Patents by Inventor Geoffrey Ndu
Geoffrey Ndu has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240119155Abstract: A process includes, responsive to a request to load a kernel module, determining, by an operating system kernel, a hash digest for the kernel module. The kernel module is associated with a name. The process includes determining, by the operating system kernel, whether an expected kernel module list contains an entry that contains the name and associates the name with the hash digest. The process includes, responsive to the determination of whether the expected kernel module list contains the entry, generating, by the operating system kernel, an alert that is associated with the kernel module.Type: ApplicationFiled: October 10, 2022Publication date: April 11, 2024Inventors: Geoffrey Ndu, Gustavo Knüppe
-
Patent number: 11803639Abstract: Examples disclosed herein relate to integrity monitoring of a computing system using a kernel that can update its own code. Trust of state information is verified. Kernel code and module code are loaded into memory that is accessible to a device separate from a processor that loads the kernel code and module code. A measurement module is verified and loaded into memory. The state information can correspond to multiple symbols. The measurement module can measure the state information corresponding to each of the respective symbols to generate a set of initial measurements. The set of initial measurements can be provided to a device for integrity monitoring. The device is to compare a current measurement with an initial measurement to determine if a potential violation occurred. The device is to use a representation of a jump table to determine whether the potential violation is a violation.Type: GrantFiled: April 16, 2021Date of Patent: October 31, 2023Assignee: Hewlett Packard Enterprise Development LPInventors: Geoffrey Ndu, Theofrastos Koulouris, Nigel Edwards
-
Patent number: 11775649Abstract: Examples disclosed herein relate to performing a verification check in response to receiving notification. A computing system includes a host processor, memory coupled to the host processor, and a device separate from the host processor capable of accessing the memory. The host processor has a page table base register. The host processor is configured to send a notification to the device when the page table base register changes. The device performs a verification check in response to receiving the notification.Type: GrantFiled: August 23, 2022Date of Patent: October 3, 2023Assignee: Hewlett Packard Enterprise Development LPInventors: Geoffrey Ndu, Nigel Edwards
-
Patent number: 11714910Abstract: Examples disclosed herein relate to integrity monitoring of a computing system. Trust of state information is verified. Kernel code and module code are loaded into memory that is accessible to a device separate from a processor that loads the kernel code and module code. A measurement module is verified and loaded into memory. The state information can correspond to multiple symbols. The measurement module can measure the state information corresponding to each of the respective symbols to generate a set of initial measurements. The set of initial measurements can be provided to a device for integrity monitoring.Type: GrantFiled: June 13, 2018Date of Patent: August 1, 2023Assignee: Hewlett Packard Enterprise Development LPInventors: Geoffrey Ndu, David Altobelli, Nigel Edwards, Luis Luciani, Jr.
-
Publication number: 20230222226Abstract: A technique includes an operating system agent of a computer system monitoring a process to detect whether an integrity of the process has been compromised. The monitoring includes the operating system agent scanning a data structure. The process executes in a user space, and the data structure is part of an operating system kernel space. The technique includes a hardware controller of the computer system listening for a heartbeat that is generated by the operating system agent. The hardware controller takes a corrective action in response to at least one of the hardware controller detecting an interruption of the heartbeat, or the operating system agent communicating to the hardware controller a security alert for the process.Type: ApplicationFiled: March 21, 2023Publication date: July 13, 2023Inventors: Geoffrey Ndu, Nigel John Edwards
-
Patent number: 11663017Abstract: A method comprising: generating, with a device, a nonce; writing, with the device, the nonce to a memory location accessible to a kernel; initializing the kernel; in response to an end of initialization, measuring a specified kernel space to produce a first result; writing the first result to a register of a second device; writing a location and size of the specified kernel space to a buffer; measuring the buffer; writing a result of buffer measurement to a second register of the second device; requesting a quote from the second device, the quote to include the nonce, the contents of the register, and the contents of the second register; and passing the quote to the device.Type: GrantFiled: July 12, 2021Date of Patent: May 30, 2023Assignee: Hewlett Packard Enterprise Development LPInventors: Geoffrey Ndu, Nigel Edwards
-
Patent number: 11636214Abstract: A technique includes an operating system agent of a computer system monitoring a process to detect whether an integrity of the process has been compromised. The monitoring includes the operating system agent scanning a data structure. The process executes in a user space, and the data structure is part of an operating system kernel space. The technique includes a hardware controller of the computer system listening for a heartbeat that is generated by the operating system agent. The hardware controller takes a corrective action in response to at least one of the hardware controller detecting an interruption of the heartbeat, or the operating system agent communicating to the hardware controller a security alert for the process.Type: GrantFiled: December 11, 2020Date of Patent: April 25, 2023Assignee: Hewlett Packard Enterprise Development LPInventors: Geoffrey Ndu, Nigel John Edwards
-
Patent number: 11636209Abstract: A system comprising an inner kernel of an operating system (OS) running at a higher privilege level than an outer kernel of the OS, the inner kernel to measure a data structure in a memory; a device including a measurement engine to measure the data structure in the memory, wherein the device operates independently of the OS; and a trusted execution environment including an application to compare measurements from the inner kernel and the measurement engine.Type: GrantFiled: September 2, 2021Date of Patent: April 25, 2023Assignee: Hewlett Packard Enterprise Development LPInventors: Geoffrey Ndu, Ludovic Emmanuel Paul Noel Jacquin, Nigel Edwards
-
Publication number: 20220405393Abstract: Examples disclosed herein relate to performing a verification check in response to receiving notification. A computing system includes a host processor, memory coupled to the host processor, and a device separate from the host processor capable of accessing the memory. The host processor has a page table base register. The host processor is configured to send a notification to the device when the page table base register changes. The device performs a verification check in response to receiving the notification.Type: ApplicationFiled: August 23, 2022Publication date: December 22, 2022Inventors: Geoffrey NDU, Nigel EDWARDS
-
Patent number: 11455395Abstract: Examples disclosed herein relate to performing a verification check in response to receiving notification. A computing system includes a host processor, memory coupled to the host processor, and a device separate from the host processor capable of accessing the memory. The host processor has a page table base register. The host processor is configured to send a notification to the device when the page table base register changes. The device performs a verification check in response to receiving the notification.Type: GrantFiled: June 17, 2020Date of Patent: September 27, 2022Assignee: Hewlett Packard Enterprise Development LPInventors: Geoffrey Ndu, Nigel Edwards
-
Publication number: 20220188423Abstract: A technique includes an operating system agent of a computer system monitoring a process to detect whether an integrity of the process has been compromised. The monitoring includes the operating system agent scanning a data structure. The process executes in a user space, and the data structure is part of an operating system kernel space. The technique includes a hardware controller of the computer system listening for a heartbeat that is generated by the operating system agent. The hardware controller takes a corrective action in response to at least one of the hardware controller detecting an interruption of the heartbeat, or the operating system agent communicating to the hardware controller a security alert for the process.Type: ApplicationFiled: December 11, 2020Publication date: June 16, 2022Inventors: Geoffrey Ndu, Nigel John Edwards
-
Patent number: 11334501Abstract: In some examples, a control device includes a controller to receive, from a requester device that is separate from the control device, a request to access a first memory region of a memory. The controller is to determine, based on occurrence of a systems initialization event and according to permissions information that identifies access permissions for respective memory regions of the memory, whether access of content in the first memory region is allowed.Type: GrantFiled: January 28, 2020Date of Patent: May 17, 2022Assignee: Hewlett Packard Enterprise Development LPInventors: Geoffrey Ndu, Ludovic Emmanuel Paul Noel Jacquin
-
Publication number: 20210397709Abstract: A system comprising an inner kernel of an operating system (OS) running at a higher privilege level than an outer kernel of the OS, the inner kernel to measure a data structure in a memory; a device including a measurement engine to measure the data structure in the memory, wherein the device operates independently of the OS; and a trusted execution environment including an application to compare measurements from the inner kernel and the measurement engine.Type: ApplicationFiled: September 2, 2021Publication date: December 23, 2021Inventors: Geoffrey NDU, Ludovic Emmanuel Paul Noel JACQUIN, Nigel EDWARDS
-
Publication number: 20210397713Abstract: Examples disclosed herein relate to performing a verification check in response to receiving notification. A computing system includes a host processor, memory coupled to the host processor, and a device separate from the host processor capable of accessing the memory. The host processor has a page table base register. The host processor is configured to send a notification to the device when the page table base register changes. The device performs a verification check in response to receiving the notification.Type: ApplicationFiled: June 17, 2020Publication date: December 23, 2021Inventors: Geoffrey Ndu, Nigel Edwards
-
Publication number: 20210342162Abstract: A method comprising: generating, with a device, a nonce; writing, with the device, the nonce to a memory location accessible to a kernel; initializing the kernel; in response to an end of initialization, measuring a specified kernel space to produce a first result; writing the first result to a register of a second device; writing a location and size of the specified kernel space to a buffer; measuring the buffer; writing a result of buffer measurement to a second register of the second device; requesting a quote from the second device, the quote to include the nonce, the contents of the register, and the contents of the second register; and passing the quote to the device.Type: ApplicationFiled: July 12, 2021Publication date: November 4, 2021Inventors: Geoffrey NDU, Nigel EDWARDS
-
Patent number: 11138315Abstract: A system comprising an inner kernel of an operating system (OS) running at a higher privilege level than an outer kernel of the OS, the inner kernel to measure a data structure in a memory; a device including a measurement engine to measure the data structure in the memory, wherein the device operates independently of the OS; and a trusted execution environment including an application to compare measurements from the inner kernel and the measurement engine.Type: GrantFiled: January 17, 2018Date of Patent: October 5, 2021Assignee: Hewlett Packard Enterprise Development LPInventors: Geoffrey Ndu, Ludovic Emmanuel Paul Noel Jacquin, Nigel Edwards
-
Patent number: 11119789Abstract: A method comprising: generating, with a device, a nonce; writing, with the device, the nonce to a memory location accessible to a kernel; initializing the kernel; in response to an end of initialization, measuring a specified kernel space to produce a first result; writing the first result to a register of a second device; writing a location and size of the specified kernel space to a buffer; measuring the buffer; writing a result of buffer measurement to a second register of the second device; requesting a quote from the second device, the quote to include the nonce, the contents of the register, and the contents of the second register; and passing the quote to the device.Type: GrantFiled: April 25, 2018Date of Patent: September 14, 2021Assignee: Hewlett Packard Enterprise Development LPInventors: Geoffrey Ndu, Nigel Edwards
-
Publication number: 20210256118Abstract: Examples disclosed herein relate to integrity monitoring of a computing system using a kernel that can update its own code. Trust of state information is verified. Kernel code and module code are loaded into memory that is accessible to a device separate from a processor that loads the kernel code and module code. A measurement module is verified and loaded into memory. The state information can correspond to multiple symbols. The measurement module can measure the state information corresponding to each of the respective symbols to generate a set of initial measurements. The set of initial measurements can be provided to a device for integrity monitoring. The device is to compare a current measurement with an initial measurement to determine if a potential violation occurred. The device is to use a representation of a jump table to determine whether the potential violation is a violation.Type: ApplicationFiled: April 16, 2021Publication date: August 19, 2021Inventors: Geoffrey NDU, Theofrastos KOULOURIS, Nigel EDWARDS
-
Publication number: 20210232510Abstract: In some examples, a control device includes a controller to receive, from a requester device that is separate from the control device, a request to access a first memory region of a memory. The controller is to determine, based on occurrence of a systems initialization event and according to permissions information that identifies access permissions for respective memory regions of the memory, whether access of content in the first memory region is allowed.Type: ApplicationFiled: January 28, 2020Publication date: July 29, 2021Inventors: Geoffrey Ndu, Ludovic Emmanuel Paul Noel Jacquin
-
Patent number: 11017080Abstract: Examples disclosed herein relate to integrity monitoring of a computing system using a kernel that can update its own code. Trust of state information is verified. Kernel code and module code are loaded into memory that is accessible to a device separate from a processor that loads the kernel code and module code. A measurement module is verified and loaded into memory. The state information can correspond to multiple symbols. The measurement module can measure the state information corresponding to each of the respective symbols to generate a set of initial measurements. The set of initial measurements can be provided to a device for integrity monitoring. The device is to compare a current measurement with an initial measurement to determine if a potential violation occurred. The device is to use a representation of a jump table to determine whether the potential violation is a violation.Type: GrantFiled: June 13, 2018Date of Patent: May 25, 2021Assignee: Hewlett Packard Enterprise Development LPInventors: Geoffrey Ndu, Theofrastos Koulouris, Nigel Edwards