Abstract: A trusted platform module (TPM) key is assigned a numerical limit for the number of times the key can be used, and once the key has been used the assigned number of times, it is rendered unusable.

Abstract: A method, computer program product and computer system for securing alterable data. A computer that is remotely managed may be equipped with a protected storage that is accessible only by BIOS code. The protected storage may have the capacity to store a symmetrical encryption key. An EEPROM, which normally contains the BIOS code, may be used to store accessible configuration data as well as remotely unaccessible sensitive access information (e.g., passwords). The remotely unaccessible sensitive data is encrypted with the symmetrical encryption key by the BIOS code. Remote access to the sensitive data is accomplished via change requests submitted to the BIOS code over a secure channel. The BIOS code then determines whether the request is valid. If so, then sensitive data is decrypted, altered, encrypted, and re-written into the EEPROM. Normal access to accessible data is unaffected and remote access is allowed without changing the computer system architecture.

Abstract: The present invention addresses the foregoing need by creating two identically structured storage trees with a single storage root key. As envisioned in the current art (e.g., the TCPA specification), all migratable keys will be stored in a migratable storage tree. These migratable keys will be storage keys except at the extreme end of any branch, where the key (known as a leaf key) will be a user key. However, an additional storage tree will also be created which shadows the migratable storage key. This second storage tree will be comprised entirely of non-migratable storage keys of the quicker loading type except for the leaf keys (which will be identical to the leaf keys in the migratable storage tree (MST). The second storage tree (SST) will have a storage key for every migratable storage key in the MST. The use authorization for the keys in the SST will be identical to the use authorization for the MST.

Abstract: A Trusted Computing Platform Alliance (TCPA) endorsement certificate is provided by comparing a trusted platform module (TPM) public key transmitted by an owner of the computing device to which the TPM belongs to a copy of the key as originally stored in a remote database prior to vending the device. If a match is found the certificate is created using the public key, and then sent to the owner of the computing device.

Abstract: A method for providing security with a secure chip, includes: creating a migratable keyblob using a first random number, where the migratable keyblob contains a key; wrapping the migratable keyblob with a public key of the key's parent key; encrypting the first random number with a pass phrase for a user of the key; storing the encrypted first random number; and migrating the migratable keyblob from the computer to itself. If the private key of the secure chip is stolen, the thief can only unwrap keys which are ancestors of the key in the migratable keyblob. To obtain the key in the migratable keyblob, the random number used to create it is required. However, the pass phrase of the user is required to decrypt it. This increases the security of the key stored in the migratable keyblob and its children keys.

Abstract: The disclosed methods provide a reliable and secure method of automatically backing up a client's data on a personal computer by using excess storage capacity on a set of one or more predetermined computers, without the need for dedicated servers, server disks, removable storage media, or intervention by a user to assist with the storage devices. The methods of the present invention permit a user, be it an individual or a large company, to inexpensively and securely back up information without the need to acquire additional expensive hardware.

Abstract: A method for providing security in password-based access to computer networks, the network including a server and a remote user, includes: signing a phrase by a security chip of the server using an encryption key; associating the signed phrase with the remote user; signing the phrase with an encryption key obtained by the security chip when a request for access to the computer network is received from the remote user; comparing the phrase signed with the obtained encryption key with the signed phrase associated with the remote user; and granting access to the remote user if the phrase signed with the obtained encryption key is the same as the stored signed phrase associated with the remote user. The use of the encryption key protects against “dictionary attacks”. Use of the security chip protects against offline attacks. These provide greater security for the computer network.

Abstract: A system and method to allow valid profiles in autonomic computing discover is presented. A client accesses a network and sends a profile information request to a central computing device, such as a server. The server identifies client properties, such as the client's location and a user functionality description which corresponds to the client's user. The server uses the identified client properties to select an appropriate master profile from a master profile look-up table. The server sends master profile information, such as the master profile's pathname and revision time, to the client. In turn, the client determines whether it already has a valid profile or whether it should download an up-to-date version. If the client requires an up-to-date profile version, the client downloads the master profile from the server and uses the downloaded profile for various computing tasks.

Abstract: A method and system for verifying binding of an initial trusted device to a secured processing system binds an initial device or replacement when no binding information is available from another device in the system. A platform credential is issued only when a valid binding is verified, by sending a proof of binding to a credential provider, such as the manufacturer. The method secures against security breaches that can occur when a device is removed from the system during the binding process. The binding information is generated in the device upon installation and includes system identification information so that at each initialization, upon return of binding information from the system to the device, the device can ensure that it is installed in the proper system and abort operation if the system does not match.

Abstract: A method and system for backup and restore of a context encryption key (CEK) for a trusted device within a secured processing system maintains security of virtualized trusted device contexts, providing for replacement of a trusted device in the field. The CEK is encrypted along with a system identifier by a random number to yield a first result. The first result is again encrypted with a manufacturer public key. The resulting blob is stored along with the random number. To restore, the system sends the blob and the device ID to a server. The server obtains the first result by decrypting with the manufacturer private key, re-encrypts with the device public key and sends the new result back. The system sends the new result to the device along with the associated random number. The device decrypts the new result using its private key and decrypts the CEK using the random number.

Abstract: A system and method of providing increased security of a personal computer through the use of its operating system and initialization. The invention provides a security profile which indicates the level of authorization which the user has and the security exposure which a user will be permitted, which combines with a stored log of attempts to access the personal computer through the use of the password and the results of each attempt to provide a system where unsuccessful attempts will turn off the system. The system also includes a plurality of access levels so that some functions in the computer may be denied to a user but permitted to a system administrator. The access log also may include a record of physical security attacks or attempt, such as removing the covers of a personal computer.

Abstract: A method and system for storing to a server a private key that was created on a TCPA-enabled client computer by the user. The user's private key is wrapped in a server non-migratable public key and sent to the server. When the user wants to migrate the user private key to a TCPA-enabled client computer, the user sends a request to the server for the user's private key along with the user's personal migration data for user identification. The server wraps the user's private key in the TCPA-enabled client computer's non-migratable public key, and transmits this “blob” to the client computer, which unwraps the blob to reveal the user's private key.

Abstract: An apparatus, system, and method are disclosed for securing I/O communications between a blade and peripheral interface device. The apparatus includes a determination module, a source security module, and a source communication module. The determination module identifies I/O data configured for transmission to a destination module configured to receive secure I/O data. The source security module encrypts the I/O data to generate secured I/O data such that subsequent decryption of the secured I/O data is restricted to a destination module. The source communication module transmits the secured I/O data over a vulnerable communication link to the destination module. The vulnerable communication link comprises a message intercept vulnerability. The destination module is configured to unencrypt the secure I/O data for a destination device such as a display device.

Abstract: A computer system, method of operation, and program product which gives a clear indication to a user when a computer system has transitioned to a trusted state.

Abstract: A computer system contains selectively available boot block codes. A first boot block is of the conventional type and is stored in storage media such as flash ROM on a system planar with the processor of the computer system. A second boot block is located on a feature card and contains an immutable security code in compliance with the Trusted Computing Platform Alliance (TCPA) specification. The boot block on the feature card is enabled if the first boot block detects the presence of the feature card. The computer system can be readily modified as the computer system is reconfigured, while maintaining compliance with the TCPA specification. A switching mechanism controls which of the boot blocks is to be activated. The feature card is disabled in the event of a computer system reset to prevent access to the TCPA compliant code and function.

Abstract: In a network of workstations implementing a grid for sharing workstation resources while maintaining local workstation workloads, grid workloads are assigned to workstations depending on how busy they are with the local workload. CPU utilization is monitored at each workstation and grid workload is only accepted if it can be handled without impacting the interactive performance of the workstation and in alignment with the workstation user's preferences. Also, grid workloads may be categorized by the extent to which they tie up workstation resources and this categorization used as further input to the grid workload assignment process.

Abstract: A method and system for securing access to a keyboard driver in a host computer. The host computer includes a host processor that manages communication between a keyboard driver and a keyboard attached to the host computer. In accordance with a method of the present invention, a packet is received on a bus that connects the keyboard to the host processor. A determining is made of whether or not the packet originated from the keyboard. In response to determining that the packet originated from the keyboard, a independent bus traffic monitor processor sets an input secure bit which is then read by the host processor to selectively provide access to the keyboard driver in accordance with verification that the keyboard originated the packet.

Abstract: A data processing system and method are disclosed for maintaining secure user private keys in a non-secure storage device. A master key pair is established for the system. The master key pair includes a master private key and a master public key. The master key pair is stored in a protected storage device. A unique user key pair is established for each user. The user key pair includes a user private key and a user public key. The user private key is encrypted utilizing the master public key. The encrypted user private key is stored in the non-secure storage device, wherein the encrypted user private key is secure while stored in the non-secure storage device.

Abstract: A method for migrating a base chip key from a first computer system to a second computer system is disclosed. A first computer system includes a base chip key 1, and a second computer system includes a base chip key 2. Using a first certificate for the base chip key 1, a manufacturer of the second computer system generates a second certificate for the base chip key 1. Similarly, using a first certificate for the base chip key 2, a manufacturer of the first computer system generates a second certificate for the base chip key 2. A first data packet is then sent from the first computer system to the second computer system. The first data packet includes a first random number and all the data required to reproduce the base chip key 1 in the first computer system. The first data packet is also encrypted with the base chip key 1's public key.

Abstract: A method for providing security to a computer on a computer network is disclosed. When a network-supplied privileged-access password (PAP) is encountered during a system boot-up operation of the computer, the network-supplied PAP is compared with a system-installed PAP. The network-supplied PAP is stored in a first location of a non-volatile memory of the computer, and the system-installed PAP is stored in a second location of the non-volatile memory of the computer. The system-installed PAP is previously entered to the computer via a keyboard of the computer. If the network-supplied PAP does not match the system-installed PAP, a tamper evident mechanism within the computer is set. Otherwise, if the network-supplied PAP matches the system-installed PAP, the boot-up operation continues to be performed. After the boot-up operation has been completed, configuration of the computer is allowed to be performed remotely over the computer network.