Patents by Inventor Lee G. Rosenbaum
Lee G. Rosenbaum has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10831934Abstract: An embodiment includes an apparatus comprising: an out-of-band cryptoprocessor coupled to secure non-volatile storage; and at least one storage medium having firmware instructions stored thereon for causing, during runtime and after an operating system for the apparatus has booted, the cryptoprocessor to (a) store a key within the secure non-volatile storage, (b) sign an object with the key, while the key is within the cryptoprocessor, to produce a signature, and (c) verify the signature. Other embodiments are described herein.Type: GrantFiled: September 19, 2017Date of Patent: November 10, 2020Assignee: Intel CorporationInventors: Vincent J. Zimmer, Nicholas J. Adams, Giri P. Mudusuru, Lee G. Rosenbaum, Michael A. Rothman
-
Patent number: 10366237Abstract: In an embodiment, a system on a chip includes: a single core to execute a legacy instruction set, the single core configured to enter a system management mode (SMM) to provide a trusted execution environment to perform at least one secure operation; and a memory controller coupled to the single core, the memory controller to interface with a system memory, where a portion of the system memory comprises a secure memory for the SMM, and the single core is to authenticate and execute a boot firmware, and pass control to the SMM to obtain a key pair from a protected storage and store the key pair in the secure memory. Other embodiments are described and claimed.Type: GrantFiled: February 1, 2017Date of Patent: July 30, 2019Assignee: Intel CorporationInventors: Vincent J. Zimmer, Peter J. Barry, Rajesh Poornachandran, Arjan Van De Ven, Peter A. Dice, Gopinatth Selvaraje, Julien Carreno, Lee G. Rosenbaum
-
Patent number: 10331453Abstract: Various embodiments are generally directed to establishing trust in system management mode. An operating system management mode driver can invoke a system management mode and provide a signature to the system management mode to authenticate the driver with. Additionally, a hash value of the driver can be used to determine whether the driver is authorized to invoke system management mode or particular operations or features of system management mode.Type: GrantFiled: August 21, 2017Date of Patent: June 25, 2019Assignee: INTEL CORPORATIONInventors: Nicholas J. Adams, Vincent J. Zimmer, Lee G. Rosenbaum, Giri P. Mudusuru
-
Publication number: 20180129502Abstract: Various embodiments are generally directed to establishing trust in system management mode. An operating system management mode driver can invoke a system management mode and provide a signature to the system management mode to authenticate the driver with. Additionally, a hash value of the driver can be used to determine whether the driver is authorized to invoke system management mode or particular operations or features of system management mode.Type: ApplicationFiled: August 21, 2017Publication date: May 10, 2018Applicant: INTEL CORPORATIONInventors: NICHOLAS J. ADAMS, VINCENT J. ZIMMER, LEE G. ROSENBAUM, GIRI P. MUDUSURU
-
Publication number: 20180025183Abstract: An embodiment includes an apparatus comprising: an out-of-band cryptoprocessor coupled to secure non-volatile storage; and at least one storage medium having firmware instructions stored thereon for causing, during runtime and after an operating system for the apparatus has booted, the cryptoprocessor to (a) store a key within the secure non-volatile storage, (b) sign an object with the key, while the key is within the cryptoprocessor, to produce a signature, and (c) verify the signature. Other embodiments are described herein.Type: ApplicationFiled: September 19, 2017Publication date: January 25, 2018Inventors: Vincent J. Zimmer, Nicholas J. Adams, Giri P. Mudusuru, Lee G. Rosenbaum, Michael A. Rothman
-
Patent number: 9785801Abstract: An embodiment includes an apparatus comprising: an out-of-band cryptoprocessor coupled to secure non-volatile storage; and at least one storage medium having firmware instructions stored thereon for causing, during runtime and after an operating system for the apparatus has booted, the cryptoprocessor to (a) store a key within the secure non-volatile storage, (b) sign an object with the key, while the key is within the cryptoprocessor, to produce a signature, and (c) verify the signature. Other embodiments are described herein.Type: GrantFiled: June 27, 2014Date of Patent: October 10, 2017Assignee: Intel CorporationInventors: Vincent J. Zimmer, Nicholas J. Adams, Giri P. Mudusuru, Lee G. Rosenbaum, Michael A. Rothman
-
Patent number: 9740492Abstract: Various embodiments are generally directed to establishing trust in system management mode. An operating system management mode driver can invoke a system management mode and provide a signature to the system management mode to authenticate the driver with. Additionally, a hash value of the driver can be used to determine whether the driver is authorized to invoke system management mode or particular operations or features of system management mode.Type: GrantFiled: March 23, 2015Date of Patent: August 22, 2017Assignee: INTEL CORPORATIONInventors: Nicholas J. Adams, Vincent J. Zimmer, Lee G. Rosenbaum, Giri P. Mudusuru
-
Publication number: 20170140153Abstract: In an embodiment, a system on a chip includes: a single core to execute a legacy instruction set, the single core configured to enter a system management mode (SMM) to provide a trusted execution environment to perform at least one secure operation; and a memory controller coupled to the single core, the memory controller to interface with a system memory, where a portion of the system memory comprises a secure memory for the SMM, and the single core is to authenticate and execute a boot firmware, and pass control to the SMM to obtain a key pair from a protected storage and store the key pair in the secure memory. Other embodiments are described and claimed.Type: ApplicationFiled: February 1, 2017Publication date: May 18, 2017Inventors: Vincent J. Zimmer, Peter J. Barry, Rajesh Poornachandran, Arjan Van De Ven, Peter A. Dice, Gopinatth Selvaraje, Julien Carreno, Lee G. Rosenbaum
-
Patent number: 9594927Abstract: In an embodiment, a system on a chip includes: a single core to execute a legacy instruction set, the single core configured to enter a system management mode (SMM) to provide a trusted execution environment to perform at least one secure operation; and a memory controller coupled to the single core, the memory controller to interface with a system memory, where a portion of the system memory comprises a secure memory for the SMM, and the single core is to authenticate and execute a boot firmware, and pass control to the SMM to obtain a key pair from a protected storage and store the key pair in the secure memory. Other embodiments are described and claimed.Type: GrantFiled: September 10, 2014Date of Patent: March 14, 2017Assignee: Intel CorporationInventors: Vincent J. Zimmer, Peter J. Barry, Rajesh Poornachandran, Arjan Van De Ven, Peter A. Dice, Gopinatth Selvaraje, Julien Carreno, Lee G. Rosenbaum
-
Publication number: 20160283238Abstract: Various embodiments are generally directed to establishing trust in system management mode. An operating system management mode driver can invoke a system management mode and provide a signature to the system management mode to authenticate the driver with. Additionally, a hash value of the driver can be used to determine whether the driver is authorized to invoke system management mode or particular operations or features of system management mode.Type: ApplicationFiled: March 23, 2015Publication date: September 29, 2016Inventors: NICHOLAS J. ADAMS, VINCENT J. ZIMMER, LEE G. ROSENBAUM, GIRI P. MUDUSURU
-
Publication number: 20160070932Abstract: In an embodiment, a system on a chip includes: a single core to execute a legacy instruction set, the single core configured to enter a system management mode (SMM) to provide a trusted execution environment to perform at least one secure operation; and a memory controller coupled to the single core, the memory controller to interface with a system memory, where a portion of the system memory comprises a secure memory for the SMM, and the single core is to authenticate and execute a boot firmware, and pass control to the SMM to obtain a key pair from a protected storage and store the key pair in the secure memory. Other embodiments are described and claimed.Type: ApplicationFiled: September 10, 2014Publication date: March 10, 2016Inventors: Vincent J. Zimmer, Peter J. Barry, Rajesh Poornachandran, Arjan Van De Ven, Peter A. Dice, Gopinatth Selvaraje, Julien Carreno, Lee G. Rosenbaum
-
Publication number: 20150379306Abstract: An embodiment includes an apparatus comprising: an out-of-band cryptoprocessor coupled to secure non-volatile storage; and at least one storage medium having firmware instructions stored thereon for causing, during runtime and after an operating system for the apparatus has booted, the cryptoprocessor to (a) store a key within the secure non-volatile storage, (b) sign an object with the key, while the key is within the cryptoprocessor, to produce a signature, and (c) verify the signature. Other embodiments are described herein.Type: ApplicationFiled: June 27, 2014Publication date: December 31, 2015Inventors: Vincent J. Zimmer, Nicholas J. Adams, Giri P. Mudusuru, Lee G. Rosenbaum, Michael A. Rothman
-
Patent number: 7783696Abstract: Service processors within a system are self-clustered. The system can also include an operating system or other software code, a management console, or both. The operating system communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, such as through a memory shared by at least all the service processors. The operating system therefore need not be aware which of the service processors performs a given function. The console communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, through any service processor of the cluster. The console therefore also need not be aware that the service processors have been clustered to perform functionality for the console.Type: GrantFiled: June 29, 2008Date of Patent: August 24, 2010Assignee: International Business Machines CorporationInventors: Brad A. Davis, Henry J. DiVincenzo, Richard A. Lary, Thomas E. Malone, Patrick D. Mason, Lee G. Rosenbaum, Manoj R. Sastry, Pat White
-
Publication number: 20080263129Abstract: Service processors within a system are self-clustered. The system can also include an operating system or other software code, a management console, or both. The operating system communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, such as through a memory shared by at least all the service processors. The operating system therefore need not be aware which of the service processors performs a given function. The console communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, through any service processor of the cluster. The console therefore also need not be aware that the service processors have been clustered to perform functionality for the console.Type: ApplicationFiled: June 29, 2008Publication date: October 23, 2008Inventors: Brad A. Davis, Henry J. DiVincenzo, Richard A. Lary, Thomas E. Malone, Patrick D. Mason, Lee G. Rosenbaum, Manoj R. Sastry, Patrick W. White
-
Patent number: 7433914Abstract: The self-clustering of service processors within a system is disclosed. The system can also include an operating system or other software code, a management console, or both. The operating system communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, such as through a memory shared by at least all the service processors. The operating system therefore need not be aware which of the service processors performs a given function. The console communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, through any service processor of the cluster. The console therefore also need not be aware that the service processors have been clustered to perform functionality for the console.Type: GrantFiled: September 13, 2001Date of Patent: October 7, 2008Assignee: International Business Machines CorporationInventors: Brad A. Davis, Henry J. DiVincenzo, Richard A. Lary, Thomas E. Malone, Patrick D. Mason, Lee G. Rosenbaum, Manoj R. Sastry, Patrick W. White
-
Patent number: 6993566Abstract: The self-clustering of entities within a system is disclosed. The system can also include a host. Each entity self-discovers all the other entities, such that the entities are aggregated as a cluster. The host communicates with the cluster of entities, where the entities are self-clustered or otherwise, such as through a memory shared by all the entities. The host therefore need not be aware which of the entities performs a given function.Type: GrantFiled: September 13, 2001Date of Patent: January 31, 2006Assignee: International Business Machines CorporationInventors: Brad A. Davis, Henry J. DiVincenzo, Richard A. Lary, Thomas E. Malone, Patrick D. Mason, Lee G. Rosenbaum, Manoj R. Sastry, Patrick W. White
-
Publication number: 20030050993Abstract: The self-clustering of entities within a system is disclosed. The system can also include a host. Each entity self-discovers all the other entities, such that the entities are aggregated as a cluster. The host communicates with the cluster of entities, where the entities are self-clustered or otherwise, such as through a memory shared by all the entities. The host therefore need not be aware which of the entities performs a given function.Type: ApplicationFiled: September 13, 2001Publication date: March 13, 2003Applicant: International Business Machines CorporationInventors: Brad A. Davis, Henry J. DiVincenzo, Richard A. Lary, Thomas E. Malone, Patrick D. Mason, Lee G. Rosenbaum, Manoj R. Sastry, Patrick W. White
-
Publication number: 20030050992Abstract: The self-clustering of service processors within a system is disclosed. The system can also include an operating system or other software code, a management console, or both. The operating system communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, such as through a memory shared by at least all the service processors. The operating system therefore need not be aware which of the service processors performs a given function. The console communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, through any service processor of the cluster. The console therefore also need not be aware that the service processors have been clustered to perform functionality for the console.Type: ApplicationFiled: September 13, 2001Publication date: March 13, 2003Applicant: International Business Machines CorporationInventors: Brad A. Davis, Henry J. DiVincenzo, Richard A. Lary, Thomas E. Malone, Patrick D. Mason, Lee G. Rosenbaum, Manoj R. Sastry, Patrick W. White