会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 2. 发明申请
    • SYSTEMS AND METHODS FOR INPUT/OUTPUT COMPUTING RESOURCE CONTROL
    • 用于输入/输出计算资源控制的系统和方法
    • WO2017049590A1
    • 2017-03-30
    • PCT/CN2015/090737
    • 2015-09-25
    • INTEL CORPORATIONLIANG, CunmingVERPLANKE, EdwinCOHEN, David E.ZHOU, Danny
    • LIANG, CunmingVERPLANKE, EdwinCOHEN, David E.ZHOU, Danny
    • G06F12/02
    • G06F21/85
    • Disclosed herein are systems and methods for isolating input/output computing resources. In some embodiments, ahost device may include a processor and logic coupled with the processor, to identify a tag identifier (Tag ID) for a process or container ofthe host device. The Tag ID may identify a queue pair ofa hardware device ofthe host device for an outbound transaction from the processor to the hardware device, to be conducted by the process or container. Logic may further map the Tag ID to a Process Address Space Identifier (PASID) associated with an inbound transaction from the hardware device to the processor that used the identified queue pair. The process or container may use the PASID to conduct the outbound transaction via the identified queue pair. Other embodiments may be disclosed and/or claimed.
    • 这里公开了用于隔离输入/输出计算资源的系统和方法。 在一些实施例中,主机设备可以包括与处理器耦合的处理器和逻辑,以识别用于主机设备的进程或容器的标签标识符(Tag ID)。 标签ID可以标识主机设备的硬件设备的队列对,用于从处理器到硬件设备的出站事务,由进程或容器进行。 逻辑可以进一步将标签ID映射到与来自硬件设备的入站事务相关联的进程地址空间标识符(PASID)到使用所识别的队列对的处理器。 进程或容器可以使用PASID通过识别的队列对进行出站事务。 可以公开和/或要求保护其他实施例。
    • 10. 发明申请
    • TECHNOLOGIES FOR ENFORCING NETWORK ACCESS CONTROL OF VIRTUAL MACHINES
    • 用于实现虚拟机网络访问控制的技术
    • WO2017112256A1
    • 2017-06-29
    • PCT/US2016/063334
    • 2016-11-22
    • INTEL CORPORATION
    • PALERMO, Stephen T.TADEPALLI, Hari K.PATEL, Rashmin N.HERDRICH, Andrew J.VERPLANKE, Edwin
    • G06F9/455
    • H04L63/04G06F21/53G06F2221/2141H04L41/0806H04L41/0893H04L43/0847H04L63/102
    • Technologies for enforcing virtual machine network access control include a network computing device that includes a plurality of virtual machines. The network computing device is configured to receive an access request from a virtual function assigned to a requesting virtual machine of the network computing device. The network computing device is additionally configured to determine a first privilege level assigned to the requesting machine and a second privilege level assigned to the destination virtual machine, and determine whether the requesting virtual machine is authorized to access the destination virtual machine based on a comparison of the first and second privilege levels. Upon determining the requesting virtual machine is authorized to access the destination virtual machine, the network computing device is additionally configured to allow the requesting virtual machine access to the destination virtual machine. Other embodiments are described herein.
    • 用于实施虚拟机网络访问控制的技术包括包括多个虚拟机的网络计算设备。 网络计算设备被配置为从分配给网络计算设备的请求虚拟机的虚拟功能接收访问请求。 网络计算设备另外被配置为确定分配给请求机器的第一特权级别和分配给目的地虚拟机的第二特权级别,并且基于以下内容的比较来确定请求虚拟机是否被授权访问目的地虚拟机 第一和第二特权级别。 在确定请求虚拟机被授权访问目的地虚拟机之后,网络计算设备另外被配置为允许请求虚拟机访问目的地虚拟机。 这里描述了其他实施例。