52nd week of 2014 patent applcation highlights part 68 |
Patent application number | Title | Published |
20140379959 | MAP RECYCLING ACCELERATION - An apparatus having a processor and a circuit is disclosed. The processor is generally configured to initiate an operation to recycle a plurality of source blocks in a memory that is nonvolatile. The circuit is generally configured to (i) search through a first of a plurality of levels in a map that defines a plurality of translations between a plurality of logical addresses used at an interface to a computer and a plurality of physical addresses used in the memory and (ii) notify the processor in response to a detection in the first level of one or more of the source blocks to be recycled that contain valid data. | 2014-12-25 |
20140379960 | BACKGROUND REORDERING - A PREVENTIVE WEAR-OUT CONTROL MECHANISM WITH LIMITED OVERHEAD - Embodiments of the present disclosure describe background reordering techniques and configurations to prevent wear-out of an integrated circuit device such as a memory device. In one embodiment, a method includes receiving information about one or more incoming access transactions to a memory device from a processor, determining that a wear-leveling operation is to be performed based on a cumulative number of access transactions to the memory device, the cumulative number of access transactions including the one or more incoming access transactions, and performing the wear-leveling operation by mapping a first physical address of the memory device to a second physical address of the memory device based on a pseudo-random mapping function, and copying information from the first physical address to the second physical address. Other embodiments may be described and/or claimed. | 2014-12-25 |
20140379961 | DATA ENCODING FOR NON-VOLATILE MEMORY - A data storage device includes a memory and a controller. Mapping circuitry is configured to apply a mapping to received data to generate mapped data to be stored into the memory. The mapping is configured to reduce an average number of state changes of storage elements per write operation and is independent of the states of the storage elements prior to the writing of the mapped data. | 2014-12-25 |
20140379962 | DATA ENCODING FOR NON-VOLATILE MEMORY - A data storage device includes a memory and a controller. Mapping circuitry is configured to apply a mapping to received data to generate mapped data to be stored into the memory. The mapping is configured to increase average reliability by reducing an average number of state changes of storage elements per write operation and to reduce average write time by reducing a number of operations for storing the mapped value into the storage elements. | 2014-12-25 |
20140379963 | STORAGE SYSTEM, STORAGE DEVICE, AND CONTROL METHOD OF STORAGE SYSTEM - The storage device includes multiple NAND devices each of which performs a process on the basis of a command; a command management unit that issues the command from a host to one of the NAND devices specified by the command and that sends an issue completion notification of the issued command to the host; and a state notifying unit that notifies, based on whether each of the NAND devices performs a predetermined process, the host whether each of the NAND devices is ready to accept the command. The host includes a NAND control unit that selects one of the NAND devices that is ready to accept the command based on the notification from the state notifying unit when the issue completion notification is received and sends, to the command management unit, a command to allow the selected one of the NAND devices to perform the process. | 2014-12-25 |
20140379964 | DATA STORAGE DEVICE AND DATA FETCHING METHOD FOR FLASH MEMORY - A data storage device is provided. The data storage device, coupled to a host, includes: a flash memory; and a controller, configured to control accessing of the flash memory; wherein when the host performs random data accessing to the flash memory, the controller retrieves address information of a corresponding block and a corresponding page in the flash memory associated with first data to be read based on a global mapping table, and pre-fetches the corresponding page from the flash memory based on the address information; wherein when the controller obtains the address information, the controller further determines whether the first data is located in a current buffer block based on a local mapping table; wherein when the first data is located in the current buffer block, the controller further cancels the pre-fetched corresponding page, and reads the first data from the current buffer block. | 2014-12-25 |
20140379965 | ADAPTIVE CACHE MEMORY CONTROLLER - A system comprises a partitioning module and a writing module. The partitioning module is configured to partition each of a plurality of solid-state disks into a plurality of blocks. Each of the plurality of blocks has a predetermined size. The writing module is configured to write data to one or more of the plurality of solid-state disks in a sequence starting from a first block of a first solid-state disk of the plurality of solid-state disks to a first block of a last solid-state disk of the plurality of solid-state disks, and subsequently starting from a second block of the first solid-state disk to a second block of the last solid-state disk. In each of each of the plurality of the plurality of solid-state disks, the second block is subsequent to the first block. | 2014-12-25 |
20140379966 | Distributed Storage Service Systems and Architecture - Various methods, devices and systems are described for providing distributed storage services. A data storage device is capable of initiating a communication session with an external entity such as a local host computer (and vice versa) coupled directly to the data storage device, a remote server computer, or directly with remote data storage devices with or without intervention by a local host computer. | 2014-12-25 |
20140379967 | CLOCK SIGNAL GENERATOR FOR A DIGITAL CIRCUIT - A computer has a mother board upon which is mounted, a millimetre wave oscillator and a central processing unit (CPU). The millimetre wave oscillator is operable to generate a clock signal and transmit this to the CPU via a link. The clock signal may be employed as a system clock signal and a processing clock signal for the CPU. The millimetre wave oscillator allows higher frequency clock signals than are currently available whilst generating significantly less heat. Therefore, the CPU may not require any cooling system and if it does then a smaller cooling system than is required by the prior art will suffice. Furthermore, the CPU will be more stable. This arrangement requires less power than prior art arrangements and therefore may increase the battery life of a computer. | 2014-12-25 |
20140379968 | MEMORY SYSTEM HAVING A PLURALITY OF WRITING MODE - According to one embodiment, a memory system includes a non-volatile semiconductor memory, a block management unit, and a transcription unit. The semiconductor memory includes a plurality of blocks to which data can be written in both the first mode and the second mode. The block management unit manages a block that stores therein no valid data as a free block. When the number of free blocks managed by the block management unit is smaller than or equal to a predetermined threshold value, the transcription unit selects one or more used blocks that stores therein valid data as transcription source blocks and transcribes valid data stored in the transcription source blocks to free blocks in the second mode. | 2014-12-25 |
20140379969 | MEMORY CHANNEL CONNECTED NON-VOLATILE MEMORY - An apparatus includes a printed circuit board with a plurality of printed circuit board traces, a memory controller mounted on the printed circuit board coupled to one or more of the plurality of printed circuit board traces, a plurality of non-volatile type of memory integrated circuits coupled to the printed circuit board, and a plurality of support integrated circuits coupled between the memory controller and the plurality of non-volatile type of memory integrated circuits. | 2014-12-25 |
20140379970 | FLASH MEMORY DEVICE WITH MULTI-LEVEL CELLS AND METHOD OF WRITING DATA THEREIN - In one aspect, a method of writing data in a flash memory system is provided. The flash memory system forms an address mapping pattern according to a log block mapping scheme. The method includes determining a writing pattern of data to be written in a log block, and allocating one of SLC and MLC blocks to the log block in accordance with the writing pattern of the data. | 2014-12-25 |
20140379971 | VIDEO DISTRIBUTION SERVER AND SSD CONTROL METHOD - According to one embodiment, a video distribution server includes an SSD and an SSD operator. The SSD includes a storage medium and a controller. The controller executes a wear leveling process on the storage medium. The SSD operator gives the controller an instruction to disable a wear leveling function. The wear leveling function provides the wear leveling process. | 2014-12-25 |
20140379972 | MEMORY DEVICE, CONTROL METHOD FOR THE MEMORY DEVICE, AND CONTROLLER - During normal power operation, an erased free block is prepared in nonvolatile memory so that at least one erased free block is continuously available as a standby block. If a power failure occurs, volatile data and its address conversion information are written into the standby block in the nonvolatile memory. | 2014-12-25 |
20140379973 | GARBAGE COLLECTION MANAGEMENT IN MEMORIES - The disclosure is related to systems and methods of managing a memory. In a particular embodiment, a memory channel is disclosed that includes multiple memory units, with each memory unit comprising multiple garbage collection units. The memory channel also includes a controller that is communicatively coupled to the multiple memory units. The controller selects a memory unit of the multiple memory units for garbage collection based on a calculated number of memory units, of the multiple memory units, to garbage collect. | 2014-12-25 |
20140379974 | STORAGE SYSTEM COMPRISING FLASH MEMORY, AND STORAGE CONTROL METHOD - A storage system has a plurality of flash packages, and a storage controller for receiving a write request from a host and sending a write-data write request based on data conforming to this write request to a write-destination flash package. A virtual capacity, which is larger than the physical capacity of the flash package, is defined in the storage controller. The storage system compresses the write data, and writes the compressed write data to the write-destination flash chip. | 2014-12-25 |
20140379975 | PROCESSOR - According to one embodiment, a processor includes a core controlling processing data, a cache data area storing the processing data as cache data in a nonvolatile manner, a first tag area storing a tag data of the cache data in a volatile manner, a second tag area storing the tag data in a nonvolatile manner, a tag controller controlling the tag data. The tag controller determines whether the processing data is stored in the cache data area by acquiring the tag data from one of the first and second tag areas. | 2014-12-25 |
20140379976 | MEMORY CONTROLLER AND ASSOCIATED SIGNAL GENERATING METHOD - A memory controller and an associated signal generating method are provided. A generating sequence of commands is properly arranged to enlarge latching intervals of an address signal and a bank signal for stable access of a DDR memory module. | 2014-12-25 |
20140379977 | DYNAMIC/STATIC RANDOM ACCESS MEMORY (D/SRAM) - Dynamic/static random access memory (D/SRAM) cell, block shift static random access memory (BS-SRAM) and method using the same employ dynamic storage mode and dynamic storage mode switching to shift data. The D/SRAM cell includes a static random access memory (SRAM) cell having a pair of cross-coupled elements to store data, and a dynamic/static (D/S) mode selector to selectably switch the D/SRAM cell between the dynamic storage mode and a static storage mode. The BS-SRAM includes a plurality of D/SRAM cells arranged in an array and a controller to shift data from an adjacent D/SRAM cell in a second row of the array to a D/SRAM cell in a first row. The method includes switching the mode of, coupling data from an adjacent memory cell to, and storing the coupled data in, a selected D/SRAM cell. | 2014-12-25 |
20140379978 | REFRESH SCHEME FOR MEMORY CELLS WITH WEAK RETENTION TIME - A memory refresh method within a memory controller includes checking a first retention state corresponding to a first memory address and a second retention state corresponding to a second memory address. The memory refresh method also includes performing a refresh operation on a row corresponding to the second memory address when the second retention state indicates a weak retention state. The first memory address corresponds to a refresh counter address, and the second memory address corresponds to a complementary address of the refresh counter address. | 2014-12-25 |
20140379979 | MEMORY ACCESS ALIGNMENT IN A DOUBLE DATA RATE ('DDR') SYSTEM - Memory access alignment in a double data rate (‘DDR’) system, including: executing, by a memory controller, one or more write operations to a predetermined address of a DDR memory module, including sending to the DDR memory module a predetermined amount of data of a predetermined pattern along with a data strobe signal; executing, by the memory controller, a plurality of read operations from the predetermined address of the DDR memory module, including capturing data transmitted from the DDR memory module; and determining, by the memory controller, a read adjust value and a write adjust value in dependence upon the data captured in response to the read operations. | 2014-12-25 |
20140379980 | SELECTIVE DUPLICATION OF TAPE CARTRIDGE CONTENTS - A copy-source tape storage medium is prepared and includes a index partition for storing updated file metadata and associated metadata indexes and a data partition (DP) for storing valid data and associated valid data indexes and for storing invalid data that has changed or has been deleted or has been invalidated by the update and for storing associated invalid data indexes. Metadata indexes are retrieved and analyzed and a valid record number list indicating a range of record numbers of valid data is created. Records are read from the DP and data in records corresponding to record numbers not included on the valid record number list is replaced with meaningless data which is written to a copy-destination tape storage medium. Records corresponding to record numbers included on the valid record number list are copied to the copy-destination tape storage medium without alteration. | 2014-12-25 |
20140379981 | APPLICATION DISCOVERY USING STORAGE SYSTEM SIGNATURES - Exemplary embodiments of the present invention disclose a method and system for identifying one or more applications stored on a storage system that is shared by one or more computer systems. In a step, an exemplary embodiment accesses the storage system. In another step, an exemplary accesses one or more file tables associated with the storage system. In another step, an exemplary embodiment analyzes the one or more file tables and one or more files on the storage system that are associated with the one or more applications to identify the one or more applications. In another step, an exemplary embodiment analyzes the one or more file tables and the one or more files to identify a respective dependency of the one or more applications. | 2014-12-25 |
20140379982 | SEMICONDUCTOR MEMORY DEVICE AND MEMORY SYSTEM INCLUDING THE SAME - A semiconductor memory device and a memory system including the same are provided. The semiconductor memory device, includes a memory cell array including a plurality of memory cells, a read and write circuit configured to store read data by sensing data stored in the plurality of memory cells and output the read data to input/output data lines in response to data read control signals, in a read operation, and an output controller configured to control the data read control signals so that activation intervals of the data read control signals generated in a cache read operation of the read operation are longer than those generated in a normal read operation of the read operation. | 2014-12-25 |
20140379983 | STORAGE SYSTEM, CONTROL APPARATUS, AND CONTROL METHOD - A storage system includes: a library-apparatus that is configured to store a plurality of portable-recording-media and to write and read data by using the stored portable-recording-media; a storage-apparatus; and a control-apparatus configured to control access to a plurality of logical-volumes by using the storage-apparatus as a first-storage and using a storage-area provided by the plurality of portable-recording-media as a second-storage, wherein, upon receiving a request for copying a first-logical-volume of the plurality of logical-volumes, the control-apparatus copies the first-logical-volume to an unused first-recording-medium included in the plurality of portable-recording media and having the same identification-number as an identification-number of the first-logical-volume, when copying to the first-recording-medium is possible, and selects an unused second-recording-medium from the plurality of portable-recording-media, generates a second-logical-volume in which the identification-number of the first-logical-volume is changed to the same identification-number as an identification-number of the second-recording-medium, and copies the generated second-logical-volume to the second-recording-medium, when copying to the first-recording-medium is not possible. | 2014-12-25 |
20140379984 | ANTI-TIMEOUT METHOD AND DATA PROCESSING SYSTEM - An anti-timeout method applied to a data processing system is provided. The data processing system includes a disk module. The anti-timeout method includes following steps: setting a total volume of the disk module into a plurality of virtual disk volumes, wherein each of the virtual disk volumes includes an instruction temporary storing queue for temporarily storing operating instructions corresponding to each virtual disk volume; selecting one of the instruction temporary storing queues and processing the operating instructions stored in the selected instruction temporary storing queue; calculating a continuous operating, value of continuous processing of the selected instruction temporary storing queue; and selecting another one of the instruction temporary storing queues if the continuous operating value exceeds a predetermined threshold value. | 2014-12-25 |
20140379985 | MULTI-LEVEL AGGREGATION TECHNIQUES FOR MEMORY HIERARCHIES - Embodiments include method, system, and computer program product for providing aggregation hierarchy that is related memory hierarchies. In one embodiment, the method includes determining capacity of a first level memory of a memory hierarchy for processing data relating to completion of an aggregation process and generating a per thread local look-up table in said first level memory upon determining said capacity. Upon the first level memory reaching capacity, a plurality of per thread partitions to store remaining data to complete the aggregation process in a second level memory of the memory hierarchy is generated such that each of said per-thread partitions includes an identical amount of data portion on each thread. The method also includes storing the per thread partitions in said second level memory and providing a single global look up table for each of the identical data portions. | 2014-12-25 |
20140379986 | STACK ACCESS TRACKING - A processor employs a prediction table at a front end of its instruction pipeline, whereby the prediction table stores address register and offset information for store instructions; and stack offset information for stack access instructions. The stack offset information for a corresponding instruction indicates the entry of the stack accessed by the instruction stack relative to a base entry. The processor uses pattern matching to identify predicted dependencies between load/store instructions and predicted dependencies between stack access instructions. A scheduler unit of the instruction pipeline uses the predicted dependencies to perform store-to-load forwarding or other operations that increase efficiency and reduce power consumption at the processing system. | 2014-12-25 |
20140379987 | DYNAMIC MEMORY PAGE POLICY - Mechanisms for predicting whether a memory access may be a page hit or a page miss and applying different page policies (e.g., an open page policy or a close page policy) based on the prediction are disclosed. A counter may be used to determine a hit rate (e.g., a percentage or a ratio of the number of memory accesses that are page hits). The processing device may apply different page policies based on the hit rate. A memory access history (that includes data indicating a sequence or list of memory accesses) may be used to identify a counter from a plurality of counters. The processing device may apply different page policies based on the value of the counter (e.g., based on whether the counter is greater than a threshold). | 2014-12-25 |
20140379988 | CACHE DESTAGING FOR VIRTUAL STORAGE DEVICES - Some implementations may include a virtual storage system to which data is written. The virtual storage system may include a cache and multiple hard drives. Multiple queues may be associated with the multiple hard drives such that each hard drive of the multiple hard drives has a corresponding queue of the multiple queues. A set of candidate rows may be selected from the cache. For each candidate row in the set of candidate rows, destination hard drives may be identified. Each candidate row may be placed in queues corresponding to the destination hard drives. Two or more candidate rows from the multiple queues may be written substantially contemporaneously (e.g., in parallel) to two or more destination hard drives. | 2014-12-25 |
20140379989 | COHERENT ATTACHED PROCESSOR PROXY HAVING HYBRID DIRECTORY - A coherent attached processor proxy (CAPP) includes transport logic having a first interface configured to support communication with a system fabric of a primary coherent system and a second interface configured to support communication with an attached processor (AP) that is external to the primary coherent system and that includes a cache memory that holds copies of memory blocks belonging to a coherent address space of the primary coherent system. The CAPP further includes one or more master machines that initiate memory access requests on the system fabric of the primary coherent system on behalf of the AP, one or more snoop machines that service requests snooped on the system fabric, and a CAPP directory having a precise directory having a plurality of entries each associated with a smaller data granule and a coarse directory having a plurality of entries each associated with a larger data granule. | 2014-12-25 |
20140379990 | CACHE NODE PROCESSING - A technique for cache node processing that includes generating a cache node in response to a request to write data to storage devices. If logical block address (LBA) of the generated cache node is adjacent to LBA of cache nodes of a cache node list, then check if there are cache nodes that are sequential up to a predefined boundary. If there are cache nodes that are sequential up to the predefined boundary, then flush the data of the sequential cache nodes together as a group up to the predefined boundary. | 2014-12-25 |
20140379991 | LATCH-FREE, LOG-STRUCTURED STORAGE FOR MULTIPLE ACCESS METHODS - A data manager may include a data opaque interface configured to provide, to an arbitrarily selected page-oriented access method, interface access to page data storage that includes latch-free access to the page data storage. In another aspect, a swap operation may be initiated, of a portion of a first page in cache layer storage to a location in secondary storage, based on initiating a prepending of a partial swap delta record to a page state associated with the first page, the partial swap delta record including a main memory address indicating a storage location of a flush delta record that indicates a location in secondary storage of a missing part of the first page. In another aspect, a page manager may initiate a flush operation of a first page in cache layer storage to a location in secondary storage, based on atomic operations with flush delta records. | 2014-12-25 |
20140379992 | TWO HANDED INSERTION AND DELETION ALGORITHM FOR CIRCULAR BUFFER - Exemplary embodiments of the present invention disclose a method and system for selecting an eviction location of an item to evict and an insertion location for a new item in a circular buffer. In a step, an exemplary embodiment specifies an insertion location with an insertion pointer. In another step, an exemplary embodiment increments an access count of a first item. In another step, an exemplary embodiment moves an eviction pointer clockwise when specifying an insertion location for the new item and the circular buffer is in eviction mode. In another step, an exemplary embodiment decrements an access count of a second item. In another step, an exemplary embodiment moves the insertion pointer to maintain a constant clockwise distance to the eviction location. In another step, an exemplary embodiment evicts the second item with an access count of zero and inserts the new item counterclockwise to the insertion location. | 2014-12-25 |
20140379993 | INITIATION OF CACHE FLUSHES AND INVALIDATIONS ON GRAPHICS PROCESSORS - Methods and systems may provide for receiving, at a graphics processor, a workload from a host processor and using a kernel on the graphics processor to issue a thread group for execution of the workload on the graphics processor. Additionally, one or more coherency messages may be initiated, by the graphics processor, in response to a thread-related condition of one or more caches on the graphics processor. In one example, the thread-related condition is associated with the execution of the workload on the graphics processor and indicates that the one or more caches on the graphics processor are not coherent with a system memory associated with the host processor. | 2014-12-25 |
20140379994 | DATA TRANSFER DEVICE, DATA TRANSFER METHOD, AND COMPUTER DEVICE - A local-memory side data transfer unit increments the number of addresses, reads out data from a local memory, and stores the data into a cache memory of a remote-memory side data transfer unit. For preventing data mismatching with the local memory from being stored into the cache memory, a cache clearing operation is executed in units of an elapse of a round trip time period for data transfer between the local memory and the remote memory. Alternatively, the cache clearing operation is executed upon receipt of a signal notifying data transfer of data stored at a specified address. | 2014-12-25 |
20140379995 | SEMICONDUCTOR DEVICE FOR CONTROLLING PREFETCH OPERATION - A semiconductor device may include a pattern detector configured to select any one of a plurality of stride patterns as a detect pattern by referring to an input address, and the pattern detector may be configured to generate a prefetch address. The semiconductor device may also include a prefetch controller configured to generate a prefetch request according to the prefetch address generated by the pattern detector. The semiconductor device may also include a first storage unit configured to store prefetch data provided from a memory device according to the prefetch request generated by the prefetch controller, and a second storage unit configured to store prefetch data removed from the first storage unit. | 2014-12-25 |
20140379996 | METHOD, APPARATUS, AND SYSTEM FOR TRANSACTIONAL SPECULATION CONTROL INSTRUCTIONS - An apparatus and method is described herein for providing speculative escape instructions. Specifically, an explicit non-transactional load operation is described herein. During execution of a speculative code region (e.g. a transaction or critical section) loads are normally tracked in a read set. However, a programmer or compiler may utilize the explicit non-transactional read to load from a memory address into a destination register, while not adding the read/load to the transactional read set. Similarly, a non-transactional store is also provided. Here, a transactional store is performed and not added to a write set during speculative code execution. And the store may be immediately globally visible and/or persistent (even after an abort of the speculative code region). In other words, speculative escape operations are provided to ‘escape’ a speculative code region to perform non-transactional memory accesses without causing the speculative code region to abort or fail. | 2014-12-25 |
20140379997 | COHERENT ATTACHED PROCESSOR PROXY HAVING HYBRID DIRECTORY - A coherent attached processor proxy (CAPP) includes transport logic having a first interface configured to support communication with a system fabric of a primary coherent system and a second interface configured to support communication with an attached processor (AP) that is external to the primary coherent system and that includes a cache memory that holds copies of memory blocks belonging to a coherent address space of the primary coherent system. The CAPP further includes one or more master machines that initiate memory access requests on the system fabric of the primary coherent system on behalf of the AP, one or more snoop machines that service requests snooped on the system fabric, and a CAPP directory having a precise directory having a plurality of entries each associated with a smaller data granule and a coarse directory having a plurality of entries each associated with a larger data granule. | 2014-12-25 |
20140379998 | DYNAMIC HOME TILE MAPPING - Technologies for dynamic home tile mapping are described. an address request can be received from a processing core, the processing core being associated with a home tile table, the home tile table including respective mappings of one or more directory addresses to one or more home tiles. A buffer can be scanned to identify a presence of the address within the buffer. Based on an identification of the presence of the address within the buffer, a home tile identifier corresponding to the address can be provided from the buffer. | 2014-12-25 |
20140379999 | DATA QUEUE HAVING AN UNLIMITED DEPTH - A method for transferring messages from a producer element to a consumer element uses a memory shared between the producer element and the consumer element, and a hardware queue including several registers designed to contain addresses of the shared memory. The method includes the steps of storing each message for the consumer element in the shared memory in the form of a node of a linked list, including a pointer to a next node in the list, the pointer being initially void, writing successively the address of each node in a free slot of the queue, whereby the node identified by each slot of the queue is the first node of a linked list assigned to the slot, and when the queue is full, writing the address of the current node in memory, in the pointer of the last node of the linked list assigned to the last slot of the queue, whereby the current node is placed at the end of the linked list assigned to the last slot of the queue. | 2014-12-25 |
20140380000 | MEMORY CONTROLLER AND ACCESSING SYSTEM UTILIZING THE SAME - A memory controller is coupled to a memory device including a first block and a second block and includes a first register module, a first execution unit and a second register module. The first register module includes a plurality of set registers to store a first configuration file and a second configuration file. The first execution unit computes data stored in the first block simultaneously according to the first and the second configuration files to generate a first computation result and a computation operation result. The second register module includes a plurality of result registers to store the first and the second computation results. | 2014-12-25 |
20140380001 | PARTITIONING SYSTEMS OPERATING IN MULTIPLE DOMAINS - Within a partitioned system, a first system partition operates in a safety domain in which predictable operation of the first system partition is necessary to protect the system or operators of the system from harm. A second system partition operates in a user domain in which information supplied by the second system partition is not sufficiently reliable to be used by the first system partition within the safety domain. A mediator controller is connected between the first system partition and the second system partition. The mediator controller receives the information supplied by the first system partition. The mediator controller monitors and supervises use of the information by the second system partition in order maintain requirements of the safety domain to protect the system or operators of the system from harm. | 2014-12-25 |
20140380002 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR A TWO-PHASE QUEUE - A system, method, and computer program product are provided for accessing a queue. The method includes receiving a first request to reserve a data record entry in a queue, updating a queue state block based on the first request, and returning a response to the request. A second request is received to commit the data record entry and the queue state block is updated based on the second request. | 2014-12-25 |
20140380003 | Method and System for Asymmetrical Processing With Managed Data Affinity - Methods, systems and computer readable storage mediums for more efficient and flexible scheduling of tasks on an asymmetric processing system having at least one host processor and one or more slave processors, are disclosed. An example embodiment includes, determining a data access requirement of a task, comparing the data access requirement to respective local memories of the one or more slave processors selecting a slave processor from the one or more slave processors based upon the comparing, and running the task on the selected slave processor. | 2014-12-25 |
20140380004 | EFFICIENT STORAGE AND RETRIEVAL OF FRAGMENTED DATA USING PSEUDO LINEAR DYNAMIC BYTE ARRAY - A system and method for efficient storage and retrieval of fragmented data using a pseudo linear dynamic byte array is provided. In accordance with an embodiment, the system comprises a database driver which provides access by a software application to a database. The database driver uses a dynamic byte array to enable access by the application to data in the database, including determining a size of a required data to be stored in memory, and successively allocating and copying the required data into the dynamic byte array as a succession of blocks. The data stored within the succession of blocks can then be accessed and provided to the application. | 2014-12-25 |
20140380005 | STORAGE CONTROLLER, STORAGE SYSTEM, AND NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM HAVING STORED THEREIN CONTROL PROGRAM - A storage controller performing a copy process in which data stored in a copy source storage area is copied to a copy destination storage area, the storage controller includes a processor, wherein the processor receives a transfer command for giving an instruction for transferring data stored in a first area of the copy source storage area to a second area of the copy source storage area, starts a transfer process in which transfer data from the first area is read and is written into the second area in accordance with reception of the transfer command, and starts copying the transfer data into a corresponding area of the copy destination storage area that corresponds to the second area in the copy process together with the starting of the transfer process. | 2014-12-25 |
20140380006 | STORAGE CONTROLLER, STORAGE SYSTEM, AND COMPUTER-READABLE RECORDING MEDIUM HAVING STORED THEREIN CONTROL PROGRAM - A storage controller including a processor, wherein the processor: performs a copy process in which a destination virtual volume is created by copying a source virtual volume in accordance with a copy instruction, performs a release process in which allocation of a destination storage area to a corresponding area of the destination virtual volume that corresponds to an unallocated area to which a source storage area is not allocated, among areas of the source virtual volume at a time point when the copy instruction is received is released in the copy process, specifies a corresponding area that is an unallocated area including one or more update areas updated before the copy process and the release process after the copy instruction among one or more unallocated areas of the source virtual volume, and suppresses the release relating to the corresponding area that corresponds to the specified unallocated area. | 2014-12-25 |
20140380007 | BLOCK LEVEL STORAGE - A storage system comprises a front-end processing subsystem to receive block level storage requests and a plurality of back-end storage nodes coupled to the front-end subsystem. Each of the back-end storage nodes comprises a storage device and a block manager to create, read, update and delete data blocks on the storage device. The front-end processing subsystem maintains a plurality of block reference data structures that are usable by the front-end processing subsystem to access the back-end data storage nodes to provide balancing, redundancy, and scalability to the storage system. | 2014-12-25 |
20140380008 | MEMORY SYSTEM AND OPERATING METHOD THEREOF - A memory system and an operating method thereof stably supplies power, so that it is possible to improve performance of a memory system by omitting an operation, which has been performed in order to prevent an error due to the blocking of a power supply, in a condition in which an error due to the blocking of the power supply may not be generated. | 2014-12-25 |
20140380009 | PROTECTED MEMORY VIEW FOR NESTED PAGE TABLE ACCESS BY VIRTUAL MACHINE GUESTS - Generally, this disclosure provides systems, methods and computer readable media for a protected memory view in a virtual machine (VM) environment enabling nested page table access by trusted guest software outside of VMX root mode. The system may include an editor module configured to provide access to a nested page table structure, by operating system (OS) kernel components and by user space applications within a guest of the VM, wherein the nested page table structure is associated with one of the protected memory views. The system may also include a page handling processor configured to secure that access by maintaining security information in the nested page table structure. | 2014-12-25 |
20140380010 | SYSTEM AND APPARTUS FOR CONTROLLING USE OF MASS STORAGE DEVICES - Disclosed is a software program, USB monitoring software agent. USB monitoring software agent is a software program that monitors all USB ports of a computer and provides real-time detection of all USB devices connected to a USB port. As a USB device is detected, the device is identified, categorized, catalogued and logged in a secure persistent store, prompted for a challenge policy of use if so configured, prevent the USB device from being used if so configured, transmit information about the detected USB device to a local or remote repository by a selected industry standard telecommunication method. A method of creating a digital photograph and/or a video recording to record and identify a user of the computer contemporaneous with the insertion/removal/ejection of a USB device into or out of the computer is disclosed also. | 2014-12-25 |
20140380011 | DATA SECURITY SYSTEM - A data security system includes providing a unique identification from a first system to a second system; copying the unique identification in the second system by the first system; and unlocking a memory in the first system or the second system only when the unique identifications in the first system and the second system are the same. | 2014-12-25 |
20140380012 | System and Methods of Data Migration Between Storage Devices - A method of migrating data includes identifying one or more data records from a source device that are candidates for migration within a pre-configured date range from which to start and end data migration; identifying one or more periods within the pre-configured date range that contains the one or more candidates for migration; creating a new date range for migrating data from the source device to a destination device, the new date range including the one or more periods; and migrating the one or more candidates from the source device to the destination device that are within the new date range. | 2014-12-25 |
20140380013 | EXECUTION OF A PERFORM FRAME MANAGEMENT FUNCTION INSTRUCTION - Optimizations are provided for frame management operations, including a clear operation and/or a set storage key operation, requested by pageable guests. The operations are performed, absent host intervention, on frames not resident in host memory. The operations may be specified in an instruction issued by the pageable guests. | 2014-12-25 |
20140380014 | ADAPTIVE DATA MANAGEMENT USING VOLUME TYPES - Systems and methods described herein utilize volume types to manage volumes within a data storage system. In embodiments, a volume type may be used to categorize a volume. The volume type may define attributes including data management policies associated with the management of volumes within the data storage system. | 2014-12-25 |
20140380015 | DATA ENCODING FOR NON-VOLATILE MEMORY - A data storage device includes a memory and a controller. Mapping circuitry is configured to apply a mapping to received data to generate mapped data to be stored into the memory. The mapping is configured to reduce an average number of state changes of storage elements per write operation. | 2014-12-25 |
20140380016 | INFORMATION PROCESSING APPARATUS, CONTROL METHOD THEREOF, AND PROGRAM - An information processing apparatus of this invention calculates amounts of generated heat of respective areas of a plurality of areas of a SOC die when one or more function blocks required to execute an accepted job are operated, and preferentially allocates a memory area of a WideIO memory device stacked on a corresponding area to the function blocks to be operated in accordance with an order of areas corresponding to smaller calculated amounts of generated heat. | 2014-12-25 |
20140380017 | MEMORY MANAGEMENT AND METHOD FOR ALLOCATION USING FREE-LIST - A method of managing a memory of an apparatus includes maintaining a plurality of lists of identifiers that each has an associated size value, wherein each identifier identifies a corresponding region of the memory that had been allocated for a process but that is currently not required by any of the one or more processes. When a process requests allocation of a region of the memory: one of the lists is identified that has an associated size value suitable for the allocation request; and if that list is not empty, a region of the memory is identified to the process by one of the identifiers that identifier is removed from that list, and, otherwise, a region of the memory is allocated with a size of the identified associated size value and the allocated region of the memory is identified the process. | 2014-12-25 |
20140380018 | Power Logic For Memory Address Conversion - In an embodiment, a processor includes a plurality of cores. Each core includes conversion power logic to receive an instruction including an untranslated memory address, determine whether a code segment (CS) base address is equal to zero, and in response to a determination that the CS base address is equal to zero, execute the instruction using the untranslated memory address. Other embodiments are described and claimed. | 2014-12-25 |
20140380019 | SYSTEMS AND METHODS FOR MANAGING RECONFIGURABLE PROCESSOR CORES - Systems and methods for managing reconfigurable processor cores. An example processing system comprises a plurality of processor cores; a control register including a plurality of state bits, each state bit indicating a state of a corresponding processor core, the control register further including a plurality of inhibit bits, each inhibit bit indicating whether a corresponding processor core is allowed to merge with other processor cores; and a core management logic configured to merge a first processor core and a second processor core, responsive to determining that a first state bit corresponding to the first processor core is set, a first inhibit bit corresponding to the first processor core is cleared, a second state bit corresponding to the second processor core is cleared, and a second inhibit bit corresponding to the second processor core is cleared. | 2014-12-25 |
20140380020 | SYSTEM AND METHODS FOR SYNCHRONIZATION OF REDUNDANT PROCESSING ELEMENTS - System and methods for synchronizing redundant processing elements are provided. In certain embodiments, a self-checking pair of system on chips (SoCs) includes a first SoC configured to execute a first plurality of instructions; and a second SoC configured to execute a second plurality of instructions that are approximately identical; wherein the first SoC exchanges a first instruction count with the second SoC, the first instruction count identifying a number of instructions executed by the first SoC; wherein the second SoC exchanges a second instruction count with the first SoC, the second instruction count identifying a number of instructions executed by the second SoC; and wherein the first SoC executes a first single step execution utility to synchronize the first instruction count with the second instruction count and the second SoC executes a second single step execution utility to synchronize the first instruction count with the second instruction count. | 2014-12-25 |
20140380021 | PROCESSOR, MULTIPROCESSOR SYSTEM, COMPILER, SOFTWARE SYSTEM, MEMORY CONTROL SYSTEM, AND COMPUTER SYSTEM - A processor includes: a first instruction processing unit that, in a first mode, receives a first input including instructions included in a first instruction set; a second instruction processing unit that, in a second mode, receives the first input, the second instruction processing unit having a simpler configuration than the first instruction processing unit; a third instruction processing unit that, in a third mode, receives a second input including instructions included in a second instruction set, the second instruction set including part of the instructions included in the first instruction set, the third instruction processing unit having a simpler configuration than the first instruction processing unit and the second instruction processing unit; a selection unit that selects, according to a mode, a result of decoding by one of the instruction processing units; and an instruction execution unit that executes an instruction according to the selected result of decoding. | 2014-12-25 |
20140380022 | STACK ACCESS TRACKING USING DEDICATED TABLE - A processor employs a prediction table at a front end of its instruction pipeline, whereby the prediction table stores address register and offset information for store instructions; and stack offset information for stack access instructions. The stack offset information for a corresponding instruction indicates the location of the data accessed by the instruction at the processor stack relative to a base location. The processor uses pattern matching to identify predicted dependencies between load/store instructions and predicted dependencies between stack access instructions. A scheduler unit of the instruction pipeline uses the predicted dependencies to perform store-to-load forwarding or other operations that increase efficiency and reduce power consumption at the processing system. | 2014-12-25 |
20140380023 | DEPENDENCE-BASED REPLAY SUPPRESSION - A method includes selecting for execution in a processor a load instruction having at least one dependent instruction. Responsive to selecting the load instruction, the at least one dependent instruction is selectively awakened based on a status of a store instruction associated with the load instruction to indicate that the at least one dependent instruction is eligible for execution. A processor includes an instruction pipeline having an execution unit to execute instructions, a scheduler, and a controller. The scheduler selects for execution in the execution unit a load instruction having at least one dependent instruction. The controller, responsive to the scheduler selecting the load instruction, selectively awakens the at least one dependent instruction based on a status of a store instruction associated with the load instruction to indicate that the at least one dependent instruction is eligible for execution by the execution unit. | 2014-12-25 |
20140380024 | DEPENDENT INSTRUCTION SUPPRESSION - A method includes suppressing execution of at least one dependent instruction of a load instruction by a processor using stored dependency information responsive to an invalid status of the load instruction. A processor includes an execution unit to execute instructions and a scheduler. The scheduler is to select for execution in the execution unit a load instruction having at least one dependent instruction and suppress execution of the at least one dependent instruction using stored dependency information responsive to an invalid status of the load instruction. | 2014-12-25 |
20140380025 | MANAGEMENT OF HARDWARE ACCELERATOR CONFIGURATIONS IN A PROCESSOR CHIP - Techniques described herein generally include methods for the management of hardware accelerator images in a processor chip that includes one or more programmable logic circuits. Hardware accelerator images may be optimized by swapping out which hardware accelerator images are implemented in the one or more programmable logic circuits. The hardware accelerator images may be chosen from a library of accelerator programs downloaded to a device associated with the processor chip. Furthermore, the specific hardware accelerator images that are implemented in the one or more programmable logic circuits at a particular time may be selected based on which combination of accelerator images best enhances performance and power usage of the processor chip. | 2014-12-25 |
20140380026 | CONTROL DEVICE AND ACCESS SYSTEM UTILIZING THE SAME - A control device coupled between a first memory and a second memory and including an execution unit, a first storage unit, a second storage unit, a selection unit and a processing unit is disclosed. The execution unit executes a specific instruction set to access the first and the second memories. The first storage unit is configured to store a first instruction set. The second storage unit is configured to store a second instruction set. The selection unit outputs one of the first and the second instruction sets to serve as the specific instruction set according to a control signal. The processing unit generates the control signal according to an execution state of the execution unit. | 2014-12-25 |
20140380027 | ELAPSED CYCLE TIMER IN LAST BRANCH RECORDS - A processing device implementing an elapsed cycle timer in last branch records (LBRs) is disclosed. A processing device of the disclosure includes a last branch record (LBR) counter to iterate with each cycle of the processing device and an LBR structure communicably coupled to the LBR counter. The LBR structure comprises a plurality of LBR entries. Furthermore, an LBR entry of the plurality of LBR entries comprises an address instruction pointer (IP) of a branch instruction executed by the processing device, an address IP of a target of the branch instruction, and an elapsed time field that stores a value of the LBR counter when the LBR entry is created. | 2014-12-25 |
20140380028 | Virtualized Device Reset - In a hardware-based virtualization system, a hypervisor switches out of a first function into a second function. The first function is one of a physical function and a virtual function and the second function is one of a physical function and a virtual function. During the switching a malfunction of the first function is detected. The first function is reset without resetting the second function. The switching, detecting, and resetting operations are performed by a hypervisor of the hardware-based virtualization system. Embodiments further include a communication mechanism for the hypervisor to notify a driver of the function that was reset to enable the driver to restore the function without delay. | 2014-12-25 |
20140380029 | MOBILE TERMINAL APPARATUS, RECORDING MEDIUM STORING TERMINAL CONTROL PROGRAM, TERMINAL CONTROL METHOD, AND TERMINAL CONTROL SYSTEM - A mobile terminal apparatus includes a detection unit that detects a temperature of the mobile terminal apparatus, a determination unit that determines whether or not the detected temperature is a predetermined value or more, an analysis unit that collects and analyzes usage histories of a function of the mobile terminal apparatus, and a setting unit that, when the detected temperature is the predetermined value or more, refers to an analysis result of the usage histories, and when the function tends to be used for a predetermined usage time period or more, sets an operation mode of the function to a first mode in which an action performed by the function is restricted, and when the function tends to be used for less than the predetermined usage time period, sets the operation mode to a second mode in which the action performed by the function is not restricted. | 2014-12-25 |
20140380030 | AUTOMATIC TURNING ON OF A DATA PROCESSING DEVICE DURING CHARGING OF A BATTERY SOURCE THEREOF - A method includes monitoring, through a charge monitor circuit associated with a data processing device and/or a battery source of the data processing device, a charge level of the battery source during charging thereof. The method also includes triggering, through a driver component provided in a non-volatile memory associated with the data processing device and/or a memory associated with the charge monitor circuit, loading of booting instructions onto the data processing device to initiate automatic turning on of the data processing device when the charge level of the battery source exceeds a threshold. | 2014-12-25 |
20140380031 | SYSTEM WIDE ROOT OF TRUST CHAINING VIA SIGNED APPLICATIONS - A processing device searches executing at least one of a boot loader or a kernel for the operating system searches for an extensible firmware interface (EFI) binary object. Responsive to finding a first EFI binary object, the processing device verifies that a first signature associated with the first EFI binary object is valid using a platform key. Responsive to verifying that the first signature for the first EFI binary object is valid, the processing device performs the following comprising: identifying a first public key encapsulated in the first EFI binary object, wherein the first public key is associated with a non-EFI certificate authority; extracting the first public key from the first EFI binary object; and performing at least one of a) passing the first public key to a kernel of an operating system (OS) or b) exposing the first public key to a user space of the OS. | 2014-12-25 |
20140380032 | ELECTRONIC DEVICE, METHOD FOR CONTROLLING ELECTRONIC DEVICE, AND PROGRAM - There is provided an electronic device including a manipulation unit configured to acquire manipulation by a user, and a control unit configured to selectively execute one of a plurality of controls of the electronic device which are associated with a duration of the manipulation and to perform switching of at least one of the plurality of controls according to information indicating a state of the electronic device. | 2014-12-25 |
20140380033 | OFFLOADING THE PROCESSING OF A NETWORK PROTOCOL STACK - A computer system is partitioned during a pre-boot phase of the computer system between a first partition and a second partition, wherein the first partition to include a first processing unit and the second partition to include a second processing unit. An Input/Output (I/O) operating system is booted on the first partition. A general purpose operating system is booted on the second partition. Network transactions are issued by the general purpose operating system to be performed by the I/O operating system. The network transactions are performed by the I/O operating system. | 2014-12-25 |
20140380034 | SYSTEM AND METHOD FOR REDIRECTING INPUT/OUTPUT (I/O) SEQUENCES - A method for redirecting I/O (Input/Output) sequences. A computer platform is initialized. If the computer platform is enabled for command packet rerouting, the platform firmware may be used to install a runtime enable block I/O interface and a standard UNDI (Universal Network Device Interface) interface for routing I/O requests to a network controller or an out-of-band processor may be used to route I/O requests to a network interface controller. The routing of the I/O requests to the network controller or network interface controller enables the computer platform to boot from a remote block I/O storage device. | 2014-12-25 |
20140380035 | ENCRYPTING AND DECRYPTING A VIRTUAL DISC - A computer-readable storage medium containing machine executable instructions that when executed by a processor cause the processor to encrypt a virtual disc; wherein the virtual disc comprises a virtual disc image; and wherein execution of the machine executable instructions cause the processor to: receive the virtual disc; increase the size of the virtual disc; write a decryption-master-boot-record and a decryption program to the virtual disc; encrypt at least a portion of the virtual disc image, wherein the decryption program comprises decryption-machine-executable-instructions for decrypting the at least partially encrypted virtual disc image in accordance with a cryptographic key. | 2014-12-25 |
20140380036 | DISTRIBUTED NETWORK ENCRYPTION KEY GENERATION - Embodiments of methods and network devices for securing data within a network are generally described herein. One such method includes a key aggregation server receiving a request for an encryption key to secure the data. The server may query a plurality of network devices for a respective key from each queried network device. The server may then receive the respective key from each of the plurality of network devices and select a key element from each of the plurality of keys. An encryption key may be constructed from the key elements and transmitted to a client. | 2014-12-25 |
20140380037 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND PROGRAM - A plurality of user terminals or sensors transmit data encrypted by individual cryptographic key, a server receives the encrypted data items, and executes a data process according to a program defining a decryption process sequence. Bit slice expression data is generated by performing a bit slice process with respect to the plurality of encrypted data items which are decryption target, bit slice expression key based on the cryptographic key of each encrypted data item is generated, round key is generated based on a bit slice expression key, a decryption process including operation and movement processes of a block unit of the bit slice expression data, and an operation using the round key is executed, and a plurality of plain text data items corresponding to the plurality of encrypted data items are generated by a reverse conversion of the data with respect to the decryption process results. | 2014-12-25 |
20140380038 | SECURE INTERNET PROTOCOL (IP) FRONT-END FOR VIRTUALIZED ENVIRONMENTS - An IPSec front-end may be configured to encrypt, decrypt and authenticate packets on behalf of a host on an insecure network and a peer on a secure network. For example, the IPSec front-end may receive internet protocol (IP) packets from the host and encrypt the data and format the data as an internet protocol security (IPsec) packet for transmission to the peer. When the peer responds with an IPSec packet, the IPSec front-end may decrypt the data and format the data as an IP packet. The IPSec front-end may be software executing on a Linux server. | 2014-12-25 |
20140380039 | SYSTEM AND METHOD EMPLOYING AN AGILE NETWORK PROTOCOL FOR SECURE COMMUNICATIONS USING SECURE DOMAIN NAMES - A system for connecting a first network device and a second network device includes one or more servers. The servers are configured to: (a) receive, from the first network device, a request to look up a network address of the second network device based on an identifier associated with the second network device; (b) determine, in response to the request, whether the second network device is available for a secure communications service; and (c) initiate a virtual private network communication link between the first network device and the second network device based on a determination that the second network device is available for the secure communications service, wherein the secure communications service uses the virtual private network communication link. | 2014-12-25 |
20140380040 | SECURE BIOMETRIC CLOUD STORAGE SYSTEM - A secure and scalable data storage system that includes a server and a plurality of clients. The server maintains an access permission file that includes a file-group name, a plurality of client access blocks, a first and second public key, and a signature that is based on a first private key. The signature ensures that only clients who have a certain level of access can modify the contents of the access blocks. Each client access block includes at least one of a first access key, a second access key and a third access key. The access keys are encapsulated within biometric information of the client. The server grants one of a first level of access based on a successful verification of a signed request with the first public key and a second level of access based on a successful verification of the signed request with the second public key. | 2014-12-25 |
20140380041 | METHODS AND SYSTEMS FOR REGISTERING A PACKET-BASED ADDRESS FOR A MOBILE DEVICE USING A FULLY-QUALIFIED DOMAIN NAME (FQDN) FOR THE DEVICE IN A MOBILE COMMUNICATION NETWORK - A mobile communication device registers for data communication through a mobile communication network with a packet-based network. The device may or may not have a mobile device number, and registers using a fully-qualified-domain-name (FQDN) uniquely identifying the device in a domain-name-system (DNS) of the packet-based network. A packet-data-network gateway assigns a packet-based address for the device, and generates a request for registering the address with the FQDN in a DNS server. Alternatively, the device generates the packet-based address based on a received portion of the address, retrieves the FQDN from an identity module, and sends a DNS-Update message to the DNS server including the address and FQDN. Again alternatively, a DNS server receives an encrypted DNS update message including a FQDN and a packet-based address, and decrypts the message prior to registering the address and FQDN in a DNS database. | 2014-12-25 |
20140380042 | COMPUTER NETWORK, NETWORK NODE AND METHOD FOR PROVIDING CERTIFICATION INFORMATION - A computer network for data transmission between network nodes, the network nodes being authenticatable to one another by authentication information of a public key infrastructure, with a root certificate authority configured to generate the authentication information for the public key infrastructure. The root certificate authority is arranged separate from the computer network and is not linked to the computer network. A network node of the computer network comprises an authentication information storage, a processor, a network communication device and an initialization device having an initialization communication device and a temporary authentication information storage that can be read out by the processor. | 2014-12-25 |
20140380043 | SYSTEM AND METHOD FOR INTERLEAVING INFORMATION INTO SLICES OF A DATA PACKET, DIFFERENTIALLY ENCRYPTING THE SLICES, AND OBFUSCATING INFORMATION IN THE DATA PACKET - Approaches for combining different information to be transmitted into different slices of a data packet and/or encrypting the slices using different cryptographic schemes for secure transmission of the information are disclosed. In some implementations, first information and second information may be received. A first data slice representing a portion of the first information may be generated based on a first cryptographic scheme. A second data slice representing a portion of the second information may be generated based on a second cryptographic scheme different than the first cryptographic scheme. A first header may be generated such that the first header may specify the first cryptographic scheme for the first data slice and the second cryptographic scheme for the second data slice. A first data packet may be generated such that the first data packet may include the first header, the first data slice, and the second data slice. | 2014-12-25 |
20140380044 | ACCESSING LOCAL APPLICATIONS WHEN ROAMING USING A NFC MOBILE DEVICE - A method of accessing local applications when roaming on a NFC mobile device may include creating a first partition and a second partition on a secure element (SE) of a subscriber identification module (SIM) of a near field communication (NFC) enabled device. The home TSM separates the first partition and the second partition by public key encryption. The home TSM generates cryptographic keys in response to a request by a roaming TSM for access to the second partition of the SIM. Following the exchange of security keys, the home TSM delegates to the roaming TSM access to the second partition of the SIM. | 2014-12-25 |
20140380045 | SYSTEM AND METHOD FOR WIPING AND DISABLING A REMOVED DEVICE - A system and method implemented at a server system, for securely wiping a remote mobile device after the device registration has been removed from the server system. Prior to removal of the device registration from the server system, a “pre-packaged” command is created and stored at the server system. In the event that it is determined, after removal of the registration, that the device should be wiped or disabled, means are provided for an administrator to issue the previously stored command to the target mobile device. | 2014-12-25 |
20140380046 | COLLABORATIVE STREAMING SYSTEM FOR PROTECTED MEDIA - The present disclosure is directed to a collaborative streaming system for protected media. A presentation device may interact with a group of trusted devices over a network to stream multimedia content. The presentation device may obtain a presentation content encryption key for presenting the content. Each trusted device in a group of trusted devices may obtain a download content encryption key allowing for download without presentation. A leader may be selected for managing the operation of the trusted devices. The leader may determine trusted device condition and assign one or more of the trusted devices to download portions of the content based on the condition. The leader may then consolidate the portions of the content and provide them to the presentation device. If the presentation device is the leader, the presentation device may perform similar operations and collect the portions of the content directly from the group of trusted devices. | 2014-12-25 |
20140380047 | SYSTEM AND METHOD FOR DELIVERING ENCRYPTED INFORMATION IN A COMMUNICATION NETWORK USING LOCATION IDENTITY AND KEY TABLES - Access to digital data is controlled by encrypting the data in such a manner that it can be decrypted only at a specified location, within a specific time frame, and with a secret key. Data encrypted in such a manner is said to be geo-encrypted. This geo-encryption process comprises a method in which plaintext data is first encrypted using a data encrypting key that is generated at the time of encryption. The data encrypting key is then encrypted (or locked) using a key encrypting key and information derived from the location of the intended receiver. The encrypted data encrypting key is then transmitted to the receiver along with the ciphertext data. The receiver both must be at the correct location and must have a copy of the corresponding key decrypting key in order to derive the location information and decrypt the data encrypting key. | 2014-12-25 |
20140380048 | METHOD AND A SERVER FOR PROCESSING A REQUEST FROM A TERMINAL TO ACCESS A COMPUTER RESOURCE - In one embodiment disclosed herein is a method of processing a request made by a terminal of a user to access a resource made available to a client entity by a platform of a cloud computer service supplier. | 2014-12-25 |
20140380049 | MANAGEMENT OF GROUP SECRETS BY GROUP MEMBERS - A method of adding a new device ( | 2014-12-25 |
20140380050 | MIGRATING AUTHENTICATED CONTENT TOWARDS CONTENT CONSUMER - Techniques involving migrating authenticated content on a network towards the consumer of the content. One representative technique includes a network node receiving an encrypted seed having at least a location of the user data at a network service that stores the user data, and a cryptographic key to access the user data. The seed is received in response to a user login attempt to the network service. The user data is requested from the location using at least the received cryptographic key. The method further includes receiving and storing the user data at the network node, where the network node is physically closer to a location of the user than is the location of the network service. If the user is successfully authenticated, user access is provided to the stored user data at the network node rather than from the network service. | 2014-12-25 |
20140380051 | SECURE DATA ACCESS USING SQL QUERY REWRITES - A mechanism is provided for secure data access in a data processing system. A database having two tables is provided. A subset of the tables' primary key attributes is considered sensitive. A first user is authorized to access the primary key's sensitive attribute in an unmasked format, while a second user is authorized to access same data in a masked format. Two security views are generated granting the second user access to the primary key's sensitive attribute values of both tables in the masked format. The masked format value is generated from an unmasked format value using a reversible function. A join operation between the two security views is performed by optimizing a query statement corresponding to the join operation. | 2014-12-25 |
20140380052 | Message filtering method and system - A message filtering method and system is provided for enabling a terminal to determine whether a message is true or false. A message server and a mobile network server perform mutual authentication and negotiate with each other for a sequence code for message verification; when transmitting a message to a terminal, the message server contains the sequence code in the message; after receiving the message, the terminal transmits the sequence code to the mobile network server for verification, presents the message for the user if the verification is passed, or rejects the message if the verification is not passed. By verifying the source of a message received using a sequence code, a false message server can be prevented from spreading a false message to terminals. | 2014-12-25 |
20140380053 | OBTAINING TARGETED SERVICES USING A UNIQUE IDENTIFICATION HEADER (UIDH) - A system is configured to receive, from a user device, a request for content; obtain, based on receiving the request, an identifier for a subscriber associated with the system and a key; encode the identifier and the key to create a unique identifier; store the unique identifier in the request to create a modified request; provide the modified request to a content provider identified by the request; receive, from the content provider, the content and targeted content, the targeted content being associated with the unique identifier and conforming to an attribute of the subscriber; and provide, to the user device, the content and the targeted content. | 2014-12-25 |
20140380054 | MULTIPLE AUTHORITY DATA SECURITY AND ACCESS - Data is encrypted such that multiple keys are needed to decrypt the data. The keys are accessible to different entities so that no single entity has access to all the keys. At least one key is managed by a service provider. A customer computer system of the service provider may be configured with executable instructions directing the orchestration of communications between the various entities having access to the keys. As a result, security compromise in connection with a key does not, by itself, render the data decryptable. | 2014-12-25 |
20140380055 | KEY PAIR UPDATES BASED ON DIGITAL SIGNATURE STATES - Example embodiments relate to updating key pairs based on digital signature states. In example embodiments, first credentials that are generated using a first private key may be sent to a user computing device, where the first private key is associated with a first public key. At some stage, second credentials that are generated using the first private key and a second private key are sent to the user computing device, where the second credentials specify that the first private key is deprecated, and where the user computing device authenticates the second credentials using the first public key. In response to receiving confirmation that a firmware upgrade is installed a number of user computing devices such that an upgrade threshold is satisfied, the first private key may be deactivated. The firmware upgrade may be provided in response to receiving a firmware upgrade request from the user computing device. | 2014-12-25 |
20140380056 | SECURING METHOD FOR LAWFUL INTERCEPTION - A method is presented for secure communication, the method including generating a signature using a private key, a nonce, and at least one of an identifier and a key component; and transmitting the signature, the nonce, a security parameter, and the at least one of the identifier and the key component, wherein the security parameter associates a user identity with a public key, the public key being associated with the private key. | 2014-12-25 |
20140380057 | Method, Server, Host, and System for Protecting Data Security - A method, a server, a host, and a system for protecting data security. A server generates a cloud feature value that uniquely corresponds to the server, binds a data encryption key required by the host to generate data encryption key ciphertext, and then transmits the data encryption key ciphertext and the cloud feature value to the host; and the host decrypts the ciphertext using the cloud feature value to obtain a data encryption key to be allocated to a user, so that security protection on user data is performed based on the cloud feature value, thereby improving data security. | 2014-12-25 |
20140380058 | Process Authentication and Resource Permissions - The techniques and systems described herein present various implementations of a model for authenticating processes for execution and specifying and enforcing permission restrictions on system resources for processes and users. In some implementations, a binary file for an application, program, or process may be augmented to include a digital signature encrypted with a key such that an operating system may subsequently authenticate the digital signature. Once the binary file has been authenticated, the operating system may create a process and tag the process with metadata indicating the type of permissions that are allowed for the process. The metadata may correspond to a particular access level for specifying resource permissions. | 2014-12-25 |