Abstract: A method and system for managing a secure configuration of a server blade on a network. The server blade has a Remote Supervisor Adapter (RSA) card, which contains a list of trusted Dynamic Host Configuration Protocol (DHCP) servers. A remote manager, which communicates with the RSA card via a hyper-secure network, maintains the list of trusted DHCP servers on the RSA card. When the server blade broadcasts a request for configuration parameters to join the network, a response offer is returned from a DHCP server. If the responding DHCP server is not on the list of trusted DHCP servers contained in the RSA card, then the offer is refused, and another DHCP server's offer is evaluated.

Abstract: A method and system for method of removing a node from a multi-node computer. The node receives a system management interrupt (SMI), resulting in a quiescenting of only that node. The SMI receiving node then polls other nodes in the multi-node computer to determine if the SMI affects an operation of any of the other nodes, and quiescents any other node affected by the SMI. Each quiescent node then transfers all of the contents of its system memory to a backup memory in an unaffected remote node in the multi-node computer. The remote node than assumes the function of the removed node that had received the SMI. The method and system thus allows node removal in the event of a hot-swap request or a predicted failure of a node.

Abstract: A method and system for managing software according to a physical location of a computer that is to execute the software. The operating system of the computer is modified to contain a location service that is able to determine the exact physical location of the computer. When the computer's operating system requests that a software application be loaded into system memory, the computer's location service determines the exact current physical location of the computer using a satellite Global Positioning System (GPS) or similar system. This location is compared to a list of authorized location ranges. If the computer is within an authorized location range, the software is allowed to load into system memory and execute as long as the computer remains within the authorized area. If the computer is not within an authorized area, then the software is not allowed to load into system memory and thus cannot execute.

Abstract: A method and system for load balancing switch modules in a server system and a computer system utilizing the same is disclosed. In a first aspect, the method comprises assigning each of a plurality of servers to a switch module of a plurality of switch modules, such that a number of servers assigned to each of the plurality of switch modules is substantially equal. In a second aspect, a computer system comprises a plurality of servers coupled to a plurality of switch modules, a management module, and a load balancing mechanism coupled to the management module, wherein the load balancing mechanism assigns each of the plurality of servers to a switch module of the plurality of switch modules, such that a number of servers assigned to each of the plurality of switch modules is substantially equal.

Abstract: A cache controller structure and method are provided for managing cache access for a computer system. The computer system has a processor having a direction flag and configured to run a repetitive string operation, wherein the string operation is configured to sequentially access a targeted memory block for each repetition depending on the state of the direction flag. A cache controller logic is provided to control a cache embedded in the processor while the processor executes string operations. The cache controller is configured to manipulate the cache lines responsive to the direction flag and to a position of a targeted memory block within a cache line. In some embodiments, the controller logic is also configured to manipulate the cache lines responsive to a repetition parameter value within the string operation.

Abstract: A method and system for interlocking a plurality of servers to a server system is disclosed. In a first aspect, the method comprises assigning an identifier to each of the plurality of servers, wherein the identifier associates each of the plurality of servers to the server system, thereby defining a plurality of interlocked servers. In a second aspect, a computer system comprises a plurality of servers, a management module coupled to each of the plurality of servers, and an interlock mechanism coupled to the management module, wherein the interlock mechanism assigns to each of the plurality of servers an identifier that associates each of the plurality of servers to the server system, thereby defining a plurality of interlocked servers.

Abstract: A method and system for autonomously rebuilding a failed one of a plurality of servers and a computer system utilizing the same is disclosed. In a first aspect, the method comprises providing a bus for allowing a recovery mechanism to access each of the plurality of servers and utilizing the recovery mechanism to rebuild the failed server onto another server. In a second aspect, the computer system comprises a plurality of servers, a management module for monitoring and managing the plurality of servers, a recovery mechanism coupled to the management module, and a bus coupling the recovery mechanism to each of the plurality of servers, wherein the recovery mechanism rebuilds a failed server onto another of the plurality of servers.

Abstract: A system and method for remote power control across multiple nodes of a partitioned data processing system. The system includes one or more nodes, each node including a chassis housing a traditional SMP server. The system may be partitioned into two or more SPAR's. Partition management software provides out of band power control to an entire partition, regardless of the number of nodes in the partition. The partition management code installed on each node of the partition is enabled to broadcast a power-on request to each of the nodes in the partition. Thus, when any service processor receives a power-on request, that service processor will resend the power on request to the broadcast group, thereby causing all of the nodes in the SPAR to power up. The broadcast packets may be routed to the other nodes via an out-of-band or private management LAN.

Abstract: Method and system aspects for performing an authenticated boot of a computer system in a networked computing environment are provided. The aspects include integration of boot manager services into a power on self test (POST) routine of a client system. The client system provides a digital signature for a selected operating system when the POST routine transfers control to a basic input/output system (BIOS) routine. Booting is authorized with the operating system through authentication by a server system of the digital signature.

Abstract: Method and system aspects for securely transferring a computer system are described. A computer system is disabled at a shipping point via an RFID (radio frequency identification) interface and re-enabled at a receiving point via the RFID interface. Disabling the computer system includes selecting a boot password, writing the boot password to storage in the computer system via the RFID interface, and setting a disable bit in the storage via the, RFID interface. Re-enabling the computer system includes entering the boot password via the RFID interface and clearing the disable bit.

Abstract: A method and apparatus for activating a computer system in response to a stimulus from a universal serial bus (USB) peripheral provides a mechanism for powering up a computer system or restoring it from a suspended mode of operation. The apparatus includes a controllable power supply and a non-standard protocol using the USB wire connections, to provide a method for polling the peripheral to determine if activity has occurred which a host computer system should use to trigger activation.

Abstract: A security system for computers defines a control zone using radiation, preferably at radio frequency, having a distinctive characteristic, such as a particular frequency. The zone may be established, for example, at a door exit or other limited passage to a secured area. The radiation triggers a device in the computer that in turn sends out a serial number signal. To further prevent unauthorized removal a personal identification number is required of the person in the zone with the computer, either by key input or an encoded radio signal. A receiver located near the control zone applies the serial number to a table look up computer that triggers an emergency signal if a match to an authorized list of serial numbers for the computer and corresponding person does not occur. The emergency signal activates a transmitter that sends out an emergency radiation signal with a different distinctive characteristic.

Abstract: A security system for computers defines a control zone using radiation, preferably at radio frequency, having a distinctive characteristic, such as a particular frequency. The zone may be established, for example, at a door exit or other limited passage to a secured area. Computer systems are provided with receivers that detect the distinctive characteristic and responsively produce an alarm signal which triggers security logic. The security logic cooperates with the start-up logic of the computer and disables start-up so that the computer becomes inoperative. In a more complex variation, the radiation triggers a device in the computer that in turn sends out a serial number signal. A receiver located near the control zone applies the serial number to a table look up computer that triggers an emergency signal if a match to an authorized list of serial numbers does not occur. The emergency signal activates a transmitter that sends out a radiation signal with a second distinctive characteristic.

Abstract: A personal computer system has security features enabling control over access to data retained in such system. The system cooperates with a transmitter of radiation having a predefined characteristic. A radiation detector within the system detects such radiation and produces an alarm signal when detection fails or is lost. The alarm signal is retained and triggers security logic cooperating with power-on-sequence logic to prevent the system from becoming operative. It is preferred to also provide an erasable memory element that when switched to an active state stores a privileged-access password. Logic is provided to cooperate with such element and override the security logic when the correct password is input to the system.As an added security feature the transmitter may be deactivated if an intrusion is detected at the site to shut down all systems responding to the radiation in the security zone.

Abstract: A personal computer system is described, having security features enabling control over access to data retained in such a system. The system has a normally closed enclosure, at least one erasable memory element for selective activation to active and inactive states and for receiving and storing a privileged access password when in the active state, an option switch operatively connected with the erasable memory element for setting the erasable memory element to the active and inactive states, a tamper detection switch operatively connected with the erasable memory element for detecting opening of the enclosure, and a system processor operatively connected with the erasable memory element for controlling access to at least certain levels of data stored within the system by distinguishing between entry and non-entry of any stored privileged access password.

Abstract: This disclosure relates to a method and apparatus for measuring the amount of time a personal computer system is powered on. A power on time (POT) routine is performed at a power on of the computer system. This routine sets up a timer to count the number of pre-selected time units (selected by a user) the system is powered on. The power on time count is stored in the PC's non-volatile memory. The routine sets an alarm field of the system's real time clock (RTC) to be activated after the pre-selected time unit has elapsed. A POT interrupt handler routine is installed in a chain for RTC interrupts and is invoked each time the alarm is activated (i.e., at each passage of the pre-selected time unit) while the system is powered on. When invoked, the POT interrupt handler routine increments the POT count and resets the RTC alarm to be activated after another pre-selected time unit has elapsed.

Abstract: A personal computer system is described, having security features enabling control over access to data retained in such a system. The system has a normally closed enclosure, at least one erasable memory element for selective activation to active and inactive states and for receiving and storing a privileged access password when in the active state, an option switch operatively connected with the erasable memory element for setting the erasable memory element to the active and inactive states, a tamper detection switch operatively connected with the erasable memory element for detecting opening of the enclosure, and a system processor operatively connected with the erasable memory element for controlling access to at least certain levels of data stored within the system by distinguishing between entry and non-entry of any stored privileged access password and between detection and non-detection of opening of the enclosure by the tamper detection switch.

Abstract: An operating system definition file (ODF) is provided for each operating system stored in a computer system. Each ODF contains a list of keywords that define the operating environment for the particular operating system. During setup, a set configuration program reads each ODF and produces a master record that specifies an ordering of non-system memory regions across all of the operating systems that coexist in the computer system, allowing non-system memory allocations to be made to regions that meet all operating system needs. A merge matrix is used to merge records from the ODFs into a common array allowing the records to be searched to find optimum non-system memory allocations. A memory address space topology table is also built by the set configuration program for use by the operating system during initialization and during allocation of memory.

Abstract: This invention relates to personal computer systems and, more particularly, to such a system having security features enabling control over access to data retained in such a system.

Abstract: An apparatus and method for loading BIOS from a diskette drive into a personal computer system normally connected to a hardfile, such as a fixed disk. The personal computer system further includes a system processor, a random access main memory, a read only memory and a switching means. The switching means generates a signal to indicate a mode for whether BIOS loads from either diskette or disk. In a priority mode, BIOS loads immediately from diskette. In a recovery mode, BIOS loads from diskette after testing the disk subsystem.