Patents by Inventor Eitaroh Kasamatsu
Eitaroh Kasamatsu has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240070244Abstract: An information processing apparatus includes: a fingerprint information acquisition unit that acquires and holds fingerprint information of a finger operating a power button with a fingerprint sensor that is integrated with the power button to boot a system; and a processor that executes authentication processing by the system based on the fingerprint information acquired by the fingerprint authentication device. At the timing when authentication processing by the system is executed by the processor, the fingerprint information acquisition unit has a first mode that holds the fingerprint information and a second mode that does not hold the fingerprint information.Type: ApplicationFiled: October 28, 2022Publication date: February 29, 2024Applicant: Lenovo (Singapore) Pte. Ltd.Inventors: Yuuki Matsuura, Eitaroh Kasamatsu
-
Publication number: 20220164198Abstract: An information processing apparatus includes a Basic Input Output System (BIOS) memory which stores a BIOS program, a management information memory which stores management information in which each BIOS function is associated with an expiration date of the BIOS function and a state of the BIOS function; and a processor. The processor executes a BIOS management process which, when a date acquired from a clock has passed the expiration date stored in the management information memory, disables the BIOS function corresponding to the expiration date and changes, to an invalid state, the state of the BIOS function corresponding to the disabled BIOS function in the management information.Type: ApplicationFiled: October 15, 2021Publication date: May 26, 2022Applicant: Lenovo (Singapore) Pte. Ltd.Inventors: Koudai Horinouchi, Eitaroh Kasamatsu, Mikio Hagiwara, Ke Ma
-
Patent number: 10372914Abstract: For validating computing device firmware, systems, apparatus, and methods are disclosed. The apparatus includes a processor, and a memory that stores code executable by the processor, the code including code that acquires a firmware manifest for locally stored firmware, authenticates a digital signature of the firmware manifest, and validates contents of the locally stored firmware using the firmware manifest. The apparatus may also include code that generates a local firmware manifest from the firmware, wherein validating the contents of the firmware includes comparing the local firmware manifest to the firmware manifest. In certain embodiments, the apparatus may indicate, to a user, one of success and failure of the firmware validation. The firmware manifest may be a location-specific firmware manifest corresponding to a geographical location of the apparatus and/or computing device including the locally stored firmware.Type: GrantFiled: June 24, 2015Date of Patent: August 6, 2019Assignee: LENOVO (SINGAPORE) PTE. LTD.Inventors: Steven D. Goodman, Mikio Hagiwara, William Laurence Jaeger, Jr., Eitaroh Kasamatsu, Kohsuke Ohtani, Randall Scott Springfield, David Burke Stone, Christopher Aaron Whitesock
-
Patent number: 10289850Abstract: For supervisor password access based on a key press of a hotkey, systems, apparatus, methods, and program products are disclosed. The apparatus may include a processor that monitors for a key press of a hotkey during a up process, that detects a supervisor password access attempt, that allows access to the supervisor password in response to hotkey being pressed during the boot up process, and that denies access to the supervisor password in response to hotkey not being pressed during the boot up process.Type: GrantFiled: March 25, 2016Date of Patent: May 14, 2019Assignee: Lenovo (Singapore) PTE. LTD.Inventors: Joseph Robert Parker, Mikio Hagiwara, James Patrick Hoff, Eitaroh Kasamatsu
-
Publication number: 20170277896Abstract: For supervisor password access based on a key press of a hotkey, systems, apparatus, methods, and program products are disclosed. The apparatus may include a processor that monitors for a key press of a hotkey during a up process, that detects a supervisor password access attempt, that allows access to the supervisor password in response to hotkey being pressed during the boot up process, and that denies access to the supervisor password in response to hotkey not being pressed during the boot up process.Type: ApplicationFiled: March 25, 2016Publication date: September 28, 2017Inventors: Joseph Robert Parker, Mikio Hagiwara, James Patrick Hoff, Eitaroh Kasamatsu
-
Patent number: 9735960Abstract: A portable computer capable of protecting an encryption key that is sent out to a disk drive after a preboot process has ended is disclosed. The portable computer includes a disk drive for encrypting a volume as a whole, and for decoding data at the volume in response to a receipt of an encryption key from a system. The portable computer also includes a key transfer mechanism, a tamper detection mechanism and a protecting mechanism. In response to a boot process starting from a power-off state, the key transfer mechanism automatically sends the encryption key to the disk drive. The tamper detection mechanism detects a physical tampering of the disk drive. In response to a detection of a physical tampering by the tamper detection mechanism, the protecting mechanism prevents an operation of automatically sending the encryption key to the disk drive by the key transfer mechanism.Type: GrantFiled: July 13, 2015Date of Patent: August 15, 2017Assignee: LENOVO (SINGAPORE) PTD LTEInventors: Mikio Hagiwara, Eitaroh Kasamatsu
-
Patent number: 9703635Abstract: A set of variables referred to by unified extensible firmware interface (UEFI) firmware is restored. The UEFI firmware stored in a read-only memory (ROM) is firstly executed after power-up. The UEFI firmware writes a variable set related to boot, into a variable area. As an operating system (OS) also writes a set of variables into the variable area, the boot-related variable set may be altered. The variable set is saved into a prescribed area, such as a universal serial bus (USB) memory key, when the computer boots normally. If alteration of the variable set in the reference area is detected during a boot of the computer, the variable set in the reference area is replaced with the saved variable set. The variable set alteration may be detected using a detection flag which is set immediately after a boot is started and reset immediately before an OS is loaded.Type: GrantFiled: May 20, 2015Date of Patent: July 11, 2017Assignee: Lenovo (Singapore) PTE. LTD.Inventors: Mikio Hagiwara, Eitaroh Kasamatsu
-
Publication number: 20160378990Abstract: For validating computing device firmware, systems, apparatus, and methods are disclosed. The apparatus includes a processor, and a memory that stores code executable by the processor, the code including code that acquires a firmware manifest for locally stored firmware, authenticates a digital signature of the firmware manifest, and validates contents of the locally stored firmware using the firmware manifest. The apparatus may also include code that generates a local firmware manifest from the firmware, wherein validating the contents of the firmware includes comparing the local firmware manifest to the firmware manifest. In certain embodiments, the apparatus may indicate, to a user, one of success and failure of the firmware validation. The firmware manifest may be a location-specific firmware manifest corresponding to a geographical location of the apparatus and/or computing device including the locally stored firmware.Type: ApplicationFiled: June 24, 2015Publication date: December 29, 2016Inventors: Steven D. Goodman, Mikio Hagiwara, William Laurence Jaeger, JR., Eitaroh Kasamatsu, Kohsuke Ohtani, Randall Scott Springfield, David Burke Stone, Christopher Aaron Whitesock
-
Patent number: 9292302Abstract: Provided is a method for temporarily skipping a secure boot function. A computer is configured so that a secure boot function is set as enabled by default. Depression of a power button of the computer in a power-off state generates a startup signal. At the time of startup from S4/S5 state, a switch is turned ON and PP bit indicating physical presence is set at a register. Depression of a specific key on a keyboard causes DE bit to be set at a register. When PP bit and DE bit are found, UEFI firmware stored in a firmware ROM temporarily skips integrity validation of a boot program only for boot this time.Type: GrantFiled: January 8, 2013Date of Patent: March 22, 2016Assignee: Lenovo (Singapore) PTE. LTD.Inventors: Ken Sasaki, Eitaroh Kasamatsu, Yusaku Morishige, Kohsuke Ohtani
-
Publication number: 20160026810Abstract: A portable computer capable of protecting an encryption key that is sent out to a disk drive after a preboot process has ended is disclosed. The portable computer includes a disk drive for encrypting a volume as a whole, and for decoding data at the volume in response to a receipt of an encryption key from a system. The portable computer also includes a key transfer mechanism, a tamper detection mechanism and a protecting mechanism. In response to a boot process starting from a power-off state, the key transfer mechanism automatically sends the encryption key to the disk drive. The tamper detection mechanism detects a physical tampering of the disk drive. In response to a detection of a physical tampering by the tamper detection mechanism, the protecting mechanism prevents an operation of automatically sending the encryption key to the disk drive by the key transfer mechanism.Type: ApplicationFiled: July 13, 2015Publication date: January 28, 2016Inventors: MIKIO HAGIWARA, EITAROH KASAMATSU
-
Publication number: 20150378846Abstract: A set of variables referred to by unified extensible firmware interface (UEFI) firmware is restored. The UEFI firmware stored in a read-only memory (ROM) is firstly executed after power-up. The UEFI firmware writes a variable set related to boot, into a variable area. As an operating system (OS) also writes a set of variables into the variable area, the boot-related variable set may be altered. The variable set is saved into a prescribed area, such as a universal serial bus (USB) memory key, when the computer boots normally. If alteration of the variable set in the reference area is detected during a boot of the computer, the variable set in the reference area is replaced with the saved variable set. The variable set alteration may be detected using a detection flag which is set immediately after a boot is started and reset immediately before an OS is loaded.Type: ApplicationFiled: May 20, 2015Publication date: December 31, 2015Inventors: Mikio Hagiwara, Eitaroh Kasamatsu
-
Patent number: 8990926Abstract: A method for protecting a password of a computer having a non-volatile memory is disclosed. A password is stored in a non-volatile memory of a computer. The computer is then transitioned to a power saving state. In response to a detection of an unauthorized access to the non-volatile memory during the power saving state transition, a password input is requested from a user. The computer returns to a power-on state from the power saving state when there is a success in authentication of the input password.Type: GrantFiled: December 10, 2012Date of Patent: March 24, 2015Assignee: Lenovo (Singapore) Pte LtdInventors: Mikio Hagiwara, Eitaroh Kasamatsu, Yasumichi Tsukamoto, Naoyuki Araki
-
Patent number: 8694794Abstract: A method for protecting a privilege level of a system management mode (SMM) of a computer system is disclosed. A SMM program is loaded into a special memory (SMRAM) area within a system memory of a computer. A first program, a second program, and a vector table are loaded into a general area of the system memory. Before the booting process of the computer has been completed, a reference hash value of the first program is determined by the SMM program, and the reference hash value is stored in the SMRAM area. A hash value of the first program is the computed by the SMM program. After the computer has been operating under an operating environment of an operating system, the computed hash value is compared to the reference hash value. When the computed hash value matches the reference hash value, the first program is called by the SMM program.Type: GrantFiled: September 2, 2010Date of Patent: April 8, 2014Assignee: Lenovo (Singapore) Pte Ltd.Inventors: Norihito Ishida, Toyoaki Inada, Eitaroh Kasamatsu, Noritoshi Yoshiyama
-
Publication number: 20110078408Abstract: A method for protecting a privilege level of a system management mode (SMM) of a computer system is disclosed. A SMM program is loaded into a special memory (SMRAM) area within a system memory of a computer. A first program, a second program, and a vector table are loaded into a general area of the system memory. Before the booting process of the computer has been completed, a reference hash value of the first program is determined by the SMM program, and the reference hash value is stored in the SMRAM area. A hash value of the first program is the computed by the SMM program. After the computer has been operating under an operating environment of an operating system, the computed hash value is compared to the reference hash value. When the computed hash value matches the reference hash value, the first program is called by the SMM program.Type: ApplicationFiled: September 2, 2010Publication date: March 31, 2011Inventors: Norihito Ishida, Toyoaki Inada, Eitaroh Kasamatsu, Noritoshi Yoshiyama
-
Patent number: 7424611Abstract: Preventing malicious code from reading an authenticator and being falsely authenticated using the read authenticator. Authenticator accepting period detection means detects an authenticator accepting period during which inoperativeness of all unauthenticated programs is guaranteed. Program executing means transmits its authenticator only during the authenticator accepting period. After authentication means is authenticated as genuine, the authentication means computes a one-way function value of the authenticator received from the program executing means and compares the one-way function value X with a stored value Y for the program executing means. If X=Y, then the authentication means authenticates the program executing means.Type: GrantFiled: March 3, 2003Date of Patent: September 9, 2008Assignee: Lenovo (Singapore) Pte. Ltd.Inventors: Akira Hino, Eitaroh Kasamatsu, Akiyoshi Tanaka
-
Patent number: 7093142Abstract: The present invention facilitates the operational management and usability of a portable computing device by providing an apparatus, method and program product to allow a user to select the operational and power state of a device operably connected with a computer and the power state of the computer prior to removing the computer from an apparatus such as a docking station.Type: GrantFiled: January 7, 2003Date of Patent: August 15, 2006Assignee: Lenovo Pte. Ltd.Inventors: Mikio Hagiwara, Eitaroh Kasamatsu, Mizuho Tadakoro
-
Publication number: 20060136710Abstract: A first series of bits corresponds to compatibility information of firmware of a computer system. Each bit corresponds to an attribute of the firmware or the system, is equal to one when the attribute denotes a potential incompatibility factor as to the attribute, and is otherwise equal to zero. A second series of bits corresponds to a firmware image with which the firmware is to be upgraded. Each bit indicates whether the firmware image is compatible with the attribute of a corresponding first series bit, is equal to one where the firmware image is compatible with the attribute, and is otherwise equal to zero. A logical AND operation is performed on the first and the second series of bits. Where the result of the logical AND operation is equal to the first series of bits, the firmware is allowed to be upgraded with the image, and otherwise is disallowed.Type: ApplicationFiled: December 22, 2004Publication date: June 22, 2006Inventors: Kenji Oka, Eitaroh Kasamatsu, Shinji Ohishi
-
Publication number: 20040133715Abstract: The present invention facilitates the operational management and usability of a portable computing device by providing an apparatus, method and program product to allow a user to select the operational and power state of a device operably connected with a computer and the power state of the computer prior to removing the computer from an apparatus such as a docking station.Type: ApplicationFiled: January 7, 2003Publication date: July 8, 2004Applicant: International Business Machines CorporationInventors: Mikio Hagiwara, Eitaroh Kasamatsu, Mizuho Tadokoro
-
Patent number: 6704808Abstract: An expansion unit control method for use with an expansion control unit containing at least one device, includes allocating a predetermined input/output (I/O) resource, ensured not to be used in processing, to the at least one device as an I/O resource used for sending and receiving information, performing a predetermined process for the at least one device by sending and receiving information to and from the at least one device through the predetermined I/O resource, and deallocating the predetermined I/O resource allocated to the at least one device.Type: GrantFiled: February 13, 2001Date of Patent: March 9, 2004Assignee: International Business Machines CorporationInventors: Eitaroh Kasamatsu, Seiichi Kawano
-
Publication number: 20030221114Abstract: Preventing malicious code from reading an authenticator and being falsely authenticated using the read authenticator. Authenticator accepting period detection means detects an authenticator accepting period during which inoperativeness of all unauthenticated programs is guaranteed. Program executing means transmits its authenticator only during the authenticator accepting period. After authentication means is authenticated as genuine, the authentication means computes a one-way function value of the authenticator received from the program executing means and compares the one-way function value X with a stored value Y for the program executing means. If X=Y, then the authentication means authenticates the program executing means.Type: ApplicationFiled: March 3, 2003Publication date: November 27, 2003Applicant: International Business Machines CorporationInventors: Akira Hino, Eitaroh Kasamatsu, Akiyoshi Tanaka