Abstract: Systems and methods for a network environment for client-side remote access of a server device from a client device may utilize a biometric sensor device of the client device and a pluggable authentication and authorization framework. The biometric sensor device may capture a gesture of a target user. The server device may authenticate the target user based on previously registered encrypted biometric information of the target user utilizing the pluggable authentication and authorization framework and a remote desktop protocol. When the target user has been authenticated, the client device may be authorized to access a service of the server device.

Abstract: Surrogate locational determination may rely on a surrogate device to provide a locational fix. When a device lacks an accurate geo-location system, communication may be established with a nearby surrogate device. The surrogate device is queried for an accurate location, such as that determined by a global positioning system receiver. Because the surrogate device is geographically proximate, the location determined by the global positioning system receiver may serve as a proxy or substitute for the local fix of the device.

Abstract: A display information protection system includes a management system that stores a plurality of display information protection policies and that may provide any of the display information protection policies through a network. An endpoint device is coupled to the management system through the network and stores a display information protection policy that may have been automatically populated or received from the management system. The endpoint device displays a plurality of information and may determine that a first subset of the plurality of information that has been provided for display is defined by the display information protection policy. In response to detecting the first display information protection event and determining that the first subset of a plurality of information is defined by the display information protection policy, the endpoint device obfuscates the display of the first subset of the plurality of information on the endpoint device.

Abstract: A display information protection system includes a management system that stores a plurality of display information protection policies and that may provide any of the display information protection policies through a network. An endpoint device is coupled to the management system through the network and stores a display information protection policy that may have been automatically populated or received from the management system. The endpoint device displays a plurality of information and may determine that a first subset of the plurality of information that has been provided for display is defined by the display information protection policy. In response to detecting the first display information protection event and determining that the first subset of a plurality of information is defined by the display information protection policy, the endpoint device obfuscates the display of the first subset of the plurality of information on the endpoint device.

Abstract: An authentication agent for an information handling system includes a request module, a threshold table, and a comparison module. The request module receives a first request to access a secure resource of the information handling system, determines a first access level associated with the first request, and requests first confidence level information from the information handling system. The threshold table includes a first confidence threshold associated with the first access level. The comparison module compares the first confidence level information with the first confidence threshold. The authentication agent grants access to the secure resource at the first access level when the first confidence level information is greater than the first confidence threshold.

Abstract: An authentication engine for an information handling system includes an event engine that receives authentication information from a plurality of input devices of the information handling system and classifies the authentication information from each input device into a plurality of events, and provides confidence score metadata based upon the authentication information, a confidence module that generates a confidence score based upon the events, and a threshold table that receives the confidence score and determines an authentication state of the information handling system based upon the confidence score.

Abstract: Systems and methods for a network environment for client-side remote access of a server device from a client device may utilize a biometric sensor device of the client device and a pluggable authentication and authorization framework. The biometric sensor device may capture a gesture of a target user. The server device may authenticate the target user based on previously registered encrypted biometric information of the target user utilizing the pluggable authentication and authorization framework and a remote desktop protocol. When the target user has been authenticated, the client device may be authorized to access a service of the server device.

Abstract: A display information protection system includes a management system that stores a plurality of display information protection policies and that may provide any of the display information protection policies through a network. An endpoint device is coupled to the management system through the network and stores a display information protection policy that may have been automatically populated or received from the management system. The endpoint device displays a plurality of information and may determine that a first subset of the plurality of information that has been provided for display is defined by the display information protection policy. In response to detecting the first display information protection event and determining that the first subset of a plurality of information is defined by the display information protection policy, the endpoint device obfuscates the display of the first subset of the plurality of information on the endpoint device.

Abstract: A display information protection system includes a management system that stores a plurality of display information protection policies and that may provide any of the display information protection policies through a network. An endpoint device is coupled to the management system through the network and stores a display information protection policy that may have been automatically populated or received from the management system. The endpoint device displays a plurality of information and may determine that a first subset of the plurality of information that has been provided for display is defined by the display information protection policy. In response to detecting the first display information protection event and determining that the first subset of a plurality of information is defined by the display information protection policy, the endpoint device obfuscates the display of the first subset of the plurality of information on the endpoint device.

Abstract: An information handling system includes a host processing system and an authentication processing system. The authentication processing system authenticates to the host processing system based upon a shared secret. An authentication module of the authentication processing system operates as a master authentication module to establish an authentication area, determine that a first device is a first trusted device of the authentication module, determine that the first device is within the authentication area, authenticate the first device on the authentication area based upon the determination that the first device is within the authentication area, determine that a second device is a second trusted device of the authentication module, determine that the second device is not within the authentication area, and prevent the second device from authenticating on the authentication area based upon the determination that the second device is not within the authentication area.

Abstract: Surrogate locational determination may rely on a surrogate device to provide a locational fix. When a device lacks an accurate geo-location system, communication may be established with a nearby surrogate device. The surrogate device is queried for an accurate location, such as that determined by a global positioning system receiver. Because the surrogate device is geographically proximate, the location determined by the global positioning system receiver may serve as a proxy or substitute for the local fix of the device.

Abstract: An information handling system includes a first processor, a second processor, and a third processor. The first processor requests a single-factor authentication from the second processor. The second processor receives a first authentication factor in response to the single-factor authentication request and requests a multi-factor authentication from the third processor. The third processor receives a second authentication factor in response to the multi-factor authentication request and provides the second authentication factor to the second processor. The second processor further verifies the first authentication factor and the second authentication factor and provides a single-factor authentication reply to the first processor in response to verifying the first authentication factor and the second authentication factor.

Abstract: Systems and methods for providing technical support and exporting diagnostic data. In some embodiments, an Information Handling System (IHS) includes a processor; and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to: identify a video failure in response to executing a Basic I/O System (BIOS)/Unified Extensible Firmware Interface (UEFI) diagnostics routine prior to the booting of a main Operating System (OS), where the video failure renders the IHS incapable of providing a video interface; and in response to the identification, provide an audio interface to a user, where the audio interface enables the user to perform a troubleshooting operation in the absence of the video interface.

Abstract: An information handling system includes a first processor, a second processor, and a third processor. The first processor requests a single-factor authentication from the second processor. The second processor receives a first authentication factor in response to the single-factor authentication request and requests a multi-factor authentication from the third processor. The third processor receives a second authentication factor in response to the multi-factor authentication request and provides the second authentication factor to the second processor. The second processor further verifies the first authentication factor and the second authentication factor and provides a single-factor authentication reply to the first processor in response to verifying the first authentication factor and the second authentication factor.

Abstract: A display information protection system includes a management system that stores a plurality of display information protection policies and that may provide any of the display information protection policies through a network. An endpoint device is coupled to the management system through the network and stores a display information protection policy that may have been automatically populated or received from the management system. The endpoint device displays a plurality of information and may determine that a first subset of the plurality of information that has been provided for display is defined by the display information protection policy. In response to detecting the first display information protection event and determining that the first subset of a plurality of information is defined by the display information protection policy, the endpoint device obfuscates the display of the first subset of the plurality of information on the endpoint device.

Abstract: Systems and methods for providing technical support and exporting diagnostic data. In some embodiments, an Information Handling System (IHS) includes a processor; and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to: identify a video failure in response to executing a Basic I/O System (BIOS)/Unified Extensible Firmware Interface (UEFI) diagnostics routine prior to the booting of a main Operating System (OS), where the video failure renders the IHS incapable of providing a video interface; and in response to the identification, provide an audio interface to a user, where the audio interface enables the user to perform a troubleshooting operation in the absence of the video interface.

Abstract: An information handling system includes a plurality of input devices and an authentication engine. Each input device receives credential information and generates associated authentication information based upon the credential information. The authentication engine receives the authentication information from the plurality of input devices and provides a confidence status based upon the authentication information, wherein the confidence status includes more than two confidence levels, and wherein when a first input device of the plurality of input devices receives first credential information, the authentication engine increases the confidence status from a first confidence level to a second confidence level.

Abstract: An authentication agent for an information handling system includes a request module, a threshold table, and a comparison module. The request module receives a first request to access a secure resource of the information handling system, determines a first access level associated with the first request, and requests first confidence level information from the information handling system. The threshold table includes a first confidence threshold associated with the first access level. The comparison module compares the first confidence level information with the first confidence threshold. The authentication agent grants access to the secure resource at the first access level when the first confidence level information is greater than the first confidence threshold.

Abstract: An information handling system includes a secure resource, an input device that receives an authentication credential from a user and generates authentication information based upon the authentication credential, an authentication engine that receives the authentication information and provides confidence information based upon the authentication information, and an authentication agent that receives the confidence information and grants the user a level access to the secure resource based upon the confidence information.

Abstract: An authentication engine for an information handling system includes an event engine that receives authentication information from a plurality of input devices of the information handling system and classifies the authentication information from each input device into a plurality of events, and provides confidence score metadata based upon the authentication information, a confidence module that generates a confidence score based upon the events, and a threshold table that receives the confidence score and determines an authentication state of the information handling system based upon the confidence score.