Patents by Inventor Vincent J. Zimmer

Vincent J. Zimmer has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Migration of full-disk encrypted virtualized storage between blade servers
    Patent number: 9047468
    Abstract: A method, system and computer-readable storage medium with instructions to migrate full-disk encrypted virtual storage between blade servers. A key is obtained to perform an operation on a first blade server. The key is obtained from a virtual security hardware instance and provided to the first blade server via a secure out-of-band communication channel. The key is migrated from the first blade server to a second blade server. The key is used to perform hardware encryption of data stored on the first blade server. The data are migrated to the second blade server without decrypting the data at the first blade server, and the second blade server uses the key to access the data. Other embodiments are described and claimed.
    Type: Grant
    Filed: December 30, 2008
    Date of Patent: June 2, 2015
    Assignee: Intel Corporation
    Inventors: Palsamy Sakthikumar, Vincent J. Zimmer
  • Providing a secure execution mode in a pre-boot environment
    Patent number: 9026773
    Abstract: In one embodiment, the present invention includes a method to establish a secure pre-boot environment in a computer system; and perform at least one secure operation in the secure environment. In one embodiment, the secure operation may be storage of a secret in the secure pre-boot environment.
    Type: Grant
    Filed: July 1, 2011
    Date of Patent: May 5, 2015
    Assignee: Intel Corporation
    Inventors: Vincent J. Zimmer, Bryant Bigbee, Andrew J. Fish, Mark S. Doran
  • FLEXIBLE BOOTSTRAP CODE ARCHITECTURE
    Publication number: 20150121055
    Abstract: The present disclosure is directed to flexible bootstrap code architecture. A device may comprise equipment for operating the device and an operating system (OS) for operating the equipment A boor, module may also be included in the device to execute boot operations. At least one flexible boot (FB) module in the boot module may interact with the equipment and/or OS during the boot operations to cause the boot operations to become device-specific. An example boot module may comprise a plurality of FB modules. An example FB module may verify a device/chipset identification and may control the boot operations based on the identification. Other example FB modules may select resources to load based on an OS type, may provide a boot configuration table location for use in OS runtime boot configuration or may load variables from a preload variable directory for use in configuring boot operations.
    Type: Application
    Filed: October 29, 2013
    Publication date: April 30, 2015
    Inventors: Vincent J. Zimmer, H. P. Anvin, Michael A. Rothman, David C. Estrada, Nicholas J. Yoke, Gopinatth Selvaraje
  • Processsor integral technologies for BIOS flash attack protection and notification
    Patent number: 9015455
    Abstract: A system and method for BIOS flash attack protection and notification. A processor initialization module, including initialization firmware verification module may be configured to execute first in response to a power on and/or reset and to verify initialization firmware stored in non-volatile memory in a processor package. The initialization firmware is configured to verify the BIOS. If the verification of the initialization firmware and/or the BIOS fails, the system is configured to select at least one of a plurality of responses including, but not limited to, preventing the BIOS from executing, initiating recovery, reporting the verification failure, halting, shutting down and/or allowing the BIOS to execute and an operating system (OS) to boot in a limited functionality mode.
    Type: Grant
    Filed: July 7, 2011
    Date of Patent: April 21, 2015
    Assignee: Intel Corporation
    Inventors: James P. Held, Scott H. Robinson, Vincent J. Zimmer
  • Remote direct storage access
    Patent number: 9015268
    Abstract: Embodiments of the present disclosure include systems, apparatuses, and methods that relate to remote, direct access of solid-state storage. In some embodiments, a network interface component (NIC) of a server may access a solid-state storage module of the server by a network storage access link that bypasses a central processing unit (CPU) and main memory of the server. Other embodiments may be described and claimed.
    Type: Grant
    Filed: April 2, 2010
    Date of Patent: April 21, 2015
    Assignee: Intel Corporation
    Inventors: Robert C. Swanson, Vincent J. Zimmer, Mallik Bulusu
  • ATOMIC TRANSACTIONS TO NON-VOLATILE MEMORY
    Publication number: 20150095600
    Abstract: Durable atomic transactions for non-volatile media are described. A processor includes an interface to a non-volatile storage medium and a functional unit to perform instructions associated with an atomic transaction. The instructions are to update data at a set of addresses in the non-volatile storage medium atomically. The functional unit is operable to perform a first instruction to create the atomic transaction that declares a size of the data to be updated atomically. The functional unit is also operable to perform a second instruction to start execution of the atomic transaction. The functional unit is further operable to perform a third instruction to commit the atomic transaction to the set of addresses in the non-volatile storage medium, wherein the updated data is not visible to other functional units of the processing device until the atomic transaction is complete.
    Type: Application
    Filed: September 27, 2013
    Publication date: April 2, 2015
    Inventors: Robert Bahnsen, Sridharan Sakthivelu, Vikram A. Saletore, Krishnaswamy Viswanathan, Matthew E. Tolentino, Kanivenahalli Govindaraju, Vincent J. Zimmer
  • TRUSTED BOOT AND RUNTIME OPERATION
    Publication number: 20150095633
    Abstract: An embodiment includes an apparatus comprising: an out-of-band cryptoprocessor including secure non-volatile storage that couples to a root index, having a fixed address, and comprises first and second variables referenced by the root index; and semiconductor integrated code (SIC) including embedded processor logic to initialize a processor and embedded memory logic to initialize a memory coupled to the processor; wherein (a) the SIC is to be executed responsive to resetting the processor and prior to providing control to boot code, and (b) the SIC is to perform pre-boot operations in response to accessing at least one of the first and second variables. Other embodiments are described herein.
    Type: Application
    Filed: October 2, 2013
    Publication date: April 2, 2015
    Inventors: Jiewen Yao, Vincent J. Zimmer, Nicholas J. Adams, Willard M. Wiseman, Qin Long, Shihui Li
  • PERFORMING TELEMETRY, DATA GATHERING, AND FAILURE ISOLATION USING NON-VOLATILE MEMORY
    Publication number: 20150095644
    Abstract: Methods and apparatus related to performance of telemetry, data gathering, and failure isolation using non-volatile memory are described. In one embodiment, a Non-Volatile Memory (NVM) controller logic stores data in a portion of an NVM device. The portion of the NVM device is determined based at least in part on a type or an identity of a sender of the data. Also, the data is encrypted in accordance with a public key provided by the sender. Other embodiments are also disclosed and claimed.
    Type: Application
    Filed: September 27, 2013
    Publication date: April 2, 2015
    Inventors: Saurabh Gupta, Vincent J. Zimmer
  • Hardware and file system agnostic mechanism for achieving capsule support
    Patent number: 8990486
    Abstract: Methods and apparatus relating to a hardware and file system agnostic mechanism for achieving capsule support are described. In one embodiment, content associate with a capsule are stored in a non-volatile memory prior to a cold reset. A capsule descriptor may also be constructed, prior to the reset, which includes information about the physical location of the capsule content on the non-volatile memory. Other embodiments are also described and claimed.
    Type: Grant
    Filed: January 13, 2014
    Date of Patent: March 24, 2015
    Assignee: Intel Corporation
    Inventors: Michael A. Rothman, Vincent J. Zimmer
  • Server active management technology (AMT) assisted secure boot
    Patent number: 8984265
    Abstract: In some embodiments, the invention involves a system and method relating to secure booting of a platform. In at least one embodiment, the present invention is intended to securely boot a platform using one or more signature keys stored in a secure location on the platform, where access to the signature is by a microcontroller on the platform and the host processor has no direct access to alter the signature key. Other embodiments are described and claimed.
    Type: Grant
    Filed: March 30, 2007
    Date of Patent: March 17, 2015
    Assignee: Intel Corporation
    Inventors: Kushagra Vaid, Vincent J. Zimmer, Mrigank Shekhar
  • LOCATION AWARE RESOURCE LOCATOR
    Publication number: 20150067163
    Abstract: Systems and methods providing a location-aware resource locator model for facilitating communication with networked electronic devices are generally disclosed herein. One embodiment includes a resource locator using a standard Uniform Resource Locator (URL) format, but enabling identification of one or many devices based on logical location information provided in the resource locator. The resource locator may also enable identification of the one or many devices based on logical proximity information (such as a logical term indicating a location property) relative to a dynamic location. Further disclosed embodiments include uses of a hierarchical structure to define logical terms and classes for use with a resource locator, and various location determination and lookup techniques used in connection with accessing an electronic device.
    Type: Application
    Filed: December 21, 2011
    Publication date: March 5, 2015
    Inventors: Robert Bruce Bahnsen, Mallik Bulusu, Vincent J. Zimmer, Robert S. Gittins, Robert Swanson
  • Demand based USB proxy for data stores in service processor complex
    Patent number: 8965749
    Abstract: A method, apparatus, system, and computer program product for secure server system management. A payload containing system software and/or firmware updates is distributed in an on-demand, secure I/O operation. The I/O operation is performed via a secured communication channel inaccessible by the server operating system to an emulated USB drive. The secure communication channel can be established for the I/O operation only after authenticating the recipient of the payload, and the payload can be protected from access by a potentially-infected server operating system. Furthermore, the payload can be delivered on demand rather than relying on a BIOS update schedule, and the payload can be delivered at speeds of a write operation to a USB drive.
    Type: Grant
    Filed: March 21, 2013
    Date of Patent: February 24, 2015
    Assignee: Intel Corporation
    Inventors: Palsamy Sakthikumar, Michael A. Rothman, Vincent J. Zimmer, Robert C. Swanson, Mallik Bulusu
  • OPERATING SYSTEM SWITCHING METHOD AND APPARATUS
    Publication number: 20150033225
    Abstract: Apparatuses, methods and storage media associated with switching operating systems are disclosed herewith. In embodiments, an apparatus for computing may include one or more processors; and a virtual machine manager to be operated by the one or more processors to instantiate a first virtual machine with a first operating system in a background, and a second virtual machine with a second operating system in a foreground; wherein the virtual machine manager is further to place the first virtual machine, on instantiation, in background into a standby state. Other embodiments may be disclosed or claimed.
    Type: Application
    Filed: November 7, 2013
    Publication date: January 29, 2015
    Inventors: Michael A. Rothman, Vincent J. Zimmer, Ping Wu, Zijian You
  • Distributed advanced power management
    Patent number: 8943346
    Abstract: Power management commands from virtual machines (VMs) in a VM environment may be trapped by a VM monitor. Depending on the current power states of the other VMs in the VM environment, the VMM may emulate increase or decrease in available resources as applied to the VM issuing the power management commands. The VMM may modify the actual hardware resources available in a platform when such modification may not affect the current power states of the VMs in the VM environment.
    Type: Grant
    Filed: June 2, 2009
    Date of Patent: January 27, 2015
    Assignee: Intel Corporation
    Inventors: Vincent J. Zimmer, Michael A. Rothman
  • OFFLOADING THE PROCESSING OF A NETWORK PROTOCOL STACK
    Publication number: 20140380033
    Abstract: A computer system is partitioned during a pre-boot phase of the computer system between a first partition and a second partition, wherein the first partition to include a first processing unit and the second partition to include a second processing unit. An Input/Output (I/O) operating system is booted on the first partition. A general purpose operating system is booted on the second partition. Network transactions are issued by the general purpose operating system to be performed by the I/O operating system. The network transactions are performed by the I/O operating system.
    Type: Application
    Filed: September 5, 2014
    Publication date: December 25, 2014
    Inventors: Vincent J. Zimmer, Michael A. Rothman
  • SYSTEM AND METHOD FOR REDIRECTING INPUT/OUTPUT (I/O) SEQUENCES
    Publication number: 20140380034
    Abstract: A method for redirecting I/O (Input/Output) sequences. A computer platform is initialized. If the computer platform is enabled for command packet rerouting, the platform firmware may be used to install a runtime enable block I/O interface and a standard UNDI (Universal Network Device Interface) interface for routing I/O requests to a network controller or an out-of-band processor may be used to route I/O requests to a network interface controller. The routing of the I/O requests to the network controller or network interface controller enables the computer platform to boot from a remote block I/O storage device.
    Type: Application
    Filed: September 5, 2014
    Publication date: December 25, 2014
    Inventors: Michael A. Rothman, Vincent J. Zimmer
  • Methods and systems to perform a computer task in a reduced power consumption state
    Patent number: 8910169
    Abstract: Methods and systems to perform a computer task in a reduced power consumption state, including to virtualize physical resources with respect to an operating environment and service environment, to exit the operating environment and enter the service environment, to place a first set of one or more of the physical resources in a reduced power consumption state, and to perform a task in the service environment utilizing a processor and a second set of one or more of the physical resources. A physical resource may be assigned to an operating environment upon an initialization of the operating environment, and re-assigned to the service environment to be utilized by the service environment while other physical resources are placed in a reduced power consumption state.
    Type: Grant
    Filed: September 30, 2008
    Date of Patent: December 9, 2014
    Assignee: Intel Corporation
    Inventors: Jing W. Wang, Ming Kuang, Michael A. Rothman, Vincent J. Zimmer, Jack Chen, Yebin Andy Zhao
  • Extensible pre-boot authentication
    Patent number: 8909940
    Abstract: In one embodiment, the present invention includes a method for obtaining a pre-boot authentication (PBA) image from a non-volatile storage that is configured with full disk encryption (FDE), and storing the PBA image in a memory. Then a callback protocol can be performed between a loader executing on an engine of a chipset and an integrity checker of a third party that provided the PBA image to confirm integrity of the PBA image, the PBA image is executed if the integrity is confirmed, and otherwise it is deleted. Other embodiments are described and claimed.
    Type: Grant
    Filed: December 21, 2010
    Date of Patent: December 9, 2014
    Assignee: Intel Corporation
    Inventors: Jacek Peszek, Ned M. Smith, Vincent J. Zimmer, Victoria C. Moore, Alberto J. Martinez
  • Methods and apparatus for trusted boot optimization
    Patent number: 8892858
    Abstract: A data processing system may include a high integrity storage (HIS) device with a partition or cache that is protected from updates. The data processing system may perform a boot process in response to being reactivated. The boot process may include the operation of executing a boot object. During the boot process, before executing the boot object, the data processing system may retrieve a digest for the boot object from the protected cache of the HIS device. The digest may be a cryptographic hash value for the boot object. During the boot process, the retrieved digest may be extended into a platform configuration register in a trusted platform module of the data processing system. Other embodiments are described and claimed.
    Type: Grant
    Filed: December 29, 2011
    Date of Patent: November 18, 2014
    Assignee: Intel Corporation
    Inventors: Ned M. Smith, Vincent J. Zimmer, Victoria C. Moore
  • METHODS AND APPARATUS TO PROVIDE DYNAMIC MESSAGING SERVICES
    Publication number: 20140325512
    Abstract: Methods and apparatus to provide dynamic messaging services are disclosed. An example method of displaying information on a display screen includes determining, using a virtual machine manager, supported dimensions for display of information on the display screen; generating, using the virtual machine manager, restricted dimensions that are less than the supported dimensions; providing the restricted dimensions to an operating system of a virtual machine supported by the virtual machine manager, wherein the restricted dimensions define a boundary between a first screen portion and a second screen portion; and using the virtual machine manager to display first information in the first screen portion, the virtual machine manager enforcing the presence of the first screen portion on the display screen.
    Type: Application
    Filed: July 14, 2014
    Publication date: October 30, 2014
    Inventors: Jerry Zhao, Michael A. Rothman, Vincent J. Zimmer, Qian Ouyang