Patents by Inventor Andrew H. Gafken
Andrew H. Gafken has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20160283721Abstract: Embodiments of techniques and systems for out-of-band verification of host OS components are described. In embodiments, a out-of-band host OS boot sequence verification system (“BSVS”) may access system memory without detection by a host OS process, or “out of band.” The BSVS may access host OS components in the system memory and may generate signatures from memory footprints of the host OS components. These signatures may then be compared to trusted signatures to verify integrity of the host OS components. In embodiments, this verification may be performed during a boot of a host OS or on demand. In embodiments, the trusted signatures may be pre-stored by the BSVS before a boot; in some embodiments, the trusted signatures may be previously-computed and then stored by the BSVS. Other embodiments may be described and claimed.Type: ApplicationFiled: June 10, 2016Publication date: September 29, 2016Inventors: Daniel Nemiroff, Paul J. Thadikaran, Andrew H. Gafken, Purushottam Goel, Nicholas D. Triantafillou, Paritosh Saxena, Debra Cablao
-
Patent number: 9367328Abstract: Embodiments of techniques and systems for out-of-band verification of host OS components are described. In embodiments, a out-of-band host OS boot sequence verification system (“BSVS”) may access system memory without detection by a host OS process, or “out of band.” The BSVS may access host OS components in the system memory and may generate signatures from memory footprints of the host OS components. These signatures may then be compared to trusted signatures to verify integrity of the host OS components. In embodiments, this verification may be performed during a boot of a host OS or on demand. In embodiments, the trusted signatures may be pre-stored by the BSVS before a boot; in some embodiments, the trusted signatures may be previously-computed and then stored by the BSVS. Other embodiments may be described and claimed.Type: GrantFiled: June 28, 2012Date of Patent: June 14, 2016Assignee: Intel CorporationInventors: Daniel Nemiroff, Paul J. Thadikaran, Andrew H. Gafken, Purushottam Goel, Nicholas D. Triantafillou, Paritosh Saxena, Debra Cablao
-
Patent number: 9158916Abstract: An embodiment may include a storage processor that may be comprised, at least in part, in a host. The host may include at least one host central processing unit (CPU) to execute at least one host operating system (OS). The storage processor may execute at least one operation in isolation from interference from and control by the at least one host CPU and the at least one host OS. The at least one operation may facilitate, at least in part: (1) prevention, at least in part, of unauthorized access to storage, (2) prevention, at least in part, of execution by the at least one host CPU of at least one unauthorized instruction, (3) detection, at least in part, of the at least one unauthorized instruction, and/or (4) remediation, at least in part, of at least one condition associated, at least in part, with the at least unauthorized instruction.Type: GrantFiled: October 17, 2012Date of Patent: October 13, 2015Assignee: Intel CorporationInventors: Daniel Nemiroff, Paul J. Thadikaran, Paritosh Saxena, Nicholas D. Triantafillou, Andrew H. Gafken
-
Publication number: 20140109170Abstract: An embodiment may include a storage processor that may be comprised, at least in part, in a host. The host may include at least one host central processing unit (CPU) to execute at least one host operating system (OS). The storage processor may execute at least one operation in isolation from interference from and control by the at least one host CPU and the at least one host OS. The at least one operation may facilitate, at least in part: (1) prevention, at least in part, of unauthorized access to storage, (2) prevention, at least in part, of execution by the at least one host CPU of at least one unauthorized instruction, (3) detection, at least in part, of the at least one unauthorized instruction, and/or (4) remediation, at least in part, of at least one condition associated, at least in part, with the at least unauthorized instruction.Type: ApplicationFiled: October 17, 2012Publication date: April 17, 2014Inventors: Daniel Nemiroff, Paul J. Thadikaran, Paritosh Saxena, Nicholas D. Triantafillou, Andrew H. Gafken
-
Publication number: 20140006760Abstract: Embodiments of techniques and systems for out-of-band verification of host OS components are described. In embodiments, a out-of-band host OS boot sequence verification system (“BSVS”) may access system memory without detection by a host OS process, or “out of band.” The BSVS may access host OS components in the system memory and may generate signatures from memory footprints of the host OS components. These signatures may then be compared to trusted signatures to verify integrity of the host OS components. In embodiments, this verification may be performed during a boot of a host OS or on demand. In embodiments, the trusted signatures may be pre-stored by the BSVS before a boot; in some embodiments, the trusted signatures may be previously-computed and then stored by the BSVS. Other embodiments may be described and claimed.Type: ApplicationFiled: June 28, 2012Publication date: January 2, 2014Inventors: Daniel Nemiroff, Paul J. Thadikaran, Andrew H. Gafken, Purushottam Goel, Nicholas D. Triantafillou, Paritosh Saxena, Debra Cablao
-
Patent number: 7765409Abstract: A modular BIOS update mechanism provides a standardized method to update options ROMs and to provide video and processor microcode upgrades in a computer system without requiring a complete replacement of the system BIOS. The MBU mechanism provides several advantages. First, new features and BIOS bugs from earlier release may be delivered to an installed base of end-user systems even if direct OEM support cannot be identified. Also, BIOS components may be provided as a validated set of revisions. With resort to a validation matrix, BIOS updates may be managed easily. The modular BIOS update is particularly useful in systems having several independent BIOS's stored within unitary firmware.Type: GrantFiled: April 27, 2007Date of Patent: July 27, 2010Assignee: Intel CorporationInventors: Andrew H. Gafken, Todd D. Wilson, Tom Dodson, John V. Lovelace
-
Patent number: 7376870Abstract: Embodiments include monitoring a computing system to determine whether firmware of the computing system is corrupted, hung up, or requires automatic update. The computing system may then request firmware update data over a network. Moreover, the computing system may include a controller with capability to determine whether the firmware is corrupted or hung and request and receive firmware update data over a network. In addition, the controller may have the capability operate when the firmware is corrupted or hung up, if the processor is held up, and if the operating system is halted, hung up, or soft-off. In addition, if the controller detects that the firmware is corrupted or hung up, the controller may halt the processor while updating the firmware.Type: GrantFiled: September 30, 2004Date of Patent: May 20, 2008Assignee: Intel CorporationInventors: Mukesh Kataria, Andrew H. Gafken, William A. Stevens
-
Patent number: 7213152Abstract: A modular BIOS update mechanism provides a standardized method to update options ROMs and to provide video and processor microcode upgrades in a computer system without requiring a complete replacement of the system BIOS. The MBU mechanism provides several advantages. First, new features and BIOS bugs from earlier release may be delivered to an installed base of end-user systems even if direct OEM support cannot be identified. Also, BIOS components may be provided as a validated set of revisions. With resort to a validation matrix, BIOS updates may be managed easily. The modular BIOS update is particularly useful in systems having several independent BIOS's stored within unitary firmware.Type: GrantFiled: February 14, 2000Date of Patent: May 1, 2007Assignee: Intel CorporationInventors: Andrew H. Gafken, Todd D. Wilson, Thomas Dodson, John V. Lovelace
-
Patent number: 7174416Abstract: Methods of allocating, writing, reading, de-allocating, re-allocating, and reclaiming space within a nonvolatile memory having a bifurcated storage architecture are described. A method of reliably re-allocating a first object includes the step of storing a location of a first object in a first data structure. A location of the first data structure is stored in a second data structure. A duplicate of the first object is formed by initiating a copy of the first object. An erase of the first object is initiated. A write of a second object to the location of the first object is then initiated. The duplicate object is invalidated. The status of copying, erasing, and writing is tracked. The copy status, erase status, write status, and a restoration status are used to determine a recovery state upon initialization of the nonvolatile memory. The duplicate object is invalidated, if the writing status indicates that the writing of the second object has been completed.Type: GrantFiled: September 2, 2003Date of Patent: February 6, 2007Assignee: Intel CorporationInventors: Robert N. Hasbun, David A. Edwards, Andrew H. Gafken, Christopher J. Spiegel
-
Patent number: 6836853Abstract: A value for a first counter is maintained. A value for a second counter based on a content of a non-volatile memory is maintained. Updates to the value for the first counter and to the value for the second counter are controlled.Type: GrantFiled: December 31, 1999Date of Patent: December 28, 2004Assignee: Intel CorporationInventors: Lance W. Dover, Andrew H. Gafken
-
Patent number: 6711675Abstract: A protected boot sequence in a computer system. A reset vector directs the system to a boot program including a protected program. This protected program verifies the integrity of the BIOS contents before branching to the BIOS for execution of normal bootstrap functions. The protected program can also lock down various blocks of bootstrap code to prevent them from being changed after a certain point in the boot sequence. The protected boot sequence can proceed in layers, with each layer providing some level of validation or security for succeeding layers.Type: GrantFiled: February 11, 2000Date of Patent: March 23, 2004Assignee: Intel CorporationInventors: Christopher J. Spiegel, Andrew H. Gafken, Robert P. Hale, William A. Stevens, Jr.
-
Publication number: 20040044837Abstract: Methods of allocating, writing, reading, de-allocating, re-allocating, and reclaiming space within a nonvolatile memory having a bifurcated storage architecture are described. A method of reliably re-allocating a first object includes the step of storing a location of a first object in a first data structure. A location of the first data structure is stored in a second data structure. A duplicate of the first object is formed by initiating a copy of the first object. An erase of the first object is initiated. A write of a second object to the location of the first object is then initiated. The duplicate object is invalidated. The status of copying, erasing, and writing is tracked. The copy status, erase status, write status, and a restoration status are used to determine a recovery state upon initialization of the nonvolatile memory. The duplicate object is invalidated, if the writing status indicates that the writing of the second object has been completed.Type: ApplicationFiled: September 2, 2003Publication date: March 4, 2004Inventors: Robert N. Hasbun, David A. Edwards, Andrew H. Gafken, Christopher J. Spiegel
-
Patent number: 6622200Abstract: Methods of allocating, writing, reading, de-allocating, re-allocating, and reclaiming space within a nonvolatile memory having a bifurcated storage architecture are described. A method of reliably re-allocating a first object includes the step of storing a location of a first object in a first data structure. A location of the first data structure is stored in a second data structure. A duplicate of the first object is formed by initiating a copy of the first object. An erase of the first object is initiated. A write of a second object to the location of the first object is then initiated. The duplicate object is invalidated. The status of copying, erasing, and writing is tracked. The copy status, erase status, write status, and a restoration status are used to determine a recovery state upon initialization of the nonvolatile memory. The duplicate object is invalidated, if the writing status indicates that the writing of the second object has been completed.Type: GrantFiled: September 6, 2000Date of Patent: September 16, 2003Assignee: Intel CorporationInventors: Robert N. Hasbun, David A. Edwards, Andrew H. Gafken, Christopher J. Spiegel
-
Patent number: 6311290Abstract: Methods of reliably allocating, writing, reading, de-allocating, re-allocating, and reclaiming space within a nonvolatile memory having a bifurcated storage architecture are described. Allocation, writing, reading, de-allocating, re-allocating, and reclamation are handled by a memory manager. The memory manager tracks the progress of each process during execution in order to detect whether a selected process was interrupted for purposes of recovery. The nonvolatile memory is recovered to a known state during initialization. Initialization includes the step of determining a recovery state from a recovery state lookup table. A selected recovery process is selected in accordance with the recovery state lookup table. A restart level for the selected process is determined from a corresponding restart state lookup table. The selected process is then restarted at the restart level.Type: GrantFiled: April 3, 1998Date of Patent: October 30, 2001Assignee: Intel CorporationInventors: Robert N. Hasbun, David A. Edwards, Andrew H. Gafken, Christopher J. Spiegel
-
Patent number: 6182188Abstract: Methods of allocating, writing, reading, de-allocating, re-allocating, and reclaiming space within a nonvolatile memory having a bifurcated storage architecture are described. A method of reliably re-allocating a first object includes the step of storing a location of a first object in a first data structure. A location of the first data structure is stored in a second data structure. A duplicate of the first object is formed by initiating a copy of the first object. An erase of the first object is initiated. A write of a second object to the location of the first object is then initiated. The duplicate object is invalidated. The status of copying, erasing, and writing is tracked. The copy status, erase status, write status, and a restoration status are used to determine a recovery state upon initialization of the nonvolatile memory. The duplicate object is invalidated , if the writing status indicates that the writing of the second object has been completed.Type: GrantFiled: April 6, 1997Date of Patent: January 30, 2001Assignee: Intel CorporationInventors: Robert N. Hasbun, David A. Edwards, Andrew H. Gafken, Christopher J. Spiegel
-
Patent number: 6157970Abstract: A system including a host coupled to a memory device and a peripheral controller device. The host is coupled to the peripheral controller device via a bus having a plurality of general purpose signal lines to carry time-multiplexed address, data, and control information. The peripheral controller device performs direct memory access (DMA) transactions with the memory device via the host and the bus.Type: GrantFiled: September 24, 1997Date of Patent: December 5, 2000Assignee: Intel CorporationInventors: Andrew H. Gafken, Joseph A. Bennett, David I. Poisner
-
Patent number: 6151654Abstract: A method and apparatus which may be used for direct memory access (DMA) acknowledges. A method of acknowledging a request for access to a bus from a bus agent access involves receiving a request for access to the bus and generating a request acknowledge signal. The request acknowledge is generated on a multiplexed bus in response to the request for access to the bus.Type: GrantFiled: December 24, 1997Date of Patent: November 21, 2000Assignee: Intel CorporationInventors: David I. Poisner, Joseph A. Bennett, Andrew H. Gafken
-
Patent number: 6131127Abstract: A system having a bus coupled to a host and a peripheral controller device each coupled to a bus. The bus includes a plurality of general purpose signal lines to carry time-multiplexed address, data, and control information. The peripheral controller device communicates with the host over the bus to control devices such as parallel port controllers, serial port controllers, super I/O controllers, floppy disk controllers, keyboard controllers and memory devices.Type: GrantFiled: September 24, 1997Date of Patent: October 10, 2000Assignee: Intel CorporationInventors: Andrew H. Gafken, Joseph A. Bennett, David I. Poisner
-
Patent number: 6119189Abstract: A system including a host, a peripheral controller device, and a bus master device each coupled to a bus having a plurality of general purpose signal lines for carrying time-multiplexed address, data, and control information. The bus master device communicates with the host and the peripheral controller device via the bus.Type: GrantFiled: September 24, 1997Date of Patent: September 12, 2000Assignee: Intel CorporationInventors: Andrew H. Gafken, Joseph A. Bennett, David I. Poisner
-
Patent number: 6026016Abstract: A memory device. The memory device includes a nonvolatile memory array including a first block of memory cells. A first volatile protection bit coupled to the first block is programmable to prevent a memory access operation directed to the first block from being performed.Type: GrantFiled: May 11, 1998Date of Patent: February 15, 2000Assignee: Intel CorporationInventor: Andrew H. Gafken