专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

21. 发明授权

US07774561B2 Key-controlled object-based memory protection 失效
标题翻译：基于键控的基于对象的内存保护
公开(公告)号：US07774561B2
公开(公告)日：2010-08-10
申请号：US12147691
申请日：2008-06-27
申请人： Thomas S. Mathews , Bruce Mealey , Pratap Chandra Pattnaik , Ravi A. Shankar
发明人： Thomas S. Mathews , Bruce Mealey , Pratap Chandra Pattnaik , Ravi A. Shankar
IPC分类号： G06F12/00 , G06F9/26
CPC分类号： G06F12/1466
摘要： A method, system, and program key-controlled object-based memory protection are provided. A processing unit includes an authority check for controlling access by the processing unit to pages of memory according to whether a hardware protection key set currently loaded in an authority mask register allows access to the pages. In particular, each page of memory is assigned a page key number that indexes into the hardware protection key set. The currently loaded hardware protection key set specifies those page key numbers that are currently accessible to the processing unit for the execution context. Each hardware key within the hardware protection key set may be associated with a particular data object or group of data objects. Thus, effectively, the currently loaded hardware protection key set identifies which data objects or groups of data objects are currently accessible. Software keys are assigned to data objects and dynamically mapped to hardware protection key sets, such that when a module is called, the software keys assigned to that module are mapped to the hardware protection key set to be loaded for controlling current access to memory.
摘要翻译：提供了一种方法，系统和程序按键控制的基于对象的存储器保护。处理单元包括根据当前加载在权限掩码寄存器中的硬件保护密钥组是否允许访问页面的权限检查，用于控制由处理单元访问存储器页面的权限。特别地，每个存储器页面被分配一个索引到硬件保护密钥集中的页面密钥号码。当前加载的硬件保护密钥集指定处理单元当前可用于执行上下文的那些页面密钥号码。硬件保护密钥组内的每个硬件密钥可以与特定数据对象或数据对象组相关联。因此，有效地，当前加载的硬件保护密钥集识别当前可访问哪些数据对象或数据对象组。将软键分配给数据对象并动态地映射到硬件保护密钥集，使得当调用模块时，分配给该模块的软件密钥被映射到要加载的硬件保护密钥集，以控制对存储器的当前访问。

22. 发明申请

US20090313677A1 Mathematical definition of roles and authorizations in RBAC system 有权
标题翻译： RBAC系统中角色和授权的数学定义
公开(公告)号：US20090313677A1
公开(公告)日：2009-12-17
申请号：US12137767
申请日：2008-06-12
申请人： Ranganathan Vidya , Madhusudanan Kandasamy , Ravi A. Shankar
发明人： Ranganathan Vidya , Madhusudanan Kandasamy , Ravi A. Shankar
IPC分类号： G06F21/00
CPC分类号： G06F21/6218 , G06F21/604
摘要： A process, apparatus and program product create a new role in a Role Based Access Control (RBAC) system by using mathematical operators with either one or more authorizations, or one or more existing roles, or a combination thereof.
摘要翻译：过程，设备和程序产品通过使用具有一个或多个授权或一个或多个现有角色的数学运算符或其组合在基于角色的访问控制（RBAC）系统中创建新角色。

23. 发明授权

US07472332B2 Method for the reliability of host data stored on fibre channel attached storage subsystems 失效
标题翻译：存储在光纤通道连接存储子系统上的主机数据的可靠性的方法
公开(公告)号：US07472332B2
公开(公告)日：2008-12-30
申请号：US11189895
申请日：2005-07-26
申请人： James Patrick Allen , Thomas Stanley Mathews , Ravi A. Shankar , Satya Prakash Sharma , Glenn Rowan Wightwick
发明人： James Patrick Allen , Thomas Stanley Mathews , Ravi A. Shankar , Satya Prakash Sharma , Glenn Rowan Wightwick
IPC分类号： G11C29/00 , G06F11/00 , G06F11/10 , H03M13/00
CPC分类号： G11B20/1813
摘要： A method for improving the reliability of host data stored on Fiber Channel attached storage subsystems by performing end-to-end data integrity checks. When a read or write operation is initiated, an initial checksum for data in the read/write operation is generated and associated with the data, wherein the association exists through a plurality of layers of software and attached storage subsystems. The initial checksum is passed with the data in the read/write path. When a layer of software in the read/write path receives the initial checksum and data, the layer performs an integrity check of the data, which includes generating another checksum and comparing it to the initial checksum. If the checksums do not match, the read/write operation fails and the error is logged. If the checksums match, the integrity check is repeated through each layer in the read/write path to enable detecting data corruption at the point of source.
摘要翻译：通过执行端到端数据完整性检查来提高存储在光纤通道附加存储子系统上的主机数据的可靠性的方法。当启动读或写操作时，生成读/写操作中的数据的初始校验和并与数据相关联，其中通过多层软件和附加的存储子系统存在关联。初始校验和与读/写路径中的数据一起传递。当读/写路径中的软件层接收初始校验和和数据时，该层执行数据的完整性检查，其中包括生成另一个校验和并将其与初始校验和进行比较。如果校验和不匹配，则读/写操作失败，并记录错误。如果校验和匹配，则通过读/写路径中的每个层重复完整性检查，以便能够在源点检测数据损坏。

24. 发明申请

US20080289036A1 TIME-BASED CONTROL OF USER ACCESS IN A DATA PROCESSING SYSTEM INCORPORATING A ROLE-BASED ACCESS CONTROL MODEL 审中-公开
标题翻译：基于角色访问控制模型的数据处理系统中用户访问的基于时间的控制
公开(公告)号：US20080289036A1
公开(公告)日：2008-11-20
申请号：US11751010
申请日：2007-05-19
申请人： MADHUSUDANAN KANDASAMY , Vidya Ranganathan , Ravi A. Shankar
发明人： MADHUSUDANAN KANDASAMY , Vidya Ranganathan , Ravi A. Shankar
IPC分类号： H04L9/32
CPC分类号： G06F21/6218 , G06F2221/2137
摘要： Computer implemented method, system and computer usable program code for providing time-based control of user access in a data processing system utilizing a Role-Based Access Control model. A computer implemented method for providing time-based control of user access in a data processing system utilizing a Role-Based Access Control model includes providing at least one timing attribute for a role, wherein each at least one timing attribute specifies a timing condition by which a user is enabled to use the role. The user is enabled to use the role pursuant to satisfying the at least one timing attribute.
摘要翻译：计算机实现的方法，系统和计算机可用程序代码，用于在利用基于角色的访问控制模型的数据处理系统中提供用户访问的基于时间的控制。一种用于在使用基于角色的访问控制模型的数据处理系统中提供对用户访问的基于时间的控制的计算机实现的方法包括为角色提供至少一个定时属性，其中每个至少一个定时属性指定定时条件，使用者可以使用该角色。使用户能够使用该角色来满足至少一个定时属性。

25. 发明授权

US07058782B2 Method and apparatus for coordinating dynamic memory deallocation with a redundant bit line steering mechanism 失效
标题翻译：用于协调动态内存释放与冗余位线转向机制的方法和装置
公开(公告)号：US07058782B2
公开(公告)日：2006-06-06
申请号：US10631067
申请日：2003-07-31
申请人： Daniel James Henderson , Alongkorn Kitamorn , Wayne L. Lemmon , Naresh Nayar , Ravi A. Shankar
发明人： Daniel James Henderson , Alongkorn Kitamorn , Wayne L. Lemmon , Naresh Nayar , Ravi A. Shankar
IPC分类号： G06F12/00
CPC分类号： G11C29/42 , G06F11/106 , G11C29/70 , G11C2029/0409
摘要： A method and apparatus for coordinating dynamic memory page deallocation with a redundant bit line steering mechanism are provided. With the method and apparatus, memory scrubbing and redundant bit line steering operations are performed in parallel with handling of notifications of runtime correctable errors. When a correctable error is encountered during runtime, and the correctable error is determined to be persistent, then dynamic memory page deallocation is requested of a hypervisor. The determination of persistence is based on a history CE table that is populated by the operation of the memory scrubbing and redundant bit line steering mechanism of a service processor. Thus, only those correctable errors that persist for longer than one memory scrubbing cycle are subject to memory page deallocation.
摘要翻译：提供了一种用于与冗余位线转向机构协调动态存储器页面解除分配的方法和装置。利用该方法和装置，与处理运行时可校正错误的通知并行执行存储器擦除和冗余位线转向操作。当在运行时遇到可纠正的错误，并且确定可纠正的错误是持久的，则请求虚拟机管理程序的动态内存页解除分配。持久性的确定基于由服务处理器的存储器擦除和冗余位线转向机制的操作填充的历史CE表。因此，只有那些持续时间超过一个内存擦除周期的可纠正错误才会受到内存页解除分配。

26. 发明授权

US08904174B2 System, method and computer program product for product license management 有权
标题翻译：产品许可证管理的系统，方法和计算机程序产品
公开(公告)号：US08904174B2
公开(公告)日：2014-12-02
申请号：US13053387
申请日：2011-03-22
申请人： Eric P. Fried , Perinkulam I. Ganesh , Lance W. Russell , Ravi A. Shankar
发明人： Eric P. Fried , Perinkulam I. Ganesh , Lance W. Russell , Ravi A. Shankar
IPC分类号： G06F21/00 , H04L29/06 , G06F21/10 , H04L12/24
CPC分类号： G06F21/105 , H04L63/0428 , H04L63/104 , H04L2463/101
摘要： According to one aspect of the present disclosure, a method and technique for product license management for a clustered environment having a plurality of nodes is disclosed. The method includes unlocking a product on a first node of the plurality of clustered nodes; responsive to unlocking the product on the first node, indicating an unlocked status of the product on a shared storage device accessible to the plurality of clustered nodes; and transmitting a self-unlock message from the first node to remaining nodes of the cluster to enable the remaining nodes of the cluster to self-unlock the product on the respective remaining nodes based on the status indication of the shared storage device.
摘要翻译：根据本公开的一个方面，公开了一种用于具有多个节点的集群环境的产品许可证管理的方法和技术。该方法包括在多个群集节点的第一节点上解锁产品; 响应于在所述第一节点上解锁所述产品，指示所述产品在所述多个群集节点可访问的共享存储设备上的解锁状态; 以及从所述第一节点向所述集群的剩余节点发送自解锁消息，以使得所述集群的剩余节点能够基于所述共享存储设备的状态指示来自我解锁所述相应剩余节点上的产品。

27. 发明授权

US08903096B2 Security key distribution in a cluster 有权
标题翻译：集群中的安全密钥分发
公开(公告)号：US08903096B2
公开(公告)日：2014-12-02
申请号：US13556398
申请日：2012-07-24
申请人： Jes Kiran Chittigala , Ravi A. Shankar , Vidya Ranganathan
发明人： Jes Kiran Chittigala , Ravi A. Shankar , Vidya Ranganathan
IPC分类号： H04L29/06 , H04L9/08
CPC分类号： H04L9/0825 , H04L63/045
摘要： Provided are techniques for the fast and reliable distribution of security keys within a cluster of computing devices, or computers. One embodiment provides a method for secure distribution of encryption keys, comprising generating a symmetric key for the encryption of communication among a plurality of nodes of a cluster of nodes; encrypting the symmetric key with a plurality of public keys, each public key corresponding to a particular node of the plurality of modes, to generate a plurality of encrypted symmetric keys; storing the plurality of encrypted symmetric keys in a central repository; and distributing the encrypted symmetric keys to the nodes such that each particular node receives an encrypted symmetric key corresponding to a corresponding public key of the particular node.
摘要翻译：提供了用于在计算设备或计算机的群集内快速和可靠地分发安全密钥的技术。一个实施例提供了一种用于安全分发加密密钥的方法，包括：生成用于在节点簇的多个节点之间进行通信加密的对称密钥; 用多个公开密钥加密所述对称密钥，每个公共密钥对应于所述多个模式中的特定节点，以生成多个加密的对称密钥; 将所述多个加密对称密钥存储在中央存储库中; 以及将加密的对称密钥分发到节点，使得每个特定节点接收与特定节点的相应公钥对应的加密对称密钥。

28. 发明授权

US08707085B2 High availability data storage systems and methods 有权
标题翻译：高可用性数据存储系统和方法
公开(公告)号：US08707085B2
公开(公告)日：2014-04-22
申请号：US13173681
申请日：2011-06-30
申请人： Manohar Rao Bodke , Lakshmi Priya Kanduru , Rohit Krishna Prasad , Ravi A. Shankar
发明人： Manohar Rao Bodke , Lakshmi Priya Kanduru , Rohit Krishna Prasad , Ravi A. Shankar
IPC分类号： G06F11/00
CPC分类号： G06F11/1423 , G06F11/1428 , G06F11/2005 , G06F11/2007
摘要： Provided are systems and methods for accessing a storage device from a node when a local connection failure occurs between the node and the storage device. A failure is determined to have occurred at a first node access path between a first node and a storage device that prevents an application at the first node from accessing the storage device from the first node access path. An access request is sent from the first node to a second node. The second node has a second node access path to the storage device. A determination is made that the second node can communicate with the storage device. The storage device is accessed by an application at the first node via the second node access path.
摘要翻译：提供了当在节点和存储设备之间发生本地连接故障时从节点访问存储设备的系统和方法。确定在第一节点和存储设备之间的第一节点访问路径发生故障，以防止第一节点处的应用从第一节点访问路径访问存储设备。从第一节点向第二节点发送访问请求。第二节点具有到存储设备的第二节点访问路径。确定第二节点可以与存储设备通信。存储设备由第一节点处的应用通过第二节点访问路径访问。

29. 发明申请

US20130007504A1 HIGH AVAILABILITY DATA STORAGE SYSTEMS AND METHODS 有权
标题翻译：高可用性数据存储系统和方法
公开(公告)号：US20130007504A1
公开(公告)日：2013-01-03
申请号：US13173681
申请日：2011-06-30
申请人： Manohar Rao Bodke , Lakshmi Priya Kanduru , Rohit Krishna Prasad , Ravi A. Shankar
发明人： Manohar Rao Bodke , Lakshmi Priya Kanduru , Rohit Krishna Prasad , Ravi A. Shankar
IPC分类号： G06F11/20
CPC分类号： G06F11/1423 , G06F11/1428 , G06F11/2005 , G06F11/2007
摘要： Provided are systems and methods for accessing a storage device from a node when a local connection failure occurs between the node and the storage device. A failure is determined to have occurred at a first node access path between a first node and a storage device that prevents an application at the first node from accessing the storage device from the first node access path. An access request is sent from the first node to a second node. The second node has a second node access path to the storage device. A determination is made that the second node can communicate with the storage device. The storage device is accessed by an application at the first node via the second node access path.
摘要翻译：提供了当在节点和存储设备之间发生本地连接故障时从节点访问存储设备的系统和方法。确定在第一节点和存储设备之间的第一节点访问路径发生故障，以防止第一节点处的应用从第一节点访问路径访问存储设备。从第一节点向第二节点发送访问请求。第二节点具有到存储设备的第二节点访问路径。确定第二节点可以与存储设备通信。存储设备由第一节点处的应用通过第二节点访问路径访问。

30. 发明申请

US20120239975A1 Reducing Application Downtime During Failover 有权
公开(公告)号：US20120239975A1
公开(公告)日：2012-09-20
申请号：US13483652
申请日：2012-05-30
申请人： Manohar R. Bodke , Ravikiran Moningi , Ravi A. Shankar , Ranganathan Vidya
发明人： Manohar R. Bodke , Ravikiran Moningi , Ravi A. Shankar , Ranganathan Vidya
IPC分类号： G06F11/14
CPC分类号： G06F11/203 , G06F11/2038 , G06F11/2046
摘要： Reducing application downtime during failover including identifying a critical line in the startup of an application, the critical line comprising the point in the startup of the application in which the application begins to use dependent resources; checkpointing the application at the critical line of startup; identifying a failure in the application; and restarting the application from the checkpointed application at the critical line.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式