Patents by Inventor Michael F. Angelo

Michael F. Angelo has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 6116509
    Abstract: The read head portion of a chip card reader is compactly mounted on the rear side of a front device bay faceplate in a computer in a manner permitting a peripheral device, representatively a hard disk drive, to be mounted in the device bay immediately behind the read head. To permit this installation of both the card read head and the peripheral device at the same computer drive bay, the read head is installed on the rear side of the faceplate at an acute angle relative thereto, with the card entry opening in the read head being aligned with a card insertion slot formed in the faceplate and being inclined at the read head installation angle. The electronics associated with the read head are also compactly mounted on the rear side of the faceplate. The angling of the read head relative to the device bay faceplate substantially reduces the rearward projection thereof toward the associated drive bay to an extent permitting the read head to be disposed entirely forwardly of the disk drive within the drive bay.
    Type: Grant
    Filed: July 14, 1998
    Date of Patent: September 12, 2000
    Assignee: Compaq Computer Corporation
    Inventors: Michael F. Angelo, Andrew Brown
  • Patent number: 6085299
    Abstract: A secure start-up system for a computer enables a flash memory to be reset in a secured way. Various operations are carried out to make sure that the reset is an authorized one, and to avoid unauthorized, e.g. virus, infiltration. These operations include multiple tests to avoid the probability of the reset being unauthorized. Any one or more than one of the following can be used. Flashing is only authorized when a special flash enable bit is set in the non-volatile memory. This flash enable bit is reset during every startup cycle. Flashing is only authorized from a cold boot as opposed from a warm boot. This minimizes the possibility of a computer routine authorizing flashing by a software reset. Flashing is only authorized from a floppy. This prevents a virus from writing the flashing routine to the boot sector of a non-removable disc. The user is warned prior to flashing, and asked to confirm.
    Type: Grant
    Filed: November 19, 1997
    Date of Patent: July 4, 2000
    Assignee: Compaq Computer Corporation
    Inventors: Michael F. Angelo, Craig A. Miller, David R. Wooten
  • Patent number: 6061794
    Abstract: A system and method for performing secure peer-to-peer device communications on an I/O bus, such as a PCI bus, a Fiber Channel bus, an IEEE, 1394 bus or a Universal Serial Bus. The system includes a plurality of intelligent I/O devices, such as intelligent storage devices and/or controllers, communications devices, video devices and audio devices. The I/O devices perform peer-to-peer message and data transfers, thereby bypassing the operating system running on the computer's CPU. The intelligent I/O devices encrypt messages and data before transmitting them on the I/O bus and conversely decrypt the messages and data upon reception. The encryption provides secrecy and/or authentication of the sender. The devices use keys or passwords to encrypt/decrypt the data. The keys are stored in non-volatile memory in the devices and are distributed to the devices by the system BIOS at initialization time.
    Type: Grant
    Filed: September 30, 1997
    Date of Patent: May 9, 2000
    Assignee: Compaq Computer Corp.
    Inventors: Michael F. Angelo, Sompong P. Olarig, David R. Wooten, Dan J. Driscoll
  • Patent number: 6057965
    Abstract: An improved system for scanning images is provided. The system includes a housing having a transparent support surface on which the document or other image being scanned is placed. The housing further contains an array of generally triangular-shaped prisms optically aligned. The array of prisms is coated with one of two types of electro-optical materials, one that makes the prisms reflective in the presence of an electromagnetic field and transparent in the absence of an electromagnetic field, and another that makes the prisms reflective in the absence of an electromagnetic field and transparent in the presence of an electromagnetic field. The electromagnetic field is created by applying a voltage across the coated prisms. A sequencer is used to activate individual electro-optical prisms so that the slices of the image can be reflected. By sequentially activating the electro-optical prisms, successive slices of the image can be presented to an image receptor disposed outside of the housing.
    Type: Grant
    Filed: October 6, 1999
    Date of Patent: May 2, 2000
    Assignee: Compaq Computer Corporation
    Inventors: Michael F. Angelo, William Whiteman, Ramkrishna Prakash
  • Patent number: 6032257
    Abstract: A method of theft protection for computers and computer related hardware. Warranty fraud, theft of proprietary technology, and hardware theft are minimized by encoding the hardware components such that a digitally authenticated handshake must be performed between the system and the component at power-up. If the handshake is successful, normal operation continues with all enhancements. If the handshake is unsuccessful, the device is disabled or shifted into a lower performance mode.
    Type: Grant
    Filed: August 29, 1997
    Date of Patent: February 29, 2000
    Assignee: Compaq Computer Corporation
    Inventors: Sompong P. Olarig, Michael F. Angelo, Kenneth A. Jansen
  • Patent number: 6009524
    Abstract: An improved system and method for FLASH BIOS upgrades which is particularly useful in network hubs. Each hub or node which is equipped with a FLASH memory is also equipped with a validation system, which ensures that a received FLASH upgrade is authorized and uncorrupted. Each set of instructions to be flashed is marked both with a vendor authorization digital signature and also a system administrator authorization digital signature, and BOTH digital signatures must be recognized by the validation system before the FLASH memory will be upgraded. Because digital signatures are used for security purposes, flash upgrades can be performed from any location on the network, and are not limited to an administrative node.
    Type: Grant
    Filed: August 29, 1997
    Date of Patent: December 28, 1999
    Assignee: Compact Computer Corp
    Inventors: Sompong P. Olarig, Michael F. Angelo
  • Patent number: 6003144
    Abstract: A computer system having a CPU, a disk array system accessible by the CPU, and a disk array controller that includes error detection and connection logic. The disk array controller includes a processor and a memory system connected to signal lines carrying data bits, address bits, and check bits. An error detection and correction device is connected to detect and correct N-bit errors in the data bits using the check bits, N being greater than two. An error in the address bits is detected using the same check bits. The data bits are organized as multiple bytes, and the error detection and correction device is connected to detect and correct up to eight-bit errors in each byte and to detect a single-bit error or a two-adjacent-bit error in the address bits.
    Type: Grant
    Filed: June 30, 1997
    Date of Patent: December 14, 1999
    Assignee: Compaq Computer Corporation
    Inventors: Sompong P. Olarig, Michael F. Angelo
  • Patent number: 5974250
    Abstract: A computer network system having a plurality of nodes, one of which is adapted as an administrator node, the administrator node for securely receiving code information from a code provider disposed external to the network system and for securely sending the code information to at least one of the nodes.
    Type: Grant
    Filed: December 13, 1996
    Date of Patent: October 26, 1999
    Assignee: Compaq Computer Corp.
    Inventors: Michael F. Angelo, Sompong P. Olarig
  • Patent number: 5960084
    Abstract: A method for enabling power to all or portions of a computer system based upon the results of a two-piece user verification process that is completed as part of a secure power-up procedure. At some point during the secure power-up procedure, the computer user provides an external token or smart card that is coupled to the computer through specialized hardware. The token or smart card is used to store an encryption algorithm furnished with an encryption key that is unique or of limited production. The computer user is then required to enter a plain text user password. Once entered, the user password is encrypted using the encryption algorithm contained in the external token to create a system password. The system password is compared to a value stored in secure memory. If the two values match, the power-on sequence is completed and power to the computer system and/or secured computer resources is enabled.
    Type: Grant
    Filed: December 13, 1996
    Date of Patent: September 28, 1999
    Assignee: Compaq Computer Corporation
    Inventor: Michael F. Angelo
  • Patent number: 5953422
    Abstract: A computer system incorporating a two-piece authentication procedure for securely providing user authentication over a network. In the disclosed embodiment of the invention, a user password is entered during a secure power-up procedure. The user password is encrypted by an external token or smart card that stores an encryption algorithm furnished with an encryption key that is unique or of limited production. A network password is thereby created. The network password is maintained in a secure memory space such as System Management Mode (SMM) memory. The network password is then encrypted and communicated over the network. The network password may be encrypted using the server's public key or another key that is known to the server. Optional node identification information is appended to the network password prior to communication over the network. Once received by the server, the encrypted network password is decrypted using the server's private key.
    Type: Grant
    Filed: December 31, 1996
    Date of Patent: September 14, 1999
    Assignee: Compaq Computer Corporation
    Inventors: Michael F. Angelo, Sompong P. Olarig
  • Patent number: 5949882
    Abstract: A method for permitting access to secured computer resources based upon a two-piece user verification process. In one embodiment of the invention, the user verification process is carried out during a secure power-up procedure. At some point during the secure power-up procedure, the computer user is required to provide an external token or smart card that is coupled to the computer through specialized hardware. The token or smart card is used to store an encryption algorithm furnished with an encryption key that is unique or of limited production. The computer user is then required to enter a plain text user password. Once entered, the user password is encrypted using the encryption algorithm contained in the external token to create a peripheral password. The peripheral password is compared to a value stored in either secure system memory or in memory contained within a secured resource itself. If the two values match, access to the secured resource is permitted.
    Type: Grant
    Filed: December 13, 1996
    Date of Patent: September 7, 1999
    Assignee: Compaq Computer Corporation
    Inventor: Michael F. Angelo
  • Patent number: 5944821
    Abstract: A method for providing secure registration and integrity assessment of software in a computer system is disclosed. A secure hash table is created containing a list of secure programs that the user wants to validate prior to execution. The table contains a secure hash value (i.e., a value generated by modification detection code) for each of these programs as originally installed on the computer system. This hash table is stored in protected memory that can only be accessed when the computer system is in system management mode. Following an attempt to execute a secured program, a system management interrupt is generated. An SMI handler then generates a current hash value for the program to be executed. In the event that the current hash value matches the stored hash value, the integrity of the program is guaranteed and it is loaded into memory and executed.
    Type: Grant
    Filed: July 11, 1996
    Date of Patent: August 31, 1999
    Assignee: Compaq Computer Corporation
    Inventor: Michael F. Angelo
  • Patent number: 5923754
    Abstract: A method and apparatus for securely transferring an encrypted-data key and a medium key, from a media storage such as a DVD disk to an output device in a computer system, using a randomly generated first secure transfer key generated by a disk drive of the computer system, the first key having a uniqueness factor derived from a phase locked loop circuitry. The first secure transfer key is combined with an output key stored in the output device forming a second secure transfer key. The second secure transfer key is used to encrypt the data key and the medium key to form a third secure transfer key. The third secure transfer key is passed to the output device where the data key and the medium key are decrypted. The data key and the medium key are then used by the output device to decrypt encrypted program data from the disk.
    Type: Grant
    Filed: May 2, 1997
    Date of Patent: July 13, 1999
    Assignee: Compaq Computer Corporation
    Inventors: Michael F. Angelo, Daniel J. Driscoll
  • Patent number: 5887131
    Abstract: A method for permitting access to secured computer resources based upon a two-piece user verification process. In the disclosed embodiment, the user verification process is carried out during a secure power-up procedure. At some point during the secure power-up procedure, the computer user is required to provide an external token or smart card to the computer system. The token or smart card is used to store an authentication value(s) required to enable secured resources. The computer user is then required to enter a plain text user password. Separate passwords can be used to enable various portions of the computer system. Once entered, a one-way hash function is performed on the user password. The resulting hash value is compared to an authentication value (token value) downloaded from the token. If the two values match, the power-on sequence is completed and access to the computer system and/or secured computer resources is permitted.
    Type: Grant
    Filed: December 31, 1996
    Date of Patent: March 23, 1999
    Assignee: Compaq Computer Corporation
    Inventor: Michael F. Angelo
  • Patent number: 5859911
    Abstract: In a computer system having a receiving computer and a source computer, a method for the remote flashing of the BIOS in the receiving computer including the steps of transferring the flash information from the source computer to the receiving computer, with the flash information including the flash code, the flash code instructions and an encrypted digital signature corresponding to the flash code. The receiving computer is operably placed in a secure mode. A hash value corresponding to the flash information is calculated, and the hash value from the flash information is decrypted. The flash code is validated by comparing the decrypted hash value of the flash information to the calculated hash value, and if validated, the BIOS if flashed with the new flash code.
    Type: Grant
    Filed: April 16, 1997
    Date of Patent: January 12, 1999
    Assignee: Compaq Computer Corp.
    Inventors: Michael F. Angelo, Sompong P. Olarig, George D. Wisecup
  • Patent number: 5850559
    Abstract: A computer system that automatically and securely executes registered programs immediately prior to a transition to a reduced energy consumption state. A registrar table specifying registered programs and a secure modification detection value for each registered program are maintained in system management mode memory or other secure memory space in the computer system. A system management interrupt is generated following a request to remove power from the computer system or the occurrence of an event that triggers an energy saving mode. The system management interrupt handler routine then generates a current modification detection value for each registered program. The current modification detection values are compared with the secure modification detection values. Execution of a registered program is permitted if the values match. After all registered programs have been executed, the computer system automatically powers down or enters an energy saving mode.
    Type: Grant
    Filed: August 7, 1996
    Date of Patent: December 15, 1998
    Assignee: Compaq Computer Corporation
    Inventors: Michael F. Angelo, Craig A. Miller
  • Patent number: 5848418
    Abstract: An apparatus and method for finding objectionable material contained within electronic files is presented. The apparatus consists of a computer system that is provided with a computer, a video display, a buffer memory, and at least one electronic file storage device capable of storing electronic files. Each of the electronic files is stored according to an operating system which incorporates a file name and a file name suffix. The method includes provisions for a real type property, a claimed type property, and a result type property for each electronic file. All of the electronic files are located on each of said storage devices for checking. During the checking process, for example, each file is checked to determine the file's real type property. If the checked file is determined to be a graphics file, then the file will be identified as a graphics file. If the file is not a graphics file, (i.e., it is a text file) then it is interrogated in order to determine if the text contains objectionable language.
    Type: Grant
    Filed: February 19, 1997
    Date of Patent: December 8, 1998
    Assignee: WatchSoft, Inc.
    Inventors: Peter Andre de Souza, Michael F. Angelo
  • Patent number: 5748940
    Abstract: A secure start-up system for a computer enables a flash memory to be reset in a secured way. Various operations are carried out to make sure that the reset is an authorized one, and to avoid unauthorized, e.g. virus, infiltration. These operations include multiple tests to avoid the probability of the reset being unauthorized. Any one or more than one of the following can be used. Flashing is only authorized when a special flash enable bit is set in the non-volatile memory. This flash enable bit is reset during every startup cycle. Flashing is only authorized from a cold boot as opposed from a warm boot. This minimizes the possibility of a computer routine authorizing flashing by a software reset. Flashing is only authorized from a floppy. This prevents a virus from writing the flashing routine to the boot sector of a non-removable disc. The user is warned prior to flashing, and asked to confirm.
    Type: Grant
    Filed: August 17, 1995
    Date of Patent: May 5, 1998
    Assignee: Compaq Computer Corporation
    Inventors: Michael F. Angelo, Craig A. Miller, David R. Wooten
  • Patent number: 5748888
    Abstract: A method and apparatus for providing secure and private keyboard communications in a computer system. A request for private keyboard communications causes the computer's processor to enter into system management mode by generating an system management interrupt. A secure system management interrupt handler then directs specialized hardware to intercept and divert keyboard interrupts, such that data entered via the keyboard is only communicated to a non-readable black box security device that controls access to protected system resources. Keyboard data is thereby protected from interception by malicious software.
    Type: Grant
    Filed: May 29, 1996
    Date of Patent: May 5, 1998
    Assignee: Compaq Computer Corporation
    Inventors: Michael F. Angelo, Jeff W. Wolford