Patent application number | Description | Published |
20090007085 | ARCHITECTURE FOR GENERATING INTERMEDIATE REPRESENTATIONS FOR PROGRAM CODE CONVERSION - An improved architecture for a program code conversion apparatus and method for generating intermediate representations for program code conversion. The program code conversion apparatus determines which types of IR nodes to generate in an intermediate representation (IR) of subject code ( | 01-01-2009 |
20120131334 | Method for Attesting a Plurality of Data Processing Systems - A technique for attesting a plurality of data processing systems. The method includes: configuring a chain of data processing systems wherein a first data processing system is responsible for retrieving attestation data associated with a second data processing system; sending a request for attestation of the first data processing system; in response to receiving the request, retrieving a list of associated one or more children, wherein the one or more children comprise the second data processing system; retrieving and storing attestation data associated with each child; retrieving and storing attestation data associated with the first data processing system; and sending to the requester a concatenated response containing the attestation data associated with the first and second data processing systems, such that the attestation data associated with the first and second data processing systems can be used to attest the first and second data processing systems, respectively. | 05-24-2012 |
20120159634 | VIRTUAL MACHINE MIGRATION - Attesting a virtual machine that is migrating from a first environment to a second environment includes in response to initiation of migration of the virtual machine from the first environment to the second environment, accessing one or more stored trust values generated during the trusted boot of the virtual machine in the first environment, determining if the accessed trust values define a security setting sufficient for the second environment, and if the accessed trust values do not define a security setting sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment. | 06-21-2012 |
20120192181 | CONSENT-BASED VIRTUAL MACHINE MIGRATION - A system, method, and computer program product for controlling migration of a VM operable on a first site and a second site. The system includes an identify component for identifying the second site; a request component for sending a consent request message to a software component, wherein the consent request message comprises at least one of an identifier of the VM and an identifier of the second site; a calculate component, operable on the software component and responsive to receiving the consent request message, for determining consent for the second site; a send component, responsive to a positive determination, for sending a consent message; and a migrate component, responsive to receiving the consent message, for migrating the VM from the first site to the second site. | 07-26-2012 |
20120216255 | Attesting a Plurality of Data Processing Systems - A technique for attesting a plurality of data processing systems. The method includes: configuring a chain of data processing systems wherein a first data processing system is responsible for retrieving attestation data associated with a second data processing system; sending a request for attestation of the first data processing system; in response to receiving the request, retrieving a list of associated one or more children, wherein the one or more children comprise the second data processing system; retrieving and storing attestation data associated with each child; retrieving and storing attestation data associated with the first data processing system; and sending to the requester a concatenated response containing the attestation data associated with the first and second data processing systems, such that the attestation data associated with the first and second data processing systems can be used to attest the first and second data processing systems, respectively. | 08-23-2012 |
20130305364 | Techniques for Attesting Data Processing Systems - A technique for attesting a plurality of data processing systems includes generating a logical grouping for a data processing system. The logical grouping is associated with a rule that describes a condition that must be met in order for the data processing system to be considered trusted. A list of one or more children associated with the logical grouping is retrieved. The one or more children are attested to determine whether each of the one or more children is trusted. In response to the attesting, the rule is applied to determine whether the condition has been met in order for the data processing system to be considered trusted. A plurality of logical groupings is associated to determine whether an associated plurality of data processing systems can be considered trusted. | 11-14-2013 |
20140026124 | UPDATING SOFTWARE - This invention relates to updating an operating system in a hypervisor comprising: determining a new version of a component of the operating system; installing the new component version; measuring an identifying characteristic of the component and making it available to an attestation system; notifying the attestation system that a component has been updated to a new version whereby, when the attestation system finds that the identifying characteristic of the new component does not match a pre-stored attestation value it is aware that a legitimate mis-match could have occurred. The installing of the new version of the component comprises: identifying an updater associated with new version of the component; measuring an identifying characteristic of the identified updater; loading and installing the new version of the component; and making both the identifying measurement of the updater and the new version of the component available to the attestation system. | 01-23-2014 |
20140033210 | Techniques for Attesting Data Processing Systems - A technique for attesting a plurality of data processing systems includes generating a logical grouping for a data processing system. The logical grouping is associated with a rule that describes a condition that must be met in order for the data processing system to be considered trusted. A list of one or more children associated with the logical grouping is retrieved. The one or more children are attested to determine whether each of the one or more children is trusted. In response to the attesting, the rule is applied to determine whether the condition has been met in order for the data processing system to be considered trusted. A plurality of logical groupings is associated to determine whether an associated plurality of data processing systems can be considered trusted. | 01-30-2014 |
20140157268 | CONSENT-BASED VIRTUAL MACHINE MIGRATION - A system, method, and computer program product for controlling migration of a VM operable on a first site and a second site. The system includes an identify component for identifying the second site; a request component for sending a consent request message to a software component, wherein the consent request message comprises at least one of an identifier of the VM and an identifier of the second site; a calculate component, operable on the software component and responsive to receiving the consent request message, for determining consent for the second site; a send component, responsive to a positive determination, for sending a consent message; and a migrate component, responsive to receiving the consent message, for migrating the VM from the first site to the second site. | 06-05-2014 |
20140173598 | VIRTUAL MACHINE MIGRATION - Attesting a virtual machine that is migrating from a first environment to a second environment includes in response to initiation of migration of the virtual machine from the first environment to the second environment, accessing one or more stored trust values generated during the trusted boot of the virtual machine in the first environment, determining if the accessed trust values define a security setting sufficient for the second environment, and if the accessed trust values do not define a security setting sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment. | 06-19-2014 |
20150047038 | TECHNIQUES FOR VALIDATING DISTRIBUTED DENIAL OF SERVICE ATTACKS BASED ON SOCIAL MEDIA CONTENT - A technique for validating a distributed denial of service attack against a computer network service associated with a computing device adapted to be connected to a computer network includes monitoring requests to the computer network service on the computer network. Social media for current trending topics or popular items is monitored to detect content directly linked to content located on the computing device or directly related to content located on the computing device. Responsive to the monitoring requests to the computer network service indicating an increased number of requests and the monitoring social media indicating that content located on the computing device or directly related to content located on the computing device is currently trending or popular, a response provided to the requests to the computer network service is modified to avoid overloading the computer network service. | 02-12-2015 |