Patents by Inventor Amy C. Nelson
Amy C. Nelson has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11909882Abstract: Various embodiments of systems and methods are provided to bind a system identifier that uniquely identifies an information handling system (IHS) to the system platform, so that the identity of the IHS can be cryptographically verified. More specifically, the present disclosure provides methods to bind a unique system identifier to an IHS platform, and methods to cryptographically verify the identity of the IHS using the unique system identifier and a plurality of keys generated and stored with a Trusted Platform Module (TPM) of the IHS. Systems are provided herein to perform such methods. As such, the systems and methods disclosed herein enable system identity to be irrefutably verified, thereby preventing theft and misuse of system identity.Type: GrantFiled: January 30, 2020Date of Patent: February 20, 2024Assignee: Dell Products L.P.Inventors: Charles D. Robison, Nicholas D. Grobelny, Amy C. Nelson
-
Publication number: 20240037216Abstract: Systems and methods are provided that may be implemented to provide a basic input/output system (BIOS) with the ability to authenticate and then execute one-time unique instructions that are previously left behind (i.e., stored) in public memory of an information handling system by a containerized computing environment session that is no longer executing on the information handling system. The disclosed systems and methods may be so implemented to share with the system BIOS privileged instructions to identify which executables are authorized for execution on a targeted information handling system. The privileged instructions may be previously created and optionally stored together with an executable code in system public memory, and these instructions may provide instructions on how to execute the executable code.Type: ApplicationFiled: July 27, 2022Publication date: February 1, 2024Inventors: Nicholas D. Grobelny, Sumanth Vidyadhara, Richard M. Tonry, Amy C. Nelson
-
METHODS AND SYSTEMS TO AUTOMATICALLY DEPLOY VULNERABILITY FIXES FOR SOFTWARE AND FIRMWARE COMPONENTS
Publication number: 20230097733Abstract: Methods and systems are provided that may be implemented to methods and systems may be implemented to automatically identify types and status of vulnerabilities in identified software or firmware components (e.g., libraries), and then automatically deploy security vulnerability fixes (e.g., patches or updates) in these identified components across different affected software or firmware applications. In one example, the disclosed methods and systems may operate to dynamically and automatically aggregate identified third party software and/or firmware vulnerabilities into a centralized repository, and may be further implemented to automatically handle the roll out and deployment of vulnerability fixes to patch or update third party libraries to solve any security vulnerability reported on these third party libraries.Type: ApplicationFiled: September 27, 2021Publication date: March 30, 2023Inventors: Amy C. Nelson, Prasanth K S R, Vivekanandh Narayanasamy Rajagopalan -
Patent number: 11604880Abstract: The present disclosure provides various embodiments of systems and related methods to track and cryptographically verify system configuration changes. More specifically, systems and methods are disclosed herein to track an original system configuration of an information handling system (IHS) as the system was built by a manufacturing facility, and any system configuration changes that are made to the original system configuration after the IHS leaves the manufacturing facility. Once a user takes ownership of the IHS, systems and methods disclosed herein may be used to cryptographically verify a current system configuration of the IHS. In doing so, the present disclosure provides a way to authenticate or validate system configuration changes that may occur after the IHS leaves the manufacturing facility.Type: GrantFiled: February 25, 2020Date of Patent: March 14, 2023Assignee: Dell Products L.P.Inventors: Charles D. Robison, Nicholas D. Grobelny, Amy C. Nelson
-
Patent number: 11481497Abstract: A method may include, during execution of a basic input/output system comprising boot firmware configured to be the first code executed by the processor when the information handling system is booted and/or powered on and execute prior to execution of an operating system of the information handling system, executing a hardware attestation verification application configured to: (i) read a platform certificate comprising information associated with one or more information handling resources of the information handling system recorded during creation of the platform certificate; (ii) perform hardware attestation of the information handling system by comparing information associated with the one or more information handling resources and the information stored within the platform certificate; and (iii) generate a log indicative of the results of the hardware attestation.Type: GrantFiled: September 11, 2020Date of Patent: October 25, 2022Assignee: Dell Products L.P.Inventors: Anantha K. Boyapalle, Charles D. Robison, Amy C. Nelson
-
Patent number: 11347519Abstract: An information handling system may include a processor and a basic input/output system (BIOS) comprising a program of instructions executable by the processor and configured to cause the processor to initialize one or more information handling resources of the information handling system. The BIOS may be further configured to, during a boot of the information handling system, determine whether a BIOS configuration change has been made during a current boot session of the information handling system, and responsive to determining that a BIOS configuration change has been made during the current boot session, store an indication of the BIOS configuration change to a non-volatile memory.Type: GrantFiled: May 27, 2020Date of Patent: May 31, 2022Assignee: Dell Products L.P.Inventors: Amy C. Nelson, Richard M. Tonry
-
Publication number: 20220083664Abstract: A method may include, during execution of a basic input/output system comprising boot firmware configured to be the first code executed by the processor when the information handling system is booted and/or powered on and execute prior to execution of an operating system of the information handling system, executing a hardware attestation verification application configured to: (i) read a platform certificate comprising information associated with one or more information handling resources of the information handling system recorded during creation of the platform certificate; (ii) perform hardware attestation of the information handling system by comparing information associated with the one or more information handling resources and the information stored within the platform certificate; and (iii) generate a log indicative of the results of the hardware attestation.Type: ApplicationFiled: September 11, 2020Publication date: March 17, 2022Applicant: Dell Products L.P.Inventors: Anantha K. BOYAPALLE, Charles D. ROBISON, Amy C. NELSON
-
Patent number: 11201744Abstract: A system for a time-based one-time password security system operating at a provisioning server may comprise transmitting one or more first locally generated random-string numbers for generation of a first time-based one-time password to a remotely connected internet of things sensor and a remotely connected internet of things sensor hub. The system may also comprise executing code instructions to associate the internet of things sensor with a first client key in a table stored in a memory operatively connected to the processor, associate the internet of things sensor hub with a second client key in the table, and associate the internet of things sensor and internet of things sensor hub with the one or more first locally generated random-string numbers in the table. Further the first remotely generated random-string numbers may identify a first preset function for generation of a first session key used in encrypting and decrypting sensor data records.Type: GrantFiled: November 18, 2019Date of Patent: December 14, 2021Assignee: Dell Products, LPInventors: Daniel L. Hamlin, Minhaj Ahmed, Amy C. Nelson
-
Publication number: 20210373903Abstract: An information handling system may include a processor and a basic input/output system (BIOS) comprising a program of instructions executable by the processor and configured to cause the processor to initialize one or more information handling resources of the information handling system. The BIOS may be further configured to, during a boot of the information handling system, determine whether a BIOS configuration change has been made during a current boot session of the information handling system, and responsive to determining that a BIOS configuration change has been made during the current boot session, store an indication of the BIOS configuration change to a non-volatile memory.Type: ApplicationFiled: May 27, 2020Publication date: December 2, 2021Applicant: Dell Products L.P.Inventors: Amy C. NELSON, Richard M. TONRY
-
Publication number: 20210266184Abstract: The present disclosure provides various embodiments of systems and related methods to track and cryptographically verify system configuration changes. More specifically, systems and methods are disclosed herein to track an original system configuration of an information handling system (IHS) as the system was built by a manufacturing facility, and any system configuration changes that are made to the original system configuration after the IHS leaves the manufacturing facility. Once a user takes ownership of the IHS, systems and methods disclosed herein may be used to cryptographically verify a current system configuration of the IHS. In doing so, the present disclosure provides a way to authenticate or validate system configuration changes that may occur after the IHS leaves the manufacturing facility.Type: ApplicationFiled: February 25, 2020Publication date: August 26, 2021Inventors: Charles D. Robison, Nicholas D. Grobelny, Amy C. Nelson
-
Publication number: 20210243030Abstract: Various embodiments of systems and methods are provided to bind a system identifier that uniquely identifies an information handling system (IHS) to the system platform, so that the identity of the IHS can be cryptographically verified. More specifically, the present disclosure provides methods to bind a unique system identifier to an IHS platform, and methods to cryptographically verify the identity of the IHS using the unique system identifier and a plurality of keys generated and stored with a Trusted Platform Module (TPM) of the IHS. Systems are provided herein to perform such methods. As such, the systems and methods disclosed herein enable system identity to be irrefutably verified, thereby preventing theft and misuse of system identity.Type: ApplicationFiled: January 30, 2020Publication date: August 5, 2021Inventors: Charles D. Robison, Nicholas D. Grobelny, Amy C. Nelson
-
Publication number: 20200084038Abstract: A system for a time-based one-time password security system operating at a provisioning server may comprise transmitting one or more first locally generated random-string numbers for generation of a first time-based one-time password to a remotely connected internet of things sensor and a remotely connected internet of things sensor hub. The system may also comprise executing code instructions to associate the internet of things sensor with a first client key in a table stored in a memory operatively connected to the processor, associate the internet of things sensor hub with a second client key in the table, and associate the internet of things sensor and internet of things sensor hub with the one or more first locally generated random-string numbers in the table. Further the first remotely generated random-string numbers may identify a first preset function for generation of a first session key used in encrypting and decrypting sensor data records.Type: ApplicationFiled: November 18, 2019Publication date: March 12, 2020Applicant: Dell Products, LPInventors: Daniel L. Hamlin, Minhaj Ahmed, Amy C. Nelson
-
Patent number: 10484177Abstract: A system for a time-based one-time password security system operating at a provisioning server may comprise transmitting one or more first locally generated random-string numbers for generation of a first time-based one-time password to a remotely connected internet of things sensor and a remotely connected internet of things sensor hub. The system may also comprise executing code instructions to associate the internet of things sensor with a first client key in a table stored in a memory operatively connected to the processor, associate the internet of things sensor hub with a second client key in the table, and associate the internet of things sensor and internet of things sensor hub with the one or more first locally generated random-string numbers in the table. Further the first remotely generated random-string numbers may identify a first preset function for generation of a first session key used in encrypting and decrypting sensor data records.Type: GrantFiled: July 10, 2017Date of Patent: November 19, 2019Assignee: Dell Products, LPInventors: Daniel L. Hamlin, Minhaj Ahmed, Amy C. Nelson
-
Publication number: 20190013945Abstract: A system for a time-based one-time password security system operating at a provisioning server may comprise transmitting one or more first locally generated random-string numbers for generation of a first time-based one-time password to a remotely connected internet of things sensor and a remotely connected internet of things sensor hub. The system may also comprise executing code instructions to associate the internet of things sensor with a first client key in a table stored in a memory operatively connected to the processor, associate the internet of things sensor hub with a second client key in the table, and associate the internet of things sensor and internet of things sensor hub with the one or more first locally generated random-string numbers in the table. Further the first remotely generated random-string numbers may identify a first preset function for generation of a first session key used in encrypting and decrypting sensor data records.Type: ApplicationFiled: July 10, 2017Publication date: January 10, 2019Applicant: Dell Products, LPInventors: Daniel L. Hamlin, Minhaj Ahmed, Amy C. Nelson
-
Publication number: 20170140151Abstract: Systems and methods for securely passing user authentication data between a Pre-Boot Authentication (PBA) environment and an Operating System (OS) are described. In some embodiments, an Information Handling System (IHS) may include a processor; and a Basic I/O System (BIOS) coupled to the processor, the BIOS having program instructions stored thereon that, upon execution by the processor, cause the computer system to: identify an encrypted Single-Sign-On (SSO) token and a Trusted Platform Module (TPM) key pair provisioned by an Operating System (OS) and stored in an OS registry; extract a TPM public key from the TPM key pair; encrypt a PBA private key generated by a PBA application with the TPM public key; and store the encrypted PBA private key, the TPM key pair, and the encrypted SSO token in a shadow partition of a self-encrypting hard drive coupled to the IHS.Type: ApplicationFiled: November 16, 2015Publication date: May 18, 2017Applicant: DELL PRODUCTS, L.P.Inventors: Amy C. Nelson, Christopher Duane Burchett
-
Patent number: 9092601Abstract: A method includes storing a credential object for a user to an encrypted silo on an information handling system. The credential object operates to authenticate the user to use an application. The method also includes copying the encrypted silo from the information handling system to a second information handling system, retrieving at the second information handling system the credential object from the copy of the encrypted silo, and authenticating the user to use the application on the second information handling system using the credential object.Type: GrantFiled: March 4, 2013Date of Patent: July 28, 2015Assignee: Dell Products, LPInventors: Daniel L. Hamlin, Kenneth W. Stufflebeam, Amy C. Nelson
-
Publication number: 20140250508Abstract: A method includes storing a credential object for a user to an encrypted silo on an information handling system. The credential object operates to authenticate the user to use an application. The method also includes copying the encrypted silo from the information handling system to a second information handling system, retrieving at the second information handling system the credential object from the copy of the encrypted silo, and authenticating the user to use the application on the second information handling system using the credential object.Type: ApplicationFiled: March 4, 2013Publication date: September 4, 2014Applicant: DELL PRODUCTS, LPInventors: Daniel L. Hamlin, Kenneth W. Stufflebeam, Amy C. Nelson
-
Patent number: 6357018Abstract: A computer system includes at least one processor, at least one memory, and a device for performing a prescribed continuity and integrity check of a memory bus channel having a serial topology. In one embodiment, basic input output system (BIOS) firmware is stored in memory and includes instructions for causing the processor to perform the prescribed continuity and integrity check of the memory bus channel having a serial topology.Type: GrantFiled: January 26, 1999Date of Patent: March 12, 2002Assignee: Dell USA, L.P.Inventors: John Stuewe, Amy C. Nelson