| 发明名称 |
Sensor Aware Security Policies with Embedded Controller Hardened Enforcement |
| 摘要 |
An information handling system (IHS) performs security policy enforcement using security policy data maintained in an embedded controller, which operates within a privileged environment. The security policy data identifies security policies established for the IHS. The EC is directly connected to a number of sensors from which the EC receives sensor data and to at least one integrated functional device. The EC determines whether the received sensor data fulfills any trigger condition of a security policy. If the received sensor data does not fulfill any trigger condition of a security policy described by the security policy data, the EC continues to monitor sensors for updated sensor data. However, if the received sensor data fulfills any trigger condition of the security policy, the EC performs a security measure that involves enabling, disabling, or resetting one or more of the at least one integrated functional devices that can be disabled. |
| 申请公布号 |
US2014344886(A1) |
申请公布日期 |
2014.11.20 |
| 申请号 |
US201313893685 |
申请日期 |
2013.05.14 |
| 申请人 |
Dell Products L.P. |
发明人 |
Gillon James T.;Martinez Ricardo L.;Chis Flaviu Cristian |
| 分类号 |
G06F21/00 |
主分类号 |
G06F21/00 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. An information handling system comprising:
at least one processor; at least one memory communicatively coupled to the at least one processor and having stored thereon an operating system (OS); at least one sensor; at least one integrated functional device that can be disabled; and an embedded controller that operates in a privileged environment and is directly coupled to the at least one sensor and to at least one control signal port of the at least one integrated device, and which:
securely stores security policy data that identifies one or more security policies established for the IHS;in response to receipt of one or more sensor data from the at least one sensor, compares the received one or more sensor data to the established security policies; andin response to the received one or more sensor data indicating that a trigger condition of one or more of the established security policies is satisfied, performs a security measure that corresponds to the trigger condition of the one or more established security policies being satisfied. |
| 地址 |
Round Rock TX US |
