EP0791195A1 - Verfahren und apparat zum steuern des zugangs zum netzwerk und zu arbeitsplatzcomputern vor dem hochstarten des arbeitsplatzcomputers - Google Patents
Verfahren und apparat zum steuern des zugangs zum netzwerk und zu arbeitsplatzcomputern vor dem hochstarten des arbeitsplatzcomputersInfo
- Publication number
- EP0791195A1 EP0791195A1 EP95901043A EP95901043A EP0791195A1 EP 0791195 A1 EP0791195 A1 EP 0791195A1 EP 95901043 A EP95901043 A EP 95901043A EP 95901043 A EP95901043 A EP 95901043A EP 0791195 A1 EP0791195 A1 EP 0791195A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- workstation
- server
- network
- boot
- operating system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/80—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
- G06F21/805—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors using a security table for the storage sub-system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
- G06F9/4416—Network booting; Remote initial program loading [RIPL]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/1097—Boot, Start, Initialise, Power
Definitions
- the invention is directed to personal computers used as workstations in local area networks (LANs) .
- LANs local area networks
- a LAN is usually defined as a network of computers, usually connected by a cable or wire at a single geographical location such as one or more floors of an office building, so that various resources can be shared among the workstations and/or allow the individual workstations to send and receive electronic mail or E-Mail.
- local area networks enable individual users to access databases or files physically associated with another computer, called a server, or with other workstations on the LAN.
- a server or with other workstations on the LAN.
- data and programs which are needed by more than one user can be maintained on a single computer on the network and still be available to other workstations on the network.
- the computer with the common data is referred to as the server and the workstations of the individual users are called clients.
- a database or files may be set up on various workstations such that each can function as a server and each can function as a client. This is frequently referred to a peer-to-peer structure.
- administration or management of the individual workstations can be a cumbersome task.
- This administration consists of, but is not limited to, the following tasks:
- management tasks are often associated with computer functions that take place during the workstation's boot (startup) cycle. They often require repeat reboots of the workstation to test changes in configuration. From a security standpoint, much of the ability to control access to both workstations and servers is vastly improved by being able to control functions that occur before, during and after the boot process. Current methods depend upon control of functions occurring during or after the boot process. Since control of many functions prior to workstation boot allows the network administrator to impose significantly more control over the workstation some method of pre-boot control is very desirable.
- the present invention is directed to a method and apparatus for preboot file and information transfer between workstations and other workstations or workstations and servers on local area networks.
- DOS-based systems For convenience, this description will be with reference to DOS-based systems.
- persons skilled in the art will recognize that the inventive concepts have application in UNIX based systems and other network environments. Specifically, it is necessary to provide a mechanism by which a network administrator can carry out the functions, as well as other network management tasks. That mechanism should be imposed prior to workstation boot. Workstations using MS-DOS, PC- DOS or other operating system variations such as UNIX execute a startup process called a boot sequence. During the boot sequence the various components of the workstation and network operating system are loaded and executed.
- any management tasks performed after boot must be performed by application programs running on the workstation.
- application programs are often called utilities.
- the utilities In order for utilities to run at the same time as other applications (such as word processing, database management or E-Mail) the utilities must be loaded resident in the workstation memory. That causes a reduction in available application memory and, often, causes conflicts which can cause the workstation to "lock up" or "hang". In that case, the workstation must be rebooted and all programs reloaded. There is, likewise, a strong probability of damage or loss of data which was in use during the failure.
- the present invention overcomes these problems by providing a hardware component, for example a ROM or PROM containing appropriate programming placed in the usually unused boot ROM socket of a LAN card installed in the individual workstations, or a chip including a PROM or ROM built onto the motherboard or system board of the individual workstations.
- the program in the PROM can be set up so that, at system startup, prior to loading of the workstation operating system software during the boot sequence, it performs certain operating system functions by using the basic input/output system (BIOS) of the workstation to enable the workstation to communicate with a server on the network and make the necessary resources of the workstation available to a server management application running on the server via the network.
- BIOS basic input/output system
- the workstation can be validated for connection to the network. This adds a greatly improved dimension of security to the network.
- a workstation which has experienced a conflict resulting in a failure could be rebooted remotely and, during the reboot cycle, boot files changed to clear possible conflicts. While this process is common, it is always performed by an operator entering commands while sitting at the workstation.
- the invention enables this functionality to be carried out remotely.
- the invention could also provide preboot updates to critical boot files prior to workstation boot by transferring those files from the server in advance of their use.
- the invention enables a rich assortment of high-value technologies because it is:
- Some examples of possible server management applications enabled by the present invention are:
- the invention allows appropriate workstation configuration regardless of the environment. Users who cannot tolerate TSRs due to ill-behaved applications still benefit since the invention requires no TSRs
- FIGURE 1 is a block overview diagram showing a local area network with a pair of client workstations and a single server.
- FIGURE 2 is block diagram showing the functional components of the programming contained in a PROM or ROM forming part of the invention.
- FIGURES 3a and 3b are flow charts of the preboot sequence controlled by the invention.
- FIGURE 4 is a block diagram showing of EE-PROM/ASIC implementation of the invention.
- FIG. 1 is a block overview diagram showing a local area network with a single server workstation 11, a client workstation designated User 13 and a client workstation designated Administrator 15.
- the server workstation 11 includes server files (not shown) , an access control list database (ACL-DB) 11a, and a server management application (SMA) such as a NetWare Loadable Module (NLM) in a Novell NetWare environment, which functions in conjunction with the invention, and a database lid which contains information used by the invention to modify information in the workstation during the preboot process.
- ACL-DB access control list database
- SMA server management application
- NLM NetWare Loadable Module
- Both client workstations 13 and 15 are configured the same, each containing a hardware component (typically a PROM and ASIC combination, referred to herein as firmware, installed on the workstation network interface card or motherboard) 19a and 19b respectively, but the administrator client also includes an administrator program 13.
- the firmware manages workstation functions and communicates with the server prior to loading of the complete workstation operating system.
- the client workstation firmware (19a or 19b) also provides preboot access to the client operating system's file services and contains a functional subset of the client workstation operating system and the client workstation component of the network operating system. Its purpose is to communicate with the server.
- the server hardware component takes instructions from the server SMA.
- the server SMA contains control routines to manage operation of the invention.
- the specifics for incorporating suitable programming in the SMA depend upon the functionality desired to be performed. However, such specifics are well within the skills of persons having ordinary ability in the field of the invention based upon the descriptions provided herein. Administrative utilities are executed in the designated workstation. One of those utilities could be a scripting language which allows the administrator to program a series of client-server operations.
- Figure 1 shows the basic communications between the client workstation 13 and the server workstation 11 and the client workstation 15 and the server workstation 11.
- the basic communications (which actually take place over the network) provide the mechanism for making a connection between client and server. Once that connection has been made, the client 13 is authenticated as a legitimate client to the server 11. Once the client is identified to the server, any preboot activity such as file transfers, file updates or operating system rescue (due to malicious or accidental damage) can take place automatically under control of the SMA.
- firmware 19a or 19b executes a program which seeks a server on the network with which to communicate.
- the appropriate server e.g. the one with the SMA (the NLM in a Novell NetWare environment) responds to the client workstation.
- the client workstation then sends, using the invented subsystem, its network interface card (NIC) address to the server.
- NIC network interface card
- the server SMA verifies the address in the access control list 11a which resides in the server.
- the server SMA then performs whatever tasks it is preprogrammed to perform.
- the invention being an enabling technology, insofar as it resides in the SMA, can be customized to provide a wide variety of preboot services.
- it could be customized to update files by transferring new files to the client prior to boot since the file management system is operating on the client. It could be customized to verify that the boot sector of the client is free of virus infection and that the boot sector is intact. If not, it could remove the virus and restore the boot sector from the workstation database lid residing safely on the server.
- the firmware 19a or 19b on the client returns boot control to the client's BIOS.
- the client then boots in the normal manner, loading the complete workstation operating system and attaches to the network as it normally would.
- the advantage of the preboot sequence of the invention is that any damage to the client workstation's boot or operating system that would prevent normal boot or cause further damage can be managed and recovered during the preboot process.
- the invention contains a functional subset of the complete operating system installed in the client workstation which allows the client to partially boot from a sterile environment without using any of the operating system elements installed in the client workstation which could become damaged. This sterile environment is maintained within the firmware of the invention.
- a second advantage is that any updates or repairs to critical software systems can be managed centrally using a sterile operating environment without interfering with the user of the client in any way.
- the invented technique for initiating a network connection with a server sends a registered unique identification to the server, such as the workstation network interface card (NIC) ID (for example, in an Ethernet environment the Ethernet hardware address), through the standard or de-facto network protocol.
- the network protocol could be varied depending on the networking environment, such as TCP/IP of Internet, SPX/IPX of Novell's NetWare, or any standard LAN protocols defined by IEEE.
- the server application checks for a pre-configured database to determine whether the connection should be accepted. After connection is established, the server SMA sends managing requests to instruct the program in the workstation firmware 14
- the firmware sends back the result of its executed operation to the SMA and goes back to the normal booting process when approved by the server.
- the invention utilizes a client server technology, implemented as firmware (i.e., programming in a PROM or ROM), which allows full, remote pre-boot control of any network workstation, regardless of operating environment, without the use of terminate and stay resident (TSR) programs at the workstation.
- firmware i.e., programming in a PROM or ROM
- TSR terminate and stay resident
- One example of an implementation of the invention utilizes a single PROM containing the necessary programming (i.e., firmware) which is plugged in an ASIC, which provides address decoding, which ASIC plugs into the normally unused boot ROM socket on most network interface cards.
- the necessary programming provides file handler, component control, network services, server management command interface, and executable services engine functions.
- the programming could be contained in a flash EPROM which would avoid the need for the address decoding ASIC for reasons which should be apparent to persons skilled in the art.
- the firmware on the client communicates with server SMA via a customer application programming interface (API) or industry standard protocol such as SNMP. Virtually any server management application can be written in a variety of programming languages, or existing SNMP management applications can be accessed directly.
- API customer application programming interface
- SNMP industry standard protocol
- FIG. 1 A simplified block diagram for the programming in the PROM or ROM of the invention is shown in Figure 2. Excluding housekeeping services and functions not germane to this description, the system includes:
- a Server Management Command Interface 21 This is the basic interface between the firmware on the client and the Server Management Application (SMA) on the server. Its main task is to interpret the commands sent in packets from the server SMA and to construct a response packet containing the result of performed operations in a form which can be understood by the SMA. It serves the same function as an SNMP, an industry defined management protocol.
- Executable Services Engine 23 The executable services engine provides the proprietary pre-boot functions that allow control of the workstation pre-boot processes.
- the executable services engine receives its instructions based upon the requirements of the SMA. In other words, the executable services engine and the SMA together control the actions of the workstation prior to the commencement of the workstation boot process.
- the operating system kernel is, in effect, a "mini operating system.”
- the operating system kernel utilizes file handler 27a, component control 27b and network services 27c and communications appropriate to the installed operating environment.
- This environment includes both the workstation environment (DOS, 0/S2, UNIX etc.) and the network operating system (NetWare, LAN Manager, Vines, etc.) .
- server management command interface 21 and executable services engine 23 are well within the skills of a person having ordinary skills in the field of the invention.
- a suitable operating system kernel 25 is available from Hitech Business Software, Inc. of Wilmington Delaware.
- Figures 3a and 3b are flow charts showing the processing performed by programming in the PROM or ROM at system startup.
- the invention interrupts the boot process after the BIOS (in an MS-DOS environment, for example) is executed but before DOS executes.
- the system BIOS upon workstation power-up (step) 31, the system BIOS is executed (step 33) in a manner well known in the art.
- the system BIOS detects the existence of a program in a ROM socket on a network interface card (step 35) and passes control to this program (step 37) .
- network communications software is loaded from the workstation storage medium (step 39) using its internal mini-operating system and the appropriate network communications protocols. In this manner, communication with the server SMA is initiated (step 41).
- the invention executes the appropriate functions contained in the executive services engine of the program in the PROM.
- the executive services engine uses low level control functions, such as the BIOS under DOS, to perform the instructions sent by the server SMA to the workstation.
- the workstation NIC address is sent to the server for verification (step 43). If the NIC address is not in the ACL-DB (step 45), the connection to the network is cut, otherwise an attempt is made to connect the workstation to the network (step 47) and, if successful, workstation files are updated (step 49) . Otherwise, the attempt to initiate the network connection is repeated (step 41) .
- step 49 the server sends any required workstation updates to the client and performs any assigned tasks under control from the SMA.
- any processes programmed in the PROM are executed and acknowledged. This process execution and acknowledgment is accomplished by the firmware under instruction from the server SMA.
- the server and client communicate directly with workstation hardware and firmware at a level below the normal operating system, thus providing a sterile, controlled operating environment.
- control is returned to the workstation boot process (step 53) and the normal boot process is completed (step 55 of Figure 3a) .
- the foregoing functionality set forth in steps 39 and 41 is performed by file handler 27a and 27b, while the functionality set forth in steps 43, 45, 47, 49, 51 and 53 is performed by network services 27c and executable services engine 23.
- the workstation can execute any instructions sent by the SMA, exit from control of the firmware and commence normal boot . Any changes made during the pre-boot process by the SMA are reflected immediately at the workstation.
- the firmware 19a and 19b is implemented on a read only memory (ROM) such as a 256K PROM 61.
- ROM read only memory
- 2K (or larger) EE-PROM or RAM 63 which functions as a workstation configuration memory which is set up by the user when the workstation is first set or when additional hardware is added.
- the only information which needs to be stored in this memory is the address of the network driver program on the workstation disk drive or other storage medium which is needed to communicate with other devices on the network.
- an address decoder with page control 65 is also necessary.
- the address decoder logic provides a shared memory paging mechanism.
- the address decoder logic is needed to page the ROM address space into the 8K page accessible to the workstation CPU.
- the address decoder functionality is provided using an ASIC.
- preboot functionality which could be programmed into the firmware are checking to insure that the client is running only the most current versions of application software, the most current databases for virus scanners are available to the client and that the correct boot files are in place on the client. If errors are found during the preboot process, the PROM programming could provide the appropriate updates from the server files.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/101,837 US5444850A (en) | 1993-08-04 | 1993-08-04 | Method and apparatus for controlling network and workstation access prior to workstation boot |
PCT/US1994/012222 WO1996013002A1 (en) | 1993-08-04 | 1994-10-24 | Method and apparatus for controlling network and workstation access prior to workstation boot |
Publications (2)
Publication Number | Publication Date |
---|---|
EP0791195A1 true EP0791195A1 (de) | 1997-08-27 |
EP0791195A4 EP0791195A4 (de) | 1998-05-20 |
Family
ID=26788479
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP95901043A Withdrawn EP0791195A4 (de) | 1993-08-04 | 1994-10-24 | Verfahren und apparat zum steuern des zugangs zum netzwerk und zu arbeitsplatzcomputern vor dem hochstarten des arbeitsplatzcomputers |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP0791195A4 (de) |
JP (1) | JPH10511783A (de) |
AU (1) | AU1042895A (de) |
WO (1) | WO1996013002A1 (de) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6138236A (en) * | 1996-07-01 | 2000-10-24 | Sun Microsystems, Inc. | Method and apparatus for firmware authentication |
US6463537B1 (en) * | 1999-01-04 | 2002-10-08 | Codex Technologies, Inc. | Modified computer motherboard security and identification system |
US7395324B1 (en) | 1999-10-18 | 2008-07-01 | Wnf Consulting | Method and apparatus for maintaining a computer system |
JP3714119B2 (ja) | 2000-06-13 | 2005-11-09 | 日本電気株式会社 | Biosプリブート環境を利用したユーザ認証型ネットワークosブート方法及びシステム |
KR20020090726A (ko) * | 2001-05-29 | 2002-12-05 | 주식회사 네이버월드 | Bios와 네트워크 부팅을 원칩화 한 셋탑박스의네트워크 시스템 및 정보 교환방법 |
DE10336404B3 (de) * | 2003-08-06 | 2005-05-04 | Adams, Michael | Überwachungseinrichtung für Datenverarbeitungsanlagen |
JP2007531125A (ja) * | 2004-03-26 | 2007-11-01 | アブソリュート ソフトウエア コーポレイション | 永続性サービス提供エージェント |
JP4604543B2 (ja) | 2004-04-30 | 2011-01-05 | 日本電気株式会社 | 計算機、計算機起動方法、管理サーバ装置およびプログラム |
WO2006102399A1 (en) * | 2005-03-18 | 2006-09-28 | Absolute Software Corporation | Persistent servicing agent |
US8418226B2 (en) | 2005-03-18 | 2013-04-09 | Absolute Software Corporation | Persistent servicing agent |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5012514A (en) * | 1990-06-26 | 1991-04-30 | Paul Renton | Hard drive security system |
EP0449242A2 (de) * | 1990-03-28 | 1991-10-02 | National Semiconductor Corporation | Verfahren und Struktur zum Verschaffen von Rechnersicherheit und Vorbeugung gegen Virus |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4590557A (en) * | 1983-09-12 | 1986-05-20 | Pitney Bowes Inc. | Method and apparatus for controlling software configurations in data processing systems |
US4982430A (en) * | 1985-04-24 | 1991-01-01 | General Instrument Corporation | Bootstrap channel security arrangement for communication network |
US5146568A (en) * | 1988-09-06 | 1992-09-08 | Digital Equipment Corporation | Remote bootstrapping a node over communication link by initially requesting remote storage access program which emulates local disk to load other programs |
US5247659A (en) * | 1988-10-06 | 1993-09-21 | International Computers Limited | Method for bootstrap loading in a data processing system comprising searching a plurality of program source devices for a bootstrap program if initial data indicating a bootstrap program source device fails a validity check |
US5121345A (en) * | 1988-11-03 | 1992-06-09 | Lentz Stephen A | System and method for protecting integrity of computer data and software |
US5138712A (en) * | 1989-10-02 | 1992-08-11 | Sun Microsystems, Inc. | Apparatus and method for licensing software on a network of computers |
US5073933A (en) * | 1989-12-01 | 1991-12-17 | Sun Microsystems, Inc. | X window security system |
US5261104A (en) * | 1990-03-22 | 1993-11-09 | International Business Machines | Flexible computer initialization |
US5325529A (en) * | 1990-05-18 | 1994-06-28 | Compaq Computer Corporation | External boot information loading of a personal computer |
US5237690A (en) * | 1990-07-06 | 1993-08-17 | International Business Machines Corporation | System for testing adaptor card upon power up and having disablement, enablement, and reconfiguration options |
US5204897A (en) * | 1991-06-28 | 1993-04-20 | Digital Equipment Corporation | Management interface for license management system |
US5276863A (en) * | 1991-06-28 | 1994-01-04 | Digital Equipment Corporation | Computer system console |
US5325532A (en) * | 1992-09-25 | 1994-06-28 | Compaq Computer Corporation | Automatic development of operating system boot image |
-
1994
- 1994-10-24 EP EP95901043A patent/EP0791195A4/de not_active Withdrawn
- 1994-10-24 JP JP8513861A patent/JPH10511783A/ja active Pending
- 1994-10-24 AU AU10428/95A patent/AU1042895A/en not_active Abandoned
- 1994-10-24 WO PCT/US1994/012222 patent/WO1996013002A1/en not_active Application Discontinuation
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0449242A2 (de) * | 1990-03-28 | 1991-10-02 | National Semiconductor Corporation | Verfahren und Struktur zum Verschaffen von Rechnersicherheit und Vorbeugung gegen Virus |
US5012514A (en) * | 1990-06-26 | 1991-04-30 | Paul Renton | Hard drive security system |
Non-Patent Citations (3)
Title |
---|
"INITIALIZATION CODE EXECUTED AFTER POST AND BEFORE THE OPERATING SYSTEM GETS CONTROL" IBM TECHNICAL DISCLOSURE BULLETIN, vol. 32, no. 9A, February 1990, ARMONK, NY, US, pages 407-408, XP000083123 * |
SCOTT P E ET AL: "BOOT MECHANISM FOR DISCLESS HP-UX" HEWLETT-PACKARD JOURNAL, vol. 39, no. 5, October 1988, PALO ALTO, CA, US, pages 33-36, XP000051592 * |
See also references of WO9613002A1 * |
Also Published As
Publication number | Publication date |
---|---|
EP0791195A4 (de) | 1998-05-20 |
JPH10511783A (ja) | 1998-11-10 |
WO1996013002A1 (en) | 1996-05-02 |
AU1042895A (en) | 1996-05-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5444850A (en) | Method and apparatus for controlling network and workstation access prior to workstation boot | |
US9792441B2 (en) | Portable desktop device and method of host computer system hardware recognition and configuration | |
US8201239B2 (en) | Extensible pre-boot authentication | |
US6266809B1 (en) | Methods, systems and computer program products for secure firmware updates | |
US5768504A (en) | Method and apparatus for a system wide logan in a distributed computing environment | |
US6108779A (en) | Server and computer network that permit a client to be easily introduced into the computer network | |
US6442695B1 (en) | Establishment of user home directories in a heterogeneous network environment | |
US7120684B2 (en) | Method and system for central management of a computer network | |
US8332490B2 (en) | Method, apparatus and program product for provisioning a computer system | |
US8245022B2 (en) | Method and system to support ISCSI boot through management controllers | |
JP2000330954A (ja) | 分散データ処理システム内のクライアント・コンピュータを管理するための方法及び装置 | |
US11269655B2 (en) | Bare metal device management | |
KR20130058058A (ko) | 서비스 프로세서 컴플렉스 내의 데이터 저장을 위한 요구 기반 usb 프록시 | |
JP2000215168A (ja) | コンピュ―タ・ネットワ―ク内のサ―ビスを管理するためのマネジメント・コンソ―ル・プログラム内の認証及びアクセス・コントロ―ル | |
KR20050054818A (ko) | 보안관련 프로그래밍 인터페이스 | |
US20210326196A1 (en) | A remediation system to prevent incompatible program module installation in an information processing system | |
US20030208573A1 (en) | Remote execution of software using windows management instrumentation | |
US20040177265A1 (en) | Providing security based on a device identifier prior to booting an operating system | |
EP0791195A1 (de) | Verfahren und apparat zum steuern des zugangs zum netzwerk und zu arbeitsplatzcomputern vor dem hochstarten des arbeitsplatzcomputers | |
CN1834912A (zh) | 用于可扩展互联网引擎的iSCSI引导驱动系统及方法 | |
US11714659B2 (en) | Device provisioning with manufacturer boot environment | |
US11861011B2 (en) | Secure boot process | |
US20240005021A1 (en) | Virtualizing secure storage of a baseboard management controller to a host computing device | |
JP2011150499A (ja) | シンクライアントシステム、シンクライアント端末およびシンクライアントプログラム | |
US7350065B2 (en) | Method, apparatus and program storage device for providing a remote power reset at a remote server through a network connection |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 19970522 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE CH DE DK ES FR GB GR IE IT LI LU MC NL PT SE |
|
A4 | Supplementary search report drawn up and despatched |
Effective date: 19980402 |
|
AK | Designated contracting states |
Kind code of ref document: A4 Designated state(s): AT BE CH DE DK ES FR GB GR IE IT LI LU MC NL PT SE |
|
17Q | First examination report despatched |
Effective date: 19990108 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20000503 |