09th week of 2010 patent applcation highlights part 39 |
Patent application number | Title | Published |
20100057898 | LOAD BALANCER SETTING METHOD AND LOAD BALANCER SETTING APPARATUS - An administrative manager connected to servers each in which a host OS capable of loading therein a software load balancer and a guest OS executing a service program are operable as virtual OS, performs the following processes. Namely, the server in which the guest OS for executing the service program being the transmission source of a processing request to be load balanced operates is set as a setting objective server of the software load balancer. Further, the server in which the guest OS for executing the service program being the transmission target of the processing request operates is set as a load balancing objective server. Then, an instruction is transmitted to the setting objective server to load the software load balancer in the host OS thereof, and, an instruction is transmitted to the setting objective server to set information to be used for the load balancing of transmission data. | 2010-03-04 |
20100057899 | NETWORK MANAGEMENT SYSTEM FOR AN AIRCRAFT - A network management system in an aircraft for managing and maintaining a network. An aircraft maintenance computer communicates with a first device to be managed via the SNMP protocol. The first device to be comprises a description file. Within a subnetwork one or more second devices to be managed are present which are linked with the first device to be managed. These second devices to be managed enter their data into the description file via these connections. The data are necessary for managing and maintaining the respective second device to be managed by the aircraft maintenance computer. Therefore the aircraft maintenance computer is enabled to manage and maintain the first and the second devices only by means of the central MIB | 2010-03-04 |
20100057900 | Terminal Apparatus, Server Apparatus, and Method for Managing Installation Position of Communication Equipment - According to one embodiment, a terminal apparatus includes a first acquisition module configured to acquire its own position information by using a known positioning system, a second acquisition module configured to acquire its own position information through another system which is different from the positioning system, when an equipment ID specifying the communication equipment is input at an installation position of the communication equipment and when it is impossible for the first acquisition module to acquire the own position information, and a transmitter which transmits a setting registration request including the equipment ID and the position information to the maintenance center via the communication network, when the transmitter is connectable to the communication network. | 2010-03-04 |
20100057901 | NETWORK MANAGEMENT SYSTEM AND NODE DEVICE AND MANAGEMENT APPARATUS THEREOF - According to one embodiment, a network management system comprises nodes and an apparatus manages a communication network. The node includes generator, buffers, notification module, transmitter, measurement module and controller. The generator generates messages of different levels depending on a type of alarms. The buffers each provided for each of the different levels and temporarily holding the message in a holding period appropriate to the level. The notification module notifies the apparatus of the held message. The transmitter transmits a test signal. The measurement module individually measures the load on the apparatus and the load on the communication network based on a reception time of a reply from the apparatus to the test signal. The controller varies the holding period in the buffers according to the level based on the measured load on the apparatus and the communication network. | 2010-03-04 |
20100057902 | Scal-free management networks - Methods and apparatus involve production servers in a data center of an enterprise and management servers arranged in a scale-free manner to monitor, for instance, the health and general service status and availability of the production servers. Representatively, the production servers are first identified and then the management servers are analyzed to see if they can be deployed in a scale-free arrangement therewith. If so, the scale-free arrangement satisfies the proportionality equation P(k)˜k | 2010-03-04 |
20100057903 | NETWORK MONITORING BY USING PACKET HEADER ANALYSIS - A computer method and a system for detecting the file type of an electronic file, the method including the steps of: (a) using a predetermined number of bytes at the beginning of the file to create a list of probable file types; (b) testing the file against a detection rule for each file type in the list until a match is found; if no match is found (c) testing the file against other known detection rules for file types to find a match. | 2010-03-04 |
20100057904 | DEVICE MANAGING APPARATUS, DEVICE MANAGING METHOD, AND COMPUTER-READABLE RECORDING MEDIUM FOR THE DEVICE MANAGING METHOD - A device managing apparatus for monitoring and managing a device connected to a data transmission path includes an obtaining part configured to obtain power consumption status data from the device, the power consumption status data indicating a power consumption status of a communication unit included in the device, a selecting part configured to select a communication method according to the power consumption status data obtained from the obtaining part, and a communicating part configured to perform data communications with the device by using the communication method selected by the selecting part. | 2010-03-04 |
20100057905 | SYSTEM AND METHOD FOR SOFTWARE USAGE DISCOVERY - A method of obtaining information about usage of application executable files and associated software program in a network of computers or on an individual computer is provided. The method involves collecting information about last use of software programs, and associated executable files, on a computer or a set of managed computers from various resources on the computers. The information that is collected includes file name, directory, date and time the executable was last started, a security identifier of the last user, the method of last use, whether the executable was found to be running at the time it was found, and whether the executable is registered to run as a service. From this information, a list is generated regarding software items, and the list is merged such that a given executable has a single software item on the list. Reports are produced detailing information about one or more software items on the list. The reports may be displayed in a graphic user interface designed for that purpose. | 2010-03-04 |
20100057906 | METHOD AND APPLICATION FOR A REACTIVE DEFENSE AGAINST ILLEGAL DISTRIBUTION OF MULTIMEDIA CONTENT IN FILE SHARING NETWORKS - A system for external monitoring of networked digital file sharing to track predetermined data content, the system comprising: at least one surveillance element for deployment over said network, said surveillance elements comprising: surveillance functionality for searching said digital file sharing and identification functionality associated with said search functionality for identification of said predetermined data content, therewith to determine whether a given file sharing system is distributing said predetermined data content. | 2010-03-04 |
20100057907 | SYSTEM SECURITY AGENT AUTHENTICATION AND ALERT DISTRIBUTION - An aggregation agent may combine and correlate information generated by multiple on-host agents and/or information generated in response to multiple security events. The aggregation agent may transmit the combined information to a security console. The security console may check the identity of the aggregation agent to determine whether to accept the information. The security console may map information to one or more consoles. | 2010-03-04 |
20100057908 | CENTRALIZED CONTROL PLANE APPLIANCE FOR VIRTUAL INFRASTRUCTURE - In a virtual infrastructure, a single appliance is provided that hosts a centralized virtual machine monitor (VMM) control plane to effectively establish a single virtual switch across all virtual machines within one or more clusters of servers, thereby reducing the number of management points for the network administrator and facilitating easier VM migration. | 2010-03-04 |
20100057909 | SYSTEM AND METHOD FOR EFFICIENT DELIVERY IN A MULTI-SOURCE, MULTI DESTINATION NETWORK - Real-time delivery of multimedia content puts extreme demand on both computational and network resources. Many a times, the requirement is to handle multiple such delivery requirements and as a consequence, the overall delivery efficiency gets affected. Another dimension of complexity is that (a) the multimedia content to be delivered may not always be highly reliable, and (b) the network may also be not highly reliable. In such a situation, it becomes even more difficult to satisfy the quality of service requirements. When content to be delivered to multiple destinations is available at multiple sources, there is an opportunity to overcome the above mentioned complexity. The system and method for efficient delivery in a multi-source multi-destination network involves pulling of data from the multiple sources by measuring quality of service and reliability parameters, and efficiently loading the systems and the network in a cooperative manner. | 2010-03-04 |
20100057910 | Concept for trusting client-side storage and distribution of asynchronous includes in an application server environment - The ability to leverage a publish/subscribe functionality in an application server environment has allowed the storage of cached entries to be stored over multiple clients rather than on a single application server, freeing up valuable resources. However, in this arrangement it is not possible for the originating server to validate shared content originating from client-side storage. The present invention provides a system and method for securing and validating content from asynchronous include request by allowing a subscribing client to set trusted clients from which they will accept content. | 2010-03-04 |
20100057911 | Enhanced User Control Over Processing Parameters - A distributed application infrastructure to run business logic routines on data stored on different computer systems has a security module that limits where data can be transferred to within a single application that spans multiple computer systems. The data can be designated as private, which means that the data is never transferred from its home computer system, or as public, which means that the data could be transferred to any other computer system running the distributed application, or as protected, which means that the data could only be transferred to pre-designated computer systems running the distributed application. | 2010-03-04 |
20100057912 | Method for Implementing Network Resource Access Functions into Software Applications - An Open Network Adapter (ONA) provides an interface that provides network resource access functions to application writers and network users while hiding the implementation details from those writers and users. The ONA accepts high-level network resource access function requests and coordinates the lower-level actions necessary to accomplish the high-level requests. These network resource access requests may, for example, be provided via a user interface which may be implemented by a personal computer, telephone, or other device capable of providing a display and receiving user input. | 2010-03-04 |
20100057913 | SYSTEMS AND METHODS FOR STORAGE ALLOCATION IN PROVISIONING OF VIRTUAL MACHINES - Embodiments relate to systems and methods for storage allocation in the provisioning of virtual machines. A provisioning (or “cobbler”) server can interact with a local virtual machine installation client to initiate software provisioning to a set of virtual machines. The provisioning process can entail, for example, the selection and delivery of an operating system to the target set of virtual machines, as well as the installation of applications or other software. In conjunction with the provisioning process, the virtual machine installation client can identify and access a set of storage resources, such as hard disk or other storage, to be associated with the set of virtual machines, which themselves contain no local storage. That client can determine an allocation of the set of storage resources to each virtual machine in the set of virtual machines, for instance on a pro-rata basis or based on processing consumption or other factors. | 2010-03-04 |
20100057914 | METHOD, APPARATUS AND SYSTEM FOR SCHEDULING CONTENTS - A method, apparatus and system for scheduling contents are disclosed herein. The method includes: receiving a content request message from a content requesting device; determining a light-loaded content providing device according to the content request message, where the light-loaded content providing device is communicated with a light-loaded content storing device, and the content storing device stores contents corresponding to the content request message; and sending the contents corresponding to the content request message to the content requesting device through the light-loaded content providing device. The embodiments of the present invention take comprehensive account of the load of the storage apparatus, and select a proper server for the user to ensure the server to provide services for the user normally. | 2010-03-04 |
20100057915 | Method and system for distributing applications - In a data processing network there exist at least two applications which are different from one another in terms of the volumes of data that are to be processed. In at least one embodiment, each application has a multilayer structure and individual layers of the applications are distributed over different hardware resources, specifically at least one local data processing unit and at least one remote data processing unit, in such a way that the number of layers installed on the local data processing unit as a proportion of the total number of layers making up the respective application is less in the case of that application which is provided for processing the greater volume of data than in the case of the application which is provided for processing the smaller volume of data. | 2010-03-04 |
20100057916 | METHOD AND SYSTEM FOR GATHERING INFORMATION RESIDENT ON GLOBAL COMPUTER NETWORKS - A method and system for confidentially accessing and reporting information present on global computer networks. The present invention deterministically analyzes a set of network resources over a configurable monitoring period, thereby guaranteeing that recently published information is retrieved. The present invention includes a scalable software system that can be readily executed on a stand-alone computing system or distributed across a network of computing devices. At the end of each monitoring period, the present invention balances the traversal and searching of network resources across the computing devices in the distributed system according to the previous number of pages retrieved for each network resources, thereby more accurately balancing the system. | 2010-03-04 |
20100057917 | METHOD, APPARATUS AND SYSTEM FOR PROCESSING COMPOSITE SERVICE AND REPLACING SERVICE AND INVOKING SERVICE - The present invention relates to a method for handling and replacing a service. The method for handling a composite service may include obtaining a concrete service corresponding to a service invocation segment description in a composite service logic, wherein the service invocation segment is an abstract service invocation segment or a service template invocation segment; triggering a service replacement, requesting to replace the service invocation segment with a concrete service invocation segment of the obtained concrete service; or, triggering a service invocation, requesting to generate a service invocation based on the concrete service. Accordingly, a concrete service can be dynamically selected when the composite service logic is being executed. | 2010-03-04 |
20100057918 | HTTP STANDBY CONNECTION - An apparatus and a method for requesting data from a server. In one embodiment, a client opens a first HTTP connection and a second HTTP connection with the server. The client requests for data from a random access file from the server with the first HTTP connection. The client receives and reads the data while maintaining the second HTTP connection open. The client requests for additional data at another location in the file on the second HTTP connection. The client maintains the second HTTP connection by occasionally sending requests to the server on the second HTTP connection. | 2010-03-04 |
20100057919 | System and Method to Provide a Network Service - A method of providing a network service includes accepting an incoming transmission control protocol/internet protocol (TCP/IP) connection from a user device at a point of presence (POP) proxy server. The TCP/IP connection corresponds to a particular application that is not stored at the POP proxy server. The method also includes relaying the TCP/IP connection from the POP proxy server to a remote application server that stores the particular application via an accelerated network link. Further, the method includes streaming data between the user device and the remote application server after relaying the TCP/IP connection to the remote application server. | 2010-03-04 |
20100057920 | SESSION INTEGRATION METHOD AND SYSTEM - A session integration method is provided for integrating a first session between a first entity and a third entity and a second session between a second entity and the third entity in a session-based service environment. The first entity receives a REFER message including dialog information from the second entity, and sends a response message to the received REFER message to the second entity. When header information included in the received REFER message indicates an INVITE message and the dialog information is related to the first entity, the first entity generates a Re-INVITE message and sends the generated Re-INVITE message to an address of a target which is subject to session integration. The address is included in the header information and corresponds to the third entity. The first entity updates the first session into an integrated session with the third entity. | 2010-03-04 |
20100057921 | METHOD, SYSTEM FOR ACCESSING HOME NETWORK DEVICE AND HOME NETWORK ACCESS DEVICE - A method, a system for accessing a home network device, and a home network access device are disclosed. The method includes the steps as follows. A home network access device finds a home network device and obtains information of the home network device through a home network protocol. A data model of the home network device is established in the home network access device according to the information of the home network device. A remote service device accesses the data model of the home network device established in the home network access device through a remote management protocol. | 2010-03-04 |
20100057922 | SYSTEM AND METHOD FOR TRANSACTIONAL SESSION MANAGEMENT - A system and method of transactional session management. Information sufficient to permit creation of a deep copy of a session object is saved concurrently for all aspects of the transaction. For example, the saving may save state information provided by different hierarchical levels of the session as well as possible different hardware or software entities participating in the session. In the event of a rollback condition, the deep copy is supplied to one or more applications. Those applications may then continue the session from the point of the deep copy. | 2010-03-04 |
20100057923 | Maintaining Client Affinity in Network Load Balancing Systems - Described is a technology in a network load balancing system (node cluster), by which client affinity is preserved across cluster configuration changes, including for new connections from a previous client. Each node maintains a list of the clients that are to remain (have affinity, or “stickiness”) with that node, including following bucket redistribution resulting from convergence. Each affinity list is communicated during convergence so that other nodes may build an exception list or lists. Via a node's exception list, the node that owns a bucket corresponding to a client knows of the affinity with another node and thus drops any packets from that client. Affinity may expire, whereby the node having affinity with that client releases it and notifies the node owning the bucket for that client that the client is no longer to be treated as an exception. | 2010-03-04 |
20100057924 | ACCESS POINT FOR IMPROVED CONTENT DELIVERY SYSTEM - A deployment and distribution model improves content delivery with a business incentive for placement of kiosks with one or more wireless access points in public locations so that portable media players (PMPs) can receive media content (e.g., audio, video, text, haptic content, etc.). In addition, coordination between subscribing users of PMPs, vendors who provide kiosks, and a network central controller of a content distribution system allow for prepositioning of video content at the kiosks through economically desirable low data rate communication links from the network (e.g., dial-up modem, DSL, etc.); coordinated queuing of downloads (e.g., partial downloads) between kiosk to PMP, peer-to-peer (P2P) downloading between PMPs, and uploads from PMP to kiosk; billing/crediting to correspond with such participation in the distribution; and changing priority/selection of prepositioning of content at kiosks to reflect a clientele profile. | 2010-03-04 |
20100057925 | Method For Processing A Network Service Request, And Network Element Comprising A Means For Processing Said Request - In a method for processing a network service request, a first network element that is logically closest to a user requesting the network service manages a file into which data can be entered in respect of a user authorization to receive the network service. A network element includes a device for allowing and blocking transmission of a network service to a user requesting the network service. The device can be switched in accordance with the authorization data contained in the data memory. | 2010-03-04 |
20100057926 | DIGITAL CUSTOM DATA CONTENT INJECTION MECHANISM FOR A CONTENT DELIVERY NETWORK - A content selection and injection mechanism is provided for a communication network. In the communication network, an electronic device inserts custom data content into a data stream. The electronic device accepts a data stream from a location in the access network and identifies an insertion point suitable for inserting the custom data content into the data stream. The electronic device also selects the custom data content from a local content storage repository located in the access network, and inserts the custom data content into the data stream at the identified insertion point. The electronic device may identify a targeted user for receiving content, and select the custom data content based on the identity of the targeted user. | 2010-03-04 |
20100057927 | METHODS AND SYSTEMS FOR INFORMATION STREAMING TO USER INTERFACE - Embodiments of computer-implemented methods and systems for information streaming to a user interface include receiving, at a networked contact center, a Hypertext Transfer Protocol (HTTP) request to stream information to a user interface, establishing a persistent HTTP connection to the user interface, receiving the information, the information including one or more events associated with the networked contact center, and sending the one or more events via the persistent HTTP connection, the one or more events resulting in a change in the user interface without further HTTP requests from the user interface. | 2010-03-04 |
20100057938 | Method for Sparse Object Streaming in Mobile Devices - A communication system includes a wireless communication device that is adapted to send and receive data associated with at least one application. A computer server is in communication with the wireless communication device. The computer server is adapted to determine a new set of data requested by the wireless communication device and to compare the new set of data to a previously transmitted set of data. A reduced set of data is generated. The reduced set of data comprises at least a portion of the new set of data not previously transmitted. The reduced set of data is transmitted to the wireless communication device. A method of generating a reduced or sparse data object is also disclosed. | 2010-03-04 |
20100057939 | Delivering Partially Processed Results Based on System Metrics in Network Content Delivery Systems - Methods, apparatuses and systems directed to processing client requests in distributed systems. Particular implementations of the invention are directed to allowing application servers to return partially processed results after having consumed a time slice allocation based on performance estimates, network performance metrics, and/or system performance metrics. | 2010-03-04 |
20100057940 | APPLICATION-AWARE M:N HOT REDUNDANCY FOR DPI-BASED APPLICATION ENGINES - A packet processing system for providing application-aware hot redundancy and a related card and methods are disclosed. The system may include a plurality of active devices, each including a processor configured to perform deep packet inspection to identify an application associated with an active flow, and a redundancy block configured to determine whether the application requires hot redundancy and, if so, to forward a message from which state information may be derived. The system may also include at least one protecting device in communication with each of the active devices and configured to receive the message regarding the active flow from the active device, derive state information from the message, and resume packet forwarding operations for the active flow upon failure of a respective active device of the plurality of active devices. | 2010-03-04 |
20100057941 | Method and System for Providing Smart Offload and Upload - Provided is a system and method for performing smart offloads between computer applications module and a network interfacing device within a data communications system. The method includes receiving data requests from the computer applications module and determining whether the received data requests require offloading. The received requests are forwarded along a first data path to the network interfacing device if offloading is required. If offloading is not required, the received data requests are forwarded along a secondary data path to a host protocol stack for processing. Next, the protocol processing is performed and the processed data requests are forwarded to the network interfacing device. | 2010-03-04 |
20100057942 | USER INTERFACE APPARATUS, DIGITAL APPARATUS CONNECTED TO THE SAME, DATA TRANSMITTING SYSTEM INCLUDING THE USER INTERFACE, AND USER INTERFACE METHOD - Provided is a user interface apparatus including a plurality of regions and method for operating the same. The user interface apparatus may be configured to respond to a digital apparatus being disposed in a region, by sending information associated with the region. The information indicative of a command for the digital apparatus to execute to interact with a host apparatus. The digital apparatus may include an information recognizing unit configured to recognize the command indicated by the information provided by the information providing units; and a control unit configured to transmit data or receive data based on the command. Thus, a user can input a user control signal to a digital apparatus in a user friendly manner. | 2010-03-04 |
20100057943 | SYSTEM AND METHOD FOR CONNECTING A SECURITY SYSTEM USING A NETWORK - A system and method for connecting a security system using a network. The security system includes at least two discrete parts and is connected using a local area network. The security system also includes a first dedicated, hard-wired field bus, a first plurality of peripheral devices, a control panel, a first transfer device, a second transfer device, a second dedicated, hard-wired field bus, and a second plurality of peripheral devices. The control panel is configured to send data through the first field bus. Each of the first plurality of peripheral devices is coupled to the first field bus and is configured to receive the data from the control panel. The first transfer device is connected to the control panel and is configured to packetize the data from the control panel and send the packetized data through the local area network. The second transfer device is coupled to the second field bus and is configured to receive the packetized data from the first transfer device and depacketize the packetized data. Each of the second plurality of peripheral devices is coupled to the second field bus and is configured to receive the data from the second transfer device. | 2010-03-04 |
20100057944 | Plug connector module - A plug connector module having at least one plug connector for electromechanical connection with a field device, especially a device for measured data capture in process technology. The plug connector module includes a memory unit for storing data and a communication interface, which enables a data connection with the field device. | 2010-03-04 |
20100057945 | ELECTRONIC DEVICE - An electronic device with an ability to provide services appropriate for situations, he electronic device having: a situation information acquisition part for acquiring situation information, which is dynamic information; a determining part for determining whether a service can be executed; a service information acquisition part for acquiring information for executing a service; and an execution part for executing an acquired service. A condition information acquisition part is provided so that, when the determining part determines that a service cannot be executed, it acquires service available information for the service to become available. Furthermore, a situation information correctness determining part is provided which determines correctness of the situation information acquired in the situation information acquisition part. | 2010-03-04 |
20100057946 | TYPE A USB RECEPTACLE WITH PLUG DETECTION - A modified Series A universal serial bus (USB) receptacle connector is equipped with the functionality to allow the electronic system in which it resides to be configured either as a host device or a peripheral device. The modified USB Series A receptacle connector, according to one embodiment of the invention may include a mechanism such as an additional pin or a mechanical switch to detect the presence of a standard USB Series A plug being inserted into it. Upon detection of a plug, an algorithm may allow the system to determine whether it is to act as a host device or a peripheral device and to determine which device supplies power. | 2010-03-04 |
20100057947 | DEVICE MANAGEMENT APPARATUS, DEVICE MANAGEMENT METHOD AND DEVICE MANAGEMENT PROGRAM - A device management apparatus may include, but is not limited to, a device controller that controls a device, a communication controller, a management unit, and a monitoring unit. The communication controller controls a communication between the device and the device controller. The management unit manages the device controller and the communication controller. The monitoring unit is disposed between the device controller and the communication controller. The monitoring unit formats data that is transmitted between the device controller and the communication controller so as to create formatted data. The monitoring unit supplies the formatted data to the management unit. | 2010-03-04 |
20100057978 | Storage system and data guarantee method - A system according to the invention reads/writes data by using a memory device performing a wear leveling. A host | 2010-03-04 |
20100057979 | DATA TRANSMISSION METHOD FOR FLASH MEMORY AND FLASH MEMORY STORAGE SYSTEM AND CONTROLLER USING THE SAME - A data transmission method suitable for transmitting data from a cache to a plurality of flash memory groups through a single data bus in a flash memory storage system is provided. The data transmission method includes sequentially sorting and grouping data to be written at continuous logical addresses in the cache in unit of logical blocks. The data transmission method further includes respectively transmitting the grouped sector data into the flash memory groups through the data bus in an interleaving manner, wherein data in the same logical block is transmitted and written into physical blocks of the same flash memory group. Thereby, the data is prevented from being written into different physical blocks, and accordingly the lifespan of the flash memory storage system is prolonged. | 2010-03-04 |
20100057980 | DATA MEMORY DEVICE WITH AUXILIARY FUNCTION - The invention relates to a method, a data storage device, and a system with a data storage device having an additional module ( | 2010-03-04 |
20100057981 | METHODS AND DEVICES FOR EXECUTING DECOMPRESSED OPTION MEMORY IN SHADOW MEMORY - Methods and systems for executing a decompressed portion of an option memory in a shadow memory. An area of system memory is allocated and a portion of the option memory is decompressed using the allocated area. The decompressed portion is stored in the shadow memory so the decompressed portion can be executed in shadow memory. | 2010-03-04 |
20100057982 | Hypervisor security using SMM - Methods, systems, apparatuses and program products are disclosed for protecting computers and similar equipment from undesirable occurrences, especially attacks by malware. Invariant information, such as pure code and some data tables may be enrolled for later revalidation by code operating outside the normal context. For example, a periodic interrupt may invoked a system management mode interrupt service routine to discover whether code regions accessible to Protected Mode programs have become corrupted or otherwise changed, such as by tampering from untrusted or untrustworthy programs that have easy access only to protected mode operation. | 2010-03-04 |
20100057983 | METHOD AND APPARATUS FOR AN ACTIVE LOW POWER MODE OF A PORTABLE COMPUTING DEVICE - The present invention discloses a portable computing device ( | 2010-03-04 |
20100057984 | MEMORY HIERARCHY CONTAINING ONLY NON-VOLATILE CACHE - A storage system that includes non-volatile main memory; non-volatile read cache; non-volatile write cache; and a data path operably coupled between the non-volatile write cache and the non-volatile read cache, wherein the storage system does not include any volatile cache and methods for retrieving and writing data throughout this memory hierarchy system. | 2010-03-04 |
20100057985 | SYSTEM AND METHOD FOR ALLOCATING PERFORMANCE TO DATA VOLUMES ON DATA STORAGE SYSTEMS AND CONTROLLING PERFORMANCE OF DATA VOLUMES - System and method for dynamic chunk allocation to data volumes in storage systems. The system includes host computer, management computer and storage system. A dynamic chunk allocation program in the storage system allocates chunks from chunk pool to a volume using a chunk pool management table and a chunk table. A chunk allocation rule table holds rules for allocating chunks from the HDDs. The dynamic chunk allocation program refers to the chunk allocation rule table, to allocate a chunk to a volume. The storage system may have a chunk move program for moving a chunk from one HDD to another HDD or from parity group to parity group for load balancing. A host ID identifying program in the storage system is also used for load balancing. The chunk allocation rule table may be updated by the management computer or rule creation program for changing the rules. | 2010-03-04 |
20100057986 | STORAGE ARRAY BOOT AND CONFIGURATION - A RAID storage array having a controller and plurality of disk drives is configured into a plurality of groups. The plurality of disk drives are in a plurality of drive trays. The controller includes a main memory. A set of configuration information is stored on a central nonvolatile memory device. The set of configuration information includes group configuration information corresponding to each group of the plurality of groups with which a corresponding disk drive is associated. The set of configuration information is stored on a plurality of remote nonvolatile memory devices that are each associated with at least one of the plurality of drive trays. A bootware control process is loaded into the main memory. The bootware control process is executed. A plurality of service layer processes are loaded into the main memory. The plurality of service layer processes are executed in parallel under the control of the bootware control process. The configuration information is read from the central nonvolatile memory device. | 2010-03-04 |
20100057987 | Method and System for Upgrading Normal Disk Controller to RAID Controller - The invention provides a method and system for upgrading Normal Disk Controller to RAID (Redundant Array of Independent Disks) Controller. Unlike Normal Disk Controller that reports the exact physical disks to Host Computer System, the RAID Controller only reports the configured RAID Logical Units. According to different RAID configurations, the RAID Controller might increase data availability and storage capacity, improve system performance and flexibility, and realize data protection and recovery. The disclosed method and system for upgrading includes three parts: RAID BIOS (Basic Input/Output System) Initialization and Configuration, OS (Operate System) Driver, and Application Program, and the Controller after upgrading will behave exactly like a RAID Controller, at BIOS level, OS level, and Application level. | 2010-03-04 |
20100058008 | DATA PROCESSING CONTROL UNIT, METHOD FOR CONTROLLING DATA PROCESSING OPERATIONS AND DATA PROCESSING SYSTEM - A data processing control unit for controlling two or more data processing operations SMI | 2010-03-04 |
20100058009 | STORAGE SYSTEM WITH AUTOMATED RESOURCE ALLOCATION - When a plurality of disk control apparatuses function as one disk control apparatus with a mutual connecting network, a processor is used as an independent resource. Moreover, states of use of resources are monitored, and processing from distribution of the resources to allocation of control tasks is optimized promptly so as to be compatible with a user request. By promptly making system performance compatible with the user request according to the present invention, a state in which the user request and the system performance are alienated from each other for a long time is eliminated. | 2010-03-04 |
20100058010 | INCREMENTAL BACKUP USING SNAPSHOT DELTA VIEWS - A backup method that uses snapshot delta views to create backups of a data collection is provided. The method comprises taking a first snapshot of the data collection, in response to determining that a previous snapshot used to create a backup does not exist; creating a backup of the data collection using the first snapshot, in response to determining that the previous snapshot does not exist; recording that the first snapshot was used as a source for the creation of a backup; and taking a second snapshot of the data collection, in response to determining that the previous snapshot that was used as a source for a backup does exist. | 2010-03-04 |
20100058011 | COMPUTER SYSTEM AND BACKUP METHOD THEREFOR - A computer system includes a first volume that is read and written from a first computer and in which write data is written, a second volume that stores journal data in the first volume with the journal data delimited at each predetermined point, a third volume as a virtual volume, a virtual-volume creating unit that creates, when a backup instruction for the first volume at a predetermined point is received, the third volume from which a second computer can read the journal data and in which the second computer can write the journal data, a mapping unit that maps the journal data to the third volume, and a backup unit that transfers the write data to a storage device via the second computer or transfers, through the third volume to which the journal data is mapped by the mapping unit, the journal data to the storage device via the second computer and backs up the write data and the journal data. | 2010-03-04 |
20100058012 | Backup Data Management Method in Which Differential Copy Time is Taken Into Account - Provided is a computer system, comprising a storage system and a management computer. The management computer manages differential copy start times, differential data amounts of first pairs, and a data amount that can be copied in differential copy per unit time; identifies one of the first pairs for which the differential copy is to be started and a start time of the differential copy; subtracts the data amount of differential copy per unit time that is allocated to the identified one of the first pairs from a differential data amount of the identified first pairs; add the unit time to the identified start time; judges that the differential copy has been finished at a time when the subtracted differential data amount reaches zero or less; and calculates time zones in which the first pairs execute differential copy based on the time at which differential copy has been finished. | 2010-03-04 |
20100058013 | Online backup system with global two staged deduplication without using an indexing database - An encryption for a distributed global online backup system with global two-stage deduplication in the absence of an indexing database where data blocks are encrypted using their SHA-1 signatures as encryption keys. | 2010-03-04 |
20100058014 | SWITCH APPARATUS - A switch connectable between hosts and storage device, the switch for providing a service of allotting virtual areas to be deployed in the storage device to any of the hosts upon demand, the switch includes: a processor for controlling allotment of virtual areas to the hosts and allocation of physical areas of the storage device to the virtual areas; and a memory for storing information of the host allowed access to the virtual areas, the processor controlling access by any of the hosts to the virtual area so as to restrict access by any of the hosts to a part of the virtual areas allotted to the any of the hosts in reference to the memory. | 2010-03-04 |
20100058015 | BACKUP APPARATUS, BACKUP METHOD AND COMPUTER READABLE MEDIUM HAVING A BACKUP PROGRAM - A backup apparatus and method which stores backup data into a backup data storage area includes detecting whether to increase a capacity of the backup data storage area, assigning a storage area, within an addition-source area set as a storage area permitted to be additionally assigned as the backup data storage area, when a storage area the capacity of which is to be increased is detected, detecting whether to increase the capacity of the addition-source area, and setting the addition-source area in a free storage area as the backup data storage area when detecting that the capacity of the addition-source area is to be increased. | 2010-03-04 |
20100058016 | METHOD, APPARATUS AND SOFTWARE PRODUCT FOR MULTI-CHANNEL MEMORY SANDBOX - A method, apparatus, and software product allow signalling toward a multi-channel memory subsystem within an application processing architecture, and routing of that signalling via a single sandbox which provides memory protection by controlling memory usage and blocking the signalling if it is unauthorized. The signalling via the sandbox leads to a plurality of different memory locations, and the sandbox is an intermediary for substantially all execution memory accesses to the multi-channel memory subsystem. | 2010-03-04 |
20100058017 | DATA SWAPPING IN A STORAGE SYSTEM - Systems and methods for data swapping in a storage network are provided. The method comprises associating a flag with a first track on a first volume (TA | 2010-03-04 |
20100058018 | Memory Scheduler for Managing Internal Memory Operations - An integrated circuit includes: a resistive memory having an array of resistive memory cells; a memory controller that controls operation of the resistive memory in accordance with external commands from an external device; and a memory scheduler coupled to the resistive memory and to the memory controller. The memory scheduler schedules internal maintenance operations within the resistive memory in response to trigger conditions indicated by at least one sensor signal or external command. The operation of the memory scheduler and performance of the internal maintenance operations are transparent to the external device and, optionally, transparent to the memory controller. | 2010-03-04 |
20100058019 | DATA TRANSFER BETWEEN WIRELESS UNIVERSAL SERIAL BUS (USB) HOST CONTROLLER DRIVER AND WIRELESS USB HOST CONTROLLER IN A WIRELESS USB HOST - A wireless Universal Serial Bus (USB) host that optimizes the data transfer between the Wireless Host Controller Driver (WHCD) and the Wireless Host Controller (WHC). The data transfer between the WHCD and the WHC is optimized by reducing the overhead of data fragmentation. Higher performance without sacrificing memory and computation power is achieved with the optimization of the data transfer. | 2010-03-04 |
20100058020 | MOBILE PHONE AND METHOD FOR MANAGING MEMORY OF THE MOBILE PHONE - A method for managing memory of a mobile phone provides a memory allocation table for images captured by a camera module of the mobile phone. The memory allocation table records memory allocation information of the images. All application programs of the mobile phone can load the image in one memory space allocated for the image according to the memory allocation information in the memory allocation table. | 2010-03-04 |
20100058021 | Storage system and control method for the same - An externally-connected volume of a main storage is correlated to an AOU volume inside of an external storage. The AOU volume is allocated with a not-yet-used page in a pool in accordance with data writing. When a command is issued to the externally-connected volume for formatting or others, a first controller in the main storage converts the command into a format command or an area deallocation command with respect to the AOU volume in the external storage. As such, the external AOU volume is subjected to a write process in its entirety, thereby being able to prevent any unnecessary page allocation. With such a configuration, the storage system of the present invention can use pages in the pool with good efficiency. | 2010-03-04 |
20100058022 | ADAPTIVE BUFFER DEVICE AND METHOD THEREOF - An adaptive buffer device includes a plurality of entries each including an address field and a record block, and a control unit for selectively setting each entry to one of a normal status and a transformed status. When the control unit sets a first one of the entries to the normal status, the address field thereof records a first address, and the record block thereof records data corresponding to the first address and data corresponding to addresses adjacent to the first address. When the control unit sets a second one of the entries to the transformed status, the control unit reconfigures the address field and the record block thereof into a plurality of units, each of which includes a second address, data corresponding to the second address, and data corresponding to addresses adjacent to the second address. In addition, an adaptive buffer method is also disclosed. | 2010-03-04 |
20100058023 | EFFICIENTLY MANAGING MODULAR DATA STORAGE SYSTEMS - The management of a data storage system. The system may store data objects that are subject to change in container sets. The data storage system uses location maps to map the data objects to a corresponding container. When there has been, or will be, a change in the availability of containers, a new location map is created which maps the data objects to a new potentially overlapping set of containers. New data objects are added to the new set of containers, and a data object is found by searching all location maps. As an alternative or as an addition to this system, data objects may be stored in a manner that they may be efficiently removed when a condition is met. A container is created which stores all data objects to be removed when the condition occurs. When the condition occurs, the container is removed. | 2010-03-04 |
20100058024 | Data Transfer Apparatus, Data Transfer Method And Processor - A processor includes a CPU core which executes a user program, and a data transfer apparatus. The CPU core stores a transfer request from a user program in a specific area of a main memory, in which the transfer request specifies the virtual addresses of a transfer source and a transfer destination in a memory space allocated to the user program. The data transfer apparatus refers to the specific area of the main memory and acquires a transfer request asynchronously to processing performed by the CPU core. The data transfer apparatus then identifies physical addresses corresponding to virtual addresses specified in the transfer request. After that, the data transfer apparatus transcribes original data stored in a storage area indicated by the physical address of the transfer source, to a storage area in a cache memory related to the virtual address or physical address of the transfer destination. | 2010-03-04 |
20100058025 | METHOD, APPARATUS AND SOFTWARE PRODUCT FOR DISTRIBUTED ADDRESS-CHANNEL CALCULATOR FOR MULTI-CHANNEL MEMORY - A method, apparatus, and computer program product are used for reading from a table that splits a plurality of physical addresses between a plurality of channels. One of the physical addresses is determined based at least partly on a virtual address used by an execution device such as the hardware environment, and based at least partly on information about a channel. Then, the physical address is provided to the execution device. | 2010-03-04 |
20100058026 | LOADING ENTRIES INTO A TLB IN HARDWARE VIA INDIRECT TLB ENTRIES - An enhanced mechanism for loading entries into a translation lookaside buffer (TLB) in hardware via indirect TLB entries. In one embodiment, if no direct TLB entry associated with the given virtual address is found in the TLB, the TLB is checked for an indirect TLB entry associated with the given virtual address. Each indirect TLB entry provides the real address of a page table associated with a specified range of virtual addresses and comprises an array of page table entries. If an indirect TLB entry associated with the given virtual address is found in the TLB, a computed address is generated by combining a real address field from the indirect TLB entry and bits from the given virtual address, a page table entry (PTE) is obtained by reading a word from a memory at the computed address, and the PTE is loaded into the TLB as a direct TLB entry. | 2010-03-04 |
20100058027 | METHOD FOR SELECTING HASH FUNCTION, METHOD FOR STORING AND SEARCHING ROUTING TABLE AND DEVICES THEREOF - A method for selecting a hash function, a method for storing and searching a routing table and devices thereof are provided. The method for selecting a hash function includes: hashing data to be hashed by using a current alternative hash function; decoding a hash result; accumulating decoded results until no carry occurs during the accumulation; and selecting a current alternative hash function with no carry generated as a formal hash function. The method for storing a routing table includes: dividing the routing table into a next-level node pointer portion and a prefix portion for being stored; and selecting a hash function by using the above method for selecting a hash function. The method for searching a routing table includes: directly searching an IP address to be searched according to a directly stored length of a next-level node pointer portion for storing the routing table; and reading a prefix node according to a searched result. Thus, hash collision can be avoided, and memory resources occupied by the routing table can be effectively reduced. | 2010-03-04 |
20100058028 | ELECTRONIC DEVICE AND ADDRESS SPACE EXPANSION METHOD - An address space expansion method implemented by the electronic device which includes a storage unit, wherein the storage unit includes a first storage unit and a second storage unit, comprising: responding to the user operation to generate a target address; determining whether a address range of the target address is less than or equal to a predetermined address range, and generating a corresponding control signal; enabling the first storage unit or the second storage unit according to the generated corresponding control signal; acquiring a physical address corresponding to the target address and providing the physical address to the enabled storage unit according to the corresponding control signal and a predetermined converting rule; accessing and performing a reading/writing operation for data corresponding to the physical address of the enabled storage unit. | 2010-03-04 |
20100058029 | Invoking Multi-Library Applications on a Multiple Processor System - A mechanism is provided for invoking a multi-library application on a multiple processor system, wherein the multiple processor system comprises a Power Processing Element (PPE) and a plurality of Synergistic Processing Element (SPE). Applications including multi-libraries run in the memory of the PPE. The mechanism comprises maintaining the status of each SPE in the application running on the PPE, where there are SPE agents for capturing the instructions from the PPE in the SPEs that have been started. In response to a request for invoking a library, the PPE determines whether the number of available SPEs for invoking the library is adequate based on the current status of SPEs. If the number of available SPEs is adequate, the PPE sends a run instruction to selected SPEs. After finishing the invocation of all libraries, the PPE sends termination instructions to all started SPEs. IBM confidential | 2010-03-04 |
20100058030 | ARITHMETIC-LOGIC UNIT, PROCESSOR, AND PROCESSOR ARCHITECTURE - An arithmetic-logic unit for performing an operation of a prescribed bit length in an execution stage of a processor includes a plurality of sub-arithmetic-logic units which perform in respectively different pipeline stages sub-operations created by decomposing the operation of the prescribed bit length in a bit length direction, and a plurality of pipeline registers provided so as to separate the pipeline stages from each other, wherein each of the pipeline registers operates in such a manner as to be switchable between two operation modes, a flip-flop mode in which an output value is updated in synchronism with an input trigger and a transparent mode in which an input value is directly output. | 2010-03-04 |
20100058031 | Executing A Service Program For An Accelerator Application Program In A Hybrid Computing Environment - Executing a service program for an accelerator application program in a hybrid computing environment that includes a host computer and an accelerator, the host computer and the accelerator adapted to one another for data communications by a system level message passing module; where the service program includes a host portion and an accelerator portion and executing a service program for an accelerator includes receiving, from the host portion, operating information for the accelerator portion; starting the accelerator portion on the accelerator; providing, to the accelerator portion, operating information for the accelerator application program; establishing direct data communications between the host portion and the accelerator portion; and, responsive to an instruction communicated directly from the host portion, executing the accelerator application program. | 2010-03-04 |
20100058032 | Effective Use of a BHT in Processor Having Variable Length Instruction Set Execution Modes - In a processor executing instructions in at least a first instruction set execution mode having a first minimum instruction length and a second instruction set execution mode having a smaller, second minimum instruction length, line and counter index addresses are formed that access every counter in a branch history table (BHT), and reduce the number of index address bits that are multiplexed based on the current instruction set execution mode. In one embodiment, counters within a BHT line are arranged and indexed in such a manner that half of the BHT can be powered down for each access in one instruction set execution mode. | 2010-03-04 |
20100058033 | System and Method for Double-Issue Instructions Using a Dependency Matrix and a Side Issue Queue - A method receives a complex instruction comprising a first portion and a second portion. The method sets a single issue queue slot and allocates an execution unit for the complex instruction, and identifies dependencies in the first and second portions. The method sets a dependency matrix slot and a consumers table slot for the first and section portion. In the event the first portion dependencies have been satisfied, the method issues the first portion and then issues the second portion from the single issue queue slot. In the event the second portion dependencies have not been satisfied, the method places the second portion into a side issue queue. The method issues the second portion when the side issue queue indicates that the second portion is eligible for issue. | 2010-03-04 |
20100058034 | CREATING REGISTER DEPENDENCIES TO MODEL HAZARDOUS MEMORY DEPENDENCIES - A method of transforming low-level programming language code written for execution by a target processor includes receiving data comprising a plurality of low-level programming language instructions ordered for sequential execution by the target processor; detecting a pair of instructions in the plurality of low-level programming language instructions having a memory dependency therebetween; and inserting one or more instructions between the detected pair of instructions in the plurality of low-level programming language instructions having a memory dependency therebetween. The one or more instructions inserted between the detected pair of instructions create a true data dependency on a value stored in an architectural register of the target processor between the detected pair of instructions. | 2010-03-04 |
20100058035 | System and Method for Double-Issue Instructions Using a Dependency Matrix - A method for double-issue complex instructions receives a complex instruction comprising a first portion and a second portion. The method sets a single issue queue slot and allocates an execution unit for the complex instruction, and identifies dependencies in the first and second portions. The method sets a dependency matrix slot and a consumers table slot for the first and section portion. In the event the first portion dependencies have been satisfied, the method issues the first portion and then issues the second portion from the single issue queue slot. In the event the second portion dependencies have not been satisfied, the method cancels the second portion issue. | 2010-03-04 |
20100058036 | Distributed Acceleration Devices Management for Streams Processing - A method for managing distributed computer data stream acceleration devices is provided that utilizes distributed acceleration devices on nodes within the computing system to process inquiries by programs executing on the computing system. The available nodes and available acceleration devices in the computing system are identified. In addition, a plurality of virtual acceleration device definitions is created. Each virtual acceleration device definition includes attributes used to configure at least one of the plurality of identified acceleration devices. When an inquiry containing an identification of computing system resources to be used in processing the inquiry is received, at least one virtual acceleration device definition that is capable of configuring an acceleration device in accordance with the computing system resources identified by the inquiry is identified. That acceleration device is configured in accordance with the identified virtual acceleration device definition and is used to process the inquiry. | 2010-03-04 |
20100058037 | RUNNING-SHIFT INSTRUCTIONS FOR PROCESSING VECTORS - The described embodiments provide a processor for generating a result vector with shifted values. During operation, the processor receives a first input vector, a second input vector, and a control vector. When generating the result vector, the processor first captures a base value from a key element position in the second input vector. The processor then determines a number of bit positions to shift the base value using selected relevant elements in the first input vector. The processor then shifts the copy of the base value by the number of bit positions and writes the value into a corresponding element in the result vector. In addition, a predicate vector can be used to control the values that are written to the result vector. | 2010-03-04 |
20100058048 | Profile Adjustment Module For Use With Data Processing System - A profile adjustment module which enables customization of the profiles within a computer system. The profile adjustment module enables gaming or entertainment enthusiast or customers an easy-to-use interface to tune their personal computer for maximum performance for a customized application such as a gaming or entertainment application. The interface of the profile adjustment module includes designated settings depending on the system make-up. When a customer selects a usage model such as a “Game on” usage model or an “Entertainment on” usage model, the profile adjustment module initiates a predetermined sequence of events including, but not limited to tuning the audio and video settings to peek experience settings (where the settings are specifically chosen to adjust the usage model). | 2010-03-04 |
20100058049 | SECURE DATA COMMUNICATION SYSTEM - The description relates to a system designed to protect data exchange involved with the use of cloud computing infrastructures by services and individuals. The system is designed so that a cloud resource and its middleware access points are protected in transferring data among themselves and end users using a system designed to spread the data and then reassemble the data. | 2010-03-04 |
20100058050 | DATA KEEPING METHOD, CLIENT APPARATUS, STORAGE DEVICE, AND PROGRAM - A storage device sends its storage-device-specific information A to a client apparatus. The client apparatus generates an encryption key P | 2010-03-04 |
20100058051 | METHOD AND APPARATUS FOR SETTING A SECURE COMMUNICATION PATH BETWEEN VIRTUAL MACHINES - A secure communication path is set between virtual machines each arranged within one of a set of servers in a network. There is provided business software operated by executing one or more task programs each provided for a virtual machine, and each server is provided with, as a virtual machine, a guest operating system controlled by a host operating system. The one or more task programs are classified into task classes according to a type of a function to be realized, and there is provided task connection information indicating whether a communication path is needed or not between each pair of task classes. Then, a secure communication path between a pair of guest operating systems is set by setting virtual network connection information to a pair of host operating systems corresponding to the pair of guest operating systems, on the basis of the task connection information. | 2010-03-04 |
20100058052 | METHODS, SYSTEMS AND DEVICES FOR SECURING SUPERVISORY CONTROL AND DATA ACQUISITION (SCADA) COMMUNICATIONS - A secure supervisory control and data acquisition (SCADA) system includes a SCADA control host system and any number of remote terminal unit (RTU) systems. Each RTU system includes an RTU transceiver, an RTU and a remote security device (RSD) coupling the RTU to the RTU transceiver. The SCADA control host system includes a SCADA control host configured to exchange SCADA information with each of the RTUs in a SCADA format, and a host security device (HSD) coupling the SCADA control host to a host transceiver. The host transceiver is configured to establish communications with each of the plurality of RTU transceivers. The HSD communicates with the RSDs to transparently encrypt the SCADA information using a cryptographic protocol that is independent of the SCADA protocol to thereby secure the communications between the HSD and each of the RSDs. | 2010-03-04 |
20100058053 | SYSTEM, METHOD AND SECURITY DEVICE FOR AUTHORIZING USE OF A SOFTWARE TOOL - The described embodiments relate generally to methods, systems and security devices for authorizing use of a software tool. Certain embodiments of the invention relate to a security device. The security device comprises at least one communication subsystem for enabling communication between the security device and a first external device, wherein the first external device has a software tool executable on the first external device. The security device further comprises a memory and processor coupled to the at least one communication subsystem and configured to control the at least one communication subsystem. The memory is accessible to the processor and stores a key for authorizing use of the software tool. The memory further stores program instructions which, when executed by the processor, cause the processor to execute a security application. | 2010-03-04 |
20100058054 | MSSAN - This invention allows users to maximise their use of existing storage, processing power and network bandwidth resources. This is achieved through providing an enhanced level of data backup and restore that employs the initial encryption of data and storing one user's data on another user's hard drives through an anonymsing process. The efficiency of this process is enhanced when this invention is used in conjunction with self authentication which then provides the ability to log into a network anonymously from potentially anywhere. | 2010-03-04 |
20100058055 | System and method for manipulating a computer file and/or program - A device for manipulating a computer file or program includes a processor. The device includes a network interface which receives commands. The device includes a receiver which receives the commands from the network interface and provides the commands to the processor. The device includes storage having a computer file or program in a memory. Wherein the processor, based on the commands, makes changes to the computer file or program in the memory and suspends and reestablishes user intervention to the computer file or program. A device for manipulating a computer file or program. | 2010-03-04 |
20100058056 | Display system with security enhancement function - An exemplary display system includes a flat panel display and a host connectable to the flat panel display. The flat panel display includes a first storage unit including a first security code stored therein, a register, and a micro processing unit. The host includes a second storage unit including a second security code stored therein, and a central processing unit. The central processing unit is configured for converting the second security code to a digital signal and sending the digital signal to the register. The micro processing unit is configured to read and compare the first security code with the digital signal in the register, and output a control signal according to a result of said comparison. | 2010-03-04 |
20100058057 | REMOTE COMPUTER MANAGEMENT WHEN A PROXY SERVER IS PRESENT AT THE SITE OF A MANAGED COMPUTER - The invention facilitates remote management of a computer via a network. Remote computer management in which communication between a managed computer and a remote computer management server is initiated by the managed computer is implemented so that the presence of a proxy server at the site at which the managed computer is located can be detected, and communication from the managed computer to the remote computer management server is routed to a communication port assigned for communication with the proxy server, with instructions to then send the communication to the remote computer management server. | 2010-03-04 |
20100058058 | Certificate Handling Method and System for Ensuring Secure Identification of Identities of Multiple Electronic Devices - The present invention relates to a certificate handling method and system for ensuring secure identification of multiple electronic devices and especially to a method and a system for autonomously creating, transferring, verifying, issuing and status checking (e.g. revocation status) of digital certificates for electronic communication. The present invention provides a certificate handling method, wherein the electronic devices can mutually authenticate each others identity without the use of a certificate authority and the identities of a first electronic device and a second electronic device are mutually authenticated using a personal area network to establish a trust relationship between the first electronic device and the second electronic device. | 2010-03-04 |
20100058059 | SHARING KEYS BETWEEN COOPERATING PARTIES - An apparatus and a method for generating a secure cipher key over an insecure channel. In one embodiment, a set of polynomials is generated and shared between a first party and a second party over the insecure channel. The first party generates a first random exponent for its private cipher key. The second party generates a second random exponent for its private cipher key. The first party operates on the set of polynomials with the first random exponent and sends the results to the second party. The second party operates on the set of polynomials with the second random exponent and sends the results to the first party. A shared cipher key is computed based on the exchanged operation results. | 2010-03-04 |
20100058060 | Username Based Key Exchange - A method and apparatus for an system and process for sharing a secret over an unsecured channel in conjunction with an authentication system. A client computes a message authentication code based on a hashed password value and a first random string received from the server. The client sends a response to the server that includes authentication data including a second random string. Both the client and server concatenate the first random string, second random string and username. Theses values are processed to generate as a shared master secret to further generate shared secrets or keys to establish a secured communication channel between the client and server. The secured communication can be based on stateless messaging where the decryption key associated with the message is identified by the message authentication code, which is placed within the message. | 2010-03-04 |
20100058061 | CONTROLLING ACCESS TO DATA STREAMS - Access to one or more data streams can be controlled by encrypting a description of how segments of the data streams can be assembled, for example, to produce an audio or video program. Access to the one or more data streams can also be provided by obfuscating names of at least some of the segments in order to make it more difficult to determine the proper order for assembling the segments. In at least some embodiments, the data contained in at least some of the segments themselves is not encrypted. | 2010-03-04 |
20100058062 | FAMILY DWELLING RESTRICTED COMMUNICATION SYSTEM - A network comprising an authentication network limited to a family dwelling; a content source; and a content receiver. Wherein the content source is configured to transmit encrypted content to the content receiver, and the content receiver can decode the encrypted content only when both the content source and the content receiver are physically connect to the authentication network. | 2010-03-04 |
20100058063 | FUZZY BIOMETRICS BASED SIGNATURES - The present invention relates to a method and a device of verifying the validity a digital signature based on biometric data. A basic idea of the invention is that a verifier attains a first biometric template of the individual to be verified, for instance by having the individual provide her fingerprint via an appropriate sensor device. Then, the verifier receives a digital signature and a second biometric template. The verifier then verifies the digital signature by means of using either the first or the second biometric template as a public key. The attained (first) biometric template of the individual is compared with the received (second) biometric template associated with the signature and if a match occurs, the verifier can be confident that the digital signature and the associated (second) biometric template have not been manipulated by an attacker for impersonation purposes. | 2010-03-04 |
20100058064 | LOGIN AUTHENTICATION USING A TRUSTED DEVICE - A user working on a client computer is allowed to remotely login to a server over a computer network. A first secure connection is established between the client and the server. Communications with a trusted device which is in the user's control is established via a communication channel between the trusted device and the client, where this channel is not part of the network. A second secure connection is established between the trusted device and the server through the client, where this second secure connection is tunneled within the first secure connection. The user remotely logs into the server over the second secure connection using the trusted device. | 2010-03-04 |
20100058065 | EXTRACTING AUXILIARY DATA FROM A HOST SIGNAL - The invention relates to extracting and embedding auxiliary data from and to a host signal. In an embodiment, the auxiliary data relates to remotely control of an application or a device, such as an interactive toy. Auxiliary data are extracted from a host signal, by periodically ( | 2010-03-04 |
20100058066 | METHOD AND SYSTEM FOR PROTECTING DATA - A method and a system for protecting data are provided. When a computer system is powered on, a verification code is compared with a predetermined verification code. If the verification code matches the predetermined verification code, an encrypted configuration data stored in a configuration data block of a storage device is decrypted with the verification code to obtain an original configuration data of the storage device. Thereby, data loss is effectively prevented and a data protection mechanism is provided. | 2010-03-04 |
20100058067 | SECURING A PASSWORD DATABASE - An apparatus and a method for encrypting a username is described. In one embodiment, a hashed username is encrypted with a key. An input size of the key matches an output size of the key. The password associated with the hashed username is replaced with a function of the encrypted username. The function includes a linear combination operator of the password and the encrypted username. The encrypted username is then swapped with the replaced password. The encryption, replacement, and the swapping are iterated for at least two or more rounds using a different key with each iteration. | 2010-03-04 |