专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08615757B2 Negotiated assignment of resources to a virtual machine in a multi-virtual machine environment 有权
标题翻译：在多虚拟机环境中协商分配资源给虚拟机
公开(公告)号：US08615757B2
公开(公告)日：2013-12-24
申请号：US11964660
申请日：2007-12-26
申请人： Carl G. Klotz, Jr. , Steve Grobman , Vedvyas Shanbhogue
发明人： Carl G. Klotz, Jr. , Steve Grobman , Vedvyas Shanbhogue
IPC分类号： G06F9/455 , G06F9/46
CPC分类号： G06F9/5077
摘要： A system and method are disclosed. In one embodiment the system includes a physical resource that is capable of generating I/O data. The system also includes multiple virtual machines to utilize the physical resource. Among the virtual machines are a resource source virtual machine that is capable of owning the physical resource. The resource source virtual machine is also capable of sending a stream of one or more I/O packets generated from the I/O data that targets a resource sink virtual machine. The resource sink virtual machine is designated as a termination endpoint of the I/O data from the physical device. Also among the virtual machines are one or more resource filter virtual machines. Each of the resource filter virtual machines is capable of filtering I/O packets of a particular type from the stream prior to the stream reaching the resource sink virtual machine.
摘要翻译：公开了一种系统和方法。在一个实施例中，系统包括能够产生I / O数据的物理资源。该系统还包括多个虚拟机来利用物理资源。虚拟机中的资源源虚拟机能够拥有物理资源。资源源虚拟机还能够发送从作为资源宿虚拟机的I / O数据生成的一个或多个I / O包的流。资源宿虚拟机被指定为来自物理设备的I / O数据的终止端点。虚拟机中还有一个或多个资源过滤器虚拟机。每个资源过滤器虚拟机能够在到达资源宿虚拟机的流之前从流中过滤特定类型的I / O分组。

2. 发明授权

US08612753B2 Method and apparatus for protected code execution on clients 有权
标题翻译：在客户端上执行受保护代码的方法和装置
公开(公告)号：US08612753B2
公开(公告)日：2013-12-17
申请号：US12343148
申请日：2008-12-23
申请人： Yasser Rasheed , Steve Grobman
发明人： Yasser Rasheed , Steve Grobman
IPC分类号： H04L29/06 , G06F11/30 , G06F12/14 , G06F15/173
CPC分类号： H04L9/0825 , H04L9/3247 , H04L9/3263
摘要： In one embodiment of the invention, a server may send encrypted material to a client. The client processor may decrypt and process the material, encrypt the results, and send the results back to the server. This sequence of events may occur while the execution or processing of the material is restricted to the client processor. Any material outside the client processor, such as material located in system memory, will be encrypted.
摘要翻译：在本发明的一个实施例中，服务器可以向客户端发送加密的资料。客户端处理器可以解密和处理资料，加密结果，并将结果发送回服务器。当材料的执行或处理被限制到客户机处理器时，可能发生这种事件序列。客户端处理器外的任何材料（如位于系统存储器中的材料）将被加密。

3. 发明授权

US08452954B2 Methods and systems to bind a device to a computer system 有权
标题翻译：将设备绑定到计算机系统的方法和系统
公开(公告)号：US08452954B2
公开(公告)日：2013-05-28
申请号：US12756782
申请日：2010-04-08
申请人： Robert W. Strong , Steve Grobman , Craig Owen
发明人： Robert W. Strong , Steve Grobman , Craig Owen
IPC分类号： H04L29/06
CPC分类号： H04L67/2823 , G06F21/445 , G06F21/79 , G06F21/80 , G06F2221/2141 , G06F2221/2149 , G06F2221/2151 , H04L9/0844 , H04L9/3234 , H04L9/3263 , H04L63/0823 , H04L63/123 , H04L63/166
摘要： Methods and systems to bind a computer device to one or more computer systems, such that only an authorized computer system may access a protected portion of the device. A processor within the computer system may provide a proxy environment to interface between the device and a trusted environment of the computer system, such as a management environment that is secure from the proxy environment. The device may be configured to authenticate the trusted environment through the proxy environment, and to verify integrity of messages exchanged with the trusted environment through the proxy environment. Authentication may include a SSL and/or TSL handshake protocol. The device may be configured to authenticate a certificate, such as an X.509 certificate, a certificate chain, and/or a hash thereof. The device may include computer memory, a printer, display, circuit board, keyboard, mouse, pointing device, and/or other physical device.
摘要翻译：将计算机设备绑定到一个或多个计算机系统的方法和系统，使得仅授权的计算机系统可以访问设备的受保护部分。计算机系统内的处理器可以提供代理环境以在设备与计算机系统的可信环境之间进行接口，诸如从代理环境安全的管理环境。该设备可以被配置为通过代理环境来认证可信环境，并且通过代理环境来验证与可信环境交换的消息的完整性。认证可以包括SSL和/或TSL握手协议。该设备可以被配置为认证证书，例如X.509证书，证书链和/或其散列。该设备可以包括计算机存储器，打印机，显示器，电路板，键盘，鼠标，指点设备和/或其他物理设备。

4. 发明申请

US20140208413A1 SYSTEM AND METHOD FOR AN ENDPOINT HARDWARE ASSISTED NETWORK FIREWALL IN A SECURITY ENVIRONMENT 有权
标题翻译：用于安全环境中的端点硬件辅助网络防火墙的系统和方法
公开(公告)号：US20140208413A1
公开(公告)日：2014-07-24
申请号：US13748578
申请日：2013-01-23
申请人： Steve Grobman , Raj Samani , Ofir Arkin , Sven Schrecker
发明人： Steve Grobman , Raj Samani , Ofir Arkin , Sven Schrecker
IPC分类号： H04L29/06
CPC分类号： H04L9/3247 , G06F9/45558 , G06F21/552 , G06F21/577 , G06F2009/45595 , H04L9/14 , H04L9/30 , H04L45/74 , H04L63/0227 , H04L63/0823 , H04L63/123
摘要： A method is provided in one example embodiment and includes receiving a traffic flow at a tamper resistant environment from an application, where the tamper resistant environment is separated from a host operating system. The method also includes applying a security token to the traffic flow and sending the traffic flow to a server. In specific embodiments, a security module may add information about the application to traffic flow. A trapping module may monitor for a memory condition and identify the memory condition. The trapping module may also, responsive to identifying the memory condition, initiate a virtual environment for the application, and check the integrity of the traffic flow.
摘要翻译：在一个示例实施例中提供了一种方法，并且包括在防篡改环境与主机操作系统分离的情况下从防篡改环境接收流量。该方法还包括将安全令牌应用于业务流并将业务流发送到服务器。在具体实施例中，安全模块可以将关于应用的信息添加到业务流。捕获模块可以监视存储器状况并识别存储器条件。捕获模块还可以响应于识别存储器状况，为应用启动虚拟环境，并且检查业务流的完整性。

5. 发明申请

US20100161956A1 Method and Apparatus for Protected Code Execution on Clients 有权
标题翻译：客户端保护代码执行的方法和设备
公开(公告)号：US20100161956A1
公开(公告)日：2010-06-24
申请号：US12343148
申请日：2008-12-23
申请人： Yasser Rasheed , Steve Grobman
发明人： Yasser Rasheed , Steve Grobman
IPC分类号： H04L9/00
CPC分类号： H04L9/0825 , H04L9/3247 , H04L9/3263
摘要： In one embodiment of the invention, a server may send encrypted material to a client. The client processor may decrypt and process the material, encrypt the results, and send the results back to the server. This sequence of events may occur while the execution or processing of the material is restricted to the client processor. Any material outside the client processor, such as material located in system memory, will be encrypted.
摘要翻译：在本发明的一个实施例中，服务器可以向客户端发送加密的资料。客户端处理器可以解密和处理资料，加密结果，并将结果发送回服务器。当材料的执行或处理被限制到客户机处理器时，可能发生这种事件序列。客户端处理器外的任何材料（如位于系统存储器中的材料）将被加密。

6. 发明申请

US20100082960A1 PROTECTED NETWORK BOOT OF OPERATING SYSTEM 审中-公开
标题翻译：操作系统的保护网络引导
公开(公告)号：US20100082960A1
公开(公告)日：2010-04-01
申请号：US12241259
申请日：2008-09-30
申请人： Steve Grobman , Carl Klotz , Ned Smith
发明人： Steve Grobman , Carl Klotz , Ned Smith
IPC分类号： G06F15/177 , H04L9/08
CPC分类号： G06F21/575
摘要： Methods and apparatus are disclosed to protect an operating system booted by a client computing device and provided by a server computing device. One such method includes requesting a trusted platform module of the client computing device to unseal a sealed encryption key, and receiving an encrypted operating system via a network in response to initiating a boot process of the client computing device. The illustrative method also includes decrypting the encrypted operating system received via the network using an unsealed encryption key obtained in response to requesting the trusted platform module to unseal the sealed encryption key, and executing the decrypted operating system.
摘要翻译：公开了保护由客户端计算设备引导并由服务器计算设备提供的操作系统的方法和装置。一种这样的方法包括请求客户端计算设备的可信平台模块来打开密封的加密密钥，以及响应于启动客户端计算设备的引导过程经由网络接收加密的操作系统。说明性方法还包括使用响应于请求可信平台模块解密密封加密密钥而获得的未密封加密密钥来解密经由网络接收的加密操作系统，以及执行解密的操作系统。

7. 发明申请

US20060282265A1 Methods and apparatus to perform enhanced speech to text processing 审中-公开
标题翻译：对文本处理执行增强语音的方法和装置
公开(公告)号：US20060282265A1
公开(公告)日：2006-12-14
申请号：US11150007
申请日：2005-06-10
申请人： Steve Grobman , Joe Gruber
发明人： Steve Grobman , Joe Gruber
IPC分类号： G10L17/00
CPC分类号： G10L15/22
摘要： A method, apparatus, and articles of manufacture to perform speech to text conversion are disclosed. One example method of performing speech to text conversion at a first location includes determining an identity of a speaker, accessing a directory to determine a location at which speaker dependent training data associated with the speaker is stored, loading speaker dependent training data associated with the speaker, and performing speech to text conversion using the speaker dependent training data associated with the speaker.
摘要翻译：公开了一种对文本转换执行语音的方法，装置和制品。在第一位置执行语音以进行文本转换的一个示例性方法包括确定说话者的身份，访问目录以确定与所述说话者相关联的与扬声器相关的训练数据被存储的位置，加载与所述扬声器相关联的与扬声器相关的训练数据并且使用与说话者相关联的与扬声器相关的训练数据来执行语音到文本转换。

8. 发明申请

US20060143417A1 Mechanism for restricting access of critical disk blocks 审中-公开
标题翻译：限制访问关键磁盘块的机制
公开(公告)号：US20060143417A1
公开(公告)日：2006-06-29
申请号：US11021858
申请日：2004-12-23
申请人： David Poisner , Steve Grobman
发明人： David Poisner , Steve Grobman
IPC分类号： G06F12/14
CPC分类号： G06F21/6227
摘要： According to one embodiment, an apparatus is presented. The apparatus includes a storage device, a hypervisor, a plurality of partitions mapped by the hypervisor, and a key created by the hypervisor to prevent one of the plurality of partitions from accessing a protected block range of the storage device. In one embodiment, a disk controller is coupled to the plurality of partitions to interface with the storage device, and the disk controller is programmed with the key in order to restrict access to the protected block range.
摘要翻译：根据一个实施例，提出了一种装置。该设备包括存储设备，管理程序，由管理程序映射的多个分区以及由管理程序创建的密钥，以防止多个分区中的一个分区访问存储设备的受保护的块范围。在一个实施例中，磁盘控制器耦合到多个分区以与存储设备接口，并且磁盘控制器用密钥进行编程，以便限制对受保护的块范围的访问。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式