48th week of 2010 patent applcation highlights part 68 |
Patent application number | Title | Published |
20100306506 | MICROPROCESSOR WITH SELECTIVE OUT-OF-ORDER BRANCH EXECUTION - A pipelined out-of-order execution in-order retire microprocessor includes a branch predictor that predicts a target address of a branch instruction, a fetch unit that fetches instructions at the predicted target address, and an execution unit that: resolves a target address of the branch instruction and detects that the predicted and resolved target addresses are different; determines whether there is an unretired instruction that must be corrected and that is older in program order than the branch instruction, in response to detecting that the predicted and resolved target addresses are different; execute the branch instruction by flushing instructions fetched at the predicted target address and causing the fetch unit to fetch from the resolved target address, if there is not an unretired instruction that must be corrected and that is older in program order than the branch instruction; and otherwise, refrain from executing the branch instruction. | 2010-12-02 |
20100306507 | OUT-OF-ORDER EXECUTION MICROPROCESSOR WITH REDUCED STORE COLLISION LOAD REPLAY REDUCTION - An out-of-order execution microprocessor for reducing the likelihood of having to replay a load instruction due to a store collision. The microprocessor includes a queue of entries, each entry configured to hold information that identifies sources of a store instruction used to compute its store address and to hold a dependency that identifies an instruction upon which the store instruction depends for its data. A register alias table (RAT), coupled to the queue of entries, is configured to encounter instructions in program order and to generate dependencies used to determine when the instructions may execute out of program order. In response to encountering a load instruction the RAT determines whether sources of the load instruction used to compute its load address match the sources of the store instruction in an entry of the queue, and if so, causes the load instruction to share the dependency of the matching store instruction. | 2010-12-02 |
20100306508 | OUT-OF-ORDER EXECUTION MICROPROCESSOR WITH REDUCED STORE COLLISION LOAD REPLAY REDUCTION - An out-of-order execution microprocessor for reducing load instruction replay likelihood due to store collisions. A register alias table (RAT) is coupled to first and second queues of entries and generates dependencies used to determine when instructions may execute out of order. The RAT allocates an entry of the first queue and populates the allocated entry with an instruction pointer of a load instruction, when it determines that the load instruction must be replayed. The RAT allocates an entry of the second queue when it encounters a store instruction and populates the allocated entry with a dependency that identifies an instruction upon which the store instruction depends for its data. The RAT causes a subsequent instance of the load instruction to share the dependency when it encounters the subsequent instance of the load instruction and determines that its instruction pointer matches the instruction pointer of an entry of the first queue. | 2010-12-02 |
20100306509 | OUT-OF-ORDER EXECUTION MICROPROCESSOR WITH REDUCED STORE COLLISION LOAD REPLAY REDUCTION - An out-of-order execution microprocessor for reducing the likelihood of having to replay a load instruction due to a store collision. The microprocessor includes a queue of entries, each entry configured to hold an instruction pointer of a load instruction and to hold information useable to identify a store instruction that caused the load instruction to be replayed on a first instance of the load instruction. A register alias table (RAT) encounters instructions in program order and generates dependencies used to determine when the instructions may execute out of program order. The RAT encounters the load instruction on a second instance, determines that the load instruction second instance instruction pointer matches the instruction pointer of an entry of the queue, and causes the load instruction on the second instance to have a dependency on the store instruction identified by the information in the matching entry. | 2010-12-02 |
20100306510 | SINGLE CYCLE DATA MOVEMENT BETWEEN GENERAL PURPOSE AND FLOATING-POINT REGISTERS - Systems and methods for providing single cycle movement of data between a floating-point register file (FRF) and a general purpose or integer register file (RF) of a microprocessor system are provided. The system may include an integer execution unit operative to execute instructions with single cycle latency, a floating-point execution unit, a working register file (WRF), an FRF, and an IRF. To achieve the single cycle movement functionality, the integer execution unit may physically own the WRF, IRF, and FRF, and may monitor and control any dependencies between them. Thus, since the integer execution unit has direct read access to both the IRF and the FRF, data may be moved between the two register files using the single cycle operation of the integer execution unit, without the need to store and load the data from memory. | 2010-12-02 |
20100306511 | COMMUNICATION DATA PROCESSOR AND COMMUNICATION DATA PROCESSING METHOD - There is a need for providing a communication data processor easily adaptable to network configurations required for industrial Ethernet. The apparatus successively analyzes received packets. The apparatus uses a register to determine whether or not to transmit the received packet as transmission data to another port. Rewritable memory saves a program code that provides control for analyzing a reception packet and generating a transmission packet. The apparatus is capable of complying with various communication protocols by changing the program code. | 2010-12-02 |
20100306512 | COMPILER TECHNIQUE FOR EFFICIENT REGISTER CHECKPOINTING TO SUPPORT TRANSACTION ROLL-BACK - A method and apparatus for efficient register checkpointing is herein described. A transaction is detected in program code. A recovery block is inserted in the program code to perform recovery operations in response to an abort of the first transaction. A roll-back edge is potentially inserted from an abort point to the recovery block. A control flow edge is inserted from the recovery block to a entry point of the transaction. Checkpoint code is inserted before the entry point to backup live-in registers in backup storage elements and recovery code is inserted in the recovery block to restore the live-in registers from the backup storage elements in response to an abort of the transaction. | 2010-12-02 |
20100306513 | Processor Core and Method for Managing Program Counter Redirection in an Out-of-Order Processor Pipeline - A processor core and method for managing program counter redirection in an out-of-order processor pipeline. In one embodiment, the pipeline of the processor core includes a front-end instruction fetch portion, a back-end instruction execution portion, and pipeline control logic. Operation of the instruction fetch portion is decoupled from operation of the instruction execution portion. Following detection of a control transfer misprediction, operation of the instruction fetch portion is halted and instructions residing in the instruction fetch portion are invalidated. When the instruction associated with the misprediction reaches a selected pipeline stage, instructions residing in the instruction execution portion of the pipeline are invalidated and the flow of instructions from the instruction fetch portion to the instruction execution portion of the processor pipeline is restarted. A mispredict instruction identification checker and instruction identification tags are used to determine if a control transfer instruction is permitted to redirect instruction fetching. | 2010-12-02 |
20100306514 | Correlating Instruction Sequences with CPU Performance Events to Improve Software Performance - A system and method are disclosed for correlating instruction sequences. A plurality of instructions is processed to parse a first sequence of instructions comprising a first area of interest. A first instruction sequence pattern is then generated from the first sequence of instructions. Pattern matching operations are performed with the first instruction sequence pattern. A second sequence of instructions are parsed, comprising a second instruction sequence pattern and a second address of interest that is a substantially equivalent match to the first instruction sequence pattern. | 2010-12-02 |
20100306515 | Predictors with Adaptive Prediction Threshold - An adaptive prediction threshold scheme for dynamically adjusting prediction thresholds of entries in a Pattern History Table (PHT) by observing global tendencies of the branch or branches that index into the PHT entries. A count value of a prediction state counter representing a prediction state of a prediction state machine for a PHT entry is obtained. Count values in a set of counters allocated to the entry in the PHT are changed based on the count value of the entry's prediction state counter. The prediction threshold of the prediction state machine for the entry may then be adjusted based on the changed count values in the set of counters, wherein the prediction threshold is adjusted by changing a count value in a prediction threshold counter in the entry, and wherein adjusting the prediction threshold redefines predictions provided by the prediction state machine. | 2010-12-02 |
20100306516 | INFORMATION PROCESSING APPARATUS AND BRANCH PREDICTION METHOD - An information processor includes a first recording unit which stores first information indicating correspondence between an instruction address and a branch destination address of a most recent branch instruction, a computation of the most recent branch instruction having been completed and a branch for the most recent branch prediction having been taken, a second recording unit which stores a second information indicating correspondence between an instruction address and a branch destination address of each of past branch instructions including the most recent branch instruction, computations of the past branch instructions having been completed and branches for the past branch instructions having been taken, and a control unit which makes a branch prediction based on the first information or the second information, and stops supply of a clock to the second recording unit and makes a branch prediction based on the first information when an instruction sequence enters a loop. | 2010-12-02 |
20100306517 | SECURITY OF OPERATION OF A COMPUTING DEVICE THROUGH THE USE OF VENDOR IDS - An installer for a computing device determines firstly whether or not a software package for installation has been signed. If the package is signed it is installed on the device. However, if the package is unsigned, the installer will only install the package on the device if it contains a non-null VID (vendor identity). | 2010-12-02 |
20100306518 | METHOD FOR MANAGING THE RESET OF A DATA PROCESSOR - A method for managing the reset of a data processor comprises receiving a first software reset instruction to reset software for operating the data processor. A checksum or value in a data storage register is modified according to a first preestablished logical or mathematical operation in response to the first software reset instruction. A software watchdog reset flag is set in response to the first software reset instruction. A reset is identified as a software reset if the software watchdog reset flag is set and if the checksum in the data storage register is modified in accordance with the first preestablished mathematical or logical operation. | 2010-12-02 |
20100306519 | SYSTEM AND METHOD FOR MAINTAINING THE SECURITY OF MEMORY CONTENTS AND COMPUTER ARCHITECTURE EMPLOYING THE SAME - A secure memory system and a method of maintaining the security of memory contents. One embodiment of the system includes: (1) a security control module configured to transmit a system memory secure mode signal and processor secure mode signal to place the system in a secure mode, (2) a secure memory bridge coupled to the security control and system memory and configured to encrypt and decrypt data associated with the system memory based on a state of the system memory secure mode signal and (3) a boot processor coupled to the security control module and the secure memory bridge and configured to transmit requests to the secure memory bridge in the secure mode and an unsecure mode. | 2010-12-02 |
20100306520 | ELECTRONIC APPARATUS AND BOOTING METHOD OF THE SAME - An electronic apparatus and a booting method of the same are provided. The booting method of the electronic apparatus, including a non-volatile first storage unit storing a device initialization file and a device execution file, and a volatile second storage unit, includes: loading the device execution file from the first storage unit into the second storage unit at an initial booting; generating reference information about the loaded device execution file; maintaining power supplied to the second storage unit when the electronic apparatus is turned off; loading and executing the device initialization file from the first storage unit into the second storage unit at a rebooting; and executing the device execution file stored in the second storage unit with reference to the reference information. | 2010-12-02 |
20100306521 | METHOD AND SYSTEM FOR ISCSI BOOT IN WHICH AN ISCSI CLIENT LOADS BOOT CODE FROM A HOST BUS ADAPTER AND/OR NETWORK INTERFACE CARD - Certain aspects of a method for iSCSI boot may include loading boot BIOS code from a host bus adapter or a network interface controller (NIC) by an iSCSI client device. A connection may be established to an iSCSI target by the iSCSI client device after loading the boot BIOS code. The boot BIOS code may be chained to at least one interrupt handler over iSCSI protocol. An operating system may be remotely booted from the iSCSI target by the iSCSI client device based on chaining the interrupt handler. An Internet protocol (IP) address and/or location of the iSCSI target may be received. At least one iSCSI connection may be initiated to the iSCSI target based on chaining at least one interrupt handler. The iSCSI target may be booted in real mode if at least one master boot record is located in the memory. | 2010-12-02 |
20100306522 | Method and system of file manipulation during early boot time using portable executable file reference - A system and method for enabling access to user-level data is described. One embodiment includes accessing a user-level portable executable (PE) file. In this embodiment, the boot-loader registry of a computer is modified during an installation period to include a reference to the user-level PE file. The operating system uses the reference during an early boot-time to image the PE file into memory as a boot-file. | 2010-12-02 |
20100306523 | RESTORING A SOURCE FILE REFERENCED BY MULTIPLE FILE NAMES TO A RESTORE FILE - Provided are a method, system, and program for restoring a source file referenced by multiple file names to a restore file. An operation is processed to restore a source file having a first file name to a restore file, wherein the source file is in a state of being accessed by a process. A determination is made as to whether a second file name references the source file. A first temporary file name and a second temporary file name are created that both reference the restore file in response to determining that the second file name references the source file. The first temporary file name is renamed to the first file name and the second temporary file name is renamed to the second file name. After the renaming of the first and second temporary file names, the first and second file names reference the restore file. | 2010-12-02 |
20100306524 | SECURE STORAGE AND ACCELERATED TRANSMISSION OF INFORMATION OVER COMMUNICATION NETWORKS - A system and method for securely storing and transmitting digital information includes a computing device connected to at least one of a network device or a storage device or both. The system and method also includes a communication network connected to the at least one of a network device or the at least one of a storage device, or both. The system and method may include the computing device being configured to receive and receiving at least a portion of one or more first bit streams from an input device, being configured to parse and parsing the at least a portion of the one or more bit streams to form one or more first datasets, being configured to compress and compressing the one or more first datasets to form one or more second datasets, being configured to encrypt and cryptographically modifying the one or more second data sets to form one or more third datasets, being configured to assemble and assembling the one or more third datasets to form at least one second bit stream; and being configured to disperse and dispersing the at least one second bit stream into multiple portions in such a manner that any minimum number of the total number of dispersed portions contains a complete second bit stream, and being configured to output and outputting the total number of dispersed portions to one or more of local and remote data storage devices. | 2010-12-02 |
20100306525 | EFFICIENT DISTRIBUTION OF COMPUTATION IN KEY AGREEMENT - In Transport Layer Security (TLS) or other communication protocols, the load on the server may be lowered by reducing the number of expensive decryption operations that the server has to perform. When a client contacts a server, the client sends the server the client's public key. The server chooses a secret value, encrypts the value with the client's public key, and sends the encrypted value to the client. When the client decrypts the secret, the server and client share a secret value, which may be used to derive an encryption key for further messages. In many key agreement schemes, the client chooses and encrypts the secret value, and the server recovers the value with an expensive decryption operation. By instead having the server choose the value and send it to the client, an expensive decryption operation is redistributed from the server to the client, thereby freeing server resources. | 2010-12-02 |
20100306526 | Staged Establishment of Secure Strings of Symbols - A multi-stage technique of establishing a plurality of secure strings of symbols is disclosed. In the first stage, the illustrative embodiment establishes a first-stage string of symbols with each other node. The first-stage strings are chosen from a first, small, key space, which means that they can be established more quickly than a highly secure key from a large key space. The advantage of the first-stage strings is that it enables the user to transmit secure messages more quickly than messages secured with highly secure strings. The disadvantage of the illustrative embodiment is that the first-stage strings are not as secure as strings from a larger key space. This disadvantage is mitigated, however, by the fact that the first-stage strings are only used for a short amount of time—until the second-stage strings are established in the second stage. | 2010-12-02 |
20100306527 | CONTROLLING THE VALIDITY PERIOD OF A DECRYPTION KEY - The invention provides a method and a system for allowing access to a digital broadcast stream on a client device in a conditional access system, wherein the start time and end time of events in the broadcast stream are predefined. If entitled, a server system transmits for an even the start time and end time to the client device. As long as the current time, which is also transmitted from the server system to the client device, is within the range from the start time to the end time, the client device is allowed to decrypt the broadcast stream. To allow events to extend in time without requiring the generation of a new end time, the start time and end time on the one hand and the current time on the other hand are defined on different timescales. | 2010-12-02 |
20100306528 | SECURED PRESENTATION LAYER VIRTUALIZATION FOR WIRELESS HANDHELD COMMUNICATION DEVICE HAVING ENDPOINT INDEPENDENCE - The connectivity and security of wireless handheld devices (HDs) can he leveraged to provide a presentation appliance (PA) (e.g. a laptop) with an ability to securely communicate with an enterprise's private network. A split-proxy server, with part of it executing on the HD and a part executing on the PA, implements a full HTTP 1.1 compliant Internet/Web Proxy to couple the PA for communication through the HD. Support for the pragmatic keep-alive header, the CONNECT method, socket connection sharing, and thread pooling, enables a fully functional browsing environment to access web-based applications that are built on standard Internet technologies without the need for re-rendering or re-writing the user interfaces to suit the HD. In addition, Intranet web-based applications are made securely accessible without the need for additional VPN and remote access technologies. The PA may be configured to prevent residual storage of sensitive data on the PA. | 2010-12-02 |
20100306529 | SECURE MODEM GATEWAY CONCENTRATOR - The present invention provides a method and system for secure access to computer equipment. An embodiment includes a secure access controller connected to a link between a transceiver (such as a modem) and the computer equipment. Public and private keys are used by the secure access controller and a remote user. The keys are provided to the secure access controller by an authentication server. Once the transceiver establishes a communication link with the user, the access controller uses these keys to authenticate packets issued by the user to the computer equipment. If the packet is authenticated, the access controller passes the packet to the computer equipment. Otherwise, the packet is discarded. Another embodiment includes a secure access controller having a plurality of ports for connection to a plurality of different pieces of computer equipment. The secure access controller thus intermediates communications between the modem and the plurality of different pieces of computer equipment. | 2010-12-02 |
20100306530 | WORKGROUP KEY WRAPPING FOR COMMUNITY OF INTEREST MEMBERSHIP AUTHENTICATION - Methods and systems for managing a community of interest are disclosed. One method includes creating a workgroup key associated with a community of interest, and protecting one or more resources associated with the community of interest using the workgroup key. The method also includes encrypting the workgroup key using a public key associated with an administrator of the community of interest, the public key included with a private key in a public/private key pair associated with the administrator. The method further includes storing the encrypted workgroup key and associating the workgroup key with a user, thereby adding the user to the community of interest. | 2010-12-02 |
20100306531 | Hardware-Based Zero-Knowledge Strong Authentication (H0KSA) - Systems and methods are provided for a device to engage in a zero-knowledge proof with an entity requiring authentication either of secret material or of the device itself. The device may provide protection of the secret material or its private key for device authentication using a hardware security module (HSM) of the device, which may include, for example, a read-only memory (ROM) accessible or programmable only by the device manufacturer. In the case of authenticating the device itself a zero-knowledge proof of knowledge may be used. The zero-knowledge proof or zero-knowledge proof of knowledge may be conducted via a communication channel on which an end-to-end (e.g., the device at one end and entity requiring authentication at the other end) unbroken chain of trust is established, unbroken chain of trust referring to a communication channel for which endpoints of each link in the communication channel mutually authenticate each other prior to conducting the zero-knowledge proof of knowledge and for which each link of the communication channel is protected by at least one of hardware protection and encryption. | 2010-12-02 |
20100306532 | AUTHENTICATION VERIFYING METHOD, AUTHENTICATION VERIFYING MEMBER AND AUTHENTICATION VERIFYING MEMBER PRODUCING METHOD - Authentication verifying for an object to be certified is carried out. An authentication verifying chip in which authentication verifying information is stored is mounted non-removably on a certificate. A confirmation chip in which the authentication verifying information is encrypted by a crypt key of a certificate issuer and is stored is mounted non-removably on the object to be certified. When verifying the authenticity of the object to be certified, the encrypted authentication verifying information in the confirmation chip is decrypted by the crypt key of the certificate issuer, and it is compared to the authentication verifying information in the authentication verifying chip. | 2010-12-02 |
20100306533 | SYSTEM, METHOD, AND APPARATA FOR SECURE COMMUNICATIONS USING AN ELECTRICAL GRID NETWORK - A secure communications and location authorization system using a power line or a potion thereof as a side-channel that mitigates man-in-the-middle attacks on communications networks and devices connected to those networks. The system includes a power grid server associated with a substation, or curb-side distribution structure such as a transformer, an electric meter associated with a structure having electric service and able to communicate with the power grid server, a human authorization detector input device connected to the electric meter and the power grid server. The human authorization detector is able to receive an input from a user physically located at the structure and capable of communicating with the power grid server via the electric meter. The user's physical input into the device causing a request to be sent to the power grid server that then generates a location certificate for the user. Without the location certificate, access to the communications network and devices connected to those networks can be denied. | 2010-12-02 |
20100306534 | ENABLING MULTI-LEVEL SECURITY IN A SINGLE-LEVEL SECURITY COMPUTING SYSTEM - According to an embodiment, a system may comprise a mass storage device that is operable to be coupled to one or more processors. The mass storage device may comprise a base operating system that is operable to be executed by the one or more processors. The base operating system may be operable to implement a single security level. The mass storage device may also comprise a virtual operating system that is operable to be executed by the one or more processors. The virtual operating system may be executed using a virtualization tool that is executed by the base operating system. The virtual operating system may be operable to process information according to a plurality of security levels and communicate the information to one or more computing systems. The information may be communicated according to the plurality of security levels of the information. | 2010-12-02 |
20100306535 | Business To Business Secure Mail - Business to business secure mail may be provided. Consistent with embodiments of the invention, a protected message may be received. The recipient may request a token from a trust broker, submit the token to an authorization server associated with the sender, receive a user license from the authorization server; and decrypt the protected message using the user license. The protected message may restrict actions that may be taken by the recipient, such as forwarding to other users. | 2010-12-02 |
20100306536 | SYSTEM AND METHOD FOR ROUTING MESSAGES BETWEEN APPLICATIONS - A system and method for enabling the interchange of enterprise data through an open platform is disclosed. This open platform can be based on a standardized interface that enables parties to easily connect to and use the network. Services operating as senders, recipients, and in-transit parties can therefore leverage a framework that overlays a public network. | 2010-12-02 |
20100306537 | SECURE MESSAGING - A method for securely transmitting a message to a recipient whilst allowing subsequent access to the message content, wherein at least part of the message is encrypted, comprising the steps of: (a) encrypting a first piece of content with an encryption key; (b) providing a decryption engine at an address on a recipient accessible server; (c) incorporating the address of the recipient accessible server within the message, together with the first piece of encrypted content; (d) transmitting the first piece of encrypted content together with the address of the recipient accessible server to the recipient, such that the recipient is able to decrypt the first piece of content by uploading it to the decryption engine, and (e) authenticating the sender to the recipient. | 2010-12-02 |
20100306538 | Trust Establishment from Forward Link Only to Non-Forward Link Only Devices - A method, apparatus, and/or system are provided for establishing trust between an accessory device and a host device, using a global key known to both the host device and the accessory device, so that content protection for subscriber-based mobile broadcast services is provided. A secure link may be established between the accessory device and the host device so that when the accessory device receives encrypted content via a secured forward link only network, the accessory device may decrypt the content at the forward link only stack. The content is then re-encrypted/re-secured using one or more derived encryption keys and then sent to the host device where it may be decrypted and played back. A global key, unique to the particular device type of the host device, is employed to ultimately derive the session encryption keys used to re-encrypt/re-secure the content conveyed from the accessory device to the host device. | 2010-12-02 |
20100306539 | METHOD AND SYSTEM FOR CONTENT DELIVERY CONTROL USING A PARALLEL NETWORK - A method and system for controlling distribution of content through a communications network uses a second, parallel network for delivery of a transaction indicia to a requesting party. The use of the parallel network enables the transaction indicia to be forwarded to the party independently of the communications network, thereby reducing the probability of a party fraudulently obtaining delivery of the content. Additionally, information associated with the parallel network can be used to restrict distribution of the content to parties within a predetermined domain, such as, for example, a geographical region. The content may be delivered to the party in an encrypted form, preferably using an encryption algorithm and key designed to enable decryption of the content on only the content delivery device from which the request for the content was originated. | 2010-12-02 |
20100306540 | ENCRYPTION PROCESSING METHOD AND ENCRYPTION PROCESSING DEVICE - Provided is an encryption processing device which can effectively improve an encryption processing performance of a secure multi-media communication. The encryption processing device ( | 2010-12-02 |
20100306541 | HASH FUNCTION USING A CARD SHUFFLING PROCESS - In the computer data security field, a cryptographic hash function process embodied in a computer system and which is typically keyless, but is highly secure. The process is based on the type of chaos introduction exhibited by a game process such as the well known shuffling of a deck of playing cards. Computation of the hash value (digest) is the result of executing in a model (such as computer code or logic circuitry) a game algorithm that models the actual game such as a playing card shuffling algorithm using the message as an input to the algorithm, then executing the card shuffling algorithm on the input. A state (order) of the modeled deck of cards after a shuffle (or multiple shuffles) gives the hash digest value. | 2010-12-02 |
20100306542 | Password-authenticated asymmetric key exchange - Communicating keys between network devices on a network using asymmetric cryptographic techniques, for which asymmetric keys may be derived from a single (same) password. Knowledge or partial knowledge of the password may be the only information shared between parties prior to execution of a key exchange, and may be the only criteria by which one party will base trust in the other. A first network device may encrypt a key using a password-based key derived from a password, and authenticate a second device based on the second network device's ability to decrypt the encrypted key using a key derived from the same password. Knowledge of the password may be conveyed by the second device to the first device—a session key may be generated as a function of the decrypted key, and a function of this session key may be communicated from the second device to the first device. | 2010-12-02 |
20100306543 | Method of efficient secure function evaluation using resettable tamper-resistant hardware tokens - An embodiment of the present invention provides a computer implemented method for the transfer of private information of one user to another user—a primitive known as Oblivious Transfer. An output from a strong pseudorandom function generation (SPRFG) is calculated by a first user's computing module based on first and second parameters: the first parameter specifying one of two secret keys; the second parameter being a value selected within the domain of the SPRFG by the first user. The first user is prevented from reading or learning the stored two secret keys. The output is transmitted to a computer of a second user which generates first and second encrypted values that are each based on an inverse SPRFG calculation using the first and second secret keys, respectively, and corresponding private values of the second user. The encrypted values are sent to a first computer of the first user that calculates one of the private values using a mathematical computation based on the second parameter and the one of the first and second encrypted values that corresponds to the one of the first and second key used. | 2010-12-02 |
20100306544 | SECURE COMPUTING ENVIRONMENT IN A TRANSPORTABLE CONTAINER - A secure container can comprise a security server, one or more container servers, and one or more sensors that can detect a breach of the physically secure computing environment provided by the container. A management server external to the container can be informed when the container is sealed and authorized and can subsequently provide a cryptographic key enabling the security server in the container to boot. Each container server can request and receive a cryptographic key from the security server enabling them to boot. If the container is breached, such keys can be withheld and any computing device that is powered off, or restarted, will be unable to complete a subsequent boot. If the container loses a support system and is degraded, so long as the security server does not lose power, it can provide the cryptographic keys to container servers restarted after the degradation is removed. | 2010-12-02 |
20100306545 | COMMUNICATION APPARATUS - A communication apparatus includes: a first storage unit storing a certification authority certificate; a verification unit verifying an electronic signature attached to a first electronic mail received by a receiving unit from a mail server based on the certification authority certificate; an output unit outputting the first electronic mail when a verification result of the verification unit is positive; a deletion unit deleting the first electronic mail from the mail server; a notification unit notifying a user of information regarding a specific certification authority when a specific certification authority certificate is not stored in the first storage unit; an acquiring unit acquiring the specific certification authority certificate; and a storage control unit storing the acquired specific certification authority certificate. The receiving unit again receives the first electronic mail. The verification unit verifies an electronic signature attached to the again received first electronic mail based on the certification authority certificate. | 2010-12-02 |
20100306546 | MOBILE CERTIFICATE DISTRIBUTION IN A PKI - A method of providing certificate issuance and revocation checks involving mobile devices in a mobile ad-hoc network (MANET). The wireless devices communicate with each other via Bluetooth wireless technology in the MANET, with an access point (AP) to provide connectivity to the Internet. A Certificate authority (CA) distributes certificates and certification revocation lists (CRLs) to the devices via the access point (AP). Each group of devices has the name of the group associated with the certificate and signed by the CA. A device that is out of the radio range of the access point may still connect to the CA to validate a certificate or download the appropriate CRL by having all the devices participate in the MANET. | 2010-12-02 |
20100306547 | SYSTEM AND METHODS FOR PROVIDING STATELESS SECURITY MANAGEMENT FOR WEB APPLICATIONS USING NON-HTTP COMMUNICATIONS PROTOCOLS - A gateway server interoperates with client and remote server systems to provide stateless security management for a distributed Web application. A Web client application on the client system initiates a WebSocket connection directed to a remote Web service by performing an authentication challenge directed to a user of the Web-browser client where a secure token is not present in a local store instance corresponding to the client application. The authentication challenge obtains the user credentials and then exchanges the user credentials with the gateway server for a secure token. The secure token is then sent in a protocol specific connect message to the gateway server. The gateway server, in response to receipt of the connect message, initiates a WebSocket connection directed to the remote Web service by inspecting the connect message to recover the secure token, evaluating the secure token to obtain user credentials, injecting the secure token with the user credentials, and sending the connect message to the remote Web service. | 2010-12-02 |
20100306548 | SYSTEM AND METHOD FOR SECURING THE LIFE-CYCLE OF USER DOMAIN RIGHTS OBJECTS - In a method for enabling support for backwards compatibility in a User Domain, in one of a Rights Issuer (RI) and a Local Rights Manager (LRM), a Rights Object Encryption Key (REK) and encrypted REK are received from an entity that generated a User Domain Authorization for the one of the RI and the LRM and the REK is used to generate a User Domain Rights Object (RO) that includes the User Domain Authorization and the encrypted REK. | 2010-12-02 |
20100306549 | METHOD AND DEVICE FOR MANAGING ACCESS CONTROL - In a method for managing access control with locking units, particularly locks, and electronic keys, wherein access authorizations are stored and managed in a central processor, the keys are programmed with authorization information for a pregiven selection of locking units as a function of the respective access authorization, the authorization information is wirelessly sent from a key to a locking unit in the event of an access request, and the access authorization is determined in the locking unit as a function of the received authorization information, the programming of a key comprises the sending of the authorization information via a wireless telecommunication network to a wireless mobile telecommunication device and the transmitting of the authorization information received by the mobile telecommunication device to a memory of the key. | 2010-12-02 |
20100306550 | DEFINING CLASSIFICATION THRESHOLDS IN TEMPLATE PROTECTION SYSTEMS - A method for configuring a biometric template protected authentif ication system, in which the desired classification threshold (T) is first selected to optimize the trade-i off between FAR and FRR of the system, and then the ECC used in the authentif ication process is chosen such that the number (b) of errors which can be corrected thereby is equal to or greater than the selected classification threshold. During authentif ication, the number (b) of errors in a first codeword derived from biometric data associated with a physical object is determined and used in the decision process to accept or reject authentif ication. | 2010-12-02 |
20100306551 | PHYSICALLY MODIFYING A DATA STORAGE DEVICE TO DISABLE ACCESS TO SECURE DATA AND REPURPOSE THE DATA STORAGE DEVICE - A data storage device is disclosed comprising a non-volatile memory and control circuitry operable to evaluate a physical feature of the data storage device, wherein the physical feature is physically alterable by a user. When the physical feature is in a first state, host access to first secure data stored in the non-volatile memory is enabled, and when the physical feature is in a second state, the host access to the first secure data is disabled and host access to second data stored in the non-volatile memory is enabled. | 2010-12-02 |
20100306552 | SYSTEMS AND METHODS FOR PREVENTING UNAUTHORIZED USE OF DIGITAL CONTENT - Theft, distribution, and piracy of digital content (software, video, audio, e-books, any content of any kind that is digitally stored and distributed) is generally accomplished by copying it, if possible, or, if it is protected from being copied in any fashion, such piracy is based upon a number of reverse engineering techniques. Aside from the straightforward copying of unprotected content, all of these other methods require first an understanding of the protective mechanism(s) guarding the content, and finally an unauthorized modification of that protection in order to disable or subvert it. Methods that prevent a skilled individual from using reverse engineering tools and techniques to attain that level of understanding and/or prevent anyone from performing such modifications can offer significant advantages to content creators who wish to protect their products. | 2010-12-02 |
20100306553 | High-throughput cryptographic processing using parallel processing - This invention uses parallel processing to bring greater efficiencies to cryptographic processing of large amounts of data. This technique is scalable, can be applicable for protection of internet data, data moving between data processing centers, data in motion, data going into storage, data coming out of storage and similar large processing operations. | 2010-12-02 |
20100306554 | DISTRIBUTED KEY ENCRYPTION IN SERVERS - Architecture that stores specific passwords on behalf of users, and encrypts the passwords using encryption keys managed by a distributed key management system. The encryption keys are stored in a directory service (e.g., hierarchical) in an area that is inaccessible by selected entities (e.g., administrative users) having superior permissions such as supervisory administrators, but accessible to the account components that need to access the unencrypted passwords. The distributed key management system makes the encryption key stored in the directory service available to all hardware/software components that need the key to encrypt or decrypt the passwords. | 2010-12-02 |
20100306555 | Storage apparatus and authentication method - A storage apparatus includes a key control part to judge a validity of a data access from a request source based on authorization information received therefrom and authorization information created from an enciphering key included in enciphering key information received from a key management apparatus, and a control part to make the data access to the recording medium using the enciphering key in response to an access request from the request source, if the validity of the data access is confirmed. The authorization information from the request source includes a unique code created from the enciphering key if an authentication is successful in the key management apparatus in response to an authentication request from the request source. | 2010-12-02 |
20100306556 | METHOD AND SYSTEM FOR RANDOM DATA ACCESS FOR SECURITY APPLICATIONS - A method for securely handling processing of information in a chip may include randomly selecting one of a plurality of data processes based on a random process index. A time interval may be randomly allocated on the chip, for processing the randomly selected one of the plurality of data processes. When the randomly allocated time interval has elapsed, the randomly selected one of the plurality of data processes may be initiated. The randomly selected one of the plurality of data processes may include one or both of accessing data and acquiring the data. Data may be verified by the randomly selected one of the plurality of data processes prior to the processing of the data. The data may be verified utilizing at least one digital signature verification algorithm, such as a Rivest-Shamir-Adelman (RSA) algorithm and/or a secure hash algorithm (SHA-1). | 2010-12-02 |
20100306557 | COMPUTER WAKE UP CIRCUIT - A computer wake up circuit includes a first control circuit and a second control circuit. The first control circuit has an input terminal configured to receive a first control signal from a first serial device, and an output terminal coupled to a south bridge which is capable of waking up a computer. The second control circuit has an input terminal respectively coupled to a second serial device and an I/O controller, and an output terminal coupled to the south bridge. The second control circuit receives a second control signal from the second serial device. The first and second control circuits respectively outputs a wake up signal to the south bridge to wake up the computer according to the control signals. The I/O controller communicates with the second serial device through the second control circuit, and outputs other control signals to control operations of the second serial device. | 2010-12-02 |
20100306558 | APPARATUS AND METHOD FOR CONTROLLING INPUT POWER - An apparatus and method for controlling an input power according to power management modes of a display device. In a saving mode of the power management modes, a power supply to the system is turned OFF according to an organic operation between components of the system. Thus, because the power supply to a power block within the system is turned OFF all, a consumed power is in a substantially zero state, comparable to a state in which a power plug is physically pulled out. | 2010-12-02 |
20100306559 | POWER-MANAGER CONFIGURATION UPLOAD AND DOWNLOAD METHOD AND SYSTEM FOR NETWORK MANAGERS - A power management system embodiment of the present invention comprises a power manager with a network agent in communication over a network with a network manager. The power manager is connected to control the operating power flowing to various pieces of computer network equipment at a single site. A user is able to assign names to each control port, and the power manager maintains a list of enrolled users who have access. Many operational mode choices are possible, and each can be configured by the user while remote from the power manager. The power manager can be commanded to upload a user configuration list, and it can be commanded to accept a downloaded user configuration list. | 2010-12-02 |
20100306560 | Power Management in a Virtual Machine Farm at the Local Virtual Machine Platform Level by a Platform Hypervisor Extended with Farm Management Server Functions - Power management for a virtual machine farm in which each hypervisor respectively serving each virtual machine platform in the farm is provided with an extended hypervisor function coacts with functions provided by the connection broker and the manual configuration interface of the virtual machine farm management server for managing each respective virtual machine platform to maximize the time that each platform is in the reduced power state. | 2010-12-02 |
20100306561 | INFORMATION PROCESSING APPARATUS AND POWER CONTROL METHOD - According to one embodiment, an information processing apparatus includes a wireless communication device and a power management module. The power management module is configured to transmit, in response to disconnection of an external power supply device from a power connector of the information processing apparatus, a command instructing turn-off of a power supply circuit within the external power supply device to a wireless communication circuit within the external power supply device via the wireless communication device. | 2010-12-02 |
20100306562 | CIRCUIT FOR FACILITATING COMPUTER SYSTEM WAKING UP FROM SLEEP STATE - A circuit for a computer system, includes a pulse width module (PWM) module and a control circuit. The PWM module is capable of converting a first voltage to a second voltage. The first voltage is capable of decreasing slower than the second voltage to have the PWM module entering in an unwanted state when the computer system is changed from a first state to a second state. The PWM module includes a disabling pin capable of locking the PWM module when a voltage of the disabling pin is low. The control circuit includes a control pin connected to the disabling pin, a ground pin connected to ground, and a monitoring pin capable of monitoring the computer system being changed from a first state to a second state to control the control pin and the ground pin to pull the disabling pin low to lock the PWM module to prevent the PWM module from entering in the unwanted state. | 2010-12-02 |
20100306563 | COMPUTER SYSTEM FOR SAVING POWER CONSUMPTION OF A STAND-BY/POWER-OFF STATE AND METHOD THEREOF - A computer system consists of a plurality of electronic elements and a switch control circuit. The switch control circuit controls the computer system to enter a stand-by/power off state from a normal state when the computer system receives a stand-by/power off command under the normal state, and stops outputting a stand-by power having at least one stand-by voltage level to at least one part of electronic elements among the plurality of electronic elements. At this time, the computer system has entered a simulated mechanical off state from the stand-by/power off state. A number of electronic elements supplied by the stand-by power when the computer system lies under the simulated mechanical off state is smaller than a number of electronic elements supplied by the stand-by power when the computer system lies under the stand-by/power off state. | 2010-12-02 |
20100306564 | INFORMATION PROCESSING APPARATUS AND CONTROL METHOD OF INFORMATION PROCESSING APPARATUS - According to one embodiment, an information processing apparatus from which a display module is detachable, the apparatus includes a processor configured to executes arithmetic processing, a controller configured to communicate with an external device, a detector configured to detect an attachment and a detachment of the display module, a determination module configured to determine whether the apparatus is permitted to be switched to a sleep state when the detector detects the detachment, a switching module configured to switch the apparatus to the sleep state when the determination module determines that the apparatus is permitted to be switched to the sleep state, and a lock module configured to inhibit a communication between the external device and the controller and to invalidate an input of data from an input device to the processor when the determination module determines that the apparatus is not permitted to be switched to the sleep state. | 2010-12-02 |
20100306565 | INFORMATION PROCESSOR AND POWER SUPPLY METHOD - According to one embodiment, an information processor capable of supplying power to an external device includes a connector, a storage module, a receiver, a selector, and a power supply controller. The connector connects the external device to the information processor. The storage module stores identification information that identifies the external device and a power supply mode in association with each other. The power supply mode defines a condition of each element of the information processor to cause the external device to be chargeable. The receiver receives the identification information from the external device connected to the information processor. The selector selects the power supply mode stored in the storage module in association with the identification information. The power supply controller sets the element of the information processor according to the condition defined by the power supply mode. | 2010-12-02 |
20100306566 | SYSTEMS AND METHODS FOR POWER MANAGEMENT IN MANAGED NETWORK HAVING HARDWARE-BASED AND VIRTUAL RESOURCES - Embodiments relate to systems and methods for power management in a managed network having hardware-based and virtual resources. A network management platform can host a power management engine to configure and manage the power operations of a mixed set of hardware-implemented and virtual machines. The virtual machines can be instantiated, for instance, via a mainframe platform and/or a cloud computing environment. The power management engine can maintain a power management settings indicating power management rules or preferences for the managed network. The power management settings can contain rules or commands, for instance, to sequence the power-on or power-off order between different hardware-implemented or virtual machines, based for instance on dependency orders or predetermined schedules. | 2010-12-02 |
20100306567 | METHOD FOR OPERATION OF A FIELD DEVICE IN A MATCHED-POWER MODE - A method for operating a field device of process automation technology, wherein the field device features a fieldbus communication interface, to which a wireless adapter is connected. The field device can be supplied with electrical power by the wireless adapter via the fieldbus communication interface; and an electrical current flowing over the fieldbus communication interface is not limited, so that it can freely adjust corresponding to a respective power requirement. | 2010-12-02 |
20100306568 | SYMMETRICAL CLOCK DISTRIBUTION IN MULTI-STAGE HIGH SPEED DATA CONVERSION CIRCUITS - Provided is a high speed bit stream data conversion circuit that includes input ports to receive first bit streams at a first bit rate. Data conversion circuits receive the first bit streams and produce second bit stream(s), wherein the number and bit rate of the first and second bit stream(s) differ. Symmetrical pathways transport the first bit streams from the input ports to the data conversion circuits, wherein their transmission time(s) are substantially equal. A clock distribution circuit receives and symmetrically distributes a clock signal to data conversion circuits. A central trunk coupled to the clock port and located between a first pair of circuit pathways with paired branches that extend from the trunk and that couple to the data conversion circuits make up the clock distribution circuit. The distributed data clock signal latches data in data conversion circuits from the first to the second bit stream(s). | 2010-12-02 |
20100306569 | DATA FLOW CONTROL IN MULTIPLE INDEPENDENT PORT - A system includes a memory controller and a plurality of memory devices connected in-series that communicate with the memory controller. Each of the memory devices has multiple independent serial ports for receiving and transmitting data. The memory controller a device address (DA) or ID number for designating a device that executes a command. Data contained in the command sent by the memory controller is captured by an individual link control circuit, in response to internally generated clock with appropriate latencies. The captured data is written into a corresponding memory bank. The data stored in one of a plurality of memory banks of one memory device is read in accordance with the addresses issued by the memory controller. The read data is propagated from the memory device through the series-connected memory devices to the memory controller. | 2010-12-02 |
20100306570 | ASYNCHRONOUS INTERFACE CIRCUIT AND DATA TRANSFER METHOD - An asynchronous interface circuit for transferring a data stream between different clock domains, the asynchronous interface circuits includes a data holding circuit for sequentially receiving and transferring data of the data stream in synchronism with a first clock signal, and holding the received data until an input of a next data, an asynchronous memory for sequentially receiving the data held in the data holding circuit in synchronism with the first clock signal and for outputting the data in the order of inputting in synchronism with a second clock signal. The asynchronous interface circuit further includes a monitor for detecting an operating state of the asynchronous memory, and a selector for selecting one of the data output from the asynchronous memory and the data output from the data holding circuit on the basis of a detecting result of the monitor. | 2010-12-02 |
20100306571 | MULTIPLE MEDIA ACCESS CONTROL (MAC) ADDRESSES - A method for providing multiple media access control (MAC) addresses in a device of a master/slave system may include providing a first MAC address in a MAC address storage of the device. The method may also include providing a second MAC address in a multicast table entry of a multicast hash filter of the device. | 2010-12-02 |
20100306572 | Apparatus and method to facilitate high availability in secure network transport - Embodiments described herein are effective to detect, repair and recover automatically IPSec tunnels due to failures of transport gear (L2/L3 switches) as well as the IPsec gateway components. Load balance is also an integral part of the approach. When a failure is repaired, the architecture in various embodiments will re-establish load balance and high availability automatically at L2 and L3 and preserve security during the switch-over and recovery process. | 2010-12-02 |
20100306573 | FENCING MANAGEMENT IN CLUSTERS - Apparatus, systems, and methods may operate to detect a failure in a failed one of a plurality of nodes included in a cluster, and to fence a portion of the plurality of nodes, including the failed one. Membership in the portion may be determined according to an aggregated value of weighted values assigned to resources and/or services associated with the cluster. Additional apparatus, systems, and methods are disclosed. | 2010-12-02 |
20100306574 | COMMUNICATION METHOD, COMMUNICATION SYSTEM, NODE, AND PROGRAM - The processing load of a path control message on a node due to a link fault is reduced, a normal routing operation is assured, and the stable continuity of a network is realized. The node having received the path control message transmits the path control message to the adjacent node having transmitted the path control message and at least one or more adjacent nodes on an alternate path. | 2010-12-02 |
20100306575 | PATH CHANGEOVER SUPPORT DEVICE AND METHOD - Port management information is prepared for managing information related to the status of each of a plurality of ports possessed by a storage system in a unified manner. Change of the status related to any one of a plurality of ports from “normal” to anomalous is detected. For a subject external device which is using the anomalous path as an I/O path, a “normal” port is selected, on the basis of the port management information, from one or more ports related to one or more paths which are being used as alternate paths. And information related to this “normal” port which has been selected is notified to the subject external device. During path changeover, the subject external device selects as an I/O path an alternate path which is related to the “normal” port specified from the notified information. | 2010-12-02 |
20100306576 | STORAGE SYSTEM AND STORAGE CONTROL APPARATUS - A storage system includes first and second expanders for connecting storage units, each of the first and second expanders being connected cascade each other, a first controller connected one of the first and one of the second expanders and a host, a second controller connected the one of the second expanders, the one of the first expanders and the host, the second controller detecting a failure of at least one of the first controller, the first expanders and the second expanders, the second controller selectively controlling a first boot sequence which boots the first controller after the first expanders have been booted and a second boot sequence which boots the first controller before the first expanders have been booted, determining one of the first boot sequence and the second boot sequence on the basis of a place where a failure has occurred in a recovery process. | 2010-12-02 |
20100306577 | Systems and Methods for Managing End of Life in a Solid State Drive - Various embodiments of the present invention provide systems and methods for managing solid state drives. As an example, a storage system is described that include at least a first flash memory block and a second flash memory block, and a control circuit. The first flash memory block and the second flash memory block are addressable in the storage system. The control circuit is operable to identify the first flash memory block as partially failed, receive a write request directed to the first flash memory block; and direct the write request to the second flash memory block. | 2010-12-02 |
20100306578 | RANGE BASED REBUILDER FOR USE WITH A DISPERSED DATA STORAGE NETWORK - A message is generated by a computer operating on a dispersed data storage network indicating the inaccessibility of a plurality of data slices. A rebuilder application operates on the dispersed data storage grid and rebuilds inaccessible data slices, including those identified by the message. | 2010-12-02 |
20100306579 | NONVOLATILE MEMORY DEVICE AND METHOD OF PROGRAMMING THE SAME - A nonvolatile memory device and its programming method includes a memory block having a number of memory cells, a page buffer unit coupled to the memory block and configured to temporarily store program data, to transmit the program data to the memory block, to perform a program operation for the program data, and to output the stored program in response to the memory block being treated as being a bad block, and a control unit configured to transmit the program data to the memory block, temporarily store the program data outputted from the page buffer unit, and transmit the stored program data to another page buffer unit coupled to another memory block. | 2010-12-02 |
20100306580 | Systems and Methods for Governing the Life Cycle of a Solid State Drive - Various embodiments of the present invention provide systems and methods for data storage. As an example, storage devices are disclosed that include a plurality of memory blocks, an unreliable block identification circuit, and a partial failure indication circuit. Each of the plurality of memory blocks includes a plurality of memory cells that decrease in reliability over time as they are accessed. The unreliable block identification circuit is operable to determine that one or more of the plurality of memory blocks is unreliable, and the partial failure indication circuit is operable to disallow write access to the plurality of memory blocks upon determination that an insufficient number of the plurality of memory blocks remain reliable. | 2010-12-02 |
20100306581 | SOLID STATE STORAGE END OF LIFE PREDICTION WITH CORRECTION HISTORY - Described embodiments provide for end-of-life (EOL) checking for NAND flash devices. An exemplary implementation of a computing environment comprises at least one NAND data storage device operative to store one or more data elements. In the illustrative implementation, the EOL data processing and storage management paradigm allows for the storage of data according using a selected EOL enforcement algorithm that can utilize current and/or historical correction levels. The NAND data storage EOL checking module can be operable to cooperate with one or more NAND data store components to execute one or more selected EOL operations to protect stored data. | 2010-12-02 |
20100306582 | METHOD OF OPERATING NONVOLATILE MEMORY DEVICE - A method of operating a nonvolatile memory device includes performing a program operation on memory cells included in a selected page, checking whether a verification operation for the programmed memory cells is passed or failed by performing the verification operation, counting a number of error bits for the selected page, if the verification operation is failed, performing an error checking and correction (ECC) algorithm using an error correction circuit, if the counted number of error bits is less than or equal to a number of correctable bits, and storing the counted number of error bits in a specific one of a plurality of memory blocks. | 2010-12-02 |
20100306583 | Memory Systems and Defective Block Management Methods Related Thereto - Memory systems and related defective block management methods are provided. Methods for managing a defective block in a memory device include allocating a defective block when a memory block satisfies a defective block condition. The allocated defective block is cancelled when the allocated defective block satisfies a defective block cancellation condition. | 2010-12-02 |
20100306584 | CONTROLLER AND CONTROL METHOD FOR A CONTROLLER - A controller and a control method for a controller can simplify application development and can improve the performance of device control processes. When a request is received from an application | 2010-12-02 |
20100306585 | METHOD AND SYSTEM TO PERFORM TIME CONSUMING FOLLOW-UP PROCESSES - A computer system may receive an instruction to perform an action on an object. A schedule manager may identify a set of processes associated with the action that need to be performed by the computer system. A subset of primary process and a subset of secondary processes may be identified from the set of processes associated with the action. The schedule manager may schedule an asynchronous process to perform the subset of secondary processes on the object. The computer system may perform the subset of primary processes on the object. The subset of secondary process may be performed by the asynchronous process based upon the scheduling. | 2010-12-02 |
20100306586 | Storage apparatus and method of data processing - A storage apparatus includes a backup processing unit that stores data stored in a first memory into a second memory as backup data upon occurrence of a power failure, a restore processing unit that upon recovery from the power failure restores the backup data backed up in the second memory to the first memory and erases the backup data, and an erasure processing termination unit that terminates the erasure processing upon a power failure occurring during erasure processing for erasing the backup data stored in the second memory, and a re-backup processing unit that re-backs up data in the first memory corresponding to the backup data erased from the second memory before the erasure processing is terminated by the erasure processing termination unit to a location in the second memory subsequent to a last location that contains the backup data which has not been erased. | 2010-12-02 |
20100306587 | COMPUTATIONALLY EFFICIENT TIERED INFERENCE FOR MULTIPLE FAULT DIAGNOSIS - A computer based method and system for tiered inference multiple fault diagnosis is provided. The method includes using a computer processor to dissect a hypothesis space representing a production system having a plurality of production modules into tiers. Production modules in the current tier are partitioned into a group or a set of sub-groups. A fault diagnosis algorithm is applied to the group of each sub-group to identify an acceptable fault diagnosis. When no acceptable fault diagnosis is found, the process moves to the next tier to perform further investigations. The process continues to move to higher tiers until an acceptable fault diagnosis is obtained or the system instructs the process to end. | 2010-12-02 |
20100306588 | Intelligent Integrated Diagnostics - A diagnostic tools and methods are disclosed. The diagnostic tool is configured or operable to nominate a commonly connected component in a target system as being faulty if more than a pre-determined number of active components connected to the commonly connected component appear faulty. | 2010-12-02 |
20100306589 | COMPUTER CHIP SET HAVING ON BOARD WIRELESS INTERFACES TO SUPPORT TEST OPERATIONS - A method and apparatus are provided for an embedded wireless interface that is embedded in, for example, one of an input and output controller device for controlling input and output communications with off-board devices, within a memory controller device and a processor motherboard. The embedded wireless interface may be utilized as a wireless test access point to provide signal stimulations for test purposes or to monitor communications over a specified wired communication link. | 2010-12-02 |
20100306590 | Automated Testing Platform for Event Driven Systems - A platform for the automated testing of event driven software applications is provided. A source environment is replicated to a target environment. The target environment includes a target system. A test case is defined with a target system, specific attributes and verification information. The attributes of the test case include the target system. The test case is fired. An event is simulated for the test case based on the target system and the specific attributes. The simulated event is transmitted to the target environment. The results of the test case being fired are determined based on verification information. The results are recorded to a data store. | 2010-12-02 |
20100306591 | METHOD AND SYSTEM FOR PERFORMING TESTING ON A DATABASE SYSTEM - There is provided a system and method for performing testing on a database system comprising a query optimizer, the query optimizer having an optimizer plan space comprising a plurality of query plans. An exemplary method comprises generating a plurality of queries programmatically according to a template query by varying at least one of an operation, a predicate or a parameter to produce a plurality of query plans. The exemplary method also comprises optimizing the plurality of queries using the query optimizer to collect the plurality of query plans and selecting a subset of queries from the plurality of queries using the query optimizer, the subset of queries comprising queries with distinct query plans that substantially cover the optimizer plan space. The exemplary method additionally comprises executing the subset of queries on the database system to identify an inefficiency of the database system. | 2010-12-02 |
20100306592 | COMPUTER SYSTEM ON AND OFF TEST APPARATUS AND METHOD - A computer system on/off test apparatus includes a time control unit receiving a time interval value and a repetition value, a detecting unit detecting signal parameters of the computer system, and a test control unit receiving an external power supply and switching the power connection between the external power supply and the computer system. The test control unit saves a number of acceptable ranges. The test control unit receives a power-on status signal returned from the computer system in response to the computer system is powered. The test control unit determines whether the power-on status signal is correct and the detected signal parameters of the computer system are within the acceptable ranges correspondingly. The test control unit turns off the computer system after the interval time, and then turns on the computer system to repeat the above process until the test number of tests reaches the repetition value. | 2010-12-02 |
20100306593 | AUTOMATIC BUG REPORTING TOOL - An apparatus and a method for detecting and reporting malfunctions in computer programs is described. A malfunction detector detects at least one type of a software malfunction as defined in a configurable malfunction library. A data collector collects data of the software malfunction. A crash reporter reports the crash report in a manner specified in a configurable reporting library corresponding to the type of software malfunction to one or more remote computers. | 2010-12-02 |
20100306594 | LOGICAL ENTITY FAULT ISOLATION IN NETWORK SYSTEMS MANAGEMENT - Various embodiments include one or more of systems, methods, and software to provide a status of a logical entity between entity models in network management systems, such as for fault isolation, in an efficient manner. Some embodiments, when receiving requests for a status of a logical entity while already in the process of determining the status in response to a previously received request, include adding an identifier of the subsequent requestor to a status requestor list and not responding to or taking any further action with regard to the request from the subsequent requestor until the status in response to the first received status request is determined. | 2010-12-02 |
20100306595 | SCENARIO CREATING APPARATUS, SCENARIO CREATING METHOD, AND STORAGE MEDIUM STORING SCENARIO CREATING PROGRAM - A scenario creating apparatus which creates a scenario for verifying operation of an information processing system in which a plurality of servers including a database server are connected, includes a collector that collects messages transmitted and received between the plurality of servers, when operation of the information processing system is being verified by a terminal apparatus that performs verification of operation; an association unit that associates the collected messages with each other; a sorter that sorts work models in ascending order of time at which access is made to the database server, the work models each being a group of the associated messages; and a scenario creating unit that creates the scenario on the basis of the sorted work models. | 2010-12-02 |
20100306596 | METHOD OF ASCERTAINING PRIMARY CAUSE OF MEMORY CONSUMPTION IN PROGRAM, AND COMPUTER SYSTEM AND COMPUTER PROGRAM FOR THE SAME - A method of holding information for identifying a cause for an object becoming problematic and presenting the information to a user. The method ascertains the cause of memory consumption by a program in a computer system. This method includes: acquiring a first call path related to the creation of an object from a memory; acquiring a second call path related to the connection to the object from the memory; and determining a common part of the acquired first and second call paths, wherein the common part indicates the cause in the program. | 2010-12-02 |
20100306597 | AUTOMATED IDENTIFICATION OF PERFORMANCE CRISIS - Methods for automatically identifying and classifying a crisis state occurring in a system having a plurality of computer resources. Signals are received from a device that collects the signals from each computer resource in the system. For each epoch, an epoch fingerprint is generated. Upon detecting a performance crisis within the system, a crisis fingerprint is generated consisting of at least one epoch fingerprint. The technology is able to identify that a performance crisis has previously occurred within the datacenter if a generated crisis fingerprint favorably matches any of the model crisis fingerprints stored in a database. The technology may also predict that a crisis is about to occur. | 2010-12-02 |
20100306598 | Operating Computer Memory - Operating computer memory in a computer including dynamically monitoring, by a predictive failure analysis (‘PFA’) module, correctable memory errors and memory temperature and managing cooling resources in the computer in dependence upon the correctable memory errors and memory temperature. | 2010-12-02 |
20100306599 | Method and System for Throttling Log Messages for Multiple Entities - A software module capable of simultaneously supporting multiple services provides log message throttling for each service with a separate “per service” log message buffer. When the software module is a device driver, for example, each device controlled by the device driver is allocated a message buffer to store descriptive log messages. Upon generation of a warning log message, descriptive log messages in the message buffer are flushed to a log file for review by an administrator. Furthermore, log message throttling may be implemented by only flushing the message buffer upon certain occurrences of warning log messages, such as in accordance with an exponential back-off algorithm. | 2010-12-02 |
20100306600 | CANDIDATE-PATCH SELECTING APPARATUS, COMPUTER PRODUCT, AND METHOD - A candidate-patch selecting apparatus includes a detector configured to detect a failure of a computer; an obtaining unit configured to obtain record information for the computer, recorded at the time when the failure detected by the detector occurred; an extractor configured to extract from the record information obtained by the obtaining unit, information identifying the failure; an identifying unit configured to identify, based on a database that stores therein patches and respective selection conditions, a patch for which selection conditions are satisfied by the extracted information identifying the failure; and an output unit configured to output an identification result acquired by the identifying unit. | 2010-12-02 |
20100306601 | INTEGRATED MICROPROCESSOR SYSTEM FOR SAFETY-CRITICAL CONTROL SYSTEMS - An integrated microprocessor system for safety-critical control systems, comprising at least two microprocessor system modules each comprising at least one processor core, a read/write memory and a memory protection unit, and a read-only memory which is jointly assigned to the processor cores of the microprocessor system modules. Each of the microprocessor system modules executes a main program and a monitoring program which may comprise a plurality of subprograms. If the memory protection unit detects unauthorized operations by one of the programs for accessing a separate address area (A, B) of another program, then the respective memory protection unit assigns a separate address area (A, B) of the read/write memory to the main program and to the monitoring program. | 2010-12-02 |
20100306602 | SEMICONDUCTOR DEVICE AND ABNORMALITY DETECTING METHOD - A semiconductor device comprises: a task state storage configured to store an executing state of a processing task of software executed by a CPU and to output an executing state signal to show the executing state of the processing task; a task validity judging section configured to acquire an interruption signal corresponding to the processing task based on a control of the CPU and the execution state signal, and to output a valid signal when the processing task is executed validly; a clear signal output section configured to output a clear signal in response to the valid signal; and a watchdog timer configured to clear a timer count value when the clear signal is acquired within a prescribed time and to output a reset signal when the clear signal is not acquired within the prescribed time. | 2010-12-02 |
20100306603 | Segmented and Overlapped skew tracking method for serdes frame interface Level 5 - A method and device for performing skew detection on data transmitted over a data channel and a high speed optical communication interface including the device are disclosed, wherein data of a reference frame over a reference channel is composed sequentially of a reference data segment with a length of Umax over each of data channels to be subject to skew detection. The method includes: S1) performing the following on one frame of data transmitted over one data channel in a period of one frame: a) dividing the frame of data into a plurality of data blocks according to the maximum allowable skew detection range Rmax; b) dividing each of the data blocks into a plurality of segments each with the length of Umax; c) serially comparing each of the segments in the respective data blocks with the corresponding reference data segment, respectively, to derive skew detection results of all the segments in the respective data blocks; and d) for each of the data blocks, selecting the skew detection result of one of all the segments in the data block as a skew detection result of the data block; and S2) selecting a skew detection result with the maximum skew from among the skew detection results of all the data blocks as a skew detection result of the frame of data. | 2010-12-02 |
20100306604 | METHOD AND CIRCUIT FOR BROWNOUT DETECTION IN A MEMORY SYSTEM - Detecting brown-out in a system having a non-volatile memory (NVM) includes loading data in the NVM, wherein a next step in loading is performed on a location in the NVM that is logically sequential to an immediately preceding loading. A pair of adjacent locations include one with possible data and another that is empty. Determining which of the two, if at all, have experienced brownout includes using two different sense references. One has a higher standard for detecting a logic high and the other higher standard for detecting a logic low. Results from using the two different references are compared. If the results are the same for both references, then there is no brownout. If the results are different for either there has been a brownout. The location with the different results is set to an invalid state as the location that has experienced the brownout. | 2010-12-02 |
20100306605 | Apparatus and Method for Manufacturing a Multiple-Chip Memory Device - A method for manufacturing a multiple-chip memory device includes making a volatile memory element on a semiconductor substrate, examining the volatile memory element for one or more initial errors, correcting the one or more initial errors on the semiconductor substrate, incorporating the volatile memory element into the multiple-chip memory device, and incorporating a non-volatile memory element into the multiple-chip memory device. The volatile memory element is examined for one or more secondary errors, after incorporating the volatile memory element and the non-volatile memory element into the multiple-chip memory device. Repair information is stored in a non-volatile memory element, the repair information identifying the one or more secondary errors. | 2010-12-02 |