Patents by Inventor Mark S. Doran
Mark S. Doran has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10275598Abstract: In one embodiment, the present invention includes a method to establish a secure pre-boot environment in a computer system and performs at least one secure operation in the secure environment. In one embodiment, the secure operation may be storage of a secret in the secure pre-boot environment.Type: GrantFiled: April 6, 2015Date of Patent: April 30, 2019Assignee: Intel CorporationInventors: Vincent J. Zimmer, Bryant E. Bigbee, Andrew J. Fish, Mark S. Doran
-
Patent number: 10049216Abstract: Technologies for media protection policy enforcement include a computing device having multiple operating systems and a data storage device partitioned into a number of regions. During execution of each of the operating systems, a policy enforcement module may intercept media access requests and determine whether to allow the media access requests based on platform media access policies. The media access policies may allow requests based on the identity of the executing operating system, the region of the data storage device, or the requested storage operation. Prior to loading a selected operating system, a firmware policy enforcement module may determine a region of the disk storage device to protect from the selected operating system. The firmware policy enforcement module may configure the data storage device to prevent access to that region. The media access policies may be stored in one or more firmware variables. Other embodiments are described and claimed.Type: GrantFiled: June 6, 2014Date of Patent: August 14, 2018Assignee: Intel CorporationInventors: Michael A. Rothman, Vincent Zimmer, Mark S. Doran
-
Patent number: 10025934Abstract: Technologies for media protection policy enforcement include a computing device having multiple operating systems and a data storage device partitioned into a number of regions. During execution of each of the operating systems, a policy enforcement module may intercept media access requests and determine whether to allow the media access requests based on platform media access policies. The media access policies may allow requests based on the identity of the executing operating system, the region of the data storage device, or the requested storage operation. Prior to loading a selected operating system, a firmware policy enforcement module may determine a region of the disk storage device to protect from the selected operating system. The firmware policy enforcement module may configure the data storage device to prevent access to that region. The media access policies may be stored in one or more firmware variables. Other embodiments are described and claimed.Type: GrantFiled: August 1, 2017Date of Patent: July 17, 2018Assignee: Intel CorporationInventors: Michael A. Rothman, Vincent Zimmer, Mark S. Doran
-
Publication number: 20170329970Abstract: Technologies for media protection policy enforcement include a computing device having multiple operating systems and a data storage device partitioned into a number of regions. During execution of each of the operating systems, a policy enforcement module may intercept media access requests and determine whether to allow the media access requests based on platform media access policies. The media access policies may allow requests based on the identity of the executing operating system, the region of the data storage device, or the requested storage operation. Prior to loading a selected operating system, a firmware policy enforcement module may determine a region of the disk storage device to protect from the selected operating system. The firmware policy enforcement module may configure the data storage device to prevent access to that region. The media access policies may be stored in one or more firmware variables. Other embodiments are described and claimed.Type: ApplicationFiled: August 1, 2017Publication date: November 16, 2017Inventors: Michael A. Rothman, Vincent Zimmer, Mark S. Doran
-
Patent number: 9262178Abstract: Methods, systems and computer program products are disclosed for enhanced system boot processing that is faster to launch an operating system, as certain devices such as user input hardware devices may not be initialized unless it is determined that a user-interruption to the boot process is likely. That is, although an interface for the devices is exposed, no initialization occurs unless a call to the interface occurs. Other embodiments are described and claimed.Type: GrantFiled: December 18, 2012Date of Patent: February 16, 2016Assignee: Intel CorporationInventors: Michael A. Rothman, Vincent J. Zimmer, Mark S. Doran, Michael D. Kinney
-
Publication number: 20150220737Abstract: Technologies for media protection policy enforcement include a computing device having multiple operating systems and a data storage device partitioned into a number of regions. During execution of each of the operating systems, a policy enforcement module may intercept media access requests and determine whether to allow the media access requests based on platform media access policies. The media access policies may allow requests based on the identity of the executing operating system, the region of the data storage device, or the requested storage operation. Prior to loading a selected operating system, a firmware policy enforcement module may determine a region of the disk storage device to protect from the selected operating system. The firmware policy enforcement module may configure the data storage device to prevent access to that region. The media access policies may be stored in one or more firmware variables. Other embodiments are described and claimed.Type: ApplicationFiled: June 6, 2014Publication date: August 6, 2015Inventors: Michael A. Rothman, Vincent Zimmer, Mark S. Doran
-
Publication number: 20150213269Abstract: In one embodiment, the present invention includes a method to establish a secure pre-boot environment in a computer system and performs at least one secure operation in the secure environment. In one embodiment, the secure operation may be storage of a secret in the secure pre-boot environment.Type: ApplicationFiled: April 6, 2015Publication date: July 30, 2015Inventors: Vincent J. Zimmer, Bryant E. Bigbee, Andrew J. Fish, Mark S. Doran
-
Patent number: 9026773Abstract: In one embodiment, the present invention includes a method to establish a secure pre-boot environment in a computer system; and perform at least one secure operation in the secure environment. In one embodiment, the secure operation may be storage of a secret in the secure pre-boot environment.Type: GrantFiled: July 1, 2011Date of Patent: May 5, 2015Assignee: Intel CorporationInventors: Vincent J. Zimmer, Bryant Bigbee, Andrew J. Fish, Mark S. Doran
-
Publication number: 20130275661Abstract: A non-volatile random access memory (NVRAM) is used in a computer system to perform multiple roles in a platform storage hierarchy. The NVRAM is byte-addressable by the processor and can be configured into one or more partitions, with each partition implementing a different tier of the platform storage hierarchy. The NVRAM can be used as mass storage that can be accessed without a storage driver.Type: ApplicationFiled: September 30, 2011Publication date: October 17, 2013Inventors: Vincent J. Zimmer, Michael A. Rothman, Mark S. Doran
-
Publication number: 20130198502Abstract: Methods, systems and computer program products are disclosed for enhanced system boot processing that is faster to launch an operating system, as certain devices such as user input hardware devices may not be initialized unless it is determined that a user-interruption to the boot process is likely. That is, although an interface for the devices is exposed, no initialization occurs unless a call to the interface occurs. Other embodiments are described and claimed.Type: ApplicationFiled: December 18, 2012Publication date: August 1, 2013Inventors: Michael A. Rothman, Vincent J. Zimmer, Mark S. Doran, Michael D. Kinney
-
Patent number: 8407489Abstract: When transitioning from sleep mode to active mode, a processing system loads first stage resume content and second stage resume content into a volatile memory of the processing system. The first stage resume content may contain contextual data for a first program that was in use before the processing system transitioned to sleep mode. The second stage resume content may contain contextual data for another program that was in use before the processing system transitioned to sleep mode. The processing system may provide a user interface for the first program before all of the second stage resume content has been loaded into the volatile memory. Other embodiments are described and claimed.Type: GrantFiled: April 7, 2009Date of Patent: March 26, 2013Assignee: Intel CorporationInventors: Michael A. Rothman, Glenn J. Hinton, Mark S. Doran, Vincent J. Zimmer, Michael D. Kinney
-
Patent number: 8356168Abstract: A method and apparatus for providing platform initialization enhancements is discussed herein. In one embodiment, buses, activities, devices, and/or nodes to be processed during boot, are processed in a non-blocking fashion, which potentially results in faster boot times. Moreover, some devices/nodes, such as root nodes, may be boot in an early phase of initialization to enhance both available resources and initialization times. Furthermore, early connects in an early phase of initialization may be performed to construct partial or entire device paths, which also potentially results in faster boot times.Type: GrantFiled: June 19, 2008Date of Patent: January 15, 2013Assignee: Intel CorporationInventors: Vincent J. Zimmer, Michael A. Rothman, Mark S. Doran
-
Publication number: 20110271090Abstract: In one embodiment, the present invention includes a method to establish a secure pre-boot environment in a computer system; and perform at least one secure operation in the secure environment. In one embodiment, the secure operation may be storage of a secret in the secure pre-boot environment.Type: ApplicationFiled: July 1, 2011Publication date: November 3, 2011Inventors: Vincent J. Zimmer, Bryant Bigbee, Andrew J. Fish, Mark S. Doran
-
Patent number: 7974416Abstract: In one embodiment, the present invention includes a method to establish a secure pre-boot environment in a computer system; and perform at least one secure operation in the secure environment. In one embodiment, the secure operation may be storage of a secret in the secure pre-boot environment.Type: GrantFiled: November 27, 2002Date of Patent: July 5, 2011Assignee: Intel CorporationInventors: Vincent J. Zimmer, Bryant Bigbee, Andrew J. Fish, Mark S. Doran
-
Patent number: 7673126Abstract: Methods and apparatus are disclosed to self-initialize a processor. An example method disclosed herein detects a processor reset, receives initialization instructions from a core zone, establishes a core zone boundary, executes received initialization instructions, and publishes a data structure, the data structure comprising state information. Other embodiments are described and claimed.Type: GrantFiled: September 19, 2006Date of Patent: March 2, 2010Assignee: Intel CorporationInventors: Vincent J. Zimmer, Michael A. Rothman, Mark S. Doran
-
Patent number: 7668945Abstract: Embodiments of a system and method for enabling a target computer to download a boot image and operating system from a boot server computer over a network are described. The target computer system includes a host processor environment and a platform management coprocessor subsystem that includes a microcontroller for providing manageability of the target computer platform. During a network boot procedure, the platform management coprocessor code employs a network access channel to retrieve the boot server name and a network address for the target computer. The platform management coprocessor code implements security measures to help ensure secure interaction between the boot server and the target computer. Once the secure association is established, the network boot process uses the BIOS code for the successive bulk downloads of the operating system to be loaded onto the target computer. Other embodiments are described and claimed.Type: GrantFiled: August 18, 2006Date of Patent: February 23, 2010Assignee: Intel CorporationInventors: Mark S. Doran, Vincent J. Zimmer, Michael A. Rothman
-
Publication number: 20090319763Abstract: A method and apparatus for providing platform initialization enhancements is discussed herein. In one embodiment, buses, activities, devices, and/or nodes to be processed during boot, are processed in a non-blocking fashion, which potentially results in faster boot times. Moreover, some devices/nodes, such as root nodes, may be boot in an early phase of initialization to enhance both available resources and initialization times. Furthermore, early connects in an early phase of initialization may be performed to construct partial or entire device paths, which also potentially results in faster boot times.Type: ApplicationFiled: June 19, 2008Publication date: December 24, 2009Inventors: Vincent J. Zimmer, Michael A. Rothman, Mark S. Doran
-
Publication number: 20090271641Abstract: When transitioning from sleep mode to active mode, a processing system loads first stage resume content and second stage resume content into a volatile memory of the processing system. The first stage resume content may contain contextual data for a first program that was in use before the processing system transitioned to sleep mode. The second stage resume content may contain contextual data for another program that was in use before the processing system transitioned to sleep mode. The processing system may provide a user interface for the first program before all of the second stage resume content has been loaded into the volatile memory. Other embodiments are described and claimed.Type: ApplicationFiled: April 7, 2009Publication date: October 29, 2009Inventors: Michael A. Rothman, Glenn J. Hinton, Mark S. Doran, Vincent J. Zimmer, Michael D. Kinney
-
Patent number: 7543048Abstract: Methods and apparatus for remotely managing a computer are disclosed. For example, a remote management agent is provided for use in a computer having a processor. The example remote management agent includes a communication agent in communication with the controller to contact a server before an operating system is loaded on the computer to obtain an initialization packet from a server and an initialization packet loader in communication with the controller to load the initialization packet in a protected memory area of the computer, before the operating system is loaded. The remote management agent also includes a monitoring agent, not associated with the operating system, in communication with the controller to monitor the computer for a communication from the server and a command line interface agent, also not associated with the operating system and in communication with the controller to interpret and respond to the communication from the server.Type: GrantFiled: November 22, 2002Date of Patent: June 2, 2009Assignee: Intel CorporationInventors: Michael A. Rothman, Vincent J. Zimmer, Mark S. Doran, Andrew J. Fish
-
Patent number: 7523323Abstract: When transitioning from sleep mode to active mode, a processing system loads first stage resume content and second stage resume content into a volatile memory of the processing system. The first stage resume content may contain contextual data for a first program that was in use before the processing system transitioned to sleep mode. The second stage resume content may contain contextual data for another program that was in use before the processing system transitioned to sleep mode. The processing system may provide a user interface for the first program before all of the second stage resume content has been loaded into the volatile memory. Other embodiments are described and claimed.Type: GrantFiled: September 15, 2005Date of Patent: April 21, 2009Assignee: Intel CorporationInventors: Michael A. Rothman, Glenn J. Hinton, Mark S. Doran, Vincent J. Zimmer, Michael D. Kinney