Computer or microchip with a secure system bios having a separate private network connection to a separate private network

US 9,003,510 B2
Filed: 07/17/2014
Issued: 04/07/2015
Est. Priority Date: 01/26/2010
Status: Active Grant

First Claim

Patent Images

1. A computer or microchip comprising:

at least one network connection for connection to at least a public network of computers, said at least one network connection being located in at least one public unit of said computer or microchip,at least one additional and separate network connection for connection to at least a separate, private network of computers, said at least one additional and separate network connection being located in at least one protected private unit of said computer or microchip, andat least one inner hardware-based access barrier or inner hardware-based firewall that is located between and communicatively connects said at least one protected private unit of said computer or microchip and said at least one public unit of said computer;

or microchipwherein said private and public units and said two separate network connections are separated by said at least one inner hardware-based access barrier or inner hardware-based firewall; and

said at least one protected private unit of the computer or microchip includes at least a first microprocessor and a system BIOS of the computer or microchip located in flash or other non-volatile memory;

said at least one public unit of the computer or microchip includes at least a second microprocessor, andsaid second microprocessor is separate from said at least one inner hardware-based access barrier or inner hardware-based firewall.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer or microchip including a network connection for connection to a public network of computers including the Internet, the network connection being located in a public unit; and an additional and separate network connection for connection to a separate, private network of computers, the additional network connection being located in a protected private unit. An inner hardware-based access barrier or firewall is located between and communicatively connects the protected private unit and the public unit; and the private and public units and the two separate network connections are separated by the inner barrier or firewall. The protected private unit includes at least a first microprocessor and a system BIOS located in flash memory. The public unit includes at least a second or many microprocessors separate from the inner barrier or firewall. The inner barrier or firewall comprises a bus with an on/off switch controlling communication input and output.

Citations

35 Claims

1. A computer or microchip comprising:
- at least one network connection for connection to at least a public network of computers, said at least one network connection being located in at least one public unit of said computer or microchip,at least one additional and separate network connection for connection to at least a separate, private network of computers, said at least one additional and separate network connection being located in at least one protected private unit of said computer or microchip, andat least one inner hardware-based access barrier or inner hardware-based firewall that is located between and communicatively connects said at least one protected private unit of said computer or microchip and said at least one public unit of said computer;
  
  or microchipwherein said private and public units and said two separate network connections are separated by said at least one inner hardware-based access barrier or inner hardware-based firewall; and
  
  said at least one protected private unit of the computer or microchip includes at least a first microprocessor and a system BIOS of the computer or microchip located in flash or other non-volatile memory;
  
  said at least one public unit of the computer or microchip includes at least a second microprocessor, andsaid second microprocessor is separate from said at least one inner hardware-based access barrier or inner hardware-based firewall.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The computer or microchip of claim 1, wherein the at least one inner hardware-based access barrier or firewall comprises at least one bus with an on/off switch controlling communication input and output.
  - 3. The computer or microchip of claim 1, wherein said at least one protected private unit of the computer or microchip includes a central controller of the computer or microchip, including a master controlling device or a master control unit.
  - 4. The computer or microchip of claim 3, wherein said master controlling device comprises a microprocessor, core or processing unit configured for general purposes.
  - 5. The computer or microchip of claim 1, wherein said at least one protected private unit of the computer or microchip is not configured to connect to the Internet.
  - 6. The computer or microchip of claim 1, wherein the computer or microchip is included in one of a personal computer, a smartphone, a tablet computer, a server, a cloud server array, a blade, a cluster, a supercomputer, a supercomputer array, and a game machine.
  - 7. The computer or microchip of claim 1, wherein the at least one public unit of the computer or microchip includes at least 2 or 4 or 8 or 16 or 32 or 64 or 128 or 256 or 512 or 1024 microprocessors or processing units or cores.
  - 8. The computer or microchip of claim 1, wherein said at least one additional and separate network connection is at least one wired connection to said at least one separate, private network of computers.
  - 9. The computer or microchip of claim 1, wherein said at least one additional and separate network connection is at least one wireless connection to said at least one separate, private network of computers.
  - 10. The computer or microchip of claim 1, wherein the computer or microchip is surrounded by a Faraday Cage.
  - 11. The computer or microchip of claim 1, wherein the at least one inner hardware-based access barrier or inner hardware-based firewall comprises a bus with an on/off switch controlling communication input and output.
  - 12. The computer or microchip of claim 1, wherein the at least one public unit of the computer or microchip includes at least a second microprocessor configured to operate as a general purpose microprocessor.
  - 13. The computer or microchip of claim 1, wherein the computer or microchip is configured to operate as a general purpose computer or microchip.

14. A computer or microchip configured to be securely controlled through a private network of computers, said computer or microchip comprising:
- at least a secure private unit of said computer or microchip that is protected by at least one inner hardware-based access barrier or firewall;
  
  an unprotected public unit of said computer or microchip, said unprotected public unit including at least one network connection for a public network of computers;
  
  at least a separate private network connection for at least said private network of computers, at least said separate private network connection for said private network of computers being located in at least said secure private unit of said computer or microchip;
  
  at least one microprocessor, core or processing unit configured for general purposes is located in said unprotected public unit, wherein said at least one microprocessor, core or processing unit is separate from said at least one inner hardware-based access barrier or firewall;
  
  at least a central controller of the computer or microchip, including a master controlling device or a master control unit and being located in said secure private unit;
  
  a system BIOS of the computer or microchip located in flash or other non-volatile memory which is located in said secure private unit; and
  
  a secure control bus configured to connect at least said master controlling device with at least said microprocessor, core or processing unit located in said unprotected public unit, said secure control bus being isolated from input from said network and input from components of said unprotected public unit; and
  
  said master controlling device being configured for securely controlling at least one operation executed by at least one said microprocessor, core or processing unit in said unprotected public unit, said secure control being provided by said master controlling device in said secure private unit through said private network of computers to said additional and separate private network connection in said secure private unit and via said secure control bus.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. The computer or microchip of claim 14, wherein the inner hardware-based access barrier or firewall comprises at least one bus with an on/off switch controlling communication input and output.
  - 16. The computer or microchip of claim 15, wherein said secure control bus provides and ensures direct preemptive control by said master controlling device over said unprotected public unit.
  - 17. The computer or microchip of claim 14, wherein said master controlling device comprises a microprocessor, core or processing unit configured for general purposes.
  - 18. The computer or microchip of claim 17, wherein said master controlling device comprises a non-volatile memory.
  - 19. The computer or microchip of claim 14, wherein said secure control bus is configured such that it cannot be affected, interfered with, altered, read from or written to, or superseded by any part of said unprotected public unit or by input from said network.
  - 20. The computer or microchip of claim 19, wherein said one or more secondary controllers are used to control one or more of said at least one microprocessor, core or processing unit located in said unprotected public unit.
  - 21. The computer or microchip of claim 20, wherein said one or more secondary controllers are integrated with one or more of said at least one microprocessor, core or processing unit located in said unprotected public unit.
  - 22. The computer or microchip of claim 14, wherein said secure control bus is configured such that it can be used by said master controlling device to control one or more secondary controllers located on said secure control bus.
  - 23. The computer or microchip of claim 22, wherein said one or more secondary controllers are located in the unprotected public unit.
  - 24. The computer or microchip of claim 14, wherein said secure control bus is wired, wireless or a channel.
  - 25. The computer or microchip of claim 14, wherein said secure control bus is configured to provide a connection to control at least a second firewall located on the periphery of said computer or microchip.
  - 26. The computer or microchip of claim 14, wherein the inner hardware-based access barrier or inner hardware-based firewall comprises a bus with an on/off switch controlling communication input and output.

27. A computer or microchip configured to be securely controlled, said computer or microchip comprising:
- at least one microprocessor, core or processing unit being configured for general purposes and having a connection for a network of computers;
  
  at least a master controlling device for the computer or microchip; and
  
  a system BIOS of the computer or microchip located in flash or other non-volatile memory which is located in a portion of the computer or microchip protected by an inner hardware-based access barrier or firewall; and
  
  a secure control bus configured to connect at least said master controlling device with at least said at least one microprocessor, core or processing unit, and said secure control bus being isolated from input from said network and input from components of said computer or microchip other than said master controlling device; and
  
  said master controlling device being configured for securely controlling at least one operation executed by at least one said microprocessor, core or processing unit, said secure control being provided by said master controlling device via said secure control bus.
- View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35)
- - 28. The computer or microchip of claim 27, wherein the inner hardware-based access barrier or firewall comprises a bus with an on/off switch controlling communication input and output.
  - 29. The computer or microchip of claim 27, wherein said master controlling device comprises a microprocessor, core or processing unit configured for general purposes.
  - 30. The computer or microchip of claim 27, wherein said master controlling device comprises a non-volatile memory.
  - 31. The computer or microchip of claim 27, wherein said secure control bus provides and ensures direct preemptive control by said master controlling device over said at least one microprocessor, core or processing unit.
  - 32. The computer or microchip of claim 27, wherein said secure control bus is configured such that it cannot be affected, interfered with, altered, read from or written to, or superseded by any part of said unprotected public unit or by input from said network.
  - 33. The computer or microchip of claim 27, wherein said secure control bus is configured such that it can be used by said master controlling device to control one or more secondary controllers located on said secure control bus.
  - 34. The computer or microchip of claim 27, wherein said secure control bus is wired, wireless or a channel.
  - 35. The computer or microchip of claim 27, wherein said secure control bus provides a connection to control a firewall located on the periphery of said computer or microchip.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Frampton E. Ellis
Original Assignee
Frampton E. Ellis
Inventors
Ellis, Frampton E.
Primary Examiner(s)
SIMITOSKI, MICHAEL J

Application Number

US14/334,283
Publication Number

US 20140331307A1
Time in Patent Office

264 Days
Field of Search

726/11, 726/22, 726/30, 713/153, 713/154, 713/194
US Class Current

726/11
CPC Class Codes

G06F 11/2043   where the redundant compone...

G06F 21/50   Monitoring users, programs ...

G06F 21/71   to assure secure computing ...

G06F 21/85   interconnection devices, e....

H04L 63/02   for separating internal fro...

H04L 63/0209   Architectural arrangements,...

Computer or microchip with a secure system bios having a separate private network connection to a separate private network

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

Computer or microchip with a secure system bios having a separate private network connection to a separate private network

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links