Patent application number | Description | Published |
20090044187 | Methods And Apparatus For Creating An Isolated Partition For A Virtual Trusted Platform Module - A data processing system isolates a virtual trusted platform module (vTPM) manager in the processing system from other management software in the processing system. In one example process, the processing system launches a virtual machine monitor (VMM) that includes a memory-mapped input/output (MMIO) trap. The processing system also launches a vTPM manager in a first virtual machine (VM). In addition, the processing system launches a second VM to contain virtual machine management programs other than the vTPM manager and the MMIO trap. Other embodiments are described and claimed. | 02-12-2009 |
20090086979 | VIRTUAL TPM KEYS ROOTED IN A HARDWARE TPM - The present subject matter related to trusted computing, and more particularly, to virtual trusted platform module keys rooted in a hardware trusted platform module. Some embodiments include a trusted platform virtualization module operable to capture virtual machine trusted platform module calls and operates to generate, maintain, and utilize hardware trusted platform module keys on behalf of the one or more virtual machines. Some embodiments include virtual trusted platform module keys having a public portion on top of an private portion including an encrypted hardware trusted platform module key. | 04-02-2009 |
20090089582 | METHODS AND APPARATUS FOR PROVIDING UPGRADEABLE KEY BINDINGS FOR TRUSTED PLATFORM MODULES - A processing system with a trusted platform module (TPM) supports migration of digital keys. For instance, an application in the processing system may create a first configuration key as a child of a TPM storage root key (SRK) when the processing system has a first configuration. The application may also create an upgradable root user key associated with an upgrade authority as a child of the first configuration key. The application may also create a user key as a child of the upgradable root user key. When the processing system has a second configuration, the application may create a second configuration key as a child of the SRK. The application may request migration approval from the upgrade authority. In response to receiving the approval from the upgrade authority, the application may migrate the root user key to be a child of the second configuration key. Other embodiments are described and claimed. | 04-02-2009 |
20090133097 | Device, system, and method for provisioning trusted platform module policies to a virtual machine monitor - A method, apparatus and system for a trusted platform module accepting a customized integrity policy provisioned to a virtual machine monitor, verifying the security of a first policy object, for example, including the customized integrity policy, by comparing a counter associated with the first policy object with a counter associated with a second policy object, and customizing a virtual trusted platform module of the virtual machine monitor according to the first policy object, for example, when the first policy object is verified. The customized integrity policy may include user specified configurations for implementing a customized virtual environment. Other embodiments are described and claimed. | 05-21-2009 |
20090165117 | Methods And Apparatus Supporting Access To Physical And Virtual Trusted Platform Modules - A data processing system features a hardware trusted platform module (TPM), and a virtual TPM (vTPM) manager. When executed, the vTPM manager detects a first request from a service virtual machine (VM) in the processing system, the first request to involve access to the hardware TPM (hTPM). In response, the vTPM manager automatically determines whether the first request should be allowed, based on filter rules identifying allowed or disallowed operations for the hTPM. The vTPM manager may also detect a second request to involve access to a software TPM (sTPM) in the processing system. In response, the vTPM manager may automatically determine whether the second request should be allowed, based on a second filter list identifying allowed or disallowed operations for the sTPM. Other embodiments are described and claimed. | 06-25-2009 |
20090169012 | VIRTUAL TPM KEY MIGRATION USING HARDWARE KEYS - The present subject matter is related to trusted computing, and more particularly to migration of virtual trusted platform module keys that are rooted in a hardware trusted platform module. Some embodiments include a trusted platform virtualization module that may perform one or more of inbound and outbound trusted platform module key migrations. Such migrations may be performed between a virtual trusted platform module and either a hardware or a virtual trusted platform module. | 07-02-2009 |
20090169017 | CONFIGURATION OF VIRTUAL TRUSTED PLATFORM MODULE - Systems, methods and machine readable media for configuring virtual platform modules are disclosed. One method includes launching a virtual machine monitor, and determining, with the virtual machine monitor, whether a configuration policy that defines a configuration for a virtual trusted platform module is trusted. The method further includes configuring the virtual trusted platform module per the configuration policy in response to the virtual machine monitor determining that the configuration policy is trusted. The method also includes launching, via the virtual machine monitor, a virtual machine associated with the virtual trusted platform module. | 07-02-2009 |
20120030676 | Methods And Apparatus For Creating An Isolated Partition For A Virtual Trusted Platform Module - A data processing system isolates a virtual trusted platform module (vTPM) manager in the processing system from other management software in the processing system. In one example process, the processing system launches a virtual machine monitor (VMM) that includes a memory-mapped input/output (MMIO) trap. The processing system also launches a vTPM manager in a first virtual machine (VM). In addition, the processing system launches a second VM to contain virtual machine management programs other than the vTPM manager and the MMIO trap. Other embodiments are described and claimed. | 02-02-2012 |
Patent application number | Description | Published |
20110103711 | STRUCTURED GRIDS FOR LABEL PROPAGATION ON A FINITE NUMBER OF LAYERS - An image represented by multiple nodes can be processed by determining whether labels can be propagated to a node from another node of the image. Conceptually, an image can be presented as a “structured grid” of multiple nodes (e.g., a structured grid of pixels of an image). In a “structured grid,” two or more nodes of the same level (e.g., nodes in the same gray level) can determine in parallel whether to propagate a label from one or more of its neighboring nodes that are labeled and propagate one or more labels accordingly. An image can be processed by iteratively repeating this process for nodes of successive levels. It will be appreciated that the disclosed techniques allow parallelism without requiring partitioning of an image or having to merge partitioned images. The disclosed techniques are especially suited for watershed algorithms. | 05-05-2011 |
20110103712 | STRUCTURED GRIDS AND GRAPH TRAVERSAL FOR IMAGE PROCESSING - An image represented by multiple nodes can be processed by determining whether information can be propagated to a node from another node (e.g., source node) of the image, thereby allowing significantly greater parallelism and scalability by taking advantage of multiprocessing or multi-core processors that are prevalent and widely available today. Conceptually, an image can be presented as a “structured grid” of multiple nodes (e.g., a structured grid of pixels of an image). In a “structured grid,” two or more of the nodes can determine whether to propagate information in parallel. In fact, each node of a “structured grid” can perform operations relating to propagation of information in parallel. This means that for an image of N pixels, it is possible to perform N operations in parallel. It is also possible to divide the processing of N operations for N pixels substantially equally between the number processors or processing cores available at a given time. | 05-05-2011 |
20130191722 | HARDWARE ACCELERATION OF WEB APPLICATIONS - In a first embodiment of the present invention, a method for enabling hardware acceleration of web applications is provided, comprising: parsing a web page using a scripting engine, wherein the web page necessitates running a web application; accessing one or more Application Program Interfaces (APIs) that provide parallelization, and distribute tasks of the web application among multiple cores of a multi-core central processing unit (CPU) or graphical processing unit (GPU), wherein the accessing uses a compute context class that, when instantiated, creates a compute context object that acts as a bridge between the scripting engine and the one or more APIs; and creating one or more kernels to operate on the multiple cores. | 07-25-2013 |