Abstract: A hardware enablement apparatus includes a processor, and a communications interface configured for writing license data to one or more data registers and for using the license data to selectively enable, under control of the processor, hardware features associated with the data registers, at least one of the data registers being implemented in non-volatile memory.

Abstract: Using a cryptographic co-processor in a computing system to encode data parameters determined during initialization, or during operation, or determined from machine specific values or states to bind data optionally to a specific machine, a specific cryptographic co-processor, or a specific operating environment machine state.

Abstract: A method of enforcing software license protection in a computer system comprising; morphing the data prior to distribution, resulting in morphed data; wherein morphing of data is accomplished by applying a reversible morphing algorithm to modify data, wherein said reversible morphing algorithm is uniquely seeded and/or controlled with control information.

Abstract: A method of protecting data in a computer system against attack from viruses and worms comprising; modifying micro-code of a processor of system to be protected to remove homogeneity between processors from a manufacturer; modifying op-codes of an application to match modified micro-code of the processor prior to execution.

Abstract: Embodiments of a tamper-evident connector are disclosed which may optionally be used in a trusted computing environment. In an exemplary embodiment, a tamper-evident connection includes a mate-once engaging assembly for providing with a first component, the mate-once engaging assembly including a foldable portion. The tamper-evident connection also includes a receiving chamber for providing with a second component, the mate-once engaging assembly fitting in the receiving chamber to physically secure the first component to the second component, the foldable portion of the mate-once engaging assembly unfolding during removal of the mate-once engaging assembly from the receiving chamber to provide evidence of tampering when the first component has been removed from the second component. Optionally, the first component is a Trusted Platform Module (TPM) and the second component is a system board.

Abstract: One embodiment is a computer system having firmware that shares a secret with a cryptographic co-processor to determine if the cryptographic co-processor has been tampered with or removed from the computer system.

Abstract: Using a cryptographic co-processor (220) in a computing system (202) to encode data (351-353) using parameters (361-363) determined during initialization, or during operation, or determined from machine specific values (301-323) or states to bind data optionally to a specific machine (301-303), a specific cryptographic co-processor (311-313), or a specific operating environment (321-323) or machine state.

Abstract: Method, and apparatus for operating a power feed in a computing system. One exemplary embodiment includes monitoring the power feed to ensure the power level of the entire system never remains above a first power level and only remains above a second power level for a period of time determined by a timer level.

Abstract: Embodiments of a tamper-evident connector are disclosed which may optionally be used in a trusted computing environment. In an exemplary embodiment, a tamper-evident connection includes a mate-once engaging assembly for providing with a first component, the mate-once engaging assembly including a foldable portion. The tamper-evident connection also includes a receiving chamber for providing with a second component, the mate-once engaging assembly fitting in the receiving chamber to physically secure the first component to the second component, the foldable portion of the mate-once engaging assembly unfolding during removal of the mate-once engaging assembly from the receiving chamber to provide evidence of tampering when the first component has been removed from the second component. Optionally, the first component is a Trusted Platform Module (TPM) and the second component is a system board.

Abstract: The specification discloses a system and related method for tracking access to digital information that involves combining biometric information of a person seeking access with the digital information and a digital signature. Each person who accesses the digital information has their biometric and digital signatures combined in this manner. Thus, the digital information itself reflects who has accessed the information. Where the digital information is a video, the combining of the biometric and digital signatures is done on a frame-by-frame basis.

Abstract: A file system technique extends the life cycle of limited read/write media. Rewrite cycles of each file and/or each region of the media may be tracked. Different regions of the media are classified as static and dynamic based on their respective number of rewrite cycles. Static files are migrated to the more worn out or dynamic regions of the media, and dynamic files are integrated to the less worn out or static regions of the media. The file system is further sensitized by allocating a new file to an available region after a most recently used region. Where multiple versions of a data region exist, the file system marks a version of the data region as unstable after a certain number of rewrite cycles to the version and directs rewrite cycles to a subsequent version of the data region.

Abstract: A method of enforcing software license protection in a computer system comprising; morphing the data prior to distribution, resulting in morphed data; wherein morphing of data is accomplished by applying a reversible morphing algorithm to modify data, wherein said reversible morphing algorithm is uniquely seeded and/or controlled with control information.

Abstract: Methods, systems, and apparatus for a one button disconnect of USB devices. One exemplary embodiment includes a method for safely disconnecting a peripheral device removably connected to a computing system. The method includes signaling an Operating System, through a peripheral communication bus, that peripheral device disconnection is desired; quiescing device driver activities; and disconnecting the signaling device from the computer system.

Abstract: A method of protecting data in a computer system against attack from viruses and worms comprising; storing morphed data in system memory; de-morphing data as it is being transferred to cache memory, resulting in de-morphed data.

Abstract: A method of protecting data in a computer system against attack from viruses and worms comprising; modifying micro-code of a processor of system to be protected to remove homogeneity between processors from a manufacturer; modifying op-codes of an application to match modified micro-code of the processor prior to execution.

Abstract: Method, and apparatus for operating a power feed in a computing system. One exemplary embodiment includes monitoring the power feed to ensure the power level of the entire system never remains above a first power level and only remains above a second power level for a period of time determined by a timer level.

Abstract: The disclosed embodiments relate to method and apparatus for providing computer security system. The method may include calculating a hash value of an operation at an administrative system. The signed hash of the operation may be created in the administrative system. The signed hash may be received at the managed system. The managed system may validate the signed hash by using a stored reference hash. Upon determining if the signed hash is valid, the managed system may execute the operation that corresponds to the signed hash.

Abstract: A computer system includes various security measures to insure that semi-permanent operating programs, such a boot blocks and firmware, are updated properly. For example, the system may include a security switch that can enable a host computer to load a replacement program into another computer, such as an appliance server for example, if the other computer fails. Also, if a replacement program is being loaded over a network connection that fails, the loading can resume automatically after re-establishment of the network connection. In addition, certain programs, such as boot blocks, may be verified in an execution memory, such as RAM, and loaded into a more permanent storage memory, such as ROM, only if verified.

Abstract: A method and apparatus for providing security for a computer system, which includes generating a request for a file. The request is received at a dedicated security processor, where the dedicated security processor may access the file to validate the requested file. Upon determining that the requested file is valid, the dedicated security processor may provide the requested file to another processor.

Abstract: A technique is provided for emulating sound of a remote computer system, such as a server, on another computer system interfacing with the remote computer system via a network. The technique emulates sound of the remote computer system by using a standard audio format or by copying audio settings of the remote computer system to the interfacing computer system. For example, the input/output addresses, sound tables, and register settings of audio circuitry for the remote computer system may be detected, copied, transferred, and used by audio circuitry for the interfacing computer system.