Abstract: An approach is provided that, upon receiving a keyboard event, reduces a volume of an audio input channel from a first volume level to a lower volume level. After the volume of the audio input channel is reduced, the approach waits until a system event occurs, with the system event based at least in part on the occurrence of a nondeterministic event.

Abstract: A system and method for authenticating suspect code includes steps of: receiving the suspect code for a first instance of a trusted platform module; loading the suspect code into a trusted platform module device operatively associated with a processor, wherein the suspect code is loaded outside of a shielded location within the trusted platform module device; retrieving a validation public key from a table and storing it in a register in the trusted platform module device, the validation public key indexed by the suspect code; and retrieving a hash algorithm from the table, the hash algorithm indexed by the suspect code. The hash algorithm is run to derive a first hash value; then, using the validation public key, the second hash value is decrypted to derive a second decrypted hash value. The two hash values are compared; and upon determining a match, the suspect code is loaded into the shielded location of the processor for execution by the processor.

Abstract: A fingerprint reader (FPR) on a computer is illuminated when an operational context of the computer renders the FPR useful for receiving tactile input from a user.

Abstract: An approach is provided that receives a user identifier from a user of the information handling system. The user identifier can include a username as well as a user authentication code, such as a password. Hardware settings that correspond to the user identifier are retrieved from a nonvolatile memory. Hardware devices, such as ports (e.g., USB controller), network interfaces, storage devices, and boot sequences, are configured using the retrieved hardware settings. After the hardware devices have been configured to correspond to the identified user, an operating system is booted.

Abstract: Network bandwidth is allocated to storage access requests as a function of a client system activities. Client system activities that produce network access requests and remote storage access requests are monitored. The network bandwidth allocation between network access requests and storage access requests is modified as a function of the monitored client system activities.

Abstract: A system, method, and program product is provided that updates the firmware on a hybrid drive by reserving a memory area within the hybrid disk drive's nonvolatile memory buffer. The firmware update is then stored in the reserved memory area. The next time the platters of the hybrid disk drive spin up, the firmware update that is stored in the reserved memory area is identified. The identified update is then written to a firmware memory of a firmware that controls the operation of the hybrid drive. In one embodiment, the update is written to the firmware memory by flashing the firmware's memory. After the firmware is updated, the hybrid drive is reset. Resetting of the hybrid drive includes executing the updated firmware.

Abstract: A system and method for authenticating suspect code includes steps of: receiving the suspect code for a first instance of a trusted platform module; loading the suspect code into a trusted platform module device operatively associated with a processor, wherein the suspect code is loaded outside of a shielded location within the trusted platform module device; retrieving a validation public key from a table and storing it in a register in the trusted platform module device, the validation public key indexed by the suspect code; and retrieving a hash algorithm from the table, the hash algorithm indexed by the suspect code. The hash algorithm is run to derive a first hash value; then, using the validation public key, the second hash value is decrypted to derive a second decrypted hash value. The two hash values are compared; and upon determining a match, the suspect code is loaded into the shielded location of the processor for execution by the processor.

Abstract: An end user or IT owner via the use of an application specifies which TPM is to be loaded or which TPM operation is to be invoked given the authenticated presentation of a biometric such as a fingerprint or a token such as a smart card. A secure table stored in the microcontroller made up of TPM hashes and their corresponding endorsement keys is indexed to these authentication records. The microcontroller compares a received biometric or smart card value to the stored values to determine which TPM emulator to load. This architecture uniquely stores individually secured algorithms, and applications that can be bound to the user and the system on which they are running.

Abstract: Aspects for increasing control information from a single general purpose input/output (GPIO) mechanism are described. The aspects include utilizing a single GPIO mechanism with a socket on a computer system. Determinations of whether a first card, a second card, or no card is installed in the socket occur according to detected changes in signal states on a single signal line between the GPIO mechanism and the socket. Detection of a first state on the single signal line indicates presence of a first card in the socket, while detection of a second state on the single signal line indicates presence of a second card in the socket. Detection of a state change on the single signal line indicates no card presence in the socket, where the changes occur in response to signals sent by a POST (power-on self test) routine to the GPIO mechanism.

Abstract: A method and system for booting up a computer system in a secure fashion is disclosed. The method and system comprise determining the presence of a security feature element during an initialization of the computer system wherein the security feature element includes a public key and a corresponding private key, storing a portion of the public key in a nonvolatile memory within the computer system if the security feature element is present and utilizing an algorithm to determine the presence of the security feature element prior to a subsequent boot-up of the computer system. Through the use of the present invention, a computer system is capable of being booted up whereby the computer system determines if a security feature element was previously present in the system. If a security feature element was previously present in the computer system, any stored keys, along with the secrets that they protect, are prevented from being compromised.

Abstract: Aspects for increasing control information from a single general purpose input/output (GPIO) mechanism are described. The aspects include establishing a plurality of voltage levels to indicate a plurality of states for association with installed options on a computer system planar. Further included is the determination of which of the installed options is present via the single GPIO. An analog-to-digital (A/D) converter is also included and converts a voltage level signal indicative of installed options on the computer system planar, while a resistor network is utilized to establish the plurality of voltage levels.

Abstract: A secure write blocking circuit and method of operation thereof. The secure write blocking circuit includes enable and disable block input terminals coupled to a blocking circuit. The blocking circuit, such as a set/reset latch in a preferred embodiment, generates a block signal to prevent write access to a nonvolatile memory device, such as flash memory, in response to signals provided to the enable and disable input terminals. The secure write blocking circuit also includes an interrupt generator, coupled to the disable block input terminal, that generates an interrupt signal in response to a signal at the disable input terminal. In a related embodiment the secure write blocking circuit also includes a logic circuit, coupled to the blocking circuit, that receives the block signal and a write enable signal and in response thereto generates a control signal to a write enable input of the nonvolatile memory device.

Abstract: A secure write blocking circuit and method of operation thereof. The secure write blocking circuit includes enable and disable block input terminals coupled to a blocking circuit. The blocking circuit, such as a set/reset latch in a preferred embodiment, generates a block signal to prevent write access to a nonvolatile memory device, such as flash memory, in response to signals provided to the enable and disable input terminals. The secure write blocking circuit also includes an interrupt generator, coupled to the disable block input terminal, that generates an interrupt signal in response to a signal at the disable input terminal. In a related embodiment the secure write blocking circuit also includes a logic circuit, coupled to the blocking circuit, that receives the block signal and a write enable signal and in response thereto generates a control signal to a write enable input of the nonvolatile memory device.

Abstract: Aspects for increasing control information from a single general purpose input/output (GPIO) mechanism are described. The aspects include establishing a plurality of voltage levels to indicate a plurality of states for association with installed options on a computer system planar. Further included is the determination of which of the installed options is present via the single GPIO.