Abstract: A system, method, and computer-readable medium are disclosed for managing a system's entitlement to digital assets when the system's components are replaced. A unique system identifier, comprising the unique identifiers of predetermined system components, is associated with digital assets data to generate digital assets entitlement data, which in turn entitles the system to process the digital assets data. The digital assets entitlement is perpetuated when a first unique system component identifier is replaced with a second unique system component identifier.

Abstract: Option ROM updates are performed in a secure manner with centralized control through system initialization firmware, such as the system BIOS. An option ROM updater manages copying an option ROM update to an auxiliary subsystem if an update bit is set, such as by a secure system management interface with the BIOS. Upon detection of an update bit, the option ROM updater unlocks a write protect at the auxiliary subsystem firmware and copies an option ROM update to the auxiliary subsystem to update the option ROM. After completing the option ROM update, the option ROM updater locks write protection of the option ROM to maintain system security.

Abstract: Option ROM updates are performed in a secure manner with centralized control through system initialization firmware, such as the system BIOS. An option ROM updater manages copying an option ROM update to an auxiliary subsystem if an update bit is set, such as by a secure system management interface with the BIOS. Upon detection of an update bit, the option ROM updater unlocks a write protect at the auxiliary subsystem firmware and copies an option ROM update to the auxiliary subsystem to update the option ROM. After completing the option ROM update, the option ROM updater locks write protection of the option ROM to maintain system security.

Abstract: A system and method are provided which substantially reduce the disadvantages and problems associated with previous methods and systems for generating an OTP at an information handling system. An OTP is generated at an information handling system hardware or firmware layer upon detection of a predetermined input trigger, such as a key combination. The OTP is provided for authentication independent of an operating system or applications running on the information handling system.

Abstract: A system, method, and computer-readable medium are disclosed for managing a system's entitlement to digital assets when the system's components are replaced. A unique system identifier, comprising the unique identifiers of predetermined system components, is associated with digital assets data to generate digital assets entitlement data, which in turn entitles the system to process the digital assets data. The digital assets entitlement is perpetuated when a first unique system component identifier is replaced with a second unique system component identifier.

Abstract: An information handling system includes a processor, an authentication detection module, a user input device, and encoding module, and a buffer. The authentication detection module determines whether the information handling system is operating in an authenticated network communication session, The user input device receives user input data from a user, and the encoding module receives the user input data from the user input device and encodes the received user input data into a suitable format. The buffer logs the encoded user input data for later retrieval if the authentication detection module determines that the information handling system is not operating in an authenticated network communication session.

Abstract: A system and method are provided which substantially reduce the disadvantages and problems associated with previous methods and systems for generating an OTP at an information handling system. An OTP is generated at an information handling system hardware or firmware layer upon detection of a predetermined input trigger, such as a key combination. The OTP is provided for authentication independent of an operating system or applications running on the information handling system.

Abstract: A method supports secure input/output (I/O) communications between an I/O device and a data processing system via a keyboard, video, and mouse (KVM) switch. An example embodiment includes the operations of establishing a first secure communication channel between the KVM switch and the I/O device and establishing a second secure communication channel between the KVM switch and the data processing system. In addition, I/O data may be received at the KVM switch from the I/O device via the first secure communication channel. In response to receipt of the I/O data from the I/O device, the I/O data may be transmitted from the KVM switch to the data processing system via the second secure communication channel. Embodiments may also include support for non-secure channels between the KVM switch and non-secured I/O devices, non-secured data processing systems, or both.

Abstract: The midplane of a modular information handling system includes a sharable PCI Express switch that is serially connect with each associated modular information handling system component and a network communication device. The shareable PCI Express switch acts to receive PCI Express packets from associated information handling system components, with each packet including a Transaction ID field. The shareable PCI Express switch assigns a context value that identifies a particular modular information handling system component within the Transaction ID field of each PCI Express packet received from the connected modular information handling system component.

Abstract: A system and method for hardware partitioning of an information handling system. The partitioning is through the CPU, memory, and I/O systems. This is accomplished by providing multiple contexts for each I/O device (one for each partition), and by using the transaction ID field of the PCI Express bus packet header to map an I/O device to a context.

Abstract: A system and method for securing access to memory modules includes a memory module, a virtual memory module, a boot module, and a gatekeeper. The boot module accepts a key and requests for the memory module and provides the requests and the key to the virtual memory module. The virtual memory module is externally accessible by the boot module and accepts the provided key and the requests from the boot module and transmits the requests and the provided key from the boot module to the gatekeeper. The gatekeeper regulates access to the memory module allowing no other components to directly access the memory module. The gatekeeper receives the provided key from the virtual memory module and the gatekeeper authenticates the provided key by comparing it with a stored key stored in secure location. Upon proper authentication of the provided key, the gatekeeper executes the request in the memory module.