect on write snapshots of the read-only base volume including unique items for the respective computing device. The read-only base volume may be stored in one or more solid state drives which may be configured as a RAID (redundant array of independent disks) and/or mirrored with one or more other storage drives. The plurality of volumes may each be stored in one or more hard disk drives which may be configured as a RAID. The attached storage device may be operable to add common data to the read-only base volume. | 2009-12-31 |
20090327686 | Updating A Basic Input/Output System ('BIOS') Boot Block Security Module In Compute Nodes Of A Multinode Computer - Updating a BIOS boot block security module in a plurality of compute nodes of a multinode computer including, for each compute node in the multinode computer, upon powering on the compute node: determining whether a new image of security module is available; if a new image of the security module is available, commanding the reset control module of the compute node to block an attempt by the security module to propagate a reset signal on the scalability bus to other compute nodes in the multinode computer; updating to the new image of the security module; upon completion of the update, resetting the compute node including attempting to propagate a reset signal on the scalability bus to other compute nodes in the multinode computer; and blocking the attempt to propagate the reset signal on the salability bus. | 2009-12-31 |
20090327687 | ARRANGEMENTS FOR ESTABLISHING MANAGEMENT ENGINE DEFAULT SETTINGS - The employment of a process of applying user-defined defaults to a management engine or analogous arrangement, wherein a system BIOS calls or recalls such defaults, as needed, from NVRAM responsive to the need for a reset of defaults. | 2009-12-31 |
20090327688 | METHOD AND SYSTEM FOR DETECTING A MALICIOUS CODE - Embodiments of the present invention provide a method and a system for detecting a malicious code. The method includes obtaining first system information and second system information, and detecting the malicious code by identifying difference between the first system information and the second system information, which thus can detect an unknown malicious code, improve the system security, and can be easily implemented. | 2009-12-31 |
20090327689 | SYSTEMS AND METHODS FOR TUNING AN OPERATING SYSTEM, APPLICATION, OR NETWORK COMPONENT - A method, system, apparatus, and media are directed to tuning a device. Values are stored for each of a plurality of device parameters based on device metrics. The device parameters are constraint-matched over changes to settings of the device parameters to identify at least one point within each range of the device parameters that optimizes a performance measure for the device. Tuning values are selected for each device parameter based on the identified point. The tuning values are provided for tuning the device. The device is tuned with roll-back based on the running values. | 2009-12-31 |
20090327690 | Methods and Systems for Facilitaing Secure Communication - A method of facilitating secure communication, the method comprising the steps of obtaining a cryptographic key, identifying at least one trusted computing device and sending the cryptographic key to the trusted computing device. | 2009-12-31 |
20090327691 | METHOD AND APPARATUS OF ENCRYPTING CONTENT DELIVERY - The invention relates to a method and apparatus for delivering a data stream to a plurality of clients in a network. The method involves receiving the data stream from a media server, where the data stream includes a plurality of data packets and a data stream identifier associated with at least one of the plurality of data packets, securing the data stream received from the media server by applying a filter to the data stream to obtain a filtered data packet from the plurality of data packets based on the data stream identifier, encrypting the filtered data packet using an encryption scheme to obtain a encrypted media content, and distributing the encrypted media content to at least one of the plurality of clients in the network. | 2009-12-31 |
20090327692 | METHOD AND DEVICE FOR DISTRIBUTING SECURE DIGITAL AUDIOVISUAL CONTENTS BY INTEROPERABLE SOLUTIONS - A method for distributing a nominal audiovisual stream to a recipient device including modifying, in the nominal audiovisual stream, at least one nominal coefficient among the nominal coefficients to generate a modified main stream; generating complementary information such that the nominal audio-visual stream may be implemented based from the complementary information and on the modified main stream, applying a plurality of methods for protecting the complementary information to generate multiple protected complementary information, each of the protected complementary information enabling the nominal stream of the main stream to be implemented upon application of an access method compatible with the protection method which has been used to protect it; and transmitting to the recipient device the modified main stream and the multiple protected complementary information. | 2009-12-31 |
20090327693 | NETWORK TASK OFFLOAD APPARATUS AND METHOD THEREOF - A network task offload apparatus includes an offload circuit and a buffer scheduler. The offload circuit performs corresponding network task processing on a plurality of packets in parallel according to an offload command. The buffer scheduler includes a buffer control unit and a plurality of buffer units. The plurality of buffer units are controlled by the buffer control unit and are scheduled to store the processed packets. | 2009-12-31 |
20090327694 | Methods and apparatus for providing integrity protection for management and control traffic of wireless communication networks - Embodiments of the present invention provide a method comprising transmitting, by a communication node, an information element (IE), the IE including a feature field indicating whether the communication node operates in accordance with an integrity protection protocol specifically for management frames, and the IE further including an enforcement field that advertises whether the integrity protection protocol for management and control frames is mandatory, and generating, by the communication node, a pairwise transient key (PTK), the PTK including a first plurality of keys and a pairwise integrity key (PIK), wherein the first plurality of keys are configured to protect an integrity of data frames transmitted by the communication node and the PIK is configured to protect an integrity of management frames transmitted by the communication node, wherein management frames are dedicated to management traffic and wherein the first plurality of keys and the PIK are different keys. Other embodiments may be described and claimed. | 2009-12-31 |
20090327695 | SYSTEMS AND METHODS FOR APPLYING ENCRYPTION TO NETWORK TRAFFIC ON THE BASIS OF POLICY - An information handling system including a receiver for inbound data destined for delivery to a network node, an encryption recognition engine operable to identify whether the inbound data received by the receiver is encrypted and an encryption policy application engine operable to apply encryption policy to the inbound data on the basis of encryption properties identified by the encryption recognition engine in the inbound data. The system may further include an encryption engine operable to selectively encrypt the inbound data on the basis of the encryption policy as applied by the encryption policy application engine and a packet delivery engine operable to deliver the inbound data to its destination. | 2009-12-31 |
20090327696 | AUTHENTICATION WITH AN UNTRUSTED ROOT - Techniques and systems for authentication with an untrusted root between a client and a server are disclosed. In some aspects, a client may connect to a server. The server and client may initiate a secure connection by exchanging certificates. The server may accept a client certificate having an untrusted root that does not chain up to a root certificate verifiable to the server certificate authority. In further aspects, the server may enable the client to associate an untrusted certificate with an existing account associated with the server. The client certificate may be hardware based or generated in software, and may be issued to the client independent of interactions with the server. | 2009-12-31 |
20090327697 | NETWORK SECURITY PROCESSING METHOD AND SYSTEM FOR SELECTING ONE OF SOFTWARE AND HARDWARE CRYPTOGRAPHIC MODULES BY MEANS OF MULTIMEDIA SESSION INFORMATION - In a network security processing method and system for selecting one of software and hardware cryptographic modules by means of multimedia session information, the method includes the following steps: subjecting a plurality of packets of a multimedia session to signaling processing so as to obtain multimedia session information contained in the multimedia session, subjecting the multimedia session to a key authentication negotiation and according to the multimedia session information, making a determination to activate one of the software cryptographic module and the hardware cryptographic module. If the hardware cryptographic module is activated, the hardware cryptographic module performs network security processing of the packets of the multimedia session. If the software cryptographic module is activated, the software cryptographic module performs the network security processing of the packets of the multimedia session. | 2009-12-31 |
20090327698 | PROCESS AND STREAMING SERVER FOR ENCRYPTING A DATA STREAM WITH BANDWIDTH BASED VARIATION - There is disclosed a process for encrypting a data stream to secure the data stream for single viewing and to protect copyrights of the data stream. Specifically, there is disclosed a process for protecting streaming multimedia, entertainment and communications in an Internet-type transmission. There is further disclosed a streaming server component operably connected with a streaming server that interacts with a client system to affect the inventive process. | 2009-12-31 |
20090327699 | SYSTEM AND METHOD FOR BEND-IN-THE-WIRE ADJACENCY MANAGEMENT - A method for translating network data transmissions begins with a data transmission received at a router. An interface identifier is prepended before a first field of the data transmission, forming a prepended field. The data transmission is transmitted to a translation device. The data transmission is translated without altering the prepended field. The translated data transmission is transferred back to the router. The interface identifier is removed. The translated data is transmitted while maintaining adjacency with an adjacent peer using the interface identifier. | 2009-12-31 |
20090327700 | METHOD AND SYSTEM FOR VIRTUALIZATION OF TRUSTED PLATFORM MODULES - A method, an apparatus, a system, and a computer program product is presented for virtualizing trusted platform modules within a data processing system. A virtual trusted platform module along with a virtual endorsement key is created within a physical trusted platform module within the data processing system using a platform signing key of the physical trusted platform module, thereby providing a transitive trust relationship between the virtual trusted platform module and the core root of trust for the trusted platform. The virtual trusted platform module can be uniquely associated with a partition in a partitionable runtime environment within the data processing system. | 2009-12-31 |
20090327701 | ID Card Encryption - An ID card is authenticated. Encrypted data is read from a first security feature on the ID card. A value is computed based on the encrypted data. Unencrypted data is read from a second security feature on the ID card. The value and the unencrypted data is transmitted to an authentication center. An authentication message is received from the authentication center. | 2009-12-31 |
20090327702 | Key Escrow Service - A key escrow service is described. In embodiment(s), the key escrow service maintains an escrow license that includes an escrow content key that is associated with protected media content which is distributed from a content distributor to a media device. A content key that is associated with the protected media content can be received from the content distributor, and the content key can then be encrypted with a public escrow key to generate the escrow content key. The escrow license can be generated to include the escrow content key, and the escrow content key can then be communicated back to the content distributor that provides a digital rights management (DRM) license to the media device. The DRM license can include both the escrow content key and the content key encrypted with a public key that corresponds to the media device. | 2009-12-31 |
20090327703 | METHOD FOR PAYLOAD ENCRYPTION OF DIGITAL VOICE OR DATA COMMUNICATIONS - A security platform or network for transmitting end-to-end encrypted voice or data communications between at least a first digital device and a second device is disclosed. The network includes a network portal for registering the first digital device and the second device. The portal provides the first digital device and second device with at least first and second keys and receives requests from each device to communicate with each other. The portal searches for and receives authorization from the called device to set up a secure session with the calling device. The portal receives encrypted messages from the devices, decrypts the encrypted messages with the keys provided to the devices, and re-encrypts the received messages. The portal sends the re-encrypted messages to the other device. Accordingly, the devices are capable of securely communicating with each other by encrypting and decrypting the messages sent to and received from the portal. The intent is to provide a commercially feasible approach to protect sensitive information that is not government classified, with potential users including (a) Individuals—for protecting private information and conversations; (b) Companies—for protecting proprietary/sensitive information; and (c) Government—for protecting SBU conversations and information. | 2009-12-31 |
20090327704 | STRONG AUTHENTICATION TO A NETWORK - Embodiments for providing strong authentication to a network from a networked device are disclosed. In accordance with one embodiment, a method for authentication to a server includes sharing a session key between the networked device and the server. The method further includes sending an encrypted secret key that is encoded based on the session key to a memory of the networked device. The also method includes sending original data to the networked device for encryption into encrypted data using the secret key. The method additionally includes decrypting the encrypted data received from the networked device using the secret key to obtain decrypted data for comparison with the original data for determining access to networked resources. | 2009-12-31 |
20090327705 | ATTESTED CONTENT PROTECTION - The present invention extends to methods, systems, and computer program products for protecting content. Embodiments of the invention permit a local machine increased participation in authorizing access to protected content. An operating system attests to a computing environment at a corresponding computer system. If the computing environment is one permitted to access protected content, the operating system is permitted to regulate further (e.g., application) access to protected content in accordance with a procreation policy. As such, authorization decisions are partially distributed, easing the resource burden on a content protection server. Accordingly, embodiments of the invention can facilitate more robust and efficient authorization decisions when access to protected content is requested. | 2009-12-31 |
20090327706 | ACCOUNT MANAGEMENT SYSTEM, ROOT-ACCOUNT MANAGEMENT APPARATUS, DERIVED-ACCOUNT MANAGEMENT APPARATUS, AND PROGRAM - A root-account management apparatus generates an electronic signature based on a survival condition and a secret key when an authentication result of a user of a client apparatus is proper, and transmits derived-account credence element information including the survival condition, the electronic signature and a public key certificate to a derived-account management apparatus. The derived-account management apparatus creates derived-account information which becomes valid when the survival condition is satisfied so that the derived-account information includes both the derived-account credence element information which becomes invalid when a validity term of the public key certificate expires and a biometric information template of the user which is valid regardless of this validity term. Accordingly, even if an authentication element as a root (public key certificate) becomes invalid, a derived authentication element (biometric information template) can be prevented from becoming invalid. | 2009-12-31 |
20090327707 | Process for creating and managing at least one cryptographic key, and system for its implementation - A process for creating and managing pairs of asymmetrical cryptographic keys and/or certificates associated with the pairs of keys, each pair of keys and associated certificates being intended for an object managed by a computer system. The process includes creating an individual request for creating and/or certifying at least one pair of keys for an object of the system that lacks a pair of keys or a certificate for its pair of keys. | 2009-12-31 |
20090327708 | CERTIFICATE DISTRIBUTION USING SECURE HANDSHAKE - A method, system, and computer usable program product for certificate distribution using a secure handshake are provided in the illustrative embodiments. A client sends an indication in a request, the request being a part of a secure data communication with a server. The indication indicates an ability of the client to accept a certificate as a part of a response from the server. The server retrieves a new certificate. The server sends as a result of the indication, a new certificate in the response corresponding to the request. The client receives as a result of the indication, the new certificate in a response that corresponds to the request. The client separates the new certificate from the response and uses the new certificate in the secure data communication with the server. The server uses the new certificate in the secure data communication with the client. | 2009-12-31 |
20090327709 | MEMORY ADDRESS OBFUSCATION - Apparatus, systems, and methods may operate to provide, to a memory device, an obfuscated clear-page address derived from a clear-page address that is not the same as a key-page address and/or providing, to the memory device, an obfuscated key-page address derived from the key-page address when the obfuscated clear-page address is the same as the key-page address. Additional apparatus, systems, and methods are disclosed. | 2009-12-31 |
20090327710 | CONTENT RECORDING/REPRODUCING APPARATUS AND CONTENT RECORDING/REPRODUCING METHOD - According to one embodiment, a content recording apparatus is connected with a permission server that permits recording of content through a network. The content recording apparatus reads content encrypted based on a first encryption scheme and binding information from a disposed second recording medium, and uses the binding information to decode the read content encrypted based on the first encryption scheme. The content recording apparatus uses the permission server to authenticate permission of recording of the content, encrypts the decoded content based on a second encryption scheme when recording of the content is permitted, and records the content encrypted based on the second encryption scheme and the biding information in the first recording medium. | 2009-12-31 |
20090327711 | AUTHENTICATION OF BINARIES IN MEMORY WITH PROXY CODE EXECUTION - Presented is an anti-tampering method that validates and protects specific sections of a binary file. In one embodiment, this method permits a proxy engine to execute (via emulation by a virtual machine) the protected code on behalf of the binary in kernel mode upon successful completion of an integrity check. The integrity check can optionally check only the specific parts of code that the developer wishes to validate. The integrity check can cross binary boundaries. Moreover, the integrity check can be done on a hard drive or in memory. Furthermore, since the encrypted code is executed by the proxy engine in kernel mode, hackers are further deterred from modifying the code. Additionally, a method of creating a protected binary file is described herein. | 2009-12-31 |
20090327712 | SYSTEM AND METHOD FOR VARIABLE ENCRYPTION - A method for variable encryption of a plurality of files. The method serves a plurality of subscribers. The method includes receiving a request from one of the plurality of subscribers to download at least one of the plurality of files and receiving authorization to download the at least one of the plurality of files. The method also includes accessing the at least one of the plurality of files, encrypting the at least one of the plurality of files and inserting a key into the encrypted at least one of the plurality of files. Finally, the method includes downloading the encrypted at least one of the plurality of files to the one of the plurality of subscribers, extracting the key and deciphering the encrypted at least one of the plurality of files, thereby making available decrypted at least one of the plurality of files to the one of the plurality of subscribers. | 2009-12-31 |
20090327713 | SYSTEM AND METHOD FOR ESTABLISHING BEARER-INDEPENDENT AND SECURE CONNECTIONS - A system and method for efficiently enabling local security connectivity between electronic devices over multiple bearers. Electronic devices are configured to advertise, over each bearer, their respective configuration parameters for each bearer. After a connection has been established between the electronic devices over a first bearer, the two electronic devices use the first bearer to establish connections over the other bearers using the configuration parameters contained in the advertisements and advertised over the first bearer. Shared keys are established for the other bearers either using keys derived from the first shared key or by using the first secure connection as an out-of-band channel. The present invention also provides for the creation of an ad hoc WLAN connection once a Bluetooth connection has been established. | 2009-12-31 |
20090327714 | System and Method for End-to-End Electronic Mail-Encryption - The present disclosure provides a system and method for end-to-end electronic mail encryption. In one embodiment, the sender contacts a payload-encryption-packet creation server which receives the message the sender would like to encrypt, generates an encrypted message and a payload-encryption-packet, and returns both to the sender. The sender then uses his regular email infrastructure to transmit to the recipient the encrypted message and the payload-encryption-packet as a single email. Upon receiving the sender's email, the recipient contacts a payload-encryption-packet processing server and sends it the payload-encryption-packet and authorization information. Depending on the validity of the authorization information, said server processes the payload-encryption-packet and provides the recipient with information usable for extracting the original message from the encrypted message. | 2009-12-31 |
20090327715 | System and Method for Cryptographic Identification of Interchangeable Parts - An anti-counterfeiting identification system for a medical tubing system, including a tubing assembly having upstream and downstream tubing portions removably connected to one another in a mechanically coupled state and a mechanically uncoupled state. The mechanically coupled state is a reliable fluid tight connection of the upstream and downstream portions for fluids passing there through from the upstream portion to the downstream portion. A two-part encrypted identification assembly has a first part connected to the upstream portion and a second part connected to the downstream portion. The first and second parts are electrically connected only through one lead and ground and are electrically connected to one another only in the mechanically coupled state. Also provided are methods for identification, anti-piracy, and inventory. | 2009-12-31 |
20090327716 | Verifying a Cipher-Based Message Authentication Code - A system for verifying a cipher-based message authentication code (CMAC), including a reception (RX) module logically residing between a physical layer controller (PHY) and a media access controller (MAC) processor, such that the RX module is configured to receive one or more portions of the CMAC with one or more bursts, process the one or more bursts, and write the one or more portions of the CMAC to one or more memory locations in a memory. The system also includes a transmission (TX) module logically residing between the PHY and the MAC processor, such that the TX module configured to verify the CMAC concurrently as the RX module processes the one ore more bursts. | 2009-12-31 |
20090327717 | SYSTEM, METHOD, AND SERVICE FOR TRACING TRAITORS FROM CONTENT PROTECTION CIRCUMVENTION DEVICES - A traitor tracing system generates a hypothesized model of the circumvention device that models a hypothesized set of device keys compromised by the circumvention device. The system iteratively invokes a subset tracing system to identify a compromised device key until substantially all the compromised device keys in the set of compromised device keys are identified so as to disable the circumvention device. A subset tracing system generates a circumvention device model that models behavior of a circumvention device using prior knowledge and The system iteratively selects and applies to the circumvention device a test based on the hypothesized model and the circumvention device model and receives a response from the circumvention device indicating a success of the test in playing protected content on the circumvention device. The system updates the hypothesized model using the received response, the selected test, a current version of the hypothesized model, and a current version of the circumvention device model to focus the test selecting process in determining the device keys obtained from the traitor. | 2009-12-31 |
20090327718 | Content data mangement system and method - Embodiments of the present invention allow encrypted data to restrict unlimited output of content data recorded in an area where reading can be performed by standard commands. According to one embodiment, a data storage area of a storage device is provided with an accessible area which can be accessed from the outside of an interface by specifying an address, and a hidden access area which can be accessed from the outside only in a specified case where an authentication condition is satisfied. In the hidden area, a table is recorded in which one entry includes an entry number and a field of a content identifier. An expansion area is provided in each sector of the accessible area, and data output control information and an entry number are recorded. The data output control information indicates information of one of (1) output is allowed only when there is information capable of decrypting the data, and (2) output is allowed without limitation. In the case where data recorded in the accessible area is read by a standard read command, output of content data recorded in the storage device is controlled based on the data output control information recorded in the expansion area. | 2009-12-31 |
20090327719 | COMMUNICATION AUTHENTICATION - Systems and methods that establish trust between a receiver (e.g., a user) and a sender of a message by authenticating such sender through demonstration of knowledge for a shared secret—yet without revealing such secret. A messaging component can convey messages as directed by the shared secret to communication systems that are under control of the user. Accordingly, the user can readily determine that the sender of the message is what such sender claims to be, since the sender has demonstrated a knowledge of the shared secret by sending the message to the communication system as determined by the user. Moreover, by not actually revealing the shared secret during communication, robustness of the secret is typically ensured. | 2009-12-31 |
20090327720 | Secure access to encrypted information - A method of using a mini filter driver to secure access to encrypted information stored on a removable storage device. The method comprises receiving a request to read information from the removable storage device. The mini filter driver ascertains if the request originated from an authorized client. The mini filter driver receives encrypted information read from the removable storage device, and decrypts the encrypted information in the event that the request originated from an authorized client. The decrypted information can then be conveyed to the authorized client. If the client is not authorized, then the mini filter driver does not decrypt the information. | 2009-12-31 |
20090327721 | Method and Apparatuses for Securing Communications Between a User Terminal and a SIP Proxy Using IPSEC Security Association - A method and user terminal for securing communications between the user terminal and a SIP proxy. The user terminal performs a full authentication procedure with a first SIP proxy to generate an IPSec Security Association, wherein signaling is exchanged between the user terminal and a home network. In response to a change of location of the user terminal or to a handover of the user terminal to a second SIP proxy, a local re-authentication of the user terminal is performed at the first SIP proxy, or at the second SIP proxy in the case of a handover, based upon the pre-existing Security Association in order to establish a new Security Association. | 2009-12-31 |
20090327722 | Transient Protection Key Derivation in a Computing Device - A computing device is arranged to use any possible permutation of methods available to it to authenticate a user, without needing to persistently store any unencrypted data that can be used in authentication, such data only ever being held in transient memory. A user of the device is provided with their own unique common protection key (CPK) which can be used to guard or encrypt sensitive data and functionality. Each authentication method is guaranteed to return a unique consistent identification sequence (CIS) each time it is employed by any specific user. When a user registers on the device, the CIS from each authentication method is used to generate a key which in turn is used to encrypt the CPK; this E(CPK) is then stored in a table indexed by user and authentication method. Neither the CPK nor any CIS are ever kept on the device except in transient memory. When authentication is sought, the CIS for each requested method is obtained and is used to regenerate the key that can be used to decrypt the E(CPK). All the CPKs thus decrypted must match for authentication to be granted. | 2009-12-31 |
20090327723 | SECURE TRANSFER OF DIGITAL OBJECTS - Transferring a digital object, comprising: receiving a digital object; validating the received digital object according to predefined rules; building a description of the validated digital object; providing access to the description to select the validated, described digital object for transfer; and transferring the validated, described digital object. | 2009-12-31 |
20090327724 | TWO-WAY AUTHENTICATION BETWEEN TWO COMMUNICATION ENDPOINTS USING A ONE-WAY OUT-OF-BAND (OOB) CHANNEL - Techniques for two-way authentication between two communication endpoints (e.g., two devices) using a one-way out-of-band (OOB) channel are presented. Here, in embodiments, both communication endpoints may be securely authenticated as long as the one-way OOB channel is tamper-proof. Embodiments of the invention do not require the one-way OOB channel to be private to ensure that both endpoints are securely authenticated. Since providing a two-way or private OOB channel adds to the cost of a platform, embodiments of the invention provide for a simple and secure method for two-way authentication that uses only a non-private one-way OOB channel and thus helping to reduce platform cost. Other embodiments may be described and claimed. | 2009-12-31 |
20090327725 | Content object management method, right object providing method, content object revocation method based thereon, and device using the same - A device for managing a rights object and revoking a content object. The device includes a content/rights object storage unit for storing at least one content object, and a rights object corresponding to each content object. An authentication module performs mutual authentication between devices giving and taking a rights object, and when a revocation notification of a rights object among the stored rights object is received, authenticates whether an author having transferred the revocation notification is an author having a revocation right. A content object checking unit checks if the content object is valid before the content object is executed. A rights object management module searches for a rights object corresponding to a content object to be executed, and deletes a rights object corresponding to the revocation notification when the author is an author having the revocation right. A controller controls the modules and the units. | 2009-12-31 |
20090327726 | INFORMATION RECORDING/REPRODUCTION APPARATUS AND SYSTEM - According to one embodiment, a data transmission control section ends transmission of a title without copyright protection at time t | 2009-12-31 |
20090327727 | System and method for upgrading the functionality of a controlling device via a secure portable adapter device - Secure access to a database of upgrade data is provided by storing an encryption key value in an adapter device used to interconnect a first device to be upgraded and a second device that is associated with the database of upgrade data. The second device allows access to the database of upgrade data via the adapter only once the adapter is positively authenticated by the second device through use of the encryption key value stored in the adapter device. | 2009-12-31 |
20090327728 | Methods for Supplying Cryptographic Algorithm Constants to a Storage-Constrained Target - The present invention provides for authenticating a message. A security function is performed upon the message. The message is sent to a target. The output of the security function is sent to the target. At least one publicly known constant is sent to the target. The received message is authenticated as a function of at least a shared key, the received publicly known constants, the security function, the received message, and the output of the security function. If the output of the security function received by the target is the same as the output generated as a function of at least the received message, the received publicly known constants, the security function, and the shared key, neither the message nor the constants have been altered. | 2009-12-31 |
20090327729 | Secure pre-caching through local superdistribution and key exchange - A distributed peer-to-peer document archival system provides the version-control, security, access control, linking among stored documents and remote access to documents usually associated with centralized storage systems while still providing the simplicity, personalization and robustness to network outages associated with personal and peer-to-peer storage systems. | 2009-12-31 |
20090327730 | APPARATUS AND METHOD FOR ENCRYPTED COMMUNICATION PROCESSING - To provide an apparatus and a method for encrypted communication processing having a high communication speed in inter-node communication on a network capable of performing effective encrypted communication with improved security without losing the high speed. In the inter-node communication on the network, a plurality of shared encryption keys are first set and are switched arbitrarily for each packet to be transmitted, thus there is no need to repeat the handshaking for changing, whenever needed, the encryption keys to be used. | 2009-12-31 |
20090327731 | SECURITY DEVICE FOR CRYPTOGRAPHIC COMMUNICATIONS - Cryptographic systems and methods are provided in which authentication operations, digital signature operations, and encryption operations may be performed. Authentication operations may be performed using authentication information. The authentication information may be constructed using a symmetric authentication key or a public/private pair of authentication keys. Users may digitally sign data using private signing keys. Corresponding public signing keys may be used to verify user signatures. Identity-based-encryption (IBE) arrangements may be used for encrypting messages using the identity of a recipient. IBE-encrypted messages may be decrypted using appropriate IBE private keys. A smart card, universal serial bus key, or other security device having a tamper-proof enclosure may use the authentication information to obtain secret key information. Information such as IBE private key information, private signature key information, and authentication information may be stored in the tamper-proof enclosure. | 2009-12-31 |
20090327732 | Long-term secure digital signatures - The present invention relates to digitally signing of electronic documents which are to be kept secure for a very long time, thereby taking into account future cryptographic developments which could render current cryptographic key-lengths insufficient. In accordance with the invention a double signature is issued for each document. A first digital signature (DTS) ensures the long time security, whilst a second digital signature (DUS) ensures the involvement of an individual user. Thereby, the second digital signature is less computationally intensive in its generation than the first digital signature. | 2009-12-31 |
20090327733 | Data Security Method and System - A method of verifying integrity of a digital file includes receiving the digital file subsequent to exposure to a foreign environment and validating the digital file. The received digital file has an appended signature label that includes one or both of a first hash value and a digital signature. Validating the digital file includes hashing the digital file to obtain a second hash value, retrieving the first hash value from the signature label, and comparing the first hash value and second hash value. | 2009-12-31 |
20090327734 | MATCHING A WATERMARK TO A HOST SAMPLING RATE - The invention deals with matching of a watermark to a host sampling rate of a multimedia signal. A watermark sampled at a first sampling rate is matched to multimedia host signal sampled at a second sampling rate, in a process where the watermark sampled at the first sampling rate is received, a scaling factor between the first sampling rate and the second sampling rate is determined, and re-scale widths of the watermark symbols are set. A modified watermark is generated wherein the watermark symbols of the modified watermark being of re-scale widths, so as to substantially match the modified watermark sequences to the second sampling rate. | 2009-12-31 |
20090327735 | UNIDIRECTIONAL MULTI-USE PROXY RE-SIGNATURE PROCESS - A “proxy re-signature system” provides various techniques for transforming a delegatee's signature on a message m into a delegator's on the same message m. Various embodiments of non-interactive re-signature generation processes are described. Various embodiments to aggregate part of signatures to reduce the size of re-signed signatures are also described. Various combinations of the proxy re-signature process and the re-signature conversion process result in an overall process that is unidirectional, multi-use, private, and non-interactive. As such, the proxy re-signature system is applicable for use with a wide range of applications. | 2009-12-31 |
20090327736 | Insider attack defense for network client validation of network management frames - Method for detecting an attack on a broadcast key shared between an access point and its wireless clients. Upon detection of the attack, actions are implemented to react to the attack as defined in one or more security policies. Detection of the attack is achieved by examining both a link message integrity check and an infrastructure management frame protection (IMFP) message integrity check contained in a broadcast management frame. | 2009-12-31 |
20090327737 | TECHNIQUES FOR ENSURING AUTHENTICATION AND INTEGRITY OF COMMUNICATIONS - Techniques are described for ensuring data integrity and authentication of received messages. One technique includes sending a request from a first module to a second module in which the request includes a first portion that is a shared secret encrypted with a public key, obtaining by the second module a private key from a secure and trusted information store, such as a license information store, including license information or other application specific information for the first module, using the private key to decrypt the first portion and obtain the shared secret, sending a response from the second module to the first module in which the response includes authentication data and at least one data item used with the shared secret to determine the authentication data, and performing by the first module verification processing to verify the authentication data included in the response. | 2009-12-31 |
20090327738 | REDUCING MEMORY REQUIREMENTS OF FIRMWARE - A mechanism for making increased amounts of firmware available to a computer pre-boot is discussed. To increase the amount of firmware available pre-boot, a design decision is made during the build process as to which segments of the firmware need to be placed on the ROM part and which segments of the firmware can be located elsewhere. The segments of the firmware that are stored remotely from the ROM are referred to as “virtual ROM modules”. Each of the virtual ROM modules is assigned a generated unique identifier, and a “message digest” is constructed for each module using an algorithm such as MD5 or SHA-1. In the software build of the ROM image, the message digest-unique identifier pair created for each Virtual ROM module is used as a logical pointer for the virtual module. Additionally, a search path variable is placed into the ROM image in non-volatile storage. The search path provides for one or more locations in which to look for the Virtual ROM modules, and may be updated at a later point in time. | 2009-12-31 |
20090327739 | KEY-BASED CONTENT MANAGEMENT AND ACCESS SYSTEMS AND METHODS - An exemplary method includes receiving data representative of a content instance over a network from an access device associated with a user, storing the content instance, encrypting the content instance in response to a command initiated by the user, providing a key configured to facilitate decryption of the encrypted content instance, transmitting data representative of the encrypted content instance to a requesting access device, receiving data representative of a request to access the key from the requesting access device over the network, and performing a predefined action related to the key in response to the request and in accordance with at least one access rule, the at least one access rule based on at least one of a user profile and an access device profile. | 2009-12-31 |
20090327740 | Securing a password database - An apparatus and a method for storing an encrypted username and password. In one embodiment, a username is encrypted. A password associated with the username is encrypted. A user identifier associated with the username is encrypted. The encrypted username, the encrypted password, and the user identifier are stored in one or more database. | 2009-12-31 |
20090327741 | SYSTEM AND METHOD TO SECURE BOOT UEFI FIRMWARE AND UEFI-AWARE OPERATING SYSTEMS ON A MOBILE INTERNET DEVICE (MID) - In some embodiments, the invention involves adding a capability for a platform owner or administrator to ensure that the firmware is only executed in an owner-authorized fashion, such as with signed components managed by a security processor. Embodiments may extend the Core Root of Trust for Measurement (CRTM), via use of a cryptographic unit coupled to the security processor in a mobile Internet device (MID) as a Root-of-Trust for Storage (RTS) Storage Root Key (SRK), into a unified extensible firmware interface (UEFI) Platform Initialization (PI) image authorization and boot manager. Other embodiments are described and claimed. | 2009-12-31 |
20090327742 | METHOD FOR MANAGING MULTIUSER DIGITAL PHOTO FRAME - A method for managing multiple users on a digital photo frame is disclosed. The method includes: adding a user account on the digital photo by a user inputting a username and a password, associating files with the username, prompting users to enter the username and password associated with the files to access the files and determining whether the username and password are correct, and if they are, allowing the user to access the files. | 2009-12-31 |
20090327743 | SECURE PORTABLE DATA TRANSPORT & STORAGE SYSTEM - A portable data transport device that provides security to data stored therein, and is configured to communicate data with a host computer for securing and transporting data. The portable data transport device includes a first processor and a biometric identification system. Upon successful biometric identification of an enrolled user, the first processor permits mounting of the data transport device to a host computer. However, prior to the commencement of read/write operations, cross-checking of stored identification codes of components of the portable data transport device occurs, including the use of a hash function. If any identifier does not match, no read/write data operations are permitted. The portable data transport device includes a file security program that includes a DLL encryption/decryption program having a self-check feature. Upon self check, if any changes were made to the encryption/decryption program, no read/write operations are permitted. The portable data transport device permits the selection of multiple files for encryption together into a single data container pack file and to store that data container pack file. The file security program permits an enrolled user at a host computer to assign only a password to a data container pack file. If a user at a host computer enters an incorrect password a predetermined number of times, portable data transport device processor will erase all data in any volatile memory it is using and will lock itself in a non-operational configuration. | 2009-12-31 |
20090327744 | INFORMATION PROCESSING APPARATUS AND SECURITY PROTECTION METHOD - According to one embodiment, an information processing apparatus includes an input module to input a password, a biological authentication device including a storage unit for storing biological information and identification information, and an authentication control module which sets and holds identification information to be stored in the storage unit of the biological authentication device, and permits a password input using the input module to be substituted by authentication using the biological authentication device when the identification information held by itself and the identification information stored in the storage unit of the biological authentication device match. The authentication control module includes a setting module to perform a setting for the identification information stored in the storage unit of the biological identification device and held by itself, on both conditions of authentication establishment with a registered password entry using the input module and authentication establishment using the biological authentication device. | 2009-12-31 |
20090327745 | SECURE APPARATUS AND METHOD FOR PROTECTING INTEGRITY OF SOFTWARE SYSTEM AND SYSTEM THEREOF - Provided is a secure apparatus for protecting the integrity of a software system and a method thereof. The apparatus comprises: a template repository for storing templates required for generating an agent template; a template generator for randomly selecting one template from said template repository and generating a new agent template according to the selected template; and a transceiver for sending said new agent module to an external apparatus communicating with said secure apparatus to update a current agent module which is running in said external apparatus, wherein said current agent module is used to verify the integrity of said software system running in said external apparatus. The secure apparatus can protect software in an insecure environment with a high software protection level to prevent the software from being tampered or bypassed. | 2009-12-31 |
20090327746 | KEY ENCRYPTION AND DECRYPTION - Provided is a data storage drive for encrypting data, comprising a microprocessor and circuitry coupled to the microprocessor and adapted to receive a session encrypted data key and to decrypt the session encrypted data key using a session key, wherein a result is a data key that is capable of being used to encrypt clear text and to decrypt cipher text written to a storage medium. Also provided is a system, comprising a microprocessor and circuitry coupled to the microprocessor and adapted to receive a session encrypted data key and to decrypt the session encrypted data key using a private key, wherein a result is a secret key that is capable of being used to encrypt clear text and to decrypt cipher text written to a storage medium. | 2009-12-31 |
20090327747 | TEMPLATE RENEWAL IN HELPER DATA SYSTEMS - The invention provides a method for authenticating a physical object (OBJ) using a first helper data (W | 2009-12-31 |
20090327748 | SYSTEM AND METHOD FOR FAST QUERYING OF ENCRYPTED DATABASES - A system, method, computer program product, and data management service that allows any comparison operation to be applied on encrypted data, without first decrypting the operands. The encryption scheme of the invention allows equality and range queries as well as the aggregation operations of MAX, MIN, and COUNT. The GROUPBY and ORDERBY operations can also be directly applied. Query results produced using the invention are sound and complete, the invention is robust against cryptanalysis, and its security strictly relies on the choice of a private key. Order-preserving encryption allows standard database indexes to be built over encrypted tables. The invention can easily be integrated with existing systems. | 2009-12-31 |
20090327749 | INDEXING ENCRYPTED FILES BY IMPERSONATING USERS - Methods and computer-readable media for indexing an encrypted file by impersonating a user is provided. A set of keys may be associated with a particular encrypted file. Once these keys are identified, the users who own these keys may then be identified by consulting an association of keys to users, which may be updated immediately upon the addition of new keys. If one of the users is currently logged on, the logon information associated with that user may be used to access the content of the encrypted file. The encrypted file may then be indexed based on the accessed content. To allow more than one user to use the same index, security identifiers may be assigned to index records associated with encrypted files to protect content of encrypted files from unauthorized users. | 2009-12-31 |
20090327750 | SECURITY SYSTEM FOR CODE DUMP PROTECTION AND METHOD THEREOF - A security system for code dump protection includes a storage device, a processor, and a decryption unit. The storage device has a protected storage area storing at least an encrypted code segment. The processor is utilized for issuing at least one address pattern to the storage device for obtaining at least one information pattern corresponding to the address pattern. The decryption unit checks signal communicated between the processor and the storage device to generate a check result, and determines whether to decrypt the encrypted code segment in the protected storage area to generate a decrypted code segment to the processor according to the check result. | 2009-12-31 |
20090327751 | METHOD AND SYSTEM FOR TRANSFORMATION OF LOGICAL DATA OBJECTS FOR STORAGE - A method and system for encrypting a plaintext logical data object for storage in a storage device operable with at least one storage protocol, creating, reading, writing, optimization and restoring thereof. Encrypting the plaintext logical data object comprises creating in the storage device an encrypted logical data object comprising a header and one or more allocated encrypted sections with predefined size; encrypting one or more sequentially obtained chunks of plaintext data corresponding to the plaintext logical data object thus giving rise to the encrypted data chunks; and sequentially accommodating the processed data chunks into said encrypted sections in accordance with an order said chunks received, wherein said encrypted sections serve as atomic elements of encryption/decryption operations during input/output transactions on the logical data object. | 2009-12-31 |
20090327752 | Method and apparatus for selectively enabling a microprocessor-based system - A system for selectively enabling a microprocessor-based system is disclosed. State information that describes the operating conditions or circumstances under which a user intends to operate the system is obtained. In the preferred embodiment of the invention, a valid hash value is determined, preferably based on the state information and preferably by locating the valid hash value within a table of valid hash values indexed by the state information. Candidate authorization information is obtained from the user, and a candidate hash value is generated by applying a hashing algorithm to the candidate authorization information, the state information, or a combination of the candidate authorization information and state information. The candidate hash value and the valid hash value are then compared, and the microprocessor-based system is enabled if the candidate hash value matches the valid hash value. In this manner, the designer or distributor of the system can determine, at the time of manufacture or distribution, the conditions and circumstances under which the system may be operated. | 2009-12-31 |
20090327753 | Method and apparatus for selectively enabling a microprocessor-based system - A system for selectively enabling a microprocessor-based system is disclosed. State information that describes the operating conditions or circumstances under which a user intends to operate the system is obtained. In the preferred embodiment of the invention, a valid hash value is determined, preferably based on the state information and preferably by locating the valid hash value within a table of valid hash values indexed by the state information. Candidate authorization information is obtained from the user, and a candidate hash value is generated by applying a hashing algorithm to the candidate authorization information, the state information, or a combination of the candidate authorization information and state information. The candidate hash value and the valid hash value are then compared, and the microprocessor-based system is enabled if the candidate hash value matches the valid hash value. In this manner, the designer or distributor of the system can determine, at the time of manufacture or distribution, the conditions and circumstances under which the system may be operated. | 2009-12-31 |
20090327754 | COMMUNICATIONS TERMINAL, STORAGE MEDIUM STORING COMMUNICATION TERMINAL CONTROLLING PROGRAM, COMMUNICATION TERMINAL CONTROLLING METHOD, STORAGE MEDIUM STORING COMMUNICATION CONTROLLING PROGRAM AND AUTHENTICATION SYSTEM - A communication terminal | 2009-12-31 |
20090327755 | INFORMATION-PROCESSING DEVICE AND INFORMATION MANAGEMENT PROGRAM - [Problems] To more infallibly prevent leak of information because loss or theft. | 2009-12-31 |
20090327756 | SECURE DIGITAL CONTENT STORAGE DEVICE - A secure digital content storage device comprising a memory for storing digital data, a decoder, coupled to the memory, for generating analog output based on the digital data, and a secure enclosure, or a secure connection between the memory and the decoder, or a single monolithic integrated circuit structure for preventing unauthorized access to the digital content stored in the memory. Under the present invention, the secure digital content storage device protects the digital content stored therein from unauthorized replication or tampering by an external device or agent. | 2009-12-31 |
20090327757 | Computer system for managing storage area state of a storage system - There is provided a computer system, having a host and at least one storage system. The at least one storage system provides storage area includes at least one of an encrypted storage area and a plaintext storage area The at least one storage system is configured to: receive an instruction about what type of storage area is available to the host computer; present the encrypted storage area to the host as an available storage area separate from unavailable storage areas in the case of the type of storage area being available according to the instruction indicating “encrypted”; and present, in the case of the type of storage area being available according to the instruction indicating other than “encrypted”, one of both the encrypted storage area and the plaintext storage area to the host computer as available storage areas, and only the plaintext storage area as an available storage area. | 2009-12-31 |
20090327758 | STORAGE APPARATUS AND DATA PROCESSING METHOD FOR STORAGE APPARATUS - A storage apparatus is provided, which allows a user to properly use an encrypted text and a plain text even when the storage apparatus has an encrypting function. An adaptor controlling transmission and reception of data to and from a memory device is provided with an encrypting function. Data requiring no encryption is transmitted to an adaptor having no encrypting function, and data to be encrypted is transmitted to the adaptor having an encrypting function. Thus, a user of the storage apparatus can properly use an encrypted text and a plain text. | 2009-12-31 |
20090327759 | Encrypting data on a non-volatile memory - A non-volatile memory, such as a NAND memory, may be encrypted by reading source blocks, writing to destination blocks, and then erasing the source blocks. As part of the encryption sequence, a power fail recovery procedure, using sequence numbers, is used to reestablish a logical-to-physical translation table for the destination blocks. | 2009-12-31 |
20090327760 | Tachograph - A tachograph includes at least one chip card reading unit and, at least one chip card with secure memory. Secured data transmission can be fed to the at least one chip card reading unit. On the at least one chip card, at least one user-defined piece of identification information is securely stored which is independent of a specified piece of identification information for a specified operation of the tachograph. The tachograph is constructed so as to authenticate the at least one chip card in accordance with the at least one piece of user-defined identification information, and to read data securely from the at least one chip card and/or to store data securely on the at least one chip card. | 2009-12-31 |
20090327761 | RECORDING MEDIUM, ATTACHING KIT FOR ATTACHING ENCRYPTION KEY STICKER TO THE RECORDING MEDIUM, AND RECORDING APPARATUS AND REPRODUCING APPARATUS FOR THE RECORDING MEDIUM - A sticker ( | 2009-12-31 |
20090327762 | Methods and Systems for Secure Encryption of Data - Provided is a data acquisition module. The data acquisition module includes a memory and a controller. The controller includes an encryption module configured to encrypt information written to the memory using a key included in the controller. The key is unique to the controller. | 2009-12-31 |
20090327763 | Method for Using a Compact Disk as a Smart Key Device - A data processing method accepts a removable storage media, which becomes electrically engaged with a system unit within the data processing system, after which the removable storage media and the hardware security unit mutually authenticate themselves. The removable storage media stores a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair that is associated with the hardware security unit, and the hardware security unit stores a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair that is associated with the removable storage media. In response to successfully performing the mutual authentication operation between the removable storage media and the hardware security unit, the system unit is enabled to invoke cryptographic functions on the hardware security unit while the removable storage media remains engaged with the system unit. | 2009-12-31 |
20090327764 | Managing Power Consumption Of A Computer - Methods, computers, and products for managing power consumption of a computer, the computer including a computer processor and managing power consumption of a computer includes: dynamically during operation of the computer, setting, by an in-band power manager in dependence upon performance metrics of the computer processor, a current performance state (‘p-state’) of the computer processor; and providing, by the in-band power manager to an out-of-band power manager, the current p-state of the computer processor. | 2009-12-31 |
20090327765 | Managing Power Consumption Of A Computer - Methods and products for managing power consumption of a computer and computers for which power consumption is managed. The computer includes the computer including a computer processor and embodiments of the present invention include providing, by an in-band power manger to an out-of-band power manager, a proposed performance state (‘p-state’) for the computer processor; determining, by the out-of-band power manager, in dependence upon a power setpoint and currently-measured operating metrics of the computer processor, whether to approve the proposed p-state; and if the out-of-band power manager approves the proposed p-state, setting operating parameters of the computer processor according to the approved p-state. | 2009-12-31 |
20090327766 | Power Over Ethernet Reclassification - A power over Ethernet (PoE) system has a reclassification functionality. The illustrative PoE system comprises a powered device (PD) and a power sourcing equipment (PSE) communicatively coupled to the PD. A classification identification component coupled to the PD encodes a classification value. A classification identification component can typically be implemented as a classification resistor, although any other suitable component such as a capacitor, inductor, register, or other structure or method can otherwise be implemented. The PoE system can further comprise a reclassification register in a non-volatile memory that stores a value indicative of a new classification state and a new classification identifier and a power switch that powers the powered device to a classification voltage. A PD controller is coupled to the powered device that reads the value indicative of the new classification state and, if the new classification state is asserted, reads the new classification identifier and sets classification according to the new classification identifier. If the new classification state is not asserted, the PD controller sets classification according to the classification identification component. | 2009-12-31 |
20090327767 | Techniques for distributed management of wireless devices with shared resources between wireless components - An embodiment of the present invention provides an apparatus, comprising a network adapter configured for wireless communication using more than one technology using distributed management and wherein the network adapter is configured to share a plurality of shared hardware components by automatically turning all other comms to OFF when one comm is turned to ON. | 2009-12-31 |
20090327768 | POWER SUPPLY APPARATUS AND MODULAR POWER CONNECTION INTERFACE THEREOF - A power supply apparatus includes a power converting circuit and a modular power connection interface. By the power converting circuit, an input voltage is converted into several output voltages required for powering corresponding electronic devices. The modular power connection interface includes an output member and a connecting member. The output member includes a plurality of pins and a daughter board. The pins are arranged on at least one surface of the daughter board and electrically connected to the power converting circuit so as to transmit the output voltages. The connecting member has a first connecting part and multiple second connecting parts. The first connecting part is electrically connected with the pins of the output member, and the second connecting parts are electrically connected with corresponding electronic devices, so that the output voltages are transmitted from the power converting circuit to the electronic devices through the modular power connection interface. | 2009-12-31 |
20090327769 | INFORMATION PROCESSING APPARATUS AND WAKE-UP CONTROL METHOD - According to one embodiment, an information processing apparatus includes devices including functions of generating wake-up signals, a controller which returns the apparatus to the power-on status in response to wake-up signals, and a first nonvolatile memory which stores information indicating whether the functions are enabled. The devices initializes such that the function is enabled if the information of the first nonvolatile memory has indicated that the function has been enabled when the power supply is started. The controller includes a second nonvolatile memory which stores information indicating devices to which power should be continuously supplied in the power-off status. The controller starts the power supply to the devices indicated that the power supply should be continued by the information of the second nonvolatile memory when the power supply is started, and continues the power supply in the power-off status to devices indicated that the power supply should be continued. | 2009-12-31 |
20090327770 | POWER SUPPLY SYSTEM AND POWER SUPPLYING CONTROL METHOD - A power supply system adopting two power supplies connected in parallel includes a first power supply comprising a first voltage-output terminal; a second power supply comprising a second voltage-output terminal; a first switch circuit comprising an input terminal connected to the first voltage-output terminal; a second switch circuit comprising an input terminal connected to the second voltage-output terminal; and a plug comprising a first pin connected to both an output terminal of the first switch circuit and an output terminal of the second switch circuit; wherein the voltage outputted from the first voltage-output terminal is equal to the voltage outputted from the second voltage-output terminal. | 2009-12-31 |
20090327771 | POWER SUPPLY SYSTEM AND POWER SUPPLYING CONTROL METHOD - A power supplying control method of a computer system for use with a first power supply and a second power supply both providing a first specific voltage to a motherboard, including steps of: detecting whether the first power supply and the second power supply, outputting the first specific voltage, are at a stable state; outputting the first specific voltage to a first pin when the first power supply is at the stable state; outputting the first specific voltage to the first pin when the second power supply is at the stable state; and outputting the first specific voltage to the motherboard via the first pin. | 2009-12-31 |
20090327772 | POWER MANAGEMENT SYSTEM OF TERMINAL - A power management system optimizing the power consumption management of a terminal that uses limited power is disclosed. In more detail, a power management system of a terminal, which defines levels of power to be supplied in accordance with the operation state of the system or an application that is a currently activated application program and controls the amount of power supplied to software modules and hardware modules of the terminal by the defined levels of power, so that power management can be simply and easily performed and that the power supply amount is optimized to increase a power supply time. | 2009-12-31 |
20090327773 | SERIAL ATA (SATA) POWER OPTIMIZATION THROUGH AUTOMATIC DEEPER POWER STATE TRANSITION - A host device and a storage device with a Serial ATA (SATA) architecture to independently transition to a deeper low power state after first entering an initial low power state without first transitioning to the Active state. The transition from the Partial state to the Slumber state is direct and the transition may be enabled, but not negotiated through a handshaking process. | 2009-12-31 |
20090327774 | COORDINATED LINK POWER MANAGEMENT - A method, apparatus, and system for coordinated link power management. Some embodiments of a method include receiving an exit latency for each of a group of link states for a link, with a device being coupled to an interconnect via the first link. A latency tolerance value is determined and communicated, and a platform latency is received. The method further provides for determining a link budget for the device, the link budget indicating an amount of time available for an exit from a link state for the device; and selecting one of the link states based at least in part on the link budget. | 2009-12-31 |
20090327775 | USER IMPOSED POWER CONSTRAINTS ON WEB SERVER BASED ON USER PREFERENCES - Web application users are able to specify power constraints for remote web servers. These may be based on individual performance needs and energy-conservation desires. They enable the user to exercise control over the amount of energy that the web server expends in serving the needs of the user. The invention may employ such features as vertical scaling using power capacity on demand (CUoD) type functionality. The method includes providing a user-interactive interface to enable the user to indicate a preference for power restrictions with respect to its web requests. The user then instructs the web site provider to reduce power consumption in response to the user's request. The user specifies a reduction in overall power consumption for the user's needs, such as instructing the web service provider to use an energy-conserving server to handle the user's web requests, or specifying a acceptable delay or fulfilling the user's web requests. | 2009-12-31 |
20090327776 | MULTIPLE LOAD LINE VOLTAGE REGULATORS - Methods and apparatus relating to a multiple load line voltage regulators are described. In one embodiment, a voltage regulator may adjust an input voltage level based on information received from a load and current supplied to the load. Other embodiments are also disclosed and claimed. | 2009-12-31 |
20090327777 | POWER EFFICIENT HIGH FREQUENCY DISPLAY WITH MOTION BLUR MITIGATION - Some embodiments describe techniques that relate to power efficient, high frequency displays with motion blur mitigation. In one embodiment, the refresh rate of a display device may be dynamically modified, e.g., to reduce power consumption and/or reduce motion blur. Other embodiments are also described. | 2009-12-31 |
20090327778 | INFORMATION PROCESSING SYSTEM AND POWER-SAVE CONTROL METHOD FOR USE IN THE SYSTEM - A technique for determining task allocation for reducing power consumption of an entire system is disclosed. This system includes physical computers, a cooling apparatus for cooling the physical computers, and a power-saving control server for controlling the physical computers and cooling apparatus. The power-saving control server includes a virtual server layout generator which sets up a plurality of sets of task allocations with respect to the physical computers, a server power calculator for calculating power consumption of the physical computers in each task allocation, a physical computer profile used to estimate a heat release amount of the physical computers in each task allocation, a cooling power calculator which computes power consumption of the cooling apparatus, and a virtual server relocator which determines a task allocation with a total of calculated values of the server/cooling power calculators being minimized to be the optimum task allocation for the physical computers. | 2009-12-31 |
20090327779 | ENERGY CONSERVATION IN MULTIPATH DATA COMMUNICATIONS - A method, system, and computer usable program product for energy conservation in multipath data communications are provided in the illustrative embodiments. A current utilization of each of several of I/O devices is determined. A violation determination is made whether an I/O device from the several I/O devices can be powered down without violating a rule. The I/O device is powered down responsive to the violation determination being false. A powering up determination may be made whether an additional I/O device is needed in a multipath I/O configuration. The I/O device may be located, powered up, and made available for multipath I/O configuration. A latency determination may be made whether a latency time of the I/O device can elapse before the time when the additional I/O device is needed. The powering on may occur no later than the latency time before the time the additional I/O device is needed. | 2009-12-31 |
20090327780 | Systems, Methods and Media for Reducing Power Consumption in Multiple Controller Information Handling Systems - An information handling system (IHS) provides a method for conserving power. The method includes monitoring at least one performance characteristic of the IHS and determining if the at least one performance characteristic is below a low performance threshold. If the at least one performance characteristic is below the low performance threshold, a first controller is switched into a low power mode, wherein a first set of logical unit numbers (LUNs) are reassigned to a second controller. | 2009-12-31 |