Biometric sensors are used to control physical and logical access to various computer components or subsystems comprising a computer system. The biometric sensors may comprise fingerprint scanners, iris scanners or any other type of biometric sensor that can uniquely identify a person. The biometric sensors can be used to activate electromagnetic locks, which lock individual components within the system, or enabling locks which prevent devices from receiving power or being enabled (such as disk ...

A method for permitting access to secured computer resources based upon a two-piece user verification process. In the disclosed embodiment, the user verification process is carried out during a secure power-up procedure. At some point during the secure power-up procedure, the computer user is required to provide an external token or smart card to the computer system. The token or smart card is used to store an authentication value(s) required to enable secured resources. The computer user is the...

A method for generating system passwords derived from an external encryption algorithm and plain text user passwords entered during a secure power-on procedure. At some point during the secure power-up procedure, the computer system checks for the presence of an external token or smart card that is coupled to the computer through specialized hardware. The token or smart card is used to store an encryption algorithm furnished with an encryption key that is unique or of limited production. Followi...

A method for enabling power to all or portions of a computer system based upon the results of a two-piece user verification process that is completed as part of a secure power-up procedure. At some point during the secure power-up procedure, the computer user provides an external token or smart card that is coupled to the computer through specialized hardware. The token or smart card is used to store an encryption algorithm furnished with an encryption key that is unique or of limited production...

A method for permitting access to secured computer resources based upon a two-piece user verification process. In one embodiment of the invention, the user verification process is carried out during a secure power-up procedure. At some point during the secure power-up procedure, the computer user is required to provide an external token or smart card that is coupled to the computer through specialized hardware. The token or smart card is used to store an encryption algorithm furnished with an en...

A method for providing secure registration and integrity assessment of software in a computer system is disclosed. A secure hash table is created containing a list of secure programs that the user wants to validate prior to execution. The table contains a secure hash value (i.e., a value generated by modification detection code) for each of these programs as originally installed on the computer system. This hash table is stored in protected memory that can only be accessed when the computer syst...

A radio frequency (RF) device for authorizing user access to portions of a computer system. The RF device includes a power supply, processing circuitry that accesses the power supply according to a location of the RF device, and an antenna that transmits communication signals from the processing circuitry to a transponder that is coupled to the computer system. The processing circuitry is configured to operate at a first power level until the communication signals indicate that the location of t...

A computer system that automatically and securely executes registered programs immediately prior to a transition to a reduced energy consumption state. A registrar table specifying registered programs and a secure modification detection value for each registered program are maintained in system management mode memory or other secure memory space in the computer system. A system management interrupt is generated following a request to remove power from the computer system or the occurrence of an ...

A computer system comprises a security computer having a security database and at least one workstation computer on which software is accessible for execution. The database includes security values that the workstation computers use to verify whether their copy of software is authentic (i.e., unmodified such as might occur from action of a virus). The database can also be used verify whether the software can be run on a particular workstation computer.

The read head portion of a chip card reader is compactly mounted on the rear side of a front device bay faceplate in a computer in a manner permitting a peripheral device, representatively a hard disk drive, to be mounted in the device bay immediately behind the read head. To permit this installation of both the card read head and the peripheral device at the same computer drive bay, the read head is installed on the rear side of the faceplate at an acute angle relative thereto, with the card en...