39th week of 2010 patent applcation highlights part 88 |
Patent application number | Title | Published |
20100250853 | Prefetch engine based translation prefetching - A method and system for prefetching in computer system are provided. The method in one aspect includes using a prefetch engine to perform prefetch instructions and to translate unmapped data. Misses to address translations during the prefetch are handled and resolved. The method also includes storing the resolved translations in a respective cache translation table. A system for prefetching in one aspect includes a prefetch engine operable to receive instructions to prefetch data from the main memory. The prefetch engine is also operable to search cache address translation for prefetch data and perform address mapping translation, if the prefetch data is unmapped. The prefetch engine is further operable to prefetch the data and store the address mapping in one or more cache memory, if the data is unmapped. | 2010-09-30 |
20100250854 | METHOD AND SYSTEM FOR DATA PREFETCHING FOR LOOPS BASED ON LINEAR INDUCTION EXPRESSIONS - An efficient and effective compiler data prefetching technique is disclosed in which memory accesses may be prefetched are represented in linear induction expressions. Furthermore, indirect memory accesses indexed by other memory accesses of linear induction expressions in scalar loops may be prefetched. | 2010-09-30 |
20100250855 | COMPUTER-READABLE RECORDING MEDIUM STORING DATA STORAGE PROGRAM, COMPUTER, AND METHOD THEREOF - A computer-readable recording medium storing a data storage program, a method and a computer are provided. The computer includes a cache table including an address area for storing an address and a user data area for storing user data corresponding to the address, and executes an operation including, reading user data at a specified address from a recording medium, delta-decoding the read difference data, and determining the decompressed user data to be the read user data, and writing the read user data in the user data area of the cache table when a size of the user data read by the delta-decoding is equal to or less than a threshold value and writing an address corresponding to the read user data in the address area of the cache table, obtaining difference data between the user data requested to be written and the corresponding user data and writing the difference data. | 2010-09-30 |
20100250856 | METHOD FOR WAY ALLOCATION AND WAY LOCKING IN A CACHE - A system and method for data allocation in a shared cache memory of a computing system are contemplated. Each cache way of a shared set-associative cache is accessible to multiple sources, such as one or more processor cores, a graphics processing unit (GPU), an input/output (I/O) device, or multiple different software threads. A shared cache controller enables or disables access separately to each of the cache ways based upon the corresponding source of a received memory request. One or more configuration and status registers (CSRs) store encoded values used to alter accessibility to each of the shared cache ways. The control of the accessibility of the shared cache ways via altering stored values in the CSRs may be used to create a pseudo-RAM structure within the shared cache and to progressively reduce the size of the shared cache during a power-down sequence while the shared cache continues operation. | 2010-09-30 |
20100250857 | CACHE CONTROLLING APPARATUS, INFORMATION PROCESSING APPARATUS AND COMPUTER-READABLE RECORDING MEDIUM ON OR IN WHICH CACHE CONTROLLING PROGRAM IS RECORDED - A technique for managing a cache memory for temporarily retaining data read out from a main memory so as to be used by a processing section is disclosed. The cache memory is managed using a tag memory and utilized by a write-through method. The cache controlling apparatus includes a supervising section adapted to supervise accessing time to the cache memory, and a refreshing section adapted to read out data on one or more cache lines of the cache memory from the main memory again in response to a result of the supervision by the supervising section and retain the read out data into the cache memory. | 2010-09-30 |
20100250858 | Systems and Methods for Controlling Initialization of a Fingerprint Cache for Data Deduplication - A computer-implemented method for controlling initialization of a fingerprint cache for data deduplication associated with a single-instance-storage computing subsystem may comprise: 1) detecting a request to store a data selection to the single-instance-storage computing subsystem, 2) leveraging a client-side fingerprint cache associated with a previous storage of the data selection to the single-instance-storage computing subsystem to initialize a new client-side fingerprint cache, and 3) utilizing the new client-side fingerprint cache for data deduplication associated with the request to store the data selection to the single-instance-storage computing subsystem. Other exemplary methods of controlling initialization of a fingerprint cache for data deduplication, as well as corresponding exemplary systems and computer-readable-storage media, are also disclosed. | 2010-09-30 |
20100250859 | PREFETCHING OF NEXT PHYSICALLY SEQUENTIAL CACHE LINE AFTER CACHE LINE THAT INCLUDES LOADED PAGE TABLE ENTRY - A microprocessor includes a cache memory, a load unit, and a prefetch unit, coupled to the load unit. The load unit is configured to receive a load request that includes an indicator that the load request is loading a page table entry. The prefetch unit is configured to receive from the load unit a physical address of a first cache line that includes the page table entry specified by the load request. The prefetch unit is further configured to responsively generate a request to prefetch into the cache memory a second cache line. The second cache line is the next physically sequential cache line to the first cache line. In an alternate embodiment, the second cache line is the previous physically sequential cache line to the first cache line rather than the next physically sequential cache line to the first cache line. | 2010-09-30 |
20100250860 | Method and System for Managing Cache Invalidation - In one embodiment the present invention includes a method and system for managing cache invalidation. In one embodiment, connection information to a database in stored in an intermediate cache management module. If changes are made to objects in the database, the objects are invalidated in a local cache. The connection information is accessed and used to connect to the database by an invalidation listener. The invalidation listener may determine the changes so that the changes can be reflected in the cache. Embodiments of the present invention may be implemented across multiple nodes in a clustered environment for updating caches on different nodes in response to changes to data objects performed by other nodes. | 2010-09-30 |
20100250861 | FAIRNESS MECHANISM FOR STARVATION PREVENTION IN DIRECTORY-BASED CACHE COHERENCE PROTOCOLS - Methods and apparatus relating to a fairness mechanism for starvation prevention in directory-based cache coherence protocols are described. In one embodiment, negatively-acknowledged (nack'ed) requests from a home agent may be tracked (e.g., using distributed linked-lists). In turn, the tracked requests may be served in a fair order. Other embodiments are also disclosed. | 2010-09-30 |
20100250862 | SYSTEM CONTROLLER, INFORMATION PROCESSING SYSTEM, AND ACCESS PROCESSING METHOD - A system controller includes an output unit which transfers an access request from an access source coupled to the system controller to an other system controller; a local snoop control unit that determines whether a destination of the access request from the access source is a local memory unit coupled to the system controller, and locks the destination when the destination is the local memory unit; a receiving unit which receives the access request from the output unit and an access request from an other system controller; a global snoop control unit which sends a response indicating whether the access request is executable or not, and controls locking of the destination of the access request when the destination is the local memory unit; and an access processing unit which unlocks the locking and accesses the memory unit when the access request from the access source becomes executable. | 2010-09-30 |
20100250863 | PAGING PARTITION ARBITRATION OF PAGING DEVICES TO SHARED MEMORY PARTITIONS - Disclosed is a computer implemented method, computer program product, and apparatus to establish at least one paging partition in a data processing system. The virtualization control point (VCP) reserves up to the subset of physical memory for use in the shared memory pool. The VCP configures at least one logical partition as a shared memory partition. The VCP assigns a paging partition to the shared memory pool. The VCP determines whether a user requests a redundant assignment of the paging partition to the shared memory pool. The VCP assigns a redundant paging partition to the shared memory pool, responsive to a determination that the user requests a redundant assignment. The VCP assigns a paging device to the shared memory pool. The hypervisor may transmit at least one paging request to a virtual asynchronous services interface configured to support a paging device stream. | 2010-09-30 |
20100250864 | Method And Apparatus For Compressing And Decompressing Data - One embodiment of the invention provides a method and apparatus for decompressing a compressed data set using a processing device having a plurality of processing units and a shared memory. The compressed data set comprises a plurality of compressed data segments, in which each compressed data segment corresponds to a predetermined size of uncompressed data. The method includes loading the compressed data set into the shared memory so that each compressed data segment is stored into a respective memory region of the shared memory. The respective memory region has a size equal to the predetermined size of the corresponding uncompressed data segment. The method further includes decompressing the compressed data segments with the processing units; and storing each decompressed data segment back to its respective memory region within the shared memory. | 2010-09-30 |
20100250865 | Self-Timing For A Multi-Ported Memory System - Multi-ported memory systems (e.g., register files) employ self-timing for operational synchronization. Thus, rather than using a reference clock duty cycle for operational synchronization, as in conventional multi-ported register files, embodiments of the present disclosure employ self-timing for such operational synchronization. According to certain embodiments, self-timing is employed to synchronize all the internal events within the memory so that all the events are spaced in time for appropriate synchronization. For instance, the completion of one event leads to triggering another event, the completion of which leads to triggering another event, and so on. Thus, in one embodiment, the self-timing is achieved by referencing the operational events with the memory (or register file) to each other, rather than to a reference clock duty cycle. | 2010-09-30 |
20100250866 | INFORMATION PROCESSING PROGRAM, INFORMATION PROCESSING DEVICE AND INFORMATION PROCESSING METHOD - An apparatus includes: a memory; a management memory for storing first virtual addresses used by the first program, second virtual addresses used by the second program and management information indicative of association between first and second virtual addresses and physical addresses of the memory; and a processor for executing the first, the second and a management programs, the management program including: receiving a request to assign a shared area to be shared by the first and second programs from the second program; determining a physical address of the shared area corresponding to one of the first and one of the second virtual addresses; transmitting a notification of data writing by the first program to the second program; locking the shared area so as to prevent the second program from writing data after the notification; and unlocking the shared area after the second program has read data from the shared area. | 2010-09-30 |
20100250867 | COMPUTER ARCHITECTURES USING SHARED STORAGE - Shared storage architectures and methods are provided. A particular shared storage architecture is a system including shared storage including data and file system metadata separated from the data. The file system metadata includes location data specifying storage location information related to the data. Services are provided from service providers to service consumers through the shared storage. | 2010-09-30 |
20100250868 | VIRTUAL NON-UNIFORM MEMORY ARCHITECTURE FOR VIRTUAL MACHINES - Techniques for effectuating a virtual NUMA architecture for virtual machines and adjusting memory in virtual NUMA nodes are described herein. | 2010-09-30 |
20100250869 | VIRTUALIZATION SYSTEM USING HARDWARE ASSISTANCE FOR SHADOW PAGE TABLE COHERENCE - One embodiment of the present invention includes a method for maintaining a shadow page table in at least partial correspondence with guest page mappings of a guest computation. The method marking with a traced write indication at least those entries of the shadow page table that map physical memory locations which themselves encode the guest page mappings, the marking identifying, for a hardware facility, a subset of memory access targets for which updates are to be recorded in a guest write buffer accessible to the virtualization system. Responsive to a coherency-inducing operation of the guest computation, the method reads from the guest write buffer and introduces corresponding updates into the shadow page table. | 2010-09-30 |
20100250870 | METHOD AND APPARATUS FOR TRACKING ENREGISTERED MEMORY LOCATIONS - One embodiment of the present invention provides a system that tracks enregistered memory locations. During operation, the system receives program object code that enregisters a memory location (e.g., a set of data at a given memory address). Next, the system executes this program object code using a thread. After enregistering the memory location, the system tracks the associated memory address and a thread identifier for the thread in a table that identifies enregistered memory locations. The system checks this table during memory accesses to ensure that other threads attempting to access an enregistered memory location receive a current value for the enregistered memory location. | 2010-09-30 |
20100250871 | REPRODUCING DEVICE AND REPRODUCING METHOD - A reproducing device ( | 2010-09-30 |
20100250872 | INTERFACE, MEMORY SYSTEM, AND ACCESS CONTROL METHOD - An interface includes a controller that divides a burst access command into a plurality of command cycles and supplies the plurality of command cycles to a storage device including a plurality of blocks, and a block address converter that outputs an address at a first command cycle of the plurality of command cycles. The address is obtained by shifting at least one bit of an external block address input in response to the burst access command. The address is supplied to the storage device at the first command cycle, and the external block address is supplied to the storage device at a command cycle other than the first command cycle. | 2010-09-30 |
20100250873 | MANAGEMENT APPARATUS FOR MANAGING STORAGE APPARATUS - A management includes an acquiring unit for acquiring information of specifying a target virtual storage in a target storage pool and an expansion storage capacity to be acquired from another storage pool other than the target storage pool, and a determining unit for determining the real storage to be used for the expansion storage capacity of the target virtual storage from candidate one of the real storages in the another storage pool, which are under the control of the controller in charge of the real storage that the target virtual storage is defined, on the basis of an occupied storage capacity defined as the virtual storage on the real storage in the another storage pool and a free storage capacity of the real storage in the another storage pool. | 2010-09-30 |
20100250874 | APPARATUS AND METHOD FOR BUFFERED WRITE COMMANDS IN A MEMORY - Memories, buffered write command circuits, and methods for executing memory commands in a memory. In some embodiments, read commands that are received after write commands are executed internally prior to executing the earlier received write commands. Write commands are buffered so that the commands can be executed upon completion of the later received read command. One example of a buffered write command circuit includes a write command buffer to buffer write commands and propagate buffered write commands therethrough in response to a clock signal and further includes write command buffer logic. The write command buffer logic generates an active clock signal to propagate the buffered write commands through the write command buffer for execution, suspends the active clock signal in response to receiving a read command after the write command is received, and restarts the active clock upon completion of the later received read command. | 2010-09-30 |
20100250875 | EEPROM EMULATION USING FLASH MEMORY - A device is provided wherein a traditional EEPROM device is emulated by using two or more pages of block-erasable memory and mapping each traditional EEPROM write instruction to an incremented active data sector in a first page of the block-erasable memory while a second page of the block-erasable memory is being partially or fully erased. Then, when the first page of block-erasable memory has had its plurality of data sectors written, changing the active page to the second block-erasable memory and mapping traditional EEPROM writes to incremented data sectors therein while the previously written block-erasable memory is being partially or fully erased. | 2010-09-30 |
20100250876 | System and Method for Memory Architecture Configuration - Systems and methods for reducing problems and disadvantages associated with physically asymmetrical memory structures are disclosed. A method for configuring memories in an information handling system having a plurality of memories, each memory local to one of a plurality of nodes, and wherein at least one memory of the plurality of memories has a different memory capacity than at least one other memory of the plurality of memories is provided. The method may include determining a smallest memory capacity of the plurality of memories. The method may also include allocating a node-interleaved memory using a portion of each memory equal to the smallest memory capacity. For each particular memory not fully allocated to the node-interleaved memory, each portion of each particular memory not allocated to the node-interleaved memory may be associated with a node local to the particular memory. | 2010-09-30 |
20100250877 | Method and system for moving active virtual partitions between computers - Embodiments of the present invention are directed to enhancing VPAR monitors to allow an active VPAR to be moved from one machine to another, as well as to enhancing virtual-machine monitors to move active VPARs from one machine to another. Because traditional VPAR monitors lack access to many computational resources and to executing-operating-system state, VPAR movement is carried out primarily by specialized routines executing within active VPARs, unlike the movement of guest operating systems between machines carried out by virtual-machine-monitor routines. | 2010-09-30 |
20100250878 | Storage System of Storing Golden Image of a Server or Any Physical/Virtual Machine Execution Environment - A storage system stores golden image of a server or any physical/virtual machine execution environment and associate the golden image and the storage port. The storage system also creates the copy of the golden image to the logical volume, and allocates the internal path between the storage port and the logical volume. Upon receiving an access request from the host computer via the storage port, the storage system transfers the access request between the storage port and the logical volume which stores the copy of golden image associated with the host computer. | 2010-09-30 |
20100250879 | DATA MANIPULATION METHOD OF LOGICAL VOLUME MANAGER - A data manipulation method of a logical volume manager is applicable to data management of dependent snapshot volumes (SVs) of a logical volume manager. The data management method includes the following steps generating a plurality of SVs, defining the SV generated at first as a first SV, defining the SV generated at last as a last SV, and defining the rest SVs as middle SVs; selecting a middle SV; combining content stored in the selected middle SV into a neighboring SV; according to the combined SV, combining meta-data of the selected middle SV into meta-data of the middle SV; deleting the selected middle SV. The logical volume manager does not need copy the data again, thereby saving access time in data management. | 2010-09-30 |
20100250880 | METHODS AND APPARATUS FOR BACKUP AND RESTORE OF THIN PROVISIONING VOLUME - Methods and apparatuses for backing up virtual volumes effectively by eliminating transfer and preservation of parts of virtual volumes, which contain no data. By representing virtual volumes as virtual files in a virtual file system, it is thereby possible to avoid needlessly backing up empty data space in the virtual volume. In one implementation, a storage system includes multiple virtual volumes and a virtual file system as well as a storage system control module. Each virtual volume in the multiple virtual volumes is represented as a virtual file within the virtual file system with each virtual file representing data actually stored within the virtual volume; and the storage system control module facilitates backing up a selected virtual volume, the operations involving accessing the virtual file system on the storage system; and reading the virtual file corresponding to the selected virtual volume. | 2010-09-30 |
20100250881 | SYSTEMS AND METHOD FOR DATA RECOVERY - Systems and a method for recovering data from a protected memory are provided. The protected memory system includes a memory for storing data related to the operation of a vehicle and an interface configured to transform said data stored in said memory from a proprietary format to an industry standard serial data format. | 2010-09-30 |
20100250882 | INCREMENTAL BACKUP OF SOURCE TO TARGET STORAGE VOLUME - Various method, system, and computer program product embodiments for performing a backup of a source storage volume to a target storage volume are provided. In one exemplary embodiment, a flashcopy of the source storage volume to the target storage volume is initiated. The content of the source storage volume is stored on the target storage volume in a space efficient manner. The space requirement of the stored content on the target storage volume is monitored. The flashcopy is terminated when the space requirement reaches a predetermined level. The stored content on the target storage volume is copied to a backup storage medium. A new flashcopy of the source storage volume is initiated. | 2010-09-30 |
20100250883 | APPARATUS FOR DYNAMICALLY MIGRATING LPARS WITH PASS-THROUGH I/O DEVICES, ITS METHOD, AND ITS PROGRAM - A dynamic migration apparatus of a system logically divides hardware resources of a physical machine to configure a plurality of logical partitions using the pass-through I/O method and performs migration on the logical partitions. The apparatus makes a setting so that the same I/O device used in a migration source logical partition continues to be used in a migration destination logical partition when migration is performed. | 2010-09-30 |
20100250884 | STORAGE SYSTEM, STORAGE DEVICE AND INFORMATION STORING METHOD - A storage system includes a primary-side storage device and a secondary-side storage device. The primary-side storage device includes a first storage unit that functions as: a primary-side reserving unit to reserve a primary-side storage area in the first storage unit; a request unit to request the secondary-side storage device to reserve a secondary-side storage area; a checking unit to receive identifying information of the reserved secondary-side storage area; a management storage unit to store the identifying information of the secondary-side storage area in the way of being associated with the primary-side storage area; and a transfer unit to transfer data stored in the primary-side storage area to the secondary-side storage area. The secondary-side storage device includes a second storage unit that functions as: a request accepting unit to accept a request for reserving the secondary-side storage area from the primary-side storage device; a secondary-side reserving unit to reserve the secondary-side storage area in the second storage unit in response to the request; and a report unit to report the identifying information of the reserved secondary-side storage area to the primary-side storage device. | 2010-09-30 |
20100250885 | STORAGE CONTROL DEVICE, STORAGE SYSTEM, AND COPYING METHOD - A storage control device that copies copy source data stored in a copy source volume to a copy destination volume, the storage control device include a copy source data-comparison section configured to compare data transmitted from a host computer to data written into an area specified in the copy source volume storing the transmitted data and a copy function-execution section configured to avoid writing the transmitted data into the copy source volume based on a determination that the data transmitted from the host computer and the data written into the area of the copy destination volume storing the transmitted data that are compared to each other through the copy source data-comparison section agree with each other. | 2010-09-30 |
20100250886 | STORAGE SYSTEM HAVING DYNAMIC VOLUME ALLOCATION FUNCTION - Access to a plurality of logical devices is enabled regardless of the number of ports provided in a storage system and the number of logical devices that can be allocated to a single port, thereby improving the usability of the logical devices. A storage system comprises a plurality of logical devices, a target device which is the object of access from a computer, and a juke box system for allocating one of the plurality of logical devices to the target device. The juke box system changes the logical device that is allocated to the target device in accordance with a request from the computer. | 2010-09-30 |
20100250887 | Password Accessible Microelectronic Memory - A microelectronic memory may be password access protected. A controller may maintain a register with requirements for accessing particular memory locations to initiate a security protocol. A mapping may correlate which regions within a memory array are password protected. Thus, a controller can use a register and the mapping to determine whether a particular granularity of memory is password protected, what the protection is, and what protection should be implemented. As a result, in some embodiments, a programmable password protection scheme may be utilized to control a variety of different types of accesses to particular regions of a memory array. | 2010-09-30 |
20100250888 | APPARATUS, SYSTEM, AND METHOD FOR MEMORY UPGRADE PATH OPTIMIZATION - An apparatus, system, and method are disclosed for memory upgrade optimization. A requirements module | 2010-09-30 |
20100250889 | CONTROL OF ON-DIE SYSTEM FABRIC BLOCKS - Methods and apparatus for control of On-Die System Fabric (OSF) blocks are described. In one embodiment, a shadow address corresponding to a physical address may be stored in response to a user-level request and a logic circuitry (e.g., present in an OSF) may determine the physical address from the shadow address. Other embodiments are also disclosed. | 2010-09-30 |
20100250890 | MANAGING WORKING SET USE OF A CACHE VIA PAGE COLORING - A processor cache is indexed by a group of distinct page colors. The use of this cache by different working sets is controlled using page coloring. Translations of virtual addresses of the instructions and/or data of a working set are constrained to physical addresses the page colors of which are in a subgroup of the group of distinct page colors. | 2010-09-30 |
20100250891 | METHOD AND SYSTEM FOR TRANSFORMATION OF LOGICAL DATA OBJECTS FOR STORAGE - There is provided a system capable of transformation of logical data objects for storage and method of operating thereof. The method comprises: a) identifying among a plurality of requests addressed to the storage device two or more “write” requests addressed to the same logical data object; b) deriving data chunks corresponding to identified “write” requests and transforming the derived data chunks; c) grouping the transformed data chunks in accordance with the order the requests have been received and in accordance with a predefined criteria; d) generating a grouped “write” request to the storage device; and e) providing mapping in a manner facilitating one-to-one relationship between the data in the obtained data chunks and the data to be read from the transformed logical object. The method further comprises obtaining an acknowledging response from the storage device; multiplying the obtained acknowledging response, and sending respective acknowledgements to each source which initiated respective “write” request. | 2010-09-30 |
20100250892 | Managing a Logically Partitioned Computing System Through a Virtual File System - A method, apparatus, and program product for managing partitionable resources in a logically partitioned computing system is disclosed. The method includes associating each of a plurality of partitionable resources in the logically partitioned computing system with a respective file entry in a virtual file system, associating each of a plurality of partitionable resources in the logically partitioned computing system with a respective file entry in a virtual file system, and allocating a first partitionable resource among the plurality of partitionable resources to a first logical partition among the plurality of logical partitions in response to a file system operation directed to the virtual file system to organize a respective file entry for the first partitionable resource within the respective directory for the first logical partition. | 2010-09-30 |
20100250893 | BATCHED VIRTUAL MEMORY REMAPPING FOR EFFICIENT GARBAGE COLLECTION OF LARGE OBJECT AREAS - A method and system for batched remapping of virtual addresses for garbage collection in a large object area. A mapping from a table having a first set of virtual addresses and sizes of non-contiguous, page-aligned large objects in a large object area to a remapping table having a second set of virtual addresses is determined. In a single batch, a request is received that includes the second set of virtual addresses and requests a remapping of the large objects to the second set of virtual addresses. The second set of virtual memory addresses is validated. The large objects are remapped to the second set of virtual memory addresses according to the request. The remapping results in a compaction so that the large objects are contiguous in the large object area. The remapping does not require copying data in physical memory. | 2010-09-30 |
20100250894 | Explicit data segment boundaries with SCSI I/O referrals - A method for communication between an initiator system and a block storage cluster may include receiving a first command at a first storage system included in a plurality of storage systems of the block storage cluster. The method may also include transmitting a referral response from the first storage system to the initiator system when at least a portion of the data associated in the first command is stored by a second storage system. The method may further include obtaining a segment start value and a corresponding port identifier based on the referral response, and directing a second command to at least a second storage system included in the plurality of storage systems of the block cluster. | 2010-09-30 |
20100250895 | HARDWARE ASSISTANCE FOR SHADOW PAGE TABLE COHERENCE WITH GUEST PAGE MAPPINGS - Some embodiments of the present invention include an execution unit of a processor and a memory management unit interposed between the execution unit and an interface to memory suitable for storage of both guest page tables maintained by a guest operating system and shadow page tables maintained generally in correspondence with the guest page tables by virtualization software. The memory management unit is configured to walk in-memory data structures that encode the shadow page tables, to access entries of the shadow page tables and, based thereon or on a cached representation of page mappings therein, to perform virtual-to-physical address translations relative to memory targets of instructions executed by the execution unit. The memory management unit is responsive to a shadowed write indication coded in association with either an entry of the shadow page tables or a cached representation of a page mapping therein used to perform the virtual-to-physical address translation for a write-type one of the instructions that targets an entry of one of the guest page tables. The memory management unit is configured to complete the memory access of the write-type instruction that targets the guest page table entry and to store in a buffer, information sufficient to allow the virtualization software to later update an entry of the shadow page tables in correspondence therewith. | 2010-09-30 |
20100250896 | SYSTEM AND METHOD FOR DATA DEDUPLICATION - A system for deduplicating data comprises a card operable to receive at least one data block and a processor on the card that generates a hash for each data block. The system further comprises a first module that determines a processing status for the hash and a second module that discards duplicate hashes and their data blocks and writes unique hashes and their data blocks to a computer readable medium. In one embodiment, the processor also compresses each data block using a compression algorithm. | 2010-09-30 |
20100250897 | Addressing Device for Parallel Processor - The invention relates to a parallel processor which comprises elementary processors ( | 2010-09-30 |
20100250898 | PROCESSING ELEMENT AND DISTRIBUTED PROCESSING UNIT - A general-purpose processing element has a program holding portion that can hold a program by which a specific function is implemented in the general-purpose processing element. A distributed processing system according to the invention includes a control unit, a plurality of processing elements connected to the control unit, and a client, wherein the plurality of processing elements include the above-described processing element. | 2010-09-30 |
20100250899 | DISTRIBUTED PROCESSING SYSTEM - A distributed processing system includes a plurality of processing elements each having one or more inputs and one or more outputs, and a control unit to which the plurality of processing elements are connected, wherein based on a service execution request from a client, the control unit creates execution transition information in which the processing elements that are necessary to execute a specific service and an order of execution are specified. | 2010-09-30 |
20100250900 | DEPENDENCY TRACKING FOR ENABLING SUCCESSIVE PROCESSOR INSTRUCTIONS TO ISSUE - An information handling system includes a processor with an issue unit (IU) that may perform instruction dependency tracking for successive instruction issue operations. The IU maintains non-shifting issue queue (NSIQ) and shifting issue queue (SIQ) instructions along with relative instruction to instruction dependency information. A mapper maps queue position data for instructions that dispatch to issue queue locations within the IU. The IU may test an issuing producer instruction against consumer instructions in the IU for queue position (QPOS) and register tag (RTAG) matches. A matching consumer instruction may issue in a successive manner in the case of a queue position match or in a next processor cycle in the case of a register tag match. | 2010-09-30 |
20100250901 | Selecting Fixed-Point Instructions to Issue on Load-Store Unit - Issue logic identifies a simple fixed point instruction, included in a unified payload, which is ready to issue. The simple fixed point instruction is a type of instruction that is executable by both a fixed point execution unit and a load-store execution unit. In turn, the issue logic determines that the unified payload does not include a load-store instruction that is ready to issue. As a result, the issue logic issues the simple fixed point instruction to the load-store execution unit in response to determining that the simple fixed point instruction is ready to issue and determining that the unified payload does not include a load-store instruction that is ready to issue. | 2010-09-30 |
20100250902 | Tracking Deallocated Load Instructions Using a Dependence Matrix - A mechanism is provided for tracking deallocated load instructions. A processor detects whether a load instruction in a set of instructions in an issue queue has missed. Responsive to a miss of the load instruction, an instruction scheduler allocates the load instruction to a load miss queue and deallocates the load instruction from the issue queue. The instruction scheduler determines whether there is a dependence entry for the load instruction in an issue queue portion of a dependence matrix. Responsive to the existence of the dependence entry for the load instruction in the issue queue portion of the dependence matrix, the instruction scheduler reads data from the dependence entry of the issue queue portion of the dependence matrix that specifies a set of dependent instructions that are dependent on the load instruction and writes the data into a new entry in a load miss queue portion of the dependence matrix. | 2010-09-30 |
20100250903 | APPARATUSES AND SYSTEMS INCLUDING A SOFTWARE APPLICATION ADAPTATION LAYER AND METHODS OF OPERATING A DATA PROCESSING APPARATUS WITH A SOFTWARE ADAPTATION LAYER - A software application adaptation layer is comprised of a program file comprising a plurality of adaptation filters and a configuration file. The configuration file may designate one or more adaptation filters of the plurality of adaptation filters to be applied by the program file for modifying one or more behaviors of an active software application. A data processing apparatus including such a software application adaptation layer includes processing circuitry configured to execute instructions for the active software application, a communications module coupled to the processing circuitry and at least one storage medium for storing the program file and the configuration file. Operational methods for such an apparatus includes storing the program file and the configuration file in the at least one storage medium, identifying the active software application, generating an adaptation filter set and attaching the adaptation filter set to an input queue associated with the active software application. | 2010-09-30 |
20100250904 | METHODS AND PROCESSOR-RELATED MEDIA TO PERFORM RAPID RETURNS FROM SUBROUTINES IN MICROPROCESSORS AND MICROCONTROLLERS - Various embodiments include methods and related media for performing operations including a return operation. One such method includes testing a content of a return value register and setting status flags. Testing the content of the return value register and setting the status flags are performed in response to a single instruction. | 2010-09-30 |
20100250905 | System and Method of Routing Instructions - Disclosed are a method and system for reducing complexity of routing of instructions from an instruction issue queue to appropriate execution pipelines in a superscalar processor. In one or more embodiments, an instruction steering unit of the superscalar processor receives ordered instructions. The steering unit determines that a first instruction and a subsequent second instruction of the ordered instructions are non-branching instructions, and the steering unit stores the first and second instructions in two non-branching instruction issue queue entries of a shadow queue. The steering unit determines whether or not a third instruction the ordered instructions is a branch instruction, where the third instruction is subsequent to the second instruction. If the third instruction is a branch instruction, the steering unit stores the third instruction in a branch entry of the shadow queue; otherwise, the steering unit stores a no operation instruction in the branch entry of the shadow queue. | 2010-09-30 |
20100250906 | Obfuscation - In an embodiment of a method of making a conditional jump in a computer running a program, an input is provided, conditional on which a substantive conditional branch is to be made. An obfuscatory unpredictable datum is provided. Code is executed that causes an obfuscatory branch conditional on the unpredictable datum. At a point in the computer program determined by the obfuscatory conditional branch, a substantive branch is made that is conditional on the input. | 2010-09-30 |
20100250907 | SYSTEMS AND METHODS FOR PROVIDING CONFIGURATION MANAGEMENT SERVICES FROM A PROVISIONING SERVER - A provisioning server can perform configuration management services on target machines served by the provisioning server. The provisioning server can maintain a set of management templates. The set of management templates can be utilized to generate management configuration files for target machines. The management configuration files, generated from the management templates, can cause the target machines to operate according to a defined role (e.g. web server, client device, application server, etc.). To enable configuration management services, the provisioning server can associate the management templates with provisioning objects (e.g. profiles, provisioning templates, system records, etc.). | 2010-09-30 |
20100250908 | Concurrent Patching of Operating Systems - Replacing a computer program with a replacement version concurrently with its execution by a first instance of an operating system in a computer system, wherein a persistent memory area in the computer system is used to store selected data from the first instance. A snapshot image of a second instance of the operating system, wherein in the second instance the replacement version was executed instead of said computer program, is provided to the computer system. The execution of the first instance is suspended and the first instance is replaced with data from the snapshot image while preserving the persistent memory area. The execution of the first instance is resumed and data from the persistent memory area is restored in the first instance. | 2010-09-30 |
20100250909 | Multiple Configuration Electronic Thermometer - A plurality of custom thermometer models are manufactured from a universal clinical thermometer core. The thermometer core includes a housing, a controller storing a software program, a power source, a probe, a probe cord, and a display. A plurality of model selection devices are produced, each corresponding to a different thermometer model. One of the model selection devices is selected and connected to the controller. The controller operates the thermometer as a function of the connected model selection device such that the thermometer is configured with the features and default settings of the thermometer model corresponding to the connected model selection device. | 2010-09-30 |
20100250910 | COMPUTER SYSTEM AND SETTING MANAGEMENT METHOD - In a computer system including a server having a BIOS and a management module, the server includes therein a memory area and a server controller, and the management module includes therein a backup memory area and a management-module controller. When the BIOS changes the BIOS setting, the BIOS stores the BIOS setting into both of the memory area and the backup memory area by way of the server controller and the management-module controller. Here, the management module operates independently of the server. Accordingly, when a BIOS-setting read request is issued from the outside, the management-module controller makes the response to the request source by reading the data stored into the backup memory area. | 2010-09-30 |
20100250911 | SENSOR FOR USE IN AUTOMATION TECHNOLOGY AND METHOD FOR CONFIGURING A SENSOR - The present invention is directed to a sensor for use in automation technology for detecting a measurand, particularly for detecting objects or articles, and a method for configuring a sensor. The sensor includes: a sensor element for measuring a physical variable; a first connecting means for connecting the sensor to a peripheral unit in an operating mode; and a control/evaluation unit for controlling the sensor element, for processing a measured signal from the sensor element and for outputting an output signal to the first connecting means, which control/evaluation unit has a memory for the storage of at least configuration data and program data of the sensor; wherein a second connecting means connects the sensor to an external computer for a configuring mode; in the memory of the control/evaluation unit there is stored configuring software, which can be uploaded into a RAM of an external computer when the sensor is connected to the external computer; and the configuring software is adapted for automatic configuration of the sensor or interactive configuration thereof by a user. | 2010-09-30 |
20100250912 | COMPUTING DEVICE DEPLOYMENT USING MASS STORAGE DEVICE - Computing device deployment and configuration using a mass storage device is provided. A generic computing device is provided to a customer or end user. A mass storage device is used to distribute configuration information to the generic computing device. The configuration information includes customer-specified or ordered software applications or other features. The configuration information can also include updates to the computing device system software. The customer or end user couples the mass storage device to the generic computing device in order to load the configuration information into the computing device. After the configuration information is loaded, the computing device is configured for the customer's use. Further features, such as creating customized images, are also provided. | 2010-09-30 |
20100250913 | Methods and Systems for Managing A Voltage Regulator - A method for increasing efficiency of a voltage regulator in an information handling system (IHS) is provided. The method may include enabling one or more operating phases associated with the voltage regulator and initializing a switch configuration having at least one high-side switch and at least one low-side switch. In addition, the may method include initializing a dead-time value, sensing a load current, and adjusting the number of operating phases, the switch configuration, or the dead-time value in response to the load current | 2010-09-30 |
20100250914 | WAKE ON LAN FOR BLADE SERVER - A computer implemented method, a tangible computer medium, and a data processing system are provided for waking a blade server from an operational state of reduced power. When server blade enters the state of reduced power, a service firmware configures a multi-port blade switch of the server blade to direct incoming packets to the service firmware. The service firmware then polls for receipt of a Wake-on-Lan magic packet. When the Wake-on-Lan magic packet is received by the service firmware, the service firmware reconfigures the multi-port blade switch to direct incoming packets to a network interface card of the server blade. The service firmware then initiates a reboot of the server blade. | 2010-09-30 |
20100250915 | ADJUSTING SYSTEM CONFIGURATION FOR INCREASED RELIABILITY BASED ON MARGIN - A system provides a mechanism for increasing reliability by allowing margins to be evaluated and if one or more margins of a current configuration are too small, system configuration is modified to increase the margin. A computing device determines through training a first operating point of at least one operational characteristic of the system and a first margin associated therewith. The first margin is compared to a predetermined threshold margin and if the first margin is less than the predetermined threshold margin, the configuration of the system is adjusted to provide a configuration with greater margin for the operational characteristic. The system is retrained with the new configuration to determine a second operating point and a second margin associated therewith and compares the second margin to the threshold margin to determine if the second margin is more than the threshold margin, to satisfy reliability requirements. | 2010-09-30 |
20100250916 | Component Firmware Integration in Distributed Systems - A plurality of platforms may be defined in a distributed system. Each of the platforms may include a processor and a chipset from a common source on a single motherboard. Extensible firmware interface drivers are provided for the processors and the chipsets. Each of the platforms may be defined pursuant to a system definition model where the system definition model defines the firmware for each of the platforms. As a result, any of the platforms can be updateable from a common source, such as an Internet web site. | 2010-09-30 |
20100250917 | DISTRIBUTION SYSTEM AND METHOD OF DISTRIBUTING CONTENT FILES - A distribution system including, for connection over a network a plurality of client upload devices, each client upload device storing one or more chunks of a content file, a client download device configured to download from the client upload devices chunks of the content file stored by the respective client upload devices and an incentive device configured to generate token data packets exchangeable for chunks of the content file. The client download device is configured to acquire a plurality of token data packets from the incentive device and to communicate with individual respective client upload devices and thereby download, in exchange for respective token data packets, stored chunks of the content file. Each client upload device is configured to communicate with the client download device and, thereby, upload to the client download device stored chunks of the content file in exchange for token data packets acquired by the client download device from the incentive device and is configured to transmit to the incentive device token data packets received from the client download device. | 2010-09-30 |
20100250918 | METHOD AND SYSTEM FOR IDENTIFYING AN APPLICATION TYPE OF ENCRYPTED TRAFFIC - The present relates to a method and a system for identifying an application type from encrypted traffic transported over an IP network. The method and system extract at least a portion of IP flow parameters from the encrypted traffic using at least one of specific target encryption types. Then, the method and system transmit the extracted IP flow parameters to a learning-based classification engine. The learning-based classification engine has been trained with unencrypted traffic. Then, the method and system infer at least one corresponding application type for the extracted IP flow parameters. | 2010-09-30 |
20100250919 | METHODS AND SYSTEMS FOR SECURE DISTRIBUTION OF SUBSCRIPTION-BASED GAME SOFTWARE - A method for secure communications. At least one encryption key can be generated based on a pass-phrase that associates a unique identifier of a client system with a customer. Customer data encrypted with the at least one encryption key can be received such that the customer data is uniquely associated with both the client system and with the customer. The client system cannot decrypt the customer data if the unique identifier of the client system is changed. The client system cannot decrypt the customer data if the customer is changed. | 2010-09-30 |
20100250920 | TECHNIQUES FOR PACKET PROCESSING WITH REMOVAL OF IP LAYER ROUTING DEPENDENCIES - Techniques for packet processing with removal of Internet Protocol (IP) layer routing dependencies are presented. Encrypted packets associated with network communications occurring via a VPN and IP tunnel are grabbed off the network stack before being processed by an IP layer of the network stack. Next, an IP header is generated for the encrypted packets and the encrypted packets are sent to a socket application. The socket application provides the encrypted packets back to the network stack at the data link layer for delivery to the VPN over the IP tunnel. | 2010-09-30 |
20100250921 | Authorizing a Login Request of a Remote Device - Exemplary systems and methods for managed authorization of a login request of a remote device are provided. A user of the remote device may be authorized to login by an authentication server before attempting to login. Upon receipt of a login request from the remote device, an authorization process is performed. Subsequently, a concatenation of data from the login request and a server response based on the determination of whether the remote device is authorized to login is generated. The server response may comprise instructions to authorize the login request, instructions to deny the login request, or instructions to destroy data stored by the remote device. Furthermore, the authentication server or the remote device may log the server response. | 2010-09-30 |
20100250922 | METHOD AND SYSTEM FOR PROPAGATING TRUST IN AN AD HOC WIRELESS COMMUNICATION NETWORK - A method and system enable robust and scalable propagation of trust between a first organization and a second organization, both operating in an ad hoc wireless communication network. The method includes establishing at a first member node of the first organization pair-wise trust with a first member node of the second organization using a predetermined inter-organizational trust establishment device (step | 2010-09-30 |
20100250923 | COMMUNICATION APPARATUS - A communication apparatus includes: a first storage unit configured to store a plurality of addresses of a plurality of first communication apparatuses; an acquiring unit configured to acquire a self-public key; a specifying unit configured to specify an address of at least one of the plurality of first communication apparatuses stored in the first storage unit when the self-public key is acquired; and a first public key sending unit configured to send the self-public key to the address of the at least one of the plurality of first communication apparatuses specified by the specifying unit. | 2010-09-30 |
20100250924 | COMMUNICATION APPARATUS - A communication apparatus includes: a first storage unit registering a plurality of addresses of a plurality of communication apparatuses; a command sending unit sending a first command for requesting a first public key, which corresponds to a first secret key of the first communication apparatus, to the address of the first communication apparatus; a response receiving unit receiving from the first communication apparatus a first response including the first public key; a storage control unit associating the first public key the address of the first communication apparatus and registering the first public key; an encrypted data generating unit encrypting first data, which is to be sent to the first communication apparatus, using the first public key registered in association with the address of the first communication apparatus to generate first encrypted data; and a data sending unit sending the first encrypted data to the address of the first communication apparatus. | 2010-09-30 |
20100250925 | ENCRYPTED FILE DELIVERY/RECEPTION SYSTEM, ELECTRONIC FILE ENCRYPTION PROGRAM, AND ENCRYPTED FILE DELIVERY/RECEPTION METHOD - An encrypted file delivery/reception system comprises a first computer, a second computer, and a password management device connected to the first and second computers through a network. The first computer has means for encrypting an electronic file to create an encrypted file. The password management device has means for storing password information including the correspondence between the decryption password for decrypting the encrypted file and telephone number of the user of the second computer, means for identifying the telephone number of the caller of a call when receiving the call with caller number notification, means for identifying the decryption password corresponding to the identified telephone number by referencing the password information, and means for transmitting the identified decryption password to the second computer. The second computer has means for decrypting the encrypted file created by the first computer by using transmitted decryption password. | 2010-09-30 |
20100250926 | METHOD OF DIGITAL RIGHTS MANAGEMENT ABOUT A COMPRESSED FILE - Provided is a method for digital rights management of a compressed file created by compressing one or more original files. The method include the steps of: generating right information on an encrypted compressed file during the encryption of the compressed file by a digital rights management server; checking the user right to the compressed file by controlling a predetermined compression application program by a controller module installed in a user terminal when the user terminal to which the encrypted compressed file is downloaded opens the compressed file using the compression application program; requesting the digital rights management server to provide a certificate to decrypt the encrypted file by the controller module of the user terminal; generating the certificate according to a certificate request from the user terminal and sending the generated certificate to the user terminal by the digital right management server; and decrypting the encrypted compressed file by the controller module of the user terminal based on the received certificate. | 2010-09-30 |
20100250927 | INTEROPERABLE SYSTEMS AND METHODS FOR PEER-TO-PEER SERVICE ORCHESTRATION - Systems and methods are described for performing policy-managed, peer-to-peer service orchestration in a manner that supports the formation of self-organizing service networks that enable rich media experiences. In one embodiment, services are distributed across peer-to-peer communicating nodes, and each node provides message routing and orchestration using a message pump and workflow collator. Distributed policy management of service interfaces helps to provide trust and security, supporting commercial exchange of value. Peer-to-peer messaging and workflow collation allow services to be dynamically created from a heterogeneous set of primitive services. The shared resources are services of many different types, using different service interface bindings beyond those typically supported in a web service deployments built on UDDI, SOAP, and WSDL. In a preferred embodiment, a media services framework is provided that enables nodes to find one another, interact, exchange value, and cooperate across tiers of networks from WANs to PANs. | 2010-09-30 |
20100250928 | CONTENT DATA, TRANSMITTING APPARATUS, RECEIVING APPARATUS AND DECODING METHOD - A transmitting apparatus | 2010-09-30 |
20100250929 | METHOD AND APPARATUS FOR EMAIL COMMUNICATION - According to a first aspect of the present invention there is provided a method of verifying to a recipient of an email that a sender of the email possesses a mobile telecommunications device associated with a specific telephone number. The method comprises at the sender, sending an identifier of the email content and the telephone number to a server via the Internet (A | 2010-09-30 |
20100250930 | METHOD AND APPARATUS FOR PROTECTING THE ROUTING OF DATA PACKETS - A method and apparatus for protecting the routing of data packets in a packet data network. When a first end-host sends an address query to a DNS server system regarding a second end-host, the DNS server system responds by providing a destination parameter containing an encrypted destination address associated with the second end-host. Thereby, the first end-host is able to get across data packets to the second end-host by attaching the destination parameter to each transmitted data packet. A router in the packet data network admits a received packet if a destination parameter is attached to the pocket including a valid destination address encrypted by a key dependent on a distributed master encryption key. Otherwise, the router discards the packet if no such valid destination address can be derived from the packet by applying decryption to the destination parameter. | 2010-09-30 |
20100250931 | DECRYPTION OF ELECTRONIC COMMUNICATION IN AN ELECTRONIC DISCOVERY ENTERPRISE SYSTEM - Apparatus, methods and computer program products are described herein for automatically decrypting electronic communication that is harvested from custodians in an enterprise-wide electronic discovery system. Automatic decryption provides for electronic communication that is encrypted to be decrypted, even in instances in which the system is not provided the password and/or decryption key(s) from the encrypting custodian. The automatic decryption process, which ensues prior to delivering data to the third party data analysis provider or the requesting party, allows for data that may otherwise be unavailable or incomprehensible to the third party or requester to be readily accessible. Thus, decryption of such data in a relatively efficient and automated manner is highly beneficial. | 2010-09-30 |
20100250932 | METHOD AND APPARATUS FOR SIMULATING A WORKFLOW AND ANALYZING THE BEHAVIOR OF INFORMATION ASSURANCE ATTRIBUTES THROUGH A DATA PROVIDENCE ARCHITECTURE - A method and apparatus that simulates a workflow and analyzes the behavior of information assurance attributes through a data providence architecture is disclosed. The method may include injecting one or more faults into a simulated workflow, receiving a message in the simulated workflow having a data provenance wrapper, examining each data provenance record of the message and any attachments for discrepancies, identifying any discrepancies in the examination of each data provenance record of the message and any attachments; calculating a degree of trust based on any discrepancies identified in the examination of each data provenance record of the message and any attachments, analyzing the calculated degree of trust with respect to the one or more injected faults and the information assurance attributes, and outputting the analysis to a user. | 2010-09-30 |
20100250933 | COMMUNICATION APPARATUS - A communication apparatus including: a communication module configured to establish communication with a counterpart device and receive and transmit a content from and to the counterpart device; a storage configured to store the content; a first processor configured to perform decryption and encryption on the content using a first key that is unique to the communication apparatus; a second processor configured to perform decryption and encryption on the content using a second key that is unique to the content; and a controller configured to control the second processor to perform the encryption on the content stored in the storage when transmitting the content to the counterpart device, and to control the first processor to perform the encryption on the content received from the counterpart device and decrypted by the second processor when storing the content in the storage. | 2010-09-30 |
20100250934 | CONTENT PROTECTION DEVICE AND CONTENT PROTECTION METHOD - According to one embodiment, a content protection device includes a writing module configured to write protection information into file management information item in order to protect a content which is specified to be protected, wherein the writing module is configured to write the protection information corresponding to sectors which stores content key management information file includes content key link information item includes content key position information item of encrypted content key corresponding to content which is specified to be protected, or to write protection information corresponding to at least part of a sectors which stores content key management file includes encrypted content key corresponding to content which is specified to be protected. | 2010-09-30 |
20100250935 | Systems and Methods for Secure Transaction Management and Electronic Rights Protection - The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the “electronic highway.” | 2010-09-30 |
20100250936 | INTEGRATED CIRCUIT, ENCRYPTION COMMUNICATION APPARATUS, ENCRYPTION COMMUNICATION SYSTEM, INFORMATION PROCESSING METHOD AND ENCRYPTION COMMUNICATION METHOD - There is provided an integrated circuit includes an arithmetic circuit having input/output characteristics determined by element-specific physical characteristics; a storage unit having cipher text obtained by performing encryption processing on predetermined secret information using an output value output from the arithmetic circuit with respect to input of a predetermined value and the predetermined value input into the arithmetic circuit stored therein; and a decryption unit that restores the predetermined secret information by inputting the predetermined value stored in the storage unit into the arithmetic circuit and decrypting the cipher text stored in the storage unit using the output value output from the arithmetic circuit when the predetermined secret information is used. | 2010-09-30 |
20100250937 | Method And System For Securely Caching Authentication Elements - A system and method for authorizing a user to a plurality of secure servers. Each server is adapted to store user information. The secure server receives a request for access to one of the plurality of secure servers from a first user device from a user possessing an authorized account identifier. An authentication server may intervene and request the user authenticate to the authentication server and transmit a client-side electronic lockbox stored at the first user device to the authentication server. The authentication server retrieves a key′ corresponding to the received client-side lockbox and uses the key to decrypt an encrypted file contained within the lockbox. The decrypted file may contain authentication information that is forwarded to the secure server. The secure server grants the user access to the user's content stored thereon when the authentication information received from the authentication server corresponds to the authentication information stored at the secure server for the user. The present method provides the user the ability to manage access to the user's content by permitting the user to delete or disable a client-side lockbox or associated key from a remote location. | 2010-09-30 |
20100250938 | DISTRIBUTED GENERATION OF MUTUAL SECRETS - Embodiments provide methods, apparatuses, and systems for determining numbers that correspond to a collection of matching derivative numbers. The matching derivative numbers may be included in both a first plurality of derivative numbers selected by a first computing system, and in a second plurality of derivative numbers selected by a second computing system. The numbers may be used to compute a secret. The secret may be used for secure communication between the first and second computing systems. | 2010-09-30 |
20100250939 | SYSTEM AND METHOD OF HANDLING ENCRYPTED BACKUP DATA - By using a symmetric key to encrypt mobile device data before transmitting the data to a backup location in a backup operation, access to the data, at the backup location, may be restricted. To facilitate later decryption of the backed up mobile device data, the mobile device may also transmit the symmetric key to the off-device location. However, to limit use of the symmetric key, the mobile device may encrypt the symmetric key using authentication data, before transmitting the encrypted symmetric key to the backup location. | 2010-09-30 |
20100250940 | DATA PROCESSOR, RELAY TRANSMITTER, AND DATA TRANSMISSION SYSTEM - A data processor is configured to perform wireless communication with a relay transmitter, store a first physical address for the relay transmitter on a storage unit, receive a second physical address for the relay transmitter from the relay transmitter after the data processor being turned on, determine whether the second physical address for the relay transmitter is identical to the first physical address for the relay transmitter, and, when one or more authentication requirements is satisfied, establish wireless connection with the relay transmitter so as to achieve the data communication with an external device via the wireless communication with the relay transmitter. The authentication requirement includes the determination that the second physical address for the relay transmitter is identical to the first physical address for the relay transmitter. | 2010-09-30 |
20100250941 | WAPI UNICAST SECRET KEY NEGOTIATION METHOD - A WAPI unicast secret key negotiation method includes the following steps: 1 a authenticator entity adds a message integrity code onto a unicast secret key negotiation request packet, and transmits it to a authentication supplicant entity; 2 after the authentication supplicant entity receives the unicast secret key negotiation request packet, it performs validation, and it discards the packet directly if it is not correct; the authentication supplicant entity performs other validation if it is correct; when the validation is successful, it responds a unicast secret key negotiation response packet to the authenticator entity; 3 after the authenticator entity receives the unicast secret key negotiation response packet, it performs validation, if the validation is successful, it responds the unicast secret key negotiation acknowledge packet to the authentication supplicant entity; 4 after the authentication supplicant entity receives the unicast secret key negotiation acknowledge packet, it performs validation, if the validation is successful it negotiates and obtains a consistent unicast session secret key. The present invention resolves the DoS attacking problem which exists in the unicast secret key management protocol in the present WAPI security mechanism. | 2010-09-30 |
20100250942 | SYSTEM FOR ENABLING AUTHENTICATED COMMUNICATION BETWEEN ENTITIES - A system for enabling authenticated communication between a first entity and at least one other entity is provided. The system has a second entity and a processor. The first entity and the second entity share transport keys. The second entity has at least one variant key configured to be transported from the second entity to the first entity using the transport keys under control of the processor. The variant key is generated by applying a one way function to a base key and a first bit-pattern in the at least one other entity and is usable to enable the authenticated communication by the first entity with the at least one other entity. | 2010-09-30 |
20100250943 | METHOD FOR SECURITY IN ELECTRONICALLY FUSED ENCRYPTION KEYS - A method for electronically fused encryption key security includes inserting a plurality of inverters between a bank of security fuses and a fuse sense logic module. The method also includes sensing an activated set of the bank of security fuses and the plurality of inverters. The method further includes comparing the sensed activated set of the bank of security fuses and the plurality of inverters with a software key to determine whether at least a substantial match is made. | 2010-09-30 |
20100250944 | INFORMATION PROCESSING APPARATUS, AUTHENTICATION DEVICE, AND RECORDING MEDIUM - An information processing apparatus includes a first signing unit which digitally signs device information and environment information, a first generator which generates a first digital envelope as data including the signed device information and the signed environment information, a second signing unit which digitally signs biometric authentication information and the first digital envelope, a second generator which generates a second digital envelope as data including the signed biometric authentication information and the signed first digital envelope, a transmitter which transmits the second digital envelope, and a receiver which receives authentication results. | 2010-09-30 |
20100250945 | PRIVACY-ENHANCED E-PASSPORT AUTHENTICATION PROTOCOL - A passport authentication protocol provides for encryption of sensitive data such as biometric data and transfer of the encryption key from the passport to the authentication authority to permit comparison to a reference value. | 2010-09-30 |
20100250946 | AD HOC DISTRIBUTION - Systems and methods for developing an application for a data processing device using a portal, such as a world wide web portal. In one exemplary method, an application signing certificate is generated using the portal, and the portal designates the data processing device using a unique device identifier. A unique application identifier for the application is created using the portal. An application provisioning file is created using the portal. The application provisioning profile comprises the application signing certificate, the unique application identifier, and the unique device identifier. | 2010-09-30 |
20100250947 | SYSTEM AND METHOD OF PREVENTING SPAM BY USING PAY-CHARGE-CONTRIBUTION AND AUTHENTICATION MEANS - A system for preventing junk mails includes a sender email server ( | 2010-09-30 |
20100250948 | SYSTEM AND METHOD FOR CHECKING DIGITAL CERTIFICATE STATUS - A method for handling digital certificate status requests between a client system and a proxy system is provided. The method includes the steps of receiving at the proxy system digital certificate status request data transmitted from the client system and generating query data for the digital certificate status in response to receiving the digital certificate status request data. The query data is transmitted to a status provider system, and status data from the status provider system in response to the query data is received at the proxy system. Digital certificate status data based on the status data received is generated and transmitting to the client system. | 2010-09-30 |
20100250949 | GENERATION, REQUESTING, AND/OR RECEPTION, AT LEAST IN PART, OF TOKEN - An embodiment may include circuitry to at least one of generate at least in part, receive at least in part, and request at least in part, a token. The token may identify, at least in part, a device to an entity. The token, as received by the entity, may be encrypted, at least in part, based at least in part upon the entity's public key. The token may be generated by an authorized provider of the token based at least in part upon an identifier of the device and a signature. The signature may be generated based at least in part upon the provider's private key and the identifier. The token, as received by the entity, may be capable of being decrypted at least in part, based at least in part upon the entity's private key. The entity's private key may be maintained in secrecy from the device and provider. | 2010-09-30 |
20100250950 | COMMUNICATION APPARATUS - A communication apparatus includes: a first storage unit storing a received electronic mail; a verification unit executing a first verification about an electronic signature attached to the received electronic mail; a printing unit printing the received electronic mail if a verification result of the first verification is positive; a deletion unit deleting the printed electronic mail from the first storage unit; and a storage control unit controlling a second storage unit to store the mail information about the received electronic mail in the second storage unit if the verification result of the first verification is negative. The verification unit again executes the first verification about a specific electronic signature attached to a specific electronic mail which mail information is stored in the second storage unit. The printing unit prints the specific electronic mail if a verification result by again executing the first verification about the specific electronic signature is positive. | 2010-09-30 |
20100250951 | COMMON KEY SETTING METHOD, RELAY APPARATUS, AND PROGRAM - A secret key of a second apparatus is stored in a relay apparatus. A first apparatus specifies secret information used to identify a common key, generates encrypted secret information by encrypting the secret information by using a public key of the second apparatus, and transmits the encrypted secret information to the relay apparatus. Then, the relay apparatus decrypts the encrypted secret information by using the secret key of the second apparatus to extract the secret information. The relay apparatus transmits the encrypted secret information to the second apparatus. The second apparatus decrypts the encrypted secret information by using the secret key of the second apparatus to extract the secret information. Finished messages corresponding to communication log information and the secret information are exchanged between the first apparatus and the relay apparatus and between the second apparatus and the relay apparatus. | 2010-09-30 |
20100250952 | TWO-WAY ACCESS AUTHENTICATION METHOD - A two-way access authentication method comprises: According to the system parameters pre-established by the third entity, the first entity sends the access authentication request packet to the second entity, then the second entity validates whether the signature of first entity is correct, and if yes, the share master key of second entity is calculated; the second entity generates the access authentication response packet and sends it to the first entity, then the first entity validates whether the signature of access authentication response packet and the message integrity check code are correct; if yes, the share master key of first entity is calculated; the first entity sends the access authentication acknowledge packet to the second entity, then the second entity validates the integrity of the access authentication acknowledge packet, if passing the validation, the share master key of first entity is consistent with that of the second entity, and the access authentication is achieved. For improving the security, after received the access authentication request packet sent by the first entity, the second entity may perform the identity validity validation and generates the access authentication response packet after passing the validation. | 2010-09-30 |