Secure computing environment using a client heartbeat to address theft and unauthorized access
First Claim
1. One or more machine-readable non-transitory mediums storing one or more sequences of instructions for securing a client, which when executed, cause:
- an operating system agent to send, at intervals during the execution of an operating system of the client, a message to a BIOS agent, wherein the message describes an operational state of the operating system agent, wherein the BIOS agent resides in a runtime portion of the BIOS of the client, wherein the operating system agent is one or more software modules that execute in the operating system, and wherein the BIOS agent is one or more software modules operating in a BIOS of the client,wherein the BIOS agent receives messages from the operating system agent after the client has booted; and
the BIOS agent to perform, after the client has booted, an action based on a policy, wherein the policy is described by policy data stored within the BIOS of the client, and wherein the BIOS agent performs the action in response to either (a) the operational state described by the message, or (b) the BIOS agent not receiving the message after an expected period of time,wherein the action is performed by the BIOS agent while the operating system is operational.
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques for securing a client. An operating system agent is one or more software modules that execute in an operating system of a client, such as a portable computer. Portions of the operating system agent may monitor resources of the client. The operating system agent sends a message, which describes an operational state of the operating system agent, to a BIOS agent. The BIOS agent is one or more software modules operating in a BIOS of the client. The BIOS agent performs an action based on a policy that is described by policy data stored within the BIOS of the client. The BIOS agent performs the action in response to either (a) the operational state described by the message, or (b) the BIOS agent not receiving the message after an expected period of time.
37 Citations
19 Claims
-
1. One or more machine-readable non-transitory mediums storing one or more sequences of instructions for securing a client, which when executed, cause:
-
an operating system agent to send, at intervals during the execution of an operating system of the client, a message to a BIOS agent, wherein the message describes an operational state of the operating system agent, wherein the BIOS agent resides in a runtime portion of the BIOS of the client, wherein the operating system agent is one or more software modules that execute in the operating system, and wherein the BIOS agent is one or more software modules operating in a BIOS of the client, wherein the BIOS agent receives messages from the operating system agent after the client has booted; and the BIOS agent to perform, after the client has booted, an action based on a policy, wherein the policy is described by policy data stored within the BIOS of the client, and wherein the BIOS agent performs the action in response to either (a) the operational state described by the message, or (b) the BIOS agent not receiving the message after an expected period of time, wherein the action is performed by the BIOS agent while the operating system is operational. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for securing a client, comprising:
-
an operating system agent sending, at intervals during the execution of an operating system of the client, a message to a BIOS agent, wherein the message describes an operational state of the operating system agent, wherein the BIOS agent resides in a runtime portion of the BIOS of the client, wherein the operating system agent is one or more software modules that execute in the operating system, and wherein the BIOS agent is one or more software modules operating in a BIOS of the client, wherein the BIOS agent receives messages from the operating system agent after the client has booted; and the BIOS agent performing, after the client has booted, an action based on a policy, wherein the policy is described by policy data stored within the BIOS of the client, and wherein the BIOS agent performs the action in response to either (a) the operational state described by the message, or (b) the BIOS agent not receiving the message after an expected period of time, wherein the action is performed by the BIOS agent while the operating system is operational. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. An apparatus for securing resources thereon, comprising:
-
one or more processors; and one or more machine-readable non-transitory mediums storing one or more sequences of instructions, which when executed by the one or more processors, causes; an operating system agent to send, at intervals during the execution of an operating system of the apparatus, a message to a BIOS agent, wherein the message describes an operational state of the operating system agent, wherein the BIOS agent resides in a runtime portion of the BIOS of the client, wherein the operating system agent is one or more software modules that execute in the operating system, and wherein the BIOS agent is one or more software modules operating in a BIOS of the apparatus, wherein the BIOS agent receives messages from the operating system agent after the client has booted; and the BIOS agent to perform, after the client has booted, an action based on a policy, wherein the policy is described by policy data stored within the BIOS of the apparatus, and wherein the BIOS agent performs the action in response to either (a) the operational state described by the message, or (b) the BIOS agent not receiving the message after an expected period of time, wherein the action is performed by the BIOS agent while the operating system is operational.
-
Specification