US20120272340A1 - Securing wakeup network events - Google Patents

Securing wakeup network events Download PDF

Info

Publication number
US20120272340A1
US20120272340A1 US13/539,740 US201213539740A US2012272340A1 US 20120272340 A1 US20120272340 A1 US 20120272340A1 US 201213539740 A US201213539740 A US 201213539740A US 2012272340 A1 US2012272340 A1 US 2012272340A1
Authority
US
United States
Prior art keywords
remote
password
remote console
circuit card
wake
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US13/539,740
Inventor
Avigdor Eldar
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to US13/539,740 priority Critical patent/US20120272340A1/en
Publication of US20120272340A1 publication Critical patent/US20120272340A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/12Arrangements for remote connection or disconnection of substations or of equipment thereof
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Definitions

  • Embodiments of this invention relate to securing wakeup network events.
  • Wake-on LAN local area network
  • WOL wake-on wireless LAN systems
  • a wake-enabled network controller may have a constant power source to boot up to receive packets, and to decode packets to determine if they are wake-up packets.
  • wake-up packets may be identified by a wake-up pattern, where the wake-up pattern may comprise a pre-defined pattern of bytes, followed by sixteen repeats of the system's MAC (media access control) address, for example.
  • MAC media access control
  • this may be followed by a password.
  • the password may be user-determined, and may be programmed into a network controller.
  • the password may be 4, 6, or 16 bytes, for example, and the network controller may be further programmed to accept combinations of the password.
  • FIG. 1 illustrates a system according to an embodiment.
  • FIG. 3 illustrates a detailed system according to an embodiment.
  • FIG. 4 is a flowchart illustrating a method according to an embodiment.
  • FIG. 5 is a flowchart illustrating another method according to an embodiment.
  • System 100 may comprise one or more processors 102 (only one shown).
  • a “processor” as discussed herein relates to a combination of hardware and software resources for accomplishing computational tasks.
  • a processor may comprise a system memory and processing circuitry (e.g., a central processing unit (CPU) or microcontroller) to execute machine-readable instructions for processing data according to a predefined instruction set.
  • a processor may comprise just the processing circuitry (e.g., CPU).
  • Another example of a processor is a computational engine that may be comprised in a multi-core processor, for example, where the operating system may perceive the computational engine as a discrete processor with a full set of execution resources.
  • these are merely examples of processor and embodiments of the present invention are not limited in this respect.
  • System 100 may additionally comprise memory 104 .
  • Memory 104 may store machine-executable instructions 132 that are capable of being executed, and/or data capable of being accessed, operated upon, and/or manipulated.
  • Machine-executable” instructions as referred to herein relate to expressions which may be understood by one or more machines for performing one or more logical operations.
  • machine-executable instructions may comprise instructions which are interpretable by a processor compiler for executing one or more operations on one or more data objects.
  • Memory 104 may, for example, comprise read only, mass storage, random access computer-accessible memory, and/or one or more other types of machine-accessible memories.
  • Chipset 108 may comprise one or more integrated circuit chips, such as those selected from integrated circuit chipsets commercially available from Intel® Corporation (e.g., graphics, memory, and I/O controller hub chipsets), although other one or more integrated circuit chips may also, or alternatively, be used. According to an embodiment, chipset 108 may comprise an input/output control hub (ICH), and a memory control hub (MCH), although embodiments of the invention are not limited by this. Chipset 108 may comprise a host bridge/hub system that may couple processor 102 A, 102 B, . . . , 102 N, and host memory 104 to each other and to local bus 106 . Chipset 108 may communicate with memory 104 via memory bus 112 and with host processor 102 via system bus 110 . In alternative embodiments, host processor 102 and host memory 104 may be coupled directly to bus 106 , rather than via chipset 108 .
  • ICH input/output control hub
  • MCH memory control hub
  • Local bus 106 may be coupled to a circuit card slot 120 having a bus connector (not shown).
  • Local bus 106 may comprise a bus that complies with the Peripheral Component Interconnect (PCI) Local Bus Specification, Revision 3.0, Feb. 3, 2004 available from the PCI Special Interest Group, Portland, Oreg., U.S.A. (hereinafter referred to as a “PCI bus”).
  • PCI bus Peripheral Component Interconnect
  • bus 106 may comprise a bus that complies with the PCI ExpressTM Base Specification, Revision 1.1, Mar. 28, 2005 also available from the PCI Special Interest Group (hereinafter referred to as a “PCI Express bus”).
  • Bus 106 may comprise other types and configurations of bus systems.
  • System 100 may additionally comprise one or more network controllers 126 (only one shown).
  • a “network controller” as referred to herein relates to a device which may be coupled to a communication medium to transmit data to and/or receive data from other devices coupled to the communication medium, i.e., to send and receive network traffic.
  • a network controller may transmit packets 140 to and/or receive packets 140 from devices coupled to a network such as a local area network.
  • a “packet” means a sequence of one or more symbols and/or values that may be encoded by one or more signals transmitted from at least one sender to at least one receiver.
  • Such a network controller 126 may communicate with other devices according to any one of several data communication formats such as, for example, communication formats according to versions of IEEE (Institute of Electrical and Electronics Engineers) Std. 802.3 (CSMA/CD Access Method, 2002 Edition); IEEE Std. 802.11 (LAN/MAN Wireless LANS, 1999 Edition), IEEE Std. 802.16 (2003 and 2004 Editions, LAN/MAN Broadband Wireless LANS), Universal Serial Bus, Firewire, asynchronous transfer mode (ATM), synchronous optical network (SONET) or synchronous digital hierarchy (SDH) standards.
  • IEEE Institute of Electrical and Electronics Engineers
  • Std. 802.3 CSMA/CD Access Method, 2002 Edition
  • IEEE Std. 802.11 LAN/MAN Wireless LANS, 1999 Edition
  • IEEE Std. 802.16 2003 and 2004 Editions, LAN/MAN Broadband Wireless LANS
  • Universal Serial Bus Firewire
  • ATM asynchronous transfer mode
  • SONET synchronous optical network
  • SDH synchronous digital hierarchy
  • network controller 126 may be comprised on system motherboard 118 . Rather than reside on motherboard 118 , network controller 126 may be integrated onto chipset 108 . Still alternatively, network controller 126 may be comprised in a circuit card 128 (e.g., NIC or network interface card) that may be inserted into circuit card slot 120 .
  • Circuit card slot 120 may comprise, for example, a PCI expansion slot that comprises a PCI bus connector (not shown).
  • PCI bus connector (not shown) may be electrically and mechanically mated with a PCI bus connector (not shown) that is comprised in circuit card 128 .
  • Circuit card slot 120 and circuit card 128 may be constructed to permit circuit card 128 to be inserted into circuit card slot 120 .
  • System may comprise logic 130 .
  • Logic 130 may comprise hardware, software, or a combination of hardware and software (e.g., firmware).
  • logic 130 may comprise circuitry (i.e., one or more circuits), to perform operations described herein.
  • logic 130 may comprise one or more digital circuits, one or more analog circuits, one or more state machines, programmable logic, and/or one or more ASIC's (Application-Specific Integrated Circuits).
  • Logic 130 may be hardwired to perform the one or more operations.
  • logic 130 may be embodied in machine-executable instructions 132 stored in a memory, such as memory 104 , to perform these operations.
  • logic 130 may be embodied in firmware.
  • Logic may be comprised in various components of system 100 , including network controller 126 , chipset 108 , processor 102 , and/or on motherboard 118 .
  • Logic 130 may be used to perform various functions by various components as described herein.
  • System 100 may comprise more than one, and other types of memories, buses, processors, and network controllers.
  • system 100 may comprise a plurality of processors, where each processor may be a coprocessor.
  • Processor 102 , memory 104 , and busses 106 , 110 , 112 may be comprised in a single circuit board, such as, for example, a system motherboard 118 , but embodiments of the invention are not limited in this respect.
  • FIG. 2 illustrates a network 200 in which embodiments of the invention may operate.
  • Network 200 may comprise a plurality of nodes 202 A, . . . 202 N, where each of nodes 202 A, . . . , 202 N may be communicatively coupled together via a communication medium 204 .
  • Nodes 202 A . . . 202 N may transmit and receive sets of one or more signals via medium 204 that may encode one or more packets.
  • Communication medium 104 may comprise, for example, one or more optical and/or electrical cables, although many alternatives are possible.
  • communication medium 104 may comprise air and/or vacuum, through which nodes 202 A . . . 202 N may wirelessly transmit and/or receive sets of one or more signals.
  • one or more of the nodes 202 A . . . 202 N may comprise one or more intermediate stations, such as, for example, one or more hubs, switches, and/or routers; additionally or alternatively, one or more of the nodes 202 A . . . 202 N may comprise one or more end stations. Also additionally or alternatively, network 200 may comprise one or more not shown intermediate stations, and medium 204 may communicatively couple together at least some of the nodes 202 A . . . 202 N and one or more of these intermediate stations. Of course, many alternatives are possible.
  • FIG. 3 illustrates a system 300 according to at least one embodiment of the invention.
  • system may additionally comprise operating system 302 , embedded firmware (“embedded FW”) 304 , and wake list 306 .
  • Memory 104 may host operating system 302 .
  • Operating system 302 may manage system resources and control tasks that are run on system 100 .
  • Operating system 302 may comprise any one of a number of operating systems including but not limited to, for example, Microsoft® Windows®.
  • Embedded firmware 304 may be used to enable a management console, for example, to perform manageability functions on a client system, for example, remotely.
  • Manageability functions may comprise, for example, software updates/upgrades, running system diagnostics, and asset management.
  • embedded firmware 304 may enable out-of-band manageability of system 100 .
  • Out-of-band manageability refers to the ability to manage a system regardless of the state of the operating system or system power.
  • Wake-list 306 may comprise a plurality of dynamically modifiable passwords to which network controller 126 may wake system 100 in an embodiment.
  • FIG. 4 illustrates a method according to one embodiment of the invention.
  • the method of FIG. 4 begins at block 400 and continues to block 402 where the method may comprise receiving a packet having a wake-up pattern.
  • a wake-up pattern may be identified by pre-defined content that flags the packet as a wake-up packet.
  • the wake-up packet may be sent by a management console for the purpose of waking up a client system, e.g., system 100 , to enable manageability functions to be performed remotely.
  • system 100 may comprise a wake-enabled system in which the motherboard 118 and network controller 126 are configured to enable WOL functionality (e.g., correct BIOS (Basic Input/Output System) settings, an active network controller dependent of system power).
  • BIOS Basic Input/Output System
  • system 100 may transition from sleep mode to wake mode in accordance with the ACPI (Advanced Configuration and Power Interface) Specification, Rev. 3.0, dated Sep. 2, 2004.
  • ACPI Advanced Configuration and Power Interface
  • a system can transition between power states S 5 , S 4 , S 3 , S 2 , S 1 , and S 0 .
  • S 0 refers to the running state where the system 100 is fully powered.
  • States S 1 -S 5 refer to low power states (e.g., suspend state, hibernate, shutdown).
  • the method may comprise waking up if the wake-up pattern corresponds to one of a number (e.g., 1 or more) of dynamically modifiable passwords on a pattern wake list, each of the dynamically modifiable passwords being based, at least in part, on a seed value.
  • network controller 126 may determine if the wake-up pattern corresponds to one of the dynamically modifiable passwords in its pattern wake list 306 . If the wake-up pattern corresponds to one of the dynamically modifiable passwords in its pattern wake list 306 , then network controller 126 may wake system 100 . If wake-up pattern does not correspond to one of the dynamically modifiable passwords in its pattern wake list 306 , then in an embodiment, the wake-up pattern is assumed to be sent from an untrusted source, and system 100 is not awakened.
  • embedded firmware 304 may program network controller 126 with the pattern wake list.
  • network controller 126 may be programmed by operating system 302 .
  • network controller 126 may wake up system 100 by waking up embedded firmware 304 .
  • a seed value refers to a secret value.
  • a seed value may be generated by, for example, a management console.
  • the management console may share the seed value with the client system.
  • the management console and the client system may share a function for generating dynamically modifiable passwords based, at least in part, on the seed value.
  • a dynamically modifiable password refers to a password that may be dynamically modified. Since both management console and client system know the seed value and function, both may dynamically modify passwords using the seed value. In an embodiment, modification of passwords may prevent third parties (e.g., malicious attackers, eaves droppers) from reusing and/or from guessing passwords.
  • the pattern wake list 306 may comprise a single dynamically modifiable password that is valid for a specified period of time, T.
  • network controller 126 may be programmed to wake up system 100 if a wake-up pattern corresponds to the single dynamically modifiable password, and the wake-up pattern is received within time period T. Further in this embodiment, network controller 126 may be reprogrammed every T period to change the dynamically modifiable password. Furthermore, T may be defined to allow an acceptable number of replay wake-ups.
  • the dynamically modifiable password may comprise, for example, a one-way hash function of the seed value and a current time value.
  • the pattern wake list may comprise one or more dynamically modifiable passwords based, at least in part, on a sequence of patterns.
  • the function may be determined such that the function generates a sequence of patterns. That is, pattern L N will be followed by pattern L N+1 , and pattern L N+1 will be followed by pattern L N+2 , etc.
  • both management console and client system may generate one or more dynamically modifiable passwords, L N , L N+1 , LN +2 , . . . , L N+j , based, at least in part, on the seed value and known function, where the dynamically modifiable passwords L N , L N+1 , L N+2 , . . . , L N+j follow a sequence of patterns.
  • Embedded firmware 304 may generate pattern wake list 306 , where pattern wake list 306 comprises a single dynamically modifiable password in the sequence of patterns, where the single wake-up pattern may comprise the subsequent expected pattern in the sequence.
  • pattern wake list 306 comprises a single dynamically modifiable password in the sequence of patterns
  • the single wake-up pattern may comprise the subsequent expected pattern in the sequence.
  • network controller 126 may wake up system 100 (or embedded firmware 304 ) upon receiving wake-up pattern comprising L N+1 .
  • Embedded firmware 304 may, alternatively, generate pattern wake list 306 , where pattern wake list 306 comprises a plurality of dynamically modifiable passwords in the sequence, where the plurality of dynamically modifiable passwords may comprise a plurality of subsequent expected patterns in the sequence.
  • pattern wake list 306 comprises a plurality of dynamically modifiable passwords in the sequence
  • the plurality of dynamically modifiable passwords may comprise a plurality of subsequent expected patterns in the sequence.
  • a plurality of subsequent expected wake-up pattern comprises L N+ , . . . , L N+X , where X may be the maximum number of wake-up patterns supported by network controller 126 .
  • network controller 126 may wake up system 100 (or embedded firmware 304 ) upon receiving wake-up pattern comprising L +1 , . . . , L N+X .
  • a management console may resend a packet with a different wake-up pattern (e.g., subsequent pattern in the sequence) and still be able to wake up the client system. This may be done up to X times.
  • the dynamically modifiable passwords may be valid for a pre-determined period of time, T.
  • pattern wake list 306 may be modified by recalculating dynamically modifiable passwords every time period, T. For example, every T period, embedded firmware 304 may wake up and compute new dynamically modifiable passwords based on the updated time value, reprogram network controller 126 with the new pattern wake list 306 , and then return to sleep state.
  • Pattern_Wake_List a pattern wake list 306 having a plurality of dynamically modifiable passwords in the sequence, where the passwords are valid for a predetermined period of time:
  • Set SIZE to number of wake-up patterns supported by network controller 126 , for example.
  • TimeCounter may be based on a granularity value (e.g., 1 day, or 10 minutes), and its value will ensure a different dynamically modifiable password sequence for each time period. For example, if the level of granularity is 1 day, then TimeCounter may be sent to equal the number of days since 1970 (or some arbitrary year, for example).
  • a granularity value e.g. 1 day, or 10 minutes
  • Pattern_Wake_List[Index] CalculatePattern[Index, Seed, TimeCounter];
  • the method may end at block 406 .
  • FIG. 5 illustrates another method according to an embodiment of the invention.
  • the method of FIG. 5 begins at block 500 and continues to block 502 where the method may comprise receiving a seed value.
  • the seed value may be generated by a management console, and then shared with a client system.
  • Embedded firmware 304 on client system, such as system 100 may receive the seed value.
  • the method may comprise generating a pattern wake list, the pattern wake list comprising a number of dynamically modifiable passwords based, at least in part, on the seed value.
  • Management console and client system e.g., embedded firmware 304
  • the method may comprise in response to a packet having a wake-up pattern being received, receiving a wake-up signal if the wake-up pattern corresponds to one of the number of dynamically modifiable passwords on the pattern wake list. If the packet comprises a wake-up pattern, network controller 126 may determine if the wake-up pattern corresponds to one of the dynamically modifiable passwords. This may be done in any of the manners described above. If the wake-up pattern corresponds to one of the dynamically modifiable passwords, embedded firmware 304 (or generally, system 100 ) may receive wake-up signal from network controller 126 . In an embodiment, once system 100 is awake, manageability functions may be performed. In an embodiment, waking up system 100 may comprise waking up embedded firmware 304 , where embedded firmware 304 may perform out-of-band manageability as described above.
  • the method ends at block 508 .
  • a method may comprise receiving a packet having a wake-up pattern, and waking up if the wake-up pattern corresponds to one of a number of dynamically modifiable passwords on a pattern wake list, each of the dynamically modifiable passwords being based, at least in part, on a seed value.
  • Embodiments of the invention may secure a client system from wake events by restricting wake events to those that come from a trusted source, such as a management console.
  • a trusted source such as a management console.
  • a dynamically modifiable password based on a seed provided by a trusted source
  • only the trusted source and the target system e.g., client system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Power Sources (AREA)
  • Stored Programmes (AREA)
  • Storage Device Security (AREA)

Abstract

In an embodiment, a method is provided. The method of this embodiment provides receiving a packet having a wake-up pattern, and waking up if the wake-up pattern corresponds to one of a number of dynamically modifiable passwords on a pattern wake list, each of the dynamically modifiable passwords being based, at least in part, on a seed value

Description

    FIELD
  • Embodiments of this invention relate to securing wakeup network events.
    • BACKGROUND
  • Wake-on LAN (local area network) or wake-on wireless LAN systems (“WOL”) is a technology that allows a sleeping computer to be awakened over a network. In a WOL system, a wake-enabled network controller may have a constant power source to boot up to receive packets, and to decode packets to determine if they are wake-up packets. Furthermore, wake-up packets may be identified by a wake-up pattern, where the wake-up pattern may comprise a pre-defined pattern of bytes, followed by sixteen repeats of the system's MAC (media access control) address, for example. Optionally, this may be followed by a password. The password may be user-determined, and may be programmed into a network controller. For example, the password may be 4, 6, or 16 bytes, for example, and the network controller may be further programmed to accept combinations of the password.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • Embodiments of the present invention are illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings and in which like reference numerals refer to similar elements and in which:
  • FIG. 1 illustrates a system according to an embodiment.
  • FIG. 2 illustrates a network according to an embodiment.
  • FIG. 3 illustrates a detailed system according to an embodiment.
  • FIG. 4 is a flowchart illustrating a method according to an embodiment.
  • FIG. 5 is a flowchart illustrating another method according to an embodiment.
    •  DETAILED DESCRIPTION
  • Examples described below are for illustrative purposes only, and are in no way intended to limit embodiments of the invention. Thus, where examples may be described in detail, or where a list of examples may be provided, it should be understood that the examples are not to be construed as exhaustive, and do not limit embodiments of the invention to the examples described and/or illustrated.
  • Methods described herein may be implemented in a system, such as system 100 illustrated in FIG. 1. System 100 may comprise one or more processors 102 (only one shown). A “processor” as discussed herein relates to a combination of hardware and software resources for accomplishing computational tasks. For example, a processor may comprise a system memory and processing circuitry (e.g., a central processing unit (CPU) or microcontroller) to execute machine-readable instructions for processing data according to a predefined instruction set. Alternatively, a processor may comprise just the processing circuitry (e.g., CPU). Another example of a processor is a computational engine that may be comprised in a multi-core processor, for example, where the operating system may perceive the computational engine as a discrete processor with a full set of execution resources. However, these are merely examples of processor and embodiments of the present invention are not limited in this respect.
  • System 100 may additionally comprise memory 104. Memory 104 may store machine-executable instructions 132 that are capable of being executed, and/or data capable of being accessed, operated upon, and/or manipulated. “Machine-executable” instructions as referred to herein relate to expressions which may be understood by one or more machines for performing one or more logical operations. For example, machine-executable instructions may comprise instructions which are interpretable by a processor compiler for executing one or more operations on one or more data objects. However, this is merely an example of machine-executable instructions and embodiments of the present invention are not limited in this respect. Memory 104 may, for example, comprise read only, mass storage, random access computer-accessible memory, and/or one or more other types of machine-accessible memories.
  • Chipset 108 may comprise one or more integrated circuit chips, such as those selected from integrated circuit chipsets commercially available from Intel® Corporation (e.g., graphics, memory, and I/O controller hub chipsets), although other one or more integrated circuit chips may also, or alternatively, be used. According to an embodiment, chipset 108 may comprise an input/output control hub (ICH), and a memory control hub (MCH), although embodiments of the invention are not limited by this. Chipset 108 may comprise a host bridge/hub system that may couple processor 102A, 102B, . . . , 102N, and host memory 104 to each other and to local bus 106. Chipset 108 may communicate with memory 104 via memory bus 112 and with host processor 102 via system bus 110. In alternative embodiments, host processor 102 and host memory 104 may be coupled directly to bus 106, rather than via chipset 108.
  • Local bus 106 may be coupled to a circuit card slot 120 having a bus connector (not shown). Local bus 106 may comprise a bus that complies with the Peripheral Component Interconnect (PCI) Local Bus Specification, Revision 3.0, Feb. 3, 2004 available from the PCI Special Interest Group, Portland, Oreg., U.S.A. (hereinafter referred to as a “PCI bus”). Alternatively, for example, bus 106 may comprise a bus that complies with the PCI Express™ Base Specification, Revision 1.1, Mar. 28, 2005 also available from the PCI Special Interest Group (hereinafter referred to as a “PCI Express bus”). Bus 106 may comprise other types and configurations of bus systems.
  • System 100 may additionally comprise one or more network controllers 126 (only one shown). A “network controller” as referred to herein relates to a device which may be coupled to a communication medium to transmit data to and/or receive data from other devices coupled to the communication medium, i.e., to send and receive network traffic. For example, a network controller may transmit packets 140 to and/or receive packets 140 from devices coupled to a network such as a local area network. As used herein, a “packet” means a sequence of one or more symbols and/or values that may be encoded by one or more signals transmitted from at least one sender to at least one receiver. Such a network controller 126 may communicate with other devices according to any one of several data communication formats such as, for example, communication formats according to versions of IEEE (Institute of Electrical and Electronics Engineers) Std. 802.3 (CSMA/CD Access Method, 2002 Edition); IEEE Std. 802.11 (LAN/MAN Wireless LANS, 1999 Edition), IEEE Std. 802.16 (2003 and 2004 Editions, LAN/MAN Broadband Wireless LANS), Universal Serial Bus, Firewire, asynchronous transfer mode (ATM), synchronous optical network (SONET) or synchronous digital hierarchy (SDH) standards.
  • In an embodiment, network controller 126 may be comprised on system motherboard 118. Rather than reside on motherboard 118, network controller 126 may be integrated onto chipset 108. Still alternatively, network controller 126 may be comprised in a circuit card 128 (e.g., NIC or network interface card) that may be inserted into circuit card slot 120. Circuit card slot 120 may comprise, for example, a PCI expansion slot that comprises a PCI bus connector (not shown). PCI bus connector (not shown) may be electrically and mechanically mated with a PCI bus connector (not shown) that is comprised in circuit card 128. Circuit card slot 120 and circuit card 128 may be constructed to permit circuit card 128 to be inserted into circuit card slot 120. When circuit card 128 is inserted into circuit card slot 120, PCI bus connectors (not shown) may become electrically and mechanically coupled to each other. When PCI bus connectors (not shown) are so coupled to each other, logic 130 in circuit card 128 may become electrically coupled to system bus 110.
  • System may comprise logic 130. Logic 130 may comprise hardware, software, or a combination of hardware and software (e.g., firmware). For example, logic 130 may comprise circuitry (i.e., one or more circuits), to perform operations described herein. For example, logic 130 may comprise one or more digital circuits, one or more analog circuits, one or more state machines, programmable logic, and/or one or more ASIC's (Application-Specific Integrated Circuits). Logic 130 may be hardwired to perform the one or more operations. Alternatively or additionally, logic 130 may be embodied in machine-executable instructions 132 stored in a memory, such as memory 104, to perform these operations. Alternatively or additionally, logic 130 may be embodied in firmware. Logic may be comprised in various components of system 100, including network controller 126, chipset 108, processor 102, and/or on motherboard 118. Logic 130 may be used to perform various functions by various components as described herein.
  • System 100 may comprise more than one, and other types of memories, buses, processors, and network controllers. For example, system 100 may comprise a plurality of processors, where each processor may be a coprocessor. Processor 102, memory 104, and busses 106, 110, 112 may be comprised in a single circuit board, such as, for example, a system motherboard 118, but embodiments of the invention are not limited in this respect.
  • FIG. 2 illustrates a network 200 in which embodiments of the invention may operate. Network 200 may comprise a plurality of nodes 202A, . . . 202N, where each of nodes 202A, . . . , 202N may be communicatively coupled together via a communication medium 204. Nodes 202A . . . 202N may transmit and receive sets of one or more signals via medium 204 that may encode one or more packets. Communication medium 104 may comprise, for example, one or more optical and/or electrical cables, although many alternatives are possible. For example, communication medium 104 may comprise air and/or vacuum, through which nodes 202A . . . 202N may wirelessly transmit and/or receive sets of one or more signals.
  • In network 200, one or more of the nodes 202A . . . 202N may comprise one or more intermediate stations, such as, for example, one or more hubs, switches, and/or routers; additionally or alternatively, one or more of the nodes 202A . . . 202N may comprise one or more end stations. Also additionally or alternatively, network 200 may comprise one or more not shown intermediate stations, and medium 204 may communicatively couple together at least some of the nodes 202A . . . 202N and one or more of these intermediate stations. Of course, many alternatives are possible.
  • FIG. 3 illustrates a system 300 according to at least one embodiment of the invention. As illustrated in FIG. 3, system may additionally comprise operating system 302, embedded firmware (“embedded FW”) 304, and wake list 306. Memory 104 may host operating system 302. Operating system 302 may manage system resources and control tasks that are run on system 100. Operating system 302 may comprise any one of a number of operating systems including but not limited to, for example, Microsoft® Windows®. Embedded firmware 304 may be used to enable a management console, for example, to perform manageability functions on a client system, for example, remotely. Manageability functions may comprise, for example, software updates/upgrades, running system diagnostics, and asset management. In an embodiment, embedded firmware 304 may enable out-of-band manageability of system 100. Out-of-band manageability refers to the ability to manage a system regardless of the state of the operating system or system power. Wake-list 306 may comprise a plurality of dynamically modifiable passwords to which network controller 126 may wake system 100 in an embodiment.
  • FIG. 4 illustrates a method according to one embodiment of the invention. The method of FIG. 4 begins at block 400 and continues to block 402 where the method may comprise receiving a packet having a wake-up pattern. A wake-up pattern may be identified by pre-defined content that flags the packet as a wake-up packet. In an embodiment, the wake-up packet may be sent by a management console for the purpose of waking up a client system, e.g., system 100, to enable manageability functions to be performed remotely. In an embodiment, system 100 may comprise a wake-enabled system in which the motherboard 118 and network controller 126 are configured to enable WOL functionality (e.g., correct BIOS (Basic Input/Output System) settings, an active network controller dependent of system power).
  • Furthermore, system 100 may transition from sleep mode to wake mode in accordance with the ACPI (Advanced Configuration and Power Interface) Specification, Rev. 3.0, dated Sep. 2, 2004. Under the ACPI Specification, a system can transition between power states S5, S4, S3, S2, S1, and S0. S0 refers to the running state where the system 100 is fully powered. States S1-S5 refer to low power states (e.g., suspend state, hibernate, shutdown).
  • At block 404, the method may comprise waking up if the wake-up pattern corresponds to one of a number (e.g., 1 or more) of dynamically modifiable passwords on a pattern wake list, each of the dynamically modifiable passwords being based, at least in part, on a seed value. In an embodiment, upon receiving a packet having a wake-up pattern, network controller 126 may determine if the wake-up pattern corresponds to one of the dynamically modifiable passwords in its pattern wake list 306. If the wake-up pattern corresponds to one of the dynamically modifiable passwords in its pattern wake list 306, then network controller 126 may wake system 100. If wake-up pattern does not correspond to one of the dynamically modifiable passwords in its pattern wake list 306, then in an embodiment, the wake-up pattern is assumed to be sent from an untrusted source, and system 100 is not awakened.
  • In an embodiment, embedded firmware 304 may program network controller 126 with the pattern wake list. Alternatively, network controller 126 may be programmed by operating system 302. Furthermore, in an embodiment, network controller 126 may wake up system 100 by waking up embedded firmware 304.
  • A seed value refers to a secret value. In an embodiment, a seed value may be generated by, for example, a management console. During initiation with a client system, such as system 100, the management console may share the seed value with the client system. Additionally, the management console and the client system may share a function for generating dynamically modifiable passwords based, at least in part, on the seed value. A dynamically modifiable password refers to a password that may be dynamically modified. Since both management console and client system know the seed value and function, both may dynamically modify passwords using the seed value. In an embodiment, modification of passwords may prevent third parties (e.g., malicious attackers, eaves droppers) from reusing and/or from guessing passwords.
  • In an embodiment, the pattern wake list 306 may comprise a single dynamically modifiable password that is valid for a specified period of time, T. In this embodiment, network controller 126 may be programmed to wake up system 100 if a wake-up pattern corresponds to the single dynamically modifiable password, and the wake-up pattern is received within time period T. Further in this embodiment, network controller 126 may be reprogrammed every T period to change the dynamically modifiable password. Furthermore, T may be defined to allow an acceptable number of replay wake-ups. In this respect, it may be determined that a replay (e.g., management console may resend a packet) is acceptable if it is received within X minutes of the first transmission of the packet having the same wake-up pattern, but that after that predetermined period, it will be assumed that a third party (e.g., malicious attacker) is trying to send the packet, and the system 100 will not be awakened. In this embodiment, the dynamically modifiable password may comprise, for example, a one-way hash function of the seed value and a current time value.
  • In another embodiment, the pattern wake list may comprise one or more dynamically modifiable passwords based, at least in part, on a sequence of patterns. In this embodiment, the function may be determined such that the function generates a sequence of patterns. That is, pattern LN will be followed by pattern LN+1, and pattern LN+1 will be followed by pattern LN+2, etc. In this embodiment, both management console and client system, for example, may generate one or more dynamically modifiable passwords, LN, LN+1, LN+2, . . . , LN+j, based, at least in part, on the seed value and known function, where the dynamically modifiable passwords LN, LN+1, LN+2, . . . , LN+j follow a sequence of patterns.
  • Embedded firmware 304 may generate pattern wake list 306, where pattern wake list 306 comprises a single dynamically modifiable password in the sequence of patterns, where the single wake-up pattern may comprise the subsequent expected pattern in the sequence. In other words, if network controller 126 previously received wake-up pattern LN, then the subsequent expected wake-up pattern comprises LN+1. In this embodiment, network controller 126 may wake up system 100 (or embedded firmware 304) upon receiving wake-up pattern comprising LN+1.
  • Embedded firmware 304 may, alternatively, generate pattern wake list 306, where pattern wake list 306 comprises a plurality of dynamically modifiable passwords in the sequence, where the plurality of dynamically modifiable passwords may comprise a plurality of subsequent expected patterns in the sequence. In other words, if network controller 126 previously received wake-up pattern LN, then a plurality of subsequent expected wake-up pattern comprises LN+, . . . , LN+X, where X may be the maximum number of wake-up patterns supported by network controller 126. In this embodiment, network controller 126 may wake up system 100 (or embedded firmware 304) upon receiving wake-up pattern comprising L+1, . . . , LN+X. In this manner, replays of the same wake-up pattern are not acceptable. However, since there are several dynamically modifiable passwords on a pattern wake list 306, a management console may resend a packet with a different wake-up pattern (e.g., subsequent pattern in the sequence) and still be able to wake up the client system. This may be done up to X times. In this embodiment, upon receipt of a wake-up pattern, pattern wake list 306 may be modified by recalculating the dynamically modifiable passwords. Recalculating the dynamically modifiable passwords may comprise determining a subset of the sequence of dynamically modifiable passwords. For example, this may comprise determining the next X patterns in the sequence. In other words, if X=5, and L9 is received, then pattern wake list 306 may be modified to comprise the next 5 patterns in the sequence, or L10, L11, L12, L13, L14.
  • Further to this embodiment, the dynamically modifiable passwords may be valid for a pre-determined period of time, T. Here, pattern wake list 306 may be modified by recalculating dynamically modifiable passwords every time period, T. For example, every T period, embedded firmware 304 may wake up and compute new dynamically modifiable passwords based on the updated time value, reprogram network controller 126 with the new pattern wake list 306, and then return to sleep state.
  • The following is an example of an algorithm to generate a pattern wake list 306 (Pattern_Wake_List) having a plurality of dynamically modifiable passwords in the sequence, where the passwords are valid for a predetermined period of time:
  • 1. Initiate ID=0; on subsequent iterations, set ID=Index (last received pattern).
  • 2. Set SIZE=to number of wake-up patterns supported by network controller 126, for example.
  • 3. Set TimeCounter, where TimeCounter may be based on a granularity value (e.g., 1 day, or 10 minutes), and its value will ensure a different dynamically modifiable password sequence for each time period. For example, if the level of granularity is 1 day, then TimeCounter may be sent to equal the number of days since 1970 (or some arbitrary year, for example).
  • 4. For Index=(ID+1) to (ID+SIZE):
  • Pattern_Wake_List[Index]=CalculatePattern[Index, Seed, TimeCounter];
  • The method may end at block 406.
  • FIG. 5 illustrates another method according to an embodiment of the invention. The method of FIG. 5 begins at block 500 and continues to block 502 where the method may comprise receiving a seed value. In an embodiment, the seed value may be generated by a management console, and then shared with a client system. Embedded firmware 304 on client system, such as system 100, may receive the seed value.
  • At block 504, the method may comprise generating a pattern wake list, the pattern wake list comprising a number of dynamically modifiable passwords based, at least in part, on the seed value. Management console and client system (e.g., embedded firmware 304) may use seed value to generate a number of dynamically modifiable passwords for pattern wake list 306.
  • At block 506, the method may comprise in response to a packet having a wake-up pattern being received, receiving a wake-up signal if the wake-up pattern corresponds to one of the number of dynamically modifiable passwords on the pattern wake list. If the packet comprises a wake-up pattern, network controller 126 may determine if the wake-up pattern corresponds to one of the dynamically modifiable passwords. This may be done in any of the manners described above. If the wake-up pattern corresponds to one of the dynamically modifiable passwords, embedded firmware 304 (or generally, system 100) may receive wake-up signal from network controller 126. In an embodiment, once system 100 is awake, manageability functions may be performed. In an embodiment, waking up system 100 may comprise waking up embedded firmware 304, where embedded firmware 304 may perform out-of-band manageability as described above.
  • The method ends at block 508.
    • CONCLUSION
  • Therefore, in an embodiment, a method may comprise receiving a packet having a wake-up pattern, and waking up if the wake-up pattern corresponds to one of a number of dynamically modifiable passwords on a pattern wake list, each of the dynamically modifiable passwords being based, at least in part, on a seed value.
  • Embodiments of the invention may secure a client system from wake events by restricting wake events to those that come from a trusted source, such as a management console. By using a dynamically modifiable password based on a seed provided by a trusted source, only the trusted source and the target system (e.g., client system) can generate the dynamically modifiable passwords that will wake up the target system and allow the trusted source to communicate with the target system.
  • In the foregoing specification, the invention has been described with reference to specific embodiments thereof. It will, however, be evident that various modifications and changes may be made to these embodiments without departing therefrom. The specification and drawings are, accordingly, to be regarded in an illustrative rather than a restrictive sense.

Claims (13)

1-33. (canceled)
34. A method comprising:
at least one of the following subparagraphs (a) and (b):
(a) in response to receipt by a circuit card of one or more signals issued from a remote console, transitioning a system from one power state to another power state, the system permitting remote out-of-band management by the remote console, the remote management including remote running of diagnostics and remote performance of software updates on the system, the remote out-of-band management being carried out regardless of which system state the system is in, the circuit card to be inserted into a circuit card slot comprised in the system, the system to receive from the remote console at least one password prior to the transitioning, the at least one password being modifiable at the remote console, the at least one password to be valid for a time period specified at the remote console; and
(b) issuing by the remote console the one or more signals and the at least one password.
35. The method of claim 34, wherein:
the password is dynamically modifiable based upon a secret value generated at the remote console.
36. The method of claim 34, wherein:
the circuit card is programmable by the remote console to change the time period.
37. The method of claim 34, wherein:
the circuit card is programmable by the remote console to accept the at least one password only a number of times specified by the remote console.
38. An article of manufacture storing instructions that, when executed by a machine, result in operations comprising:
at least one of the following subparagraphs (a) and (b):
(a) in response to receipt by a circuit card of one or more signals issued from a remote console, transitioning a system from one power state to another power state, the system permitting remote out-of-band management by the remote console, the remote management including remote running of diagnostics and remote performance of software updates on the system, the remote out-of-band management being carried out regardless of which system state the system is in, the circuit card to be inserted into a circuit card slot comprised in the system, the system to receive from the remote console at least one password prior to the transitioning, the at least one password being modifiable at the remote console, the at least one password to be valid for a time period specified at the remote console; and
(b) issuing by the remote console the one or more signals and the at least one password.
39. The article of manufacture of claim 38, wherein:
the password is dynamically modifiable based upon a secret value generated at the remote console.
40. The article of manufacture of claim 38, wherein:
the circuit card is programmable by the remote console to change the time period.
41. The article of manufacture of claim 38, wherein:
the circuit card is programmable by the remote console to accept the at least one password only a number of times specified by the remote console.
42. An apparatus comprising:
at least one of:
(a) a circuit card to be inserted into a circuit card slot comprised in a system, the circuit card being to initiate, in response to receipt by the circuit card of one or more signals issued from a remote console, transitioning of the system from one power state to another power state, the system to permit remote out-of-band management by the remote console, the remote management including remote running of diagnostics and remote performance of software updates on the system, the remote out-of-band management to be carried out regardless of which system state the system is in, the system to receive from the remote console at least one password prior to the transitioning, the at least one password being modifiable at the remote console, the at least one password to be valid for a time period specified at the remote console; and
(b) the remote console to issue the one or more signals and the at least one password.
43. The apparatus of claim 42, wherein:
the password is dynamically modifiable based upon a secret value generated at the remote console.
44. The apparatus of claim 42, wherein:
the circuit card is programmable by the remote console to change the time period.
45. The apparatus of claim 42, wherein:
the circuit card is programmable by the remote console to accept the at least one password only a number of times specified by the remote console.
US13/539,740 2006-03-30 2012-07-02 Securing wakeup network events Abandoned US20120272340A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US13/539,740 US20120272340A1 (en) 2006-03-30 2012-07-02 Securing wakeup network events

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US11/395,471 US7779451B2 (en) 2006-03-30 2006-03-30 Securing wakeup network events
US12/831,868 US8214914B2 (en) 2006-03-30 2010-07-07 Securing wakeup network events
US13/539,740 US20120272340A1 (en) 2006-03-30 2012-07-02 Securing wakeup network events

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US12/831,868 Continuation US8214914B2 (en) 2006-03-30 2010-07-07 Securing wakeup network events

Publications (1)

Publication Number Publication Date
US20120272340A1 true US20120272340A1 (en) 2012-10-25

Family

ID=38561102

Family Applications (3)

Application Number Title Priority Date Filing Date
US11/395,471 Active 2028-12-07 US7779451B2 (en) 2006-03-30 2006-03-30 Securing wakeup network events
US12/831,868 Active 2026-07-28 US8214914B2 (en) 2006-03-30 2010-07-07 Securing wakeup network events
US13/539,740 Abandoned US20120272340A1 (en) 2006-03-30 2012-07-02 Securing wakeup network events

Family Applications Before (2)

Application Number Title Priority Date Filing Date
US11/395,471 Active 2028-12-07 US7779451B2 (en) 2006-03-30 2006-03-30 Securing wakeup network events
US12/831,868 Active 2026-07-28 US8214914B2 (en) 2006-03-30 2010-07-07 Securing wakeup network events

Country Status (1)

Country Link
US (3) US7779451B2 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103516527A (en) * 2012-06-25 2014-01-15 华擎科技股份有限公司 Method and system for remotely starting host and electronic device
US20140359167A1 (en) * 2013-05-29 2014-12-04 Microsoft Corporation Pattern coalescing for remote wake-enabled applications
CN106301712A (en) * 2015-06-05 2017-01-04 国民技术股份有限公司 A kind of synchronized communication method and application apparatus, system
CN108352993A (en) * 2015-11-10 2018-07-31 大众汽车有限公司 The method of industry ethernet, control device and the control device for waking up industry ethernet

Families Citing this family (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7779451B2 (en) * 2006-03-30 2010-08-17 Intel Corporation Securing wakeup network events
GB0609426D0 (en) * 2006-05-12 2006-06-21 Univ Edinburgh A low power media access control protocol
US8576758B2 (en) * 2006-09-29 2013-11-05 Lenovo (Beijing) Limited Remote wake-up system, WWAM module and terminal
US8607058B2 (en) 2006-09-29 2013-12-10 Intel Corporation Port access control in a shared link environment
US20080132279A1 (en) * 2006-12-04 2008-06-05 Blumenthal Steven H Unlicensed mobile access
US9319225B2 (en) 2007-01-16 2016-04-19 Microsoft Technology Licensing, Llc Remote device waking using a multicast packet
US8756493B2 (en) * 2010-01-07 2014-06-17 Neopost Technologies System and method for generating web pages
US20110167332A1 (en) * 2010-01-07 2011-07-07 Neopost Technologies System and Method for Generating Web Pages
US9049660B2 (en) 2011-09-09 2015-06-02 Microsoft Technology Licensing, Llc Wake pattern management
US8806250B2 (en) 2011-09-09 2014-08-12 Microsoft Corporation Operating system management of network interface devices
US8892710B2 (en) 2011-09-09 2014-11-18 Microsoft Corporation Keep alive management
CN102801531B (en) * 2012-09-04 2015-03-04 飞天诚信科技股份有限公司 Working method of dynamic password based on sound transmission
US20160077573A1 (en) * 2014-09-16 2016-03-17 Samsung Electronics Co., Ltd. Transmission apparatus and reception apparatus for transmission and reception of wake-up packet, and wake-up system and method
WO2016068848A1 (en) 2014-10-27 2016-05-06 Hewlett Packard Development Company, L.P. Disregarding input in wake-on-lan boot
CN104394145B (en) * 2014-11-25 2015-09-23 飞天诚信科技股份有限公司 A kind of dynamic token and method of work thereof with journal function
US9842205B2 (en) 2015-03-30 2017-12-12 At&T Intellectual Property I, L.P. Time-varying passwords for user authentication
KR20160123149A (en) * 2015-04-15 2016-10-25 삼성전자주식회사 Electronic apparatus, wake-up apparatus for turning on the electronic apparatus, wake-up system and control method thereof
US9710045B2 (en) * 2015-10-14 2017-07-18 Quanta Computer Inc. Managing network wake-up commands
US10540492B1 (en) 2016-04-30 2020-01-21 Forbes Holten Norris, III Password pattern recognition authentication method
US10788879B2 (en) * 2016-09-13 2020-09-29 M2 MD Technologies Inc. Method and system for for low power internetwork communication with machine devices
CN107317687B (en) * 2017-06-21 2021-03-09 西安万像电子科技有限公司 Remote control method, equipment and system
WO2019096672A1 (en) * 2017-11-15 2019-05-23 Sony Corporation Telecommunications apparatus and methods
CN111416719B (en) * 2019-01-04 2022-09-16 佛山市顺德区顺达电脑厂有限公司 Server device capable of waking up through network and method thereof

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6101608A (en) * 1997-02-20 2000-08-08 Compaq Computer Corporation Method and apparatus for secure remote wake-up of a computer over a network
US20020166084A1 (en) * 2001-05-03 2002-11-07 Raynham Michael B. Wireless server diagnostic system and method
US20040019804A1 (en) * 2002-07-24 2004-01-29 Sun Microsystems, Inc. System and method for processing callback requests included in web-based procedure calls through a firewall
US20060041756A1 (en) * 2004-08-19 2006-02-23 International Business Machine Corporation Systems and methods of securing resources through passwords
US20060107063A1 (en) * 2004-11-18 2006-05-18 Michael Fiske Generating requests for access to a passcode protected entity
US20060294586A1 (en) * 2005-06-28 2006-12-28 Upton John D Security locking apparatus and method for portable computer

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7809953B2 (en) * 2002-12-09 2010-10-05 Research In Motion Limited System and method of secure authentication information distribution
US7779451B2 (en) 2006-03-30 2010-08-17 Intel Corporation Securing wakeup network events
US8397077B2 (en) * 2007-12-07 2013-03-12 Pistolstar, Inc. Client side authentication redirection
JP2010015541A (en) * 2008-06-04 2010-01-21 Fujitsu Ltd Authentication system, terminal device, password issuing apparatus, and authentication method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6101608A (en) * 1997-02-20 2000-08-08 Compaq Computer Corporation Method and apparatus for secure remote wake-up of a computer over a network
US20020166084A1 (en) * 2001-05-03 2002-11-07 Raynham Michael B. Wireless server diagnostic system and method
US20040019804A1 (en) * 2002-07-24 2004-01-29 Sun Microsystems, Inc. System and method for processing callback requests included in web-based procedure calls through a firewall
US20060041756A1 (en) * 2004-08-19 2006-02-23 International Business Machine Corporation Systems and methods of securing resources through passwords
US20060107063A1 (en) * 2004-11-18 2006-05-18 Michael Fiske Generating requests for access to a passcode protected entity
US20060294586A1 (en) * 2005-06-28 2006-12-28 Upton John D Security locking apparatus and method for portable computer

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103516527A (en) * 2012-06-25 2014-01-15 华擎科技股份有限公司 Method and system for remotely starting host and electronic device
US20140359167A1 (en) * 2013-05-29 2014-12-04 Microsoft Corporation Pattern coalescing for remote wake-enabled applications
US9491032B2 (en) * 2013-05-29 2016-11-08 Microsoft Technology Licensing, Llc Pattern coalescing for remote wake-enabled applications
US9866398B2 (en) 2013-05-29 2018-01-09 Microsoft Technology Licensing, Llc Pattern coalescing for remote wake-enabled applications
CN106301712A (en) * 2015-06-05 2017-01-04 国民技术股份有限公司 A kind of synchronized communication method and application apparatus, system
CN108352993A (en) * 2015-11-10 2018-07-31 大众汽车有限公司 The method of industry ethernet, control device and the control device for waking up industry ethernet
US10700887B2 (en) 2015-11-10 2020-06-30 Volkswagen Aktiengesellschaft Ethernet bus, controller and method for waking a controller of an ethernet bus

Also Published As

Publication number Publication date
US8214914B2 (en) 2012-07-03
US20100275243A1 (en) 2010-10-28
US20070234401A1 (en) 2007-10-04
US7779451B2 (en) 2010-08-17

Similar Documents

Publication Publication Date Title
US8214914B2 (en) Securing wakeup network events
US8862709B2 (en) Remote management of boot application
US6311276B1 (en) Secure system for remote management and wake-up commands
US6526507B1 (en) Data processing system and method for waking a client only in response to receipt of an authenticated Wake-on-LAN packet
TWI608341B (en) Method of managing network wake-up commands and server
KR100524055B1 (en) Computer system having the function of remote waking up and method for remote waking up the computer system
US7581029B2 (en) Updating machines while disconnected from an update source
US20200150734A1 (en) Remote register updates
GB2512694A (en) Wake on Cloud
US20050166213A1 (en) Remote deployment of executable code in a pre-boot environment
US8005118B2 (en) Method and apparatus for implementing secure clock in device having no internal power source
EP3319283B1 (en) Server data port learning at data switch
US20140056202A1 (en) System wakeup on wireless network messages
US10425412B2 (en) Dynamic generation of key for encrypting data in management node
KR20160110467A (en) Broadcasting management information using fountain codes
US20080148390A1 (en) Secure program launch
CN111885057A (en) Message middleware access method, device, equipment and storage medium
US9501128B2 (en) Cooperative reduced power mode suspension for high input/output (‘I/O’) workloads
TW201629756A (en) Disregarding input in wake-on-LAN boot
TW201909595A (en) Device management technology
CN115280279A (en) Device firmware update techniques
EP3163488B1 (en) Message sender authentication
US11651110B2 (en) Hardware device mutual authentication system and method for a baseboard management controller (BMC)
CN114189333B (en) Sensing node security management method, electronic device and computer readable storage medium
JP2004015497A (en) Network reception limitation system for composite machine

Legal Events

Date Code Title Description
STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION