Patent application number | Description | Published |
20120284479 | MANAGING LARGE PAGE MEMORY POOLS - Large page memory pools are managed. Thresholds are used to determine if the number of pages in a large page memory pool is to be adjusted. If the number of pages is to be increased, a particular technique is provided for adding additional pages to the pool. Further, if there are too many pages in the pool, one or more pages may be removed. | 11-08-2012 |
20120284483 | MANAGING ALLOCATION OF MEMORY PAGES - Allocation of pages of memory is managed in computing environments that include multiple sized memory pools. Responsive to a request for a page of memory, one or more memory pools are searched for an available frame of memory to service the request. The search uses a predefined order of search, which includes multiple types of memory pools in a specific order based on the requested size of the page of memory. | 11-08-2012 |
20130173880 | DEDICATED LARGE PAGE MEMORY POOLS - Dedicated large page memory pools are provided to, at least in part, facilitate access to large pages. The large page memory is managed by: establishing multiple large page memory pools, each large page memory pool of the multiple large page memory pools including a number of large pages; and dedicating each large page memory pool of the multiple large page memory pools to a respective processor of multiple processors of the computing environment, wherein processors of the multiple processors can concurrently access pages from the respective large page memory pools of the multiple large page memory pools. | 07-04-2013 |
20130326181 | PROVIDING USAGE STATISTICS FOR VIRTUAL STORAGE - A method for obtaining a measurement of storage usage includes sending a request, by a processor, for the measurement of storage usage during execution of an application by the processor; counting blocks of storage to generate the measurement of storage usage by the application; and providing the measurement of storage usage to the application. | 12-05-2013 |
20130339655 | TRANSLATION LOOK-ASIDE TABLE MANAGEMENT - A computer system includes a translation look-aside (TLB) buffer and a processing unit. The TLB is configured to store an entry that comprises virtual address information, real address information associated with the virtual address information, and additional information corresponding to at least one of the virtual address information and the real address information. The processing unit is configured to control the TLB to modify the additional information while maintaining the entry in a valid state accessible by the processing unit for a translation look-aside operation corresponding to the virtual address information and the real address information. | 12-19-2013 |
20130346792 | RESOLVING MEMORY FAULTS WITH REDUCED PROCESSING IMPACT - A fault occurs in a virtual environment that includes a base space, a first subspace, and a second subspace, each with a virtual address associated with content in auxiliary storage memory. The fault is resolved by copying the content from auxiliary storage to central storage memory and updating one or more base space dynamic address translation (DAT) tables, and not updating DAT tables of the first and second subspace. A subsequent fault at the first subspace virtual address is resolved by copying the base space DAT table information to the first subspace DAT tables and not updating the second subspace DAT tables. A fault occurring with association to the virtual address of the first subspace is resolved for the base space and the base space DAT table information is copied to the first subspace DAT tables, and the second subspace DAT tables are not updated. | 12-26-2013 |
20140075142 | MANAGING BACKING OF VIRTUAL MEMORY - A computer system includes memory and a processor configured to manage memory allocation. The processor is configured to execute a memory allocation request to allocate a portion of the memory to an application by determining whether a size of the memory allocation request is less than a first pre-defined size. The processor searches virtual memory for a free allocated memory area corresponding at least to the size of the memory allocation request based on determining that the size of the memory allocation request is less than the first pre-defined size. | 03-13-2014 |
20140082305 | PROVIDING USAGE STATISTICS FOR VIRTUAL STORAGE - A method for obtaining a measurement of storage usage includes sending a request, by a processor, for the measurement of storage usage during execution of an application by the processor; counting blocks of storage to generate the measurement of storage usage by the application; and providing the measurement of storage usage to the application. | 03-20-2014 |
20140201493 | OPTIMIZING LARGE PAGE PROCESSING - Embodiments of the disclosure include a method for optimizing large page processing. The method includes receiving an indication that a real memory includes a first page. The first page includes a plurality of smaller pages. The method also includes determining a page frame table entry associated with a first smaller page of the first page and storing data associated with the first page in the page frame table entry associated with the first smaller page. The page frame table entry associated with the first smaller page of the first page is a data repository for the plurality of smaller pages of the first page. | 07-17-2014 |
20140201496 | RESERVING FIXED AREAS IN REAL STORAGE INCREMENTS - Embodiments of the disclosure include a method for reserving large pages in a large frame area (LFAREA) of a main memory. The method includes pre-scanning a plurality of storage increments and counting a number of available large pages that are online and issuing a message that indicates the number of available large pages. The method also includes receiving and parsing an LFAREA request including a target number of large pages to be reserved. The method further includes calculating an optimal number of large pages to be reserved, based upon the target number of available pages and a system limit. The method includes determining if the LFAREA request is valid and if the LFAREA request can be satisfied and scanning the plurality of the storage increments and reserving the optimal number of pages in the LFAREA. | 07-17-2014 |
Patent application number | Description | Published |
20110276604 | REPUTATION BASED ACCESS CONTROL - The reputation based access control system of the present invention allows or denies access to a requested controlled resource to a requesting subject based upon predetermined associations between the resource and security contexts to determine the subject's reputation in those contexts. The reputation based access control system utilizes an authentication system (biometric, challenge/response, etc.) to identify a subject. Once the identity is determined, a resource to be accessed is determined by a reputation based access control unit. The system interfaces with a reputation assessment system to gauge the subject's reputation in these contexts. If the subject's reputation meets the predetermined limits for reputation in those contexts for that resource, the subject is allowed access to the resource. Otherwise access is denied and the proper agents are notified. | 11-10-2011 |
20110307474 | PARTY REPUTATION AGGREGATION SYSTEM AND METHOD - A party reputation aggregation unit determines and collects the reputation of a party from various sources. Further, the party reputation aggregation unit provides for the weighing and aggregation of such data, including reputation data of the party, reputation data of the party's relationships, reputation data of the party's social networks and reputation data of the members of the party's social network so that a complete picture of an individual or organization may be provided to a qualified requestor for his/her use/assessment. | 12-15-2011 |
20120078862 | HYBRID OFF-PEAK AND JUST-IN-TIME INTEGRATION - The invention is directed to off-peak and just-in-time (JIT) retrieval of directory information to reduce network traffic and load on directory servers and/or data sources by requesting only the information that is currently needed from the directory server, while subsequently updating the directory information during an off-peak period in the case that the directory information retrieved in a JIT manner is outdated. In these embodiments, a hybrid integrator operable with an integration directory capable of retrieving directory information in a JIT manner provides this functionality. Specifically, the hybrid integrator and the integration directory are configured to receive a request for directory information at the hybrid integrator, and record the request. The integration directory retrieves a set of current attribute values in a JIT manner from at least one of the following: the directory server, and an external source. During an off-peak period, it is determined whether each of the set of current attribute values corresponding to the request is current. Based on whether each of the set of current attribute values corresponding to the request is current, a set of updated current attributes is retrieved from at least one of the following: a directory server, and an external source. | 03-29-2012 |
20120078947 | INTEGRATED JUST-IN-TIME SYNCHRONIZATION - The invention is directed to just-in-time (JIT) retrieval of directory information to reduce network traffic and load on directory servers and/or data sources by requesting only the information that is currently needed from the directory server. In the invention, a request handler operating with the directory server provides this capability. Specifically, the request handler and directory server are configured to receive a request for directory information from a client and to determine a location corresponding to a set of current attribute values for responding to the request. The request handler retrieves the set of current attribute values from at least one of the following: the directory server and an external source. A set of current attributes is returned to the client from the directory server. The request handler propagates information in a JIT manner so that only the information that will be currently used by the client is propagated across the network. | 03-29-2012 |
20120079077 | JUST-IN-TIME WRAPPER SYNCHRONIZATION - The invention is directed to just-in-time (JIT) retrieval of directory information to reduce network traffic and load on directory servers and/or data sources by requesting only the information that is currently needed from the directory server. In the invention, a wrapper operating with a directory server and an application programming interface (API) provides this capability. The wrapper is configured to receive a request from a client and to determine a location corresponding to a set of current attribute values for responding to the request. The wrapper retrieves the set of current attribute values in a JIT manner from at least one of the following: the directory server and an external source. A set of current attributes is returned to the client from the wrapper. By propagating information in a JIT manner, only the information that will be currently used is propagated across the network. | 03-29-2012 |
20120084856 | GATHERING, STORING AND USING REPUTATION INFORMATION - A method and a system for collecting and maintaining historical party reputation data and for using the historical party reputation data to calculate an access decision rating and recalculating the access decision rating when the historical party reputation data has changed has a reputation updater for updating a reputation when a party's reputation has changed, a reputation storer for storing the party's reputation, an access decision rating maker for making a rating on a party's access abilities based upon the party's reputation and reputation history storage for storing a party's reputation having access decision rating storage for storing previous and present access decision storage ratings. | 04-05-2012 |
20120131077 | VIRTUAL ATTRIBUTE FEDERATION SYSTEM - The present invention may comprise a system and method for a Virtual Attribute Federation System (VAFS) and may be composed of a Virtual Attribute Federation Manager (VAFM) and a system of Virtual Attribute Enabled Directories (VAED) modified to accept federation of virtual attributes. The VAFM produces signed and trusted calculation methods and coordinates a synchronized dispersal of these methods to the VAEDs. The VAEDs may have local mappings which allow for federation-time configuration of the calculation methods. | 05-24-2012 |
20120136908 | VIRTUAL ATTRIBUTE BASED ACCESS CONTROL - The present invention involves creating an attribute in a directory and having a system provide attribute values for data that changes rapidly with a speed high enough to satisfy real-time requirements. The present invention calculates values rather than storing them for each attribute of an object class instance. It provides “virtual attributes” and using them in Attribute Based Access Control (ABAC). The resulting Virtual Attribute Based Access Control (VABAC) system allows a Policy Decision Point (PDP) to make better informed decisions based on information that results from metrics, statistics, or data from some outside system. Given virtual attributes, the PDPs can make access decisions based on things like reputation, skill level, trust level, organizational structure, etc. | 05-31-2012 |
20120191643 | TRANSACTIONAL SERVICE PIPELINE - An approach for connecting the inputs and the outputs of multiple services in such a way that the entire transaction can be tracked from beginning to end and from service to service is provided. The pipeline architecture of the present invention passes information through a sequence of nodes, each node providing some processing or filtering before passing information to the next node in the pipe. A transaction's token passes down a pipe of services. The pipe can have forks and branches, so a transaction's token is passed from node to node carrying messages from one node to another. The overall transactional information is not lost from service to service; instead it is carried up and down the length of the pipeline. As the transaction's token is passed up and down the pipeline, its history passes with it. The pipe links a chain of nodes connected end-to-end. | 07-26-2012 |
20140006076 | SYSTEM FOR ASSIGNMENT ROUTING, DELEGATION AND REASSIGNMENT | 01-02-2014 |
20140136474 | TRANSACTIONAL SERVICE PIPELINE - An approach for connecting the inputs and the outputs of multiple services in such a way that the entire transaction can be tracked from beginning to end and from service to service is provided. The pipeline architecture of the present invention passes information through a sequence of nodes, each node providing some processing or filtering before passing information to the next node in the pipe. A transaction's token passes down a pipe of services. The pipe can have forks and branches, so a transaction's token is passed from node to node carrying messages from one node to another. The overall transactional information is not lost from service to service; instead it is carried up and down the length of the pipeline. As the transaction's token is passed up and down the pipeline, its history passes with it. The pipe links a chain of nodes connected end-to-end. | 05-15-2014 |
20140310254 | REPUTATION BASED ACCESS CONTROL - Approaches for providing reputation based access control are provided. Specifically, at least one approaches includes: identifying a requesting subject that is requesting access to a controlled resource; retrieving the requesting subject's reputation stored as a virtual attribute in a reputation-based access control database, wherein the requesting subject's reputation comprises a value for skill for operating with the requested controlled resource, and wherein the requesting subject's reputation is modified following an indication from a peer of the requesting subject that the requesting subject's value for skill is diminished; retrieving the requested controlled resource's policy; determining if the requesting subject's reputation meets the requested controlled resource's policy; if the requesting subject's reputation meets the requested controlled resource's policy, allowing the requesting subject access to the requested controlled resource; and if the requesting subject's reputation does not meet the requested controlled resource's policy, denying the requesting subject access to the requested controlled resource. | 10-16-2014 |
20150039901 | FIELD LEVEL DATABASE ENCRYPTION USING A TRANSIENT KEY - Embodiments of the present invention disclose a method, system, and computer program product for implementing user specific encryption in a database system. A computer receives a query statement including a user specific key and data, the data including data needing encryption and non-encrypted data. The computer encrypts the data needing encryption using the user specific key. The computer inserts both the encrypted data and the non-encrypted data into a table row in a database. The computer creates a hash of the user specific key, and stores the hash of the user specific key in the table row with the data. | 02-05-2015 |
20150143117 | DATA ENCRYPTION AT THE CLIENT AND SERVER LEVEL - Embodiments of the present invention include a computer system and computer program product for implementing encryption of data. A computer system determines that a first data field of a plurality of data fields of a web form requires encryption. The computer system tags the first data field with one or more HTML encryption tags. The computer system displays the web form to a user. The computer system receives user input, wherein at least a portion of the user input is contained in the first data field of the web form. The computer system encrypts the first data field on a first computer, wherein a first user specific encryption key is associated with at least the first data field. The computer system inserts the encrypted first data field into at least one record stored on a second computer. | 05-21-2015 |
20150188926 | REPUTATION BASED ACCESS CONTROL - Approaches for providing reputation based access control are provided. Specifically, at least one approach includes: identifying a requesting subject requesting access to a controlled resource; retrieving a reputation of the subject stored as a virtual attribute in a reputation-based access control database, the reputation comprising a value for skill for operating with the requested controlled resource; determining whether the subject is a known security risk; modifying a reputation of the subject and an associate in the case that a security risk of the subject meets a threshold; modifying the reputation of the subject based on at least one of: peer feedback and expert opinion, in the case that the subject is not a known security risk; retrieving a policy of the requested controlled resource; determining if the reputation of the subject meets the policy, and if so, allowing the subject access to the resource, and if not, denying the access. | 07-02-2015 |