专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20100185825A1 TRANSIENT STORAGE DEVICE CONFIGURATION SILO 有权
标题翻译：瞬态存储器件配置SILO
公开(公告)号：US20100185825A1
公开(公告)日：2010-07-22
申请号：US12356055
申请日：2009-01-19
申请人： David Abzarian , Harish S. Kulkarni , Todd Carpenter
发明人： David Abzarian , Harish S. Kulkarni , Todd Carpenter
IPC分类号： G06F12/14
CPC分类号： G06F3/0622 , G06F3/0637 , G06F3/0673 , G06F21/31 , G06F21/78 , G06F2221/2129
摘要： A device configuration silo is arranged to be accessed as an IEEE 1667-compatible silo which exposes interfaces to a host application to make changes to the presence of one or more other silos, as well as make changes to silo configurations on a per-silo basis for data and method sharing among silos across the ACTs on a storage device such as a transient storage device. The interfaces exposed by the device configuration silo are arranged to enable an authenticated provisioner, like administrator in a corporate network environment, to perform configuration changes to silos after the storage device is released into the field through a secure provisioning mechanism. In addition, users may make configuration changes to silos at runtime in some usage scenarios, for example to enable discrete portions of functionality on a storage device, by using a secure secondary authentication mechanism that is exposed by the device configuration silo.
摘要翻译：设备配置仓被布置为作为IEEE 1667兼容筒仓进行访问，其暴露到主机应用的接口以改变一个或多个其他仓库的存在，以及在基于每个仓的基础上对仓仓配置进行改变用于跨存储设备（如瞬态存储设备）上的ACT之间的数据和方法共享。被设备配置筒仓暴露的接口被布置成使经认证的提供者（例如公司网络环境中的管理员）能够通过安全供应机制将存储设备释放到现场之后对孤岛进行配置更改。此外，用户可以在某些使用情况下在运行时对配置进行更改，例如通过使用由设备配置筒仓公开的安全辅助认证机制来实现存储设备上的功能的分立部分。

2. 发明授权

US08930655B2 Transient storage device configuration silo 有权
标题翻译：瞬态存储设备配置仓
公开(公告)号：US08930655B2
公开(公告)日：2015-01-06
申请号：US12356055
申请日：2009-01-19
申请人： David Abzarian , Harish S. Kulkarni , Todd Carpenter
发明人： David Abzarian , Harish S. Kulkarni , Todd Carpenter
IPC分类号： G06F12/14 , G06F21/78 , G06F21/31
CPC分类号： G06F3/0622 , G06F3/0637 , G06F3/0673 , G06F21/31 , G06F21/78 , G06F2221/2129
摘要： A device configuration silo is arranged to be accessed as an IEEE 1667-compatible silo which exposes interfaces to a host application to make changes to the presence of one or more other silos, as well as make changes to silo configurations on a per-silo basis for data and method sharing among silos across the ACTs on a storage device such as a transient storage device. The interfaces exposed by the device configuration silo are arranged to enable an authenticated provisioner, like administrator in a corporate network environment, to perform configuration changes to silos after the storage device is released into the field through a secure provisioning mechanism. In addition, users may make configuration changes to silos at runtime in some usage scenarios, for example to enable discrete portions of functionality on a storage device, by using a secure secondary authentication mechanism that is exposed by the device configuration silo.
摘要翻译：设备配置仓被布置为作为IEEE 1667兼容筒仓进行访问，其暴露到主机应用的接口以改变一个或多个其他仓库的存在，以及在基于每个仓的基础上对仓仓配置进行改变用于跨存储设备（如瞬态存储设备）上的ACT之间的数据和方法共享。被设备配置筒仓暴露的接口被布置成使经认证的提供者（例如企业网络环境中的管理员）能够通过安全供应机制将存储设备释放到现场之后对孤岛进行配置更改。此外，用户可以在某些使用情况下在运行时对配置进行更改，例如通过使用由设备配置筒仓公开的安全辅助认证机制来实现存储设备上的功能的分立部分。

3. 发明授权

US08091115B2 Device-side inline pattern matching and policy enforcement 有权
标题翻译：设备端内联模式匹配和策略执行
公开(公告)号：US08091115B2
公开(公告)日：2012-01-03
申请号：US12245060
申请日：2008-10-03
申请人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni , Mark A. Myers , David J. Steeves
发明人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni , Mark A. Myers , David J. Steeves
IPC分类号： H04L29/06
CPC分类号： G06F21/554 , G06F21/56 , G06F21/78 , G06F21/85
摘要： Inline pattern matching and policy enforcement may be implemented by a memory storage device. In an example embodiment, a device-implemented method includes acts of receiving, intercepting, and performing and conditional acts of invoking or permitting. A request from a host to perform a memory access operation is received at a memory storage device. Data flowing between an I/O channel and physical storage of the memory storage device is intercepted. A pattern matching procedure is performed on the data with reference to multiple target patterns in real-time while the data is being intercepted. If a pattern match is detected between the data and a target pattern, a policy enforcement mechanism is invoked. If a pattern match is not detected between the data and the multiple target patterns, the request from the host to perform the memory access operation is permitted.
摘要翻译：内联模式匹配和策略实施可以由存储器存储设备实现。在示例实施例中，设备实现的方法包括接收，拦截和执行以及调用或许可的条件动作的动作。在存储器存储设备处接收来自主机执行存储器访问操作的请求。在I / O通道和存储器存储设备的物理存储之间流动的数据被截取。在数据被截获的同时，实时参照多个目标模式对数据执行模式匹配过程。如果在数据和目标模式之间检测到模式匹配，则调用策略实施机制。如果在数据和多个目标模式之间未检测到模式匹配，则允许来自主机执行存储器访问操作的请求。

4. 发明申请

US20100199108A1 Device Enforced File Level Protection 有权
标题翻译：设备强制文件级保护
公开(公告)号：US20100199108A1
公开(公告)日：2010-08-05
申请号：US12364523
申请日：2009-02-03
申请人： David Abzarian , Harish S. Kulkarni , Todd L. Carpenter , Cinthya R. Urasaki
发明人： David Abzarian , Harish S. Kulkarni , Todd L. Carpenter , Cinthya R. Urasaki
IPC分类号： G06F12/14
CPC分类号： G06F21/805
摘要： Described is a technology by which files that are hardware protected on a storage device, such as a USB flash drive, are managed on a host, including by integration with an existing file system. Each file maintained on a storage device is associated with a protection attribute that corresponds to that file's device hardware protection level. Requests directed towards accessing metadata or actual file data are processed based upon the protection attribute and a state of authentication, e.g., to allow or deny access, show file icons along with their level of protection, change levels, and so forth. Also described is splitting a file system file table into multiple file tables, one file table for each level of protection. Entries in the split file tables are maintained based on each file's current level; space allocation tracking entries are also maintained to track the space used by other split tables.
摘要翻译：描述了通过在主机上管理诸如USB闪存驱动器的存储设备上被硬件保护的文件的技术，包括通过与现有文件系统的集成。存储设备上维护的每个文件都与保护属性相关联，该属性对应于该文件的设备硬件保护级别。基于保护属性和认证状态（例如，允许或拒绝访问）显示文件图标以及其保护级别，改变级别等来处理针对访问元数据或实际文件数据的请求。还描述了将文件系统文件表分割成多个文件表，一个文件表用于每个级别的保护。分割文件表中的条目将根据每个文件的当前级别进行维护; 还维护空间分配跟踪条目以跟踪其他拆分表使用的空间。

5. 发明申请

US20090276595A1 PROVIDING A SINGLE DRIVE LETTER USER EXPERIENCE AND REGIONAL BASED ACCESS CONTROL WITH RESPECT TO A STORAGE DEVICE 有权
标题翻译：提供单一驱动器用户体验和基于区域的访问控制与存储设备
公开(公告)号：US20090276595A1
公开(公告)日：2009-11-05
申请号：US12113199
申请日：2008-04-30
申请人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni
发明人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni
IPC分类号： G06F12/16 , G06F12/00
CPC分类号： G06F12/1441 , G06F12/1483 , G06F21/6218
摘要： A method and a storage device may be provided. The storage device may include physical storage subdivided into a number of regions. The regions may start and end based on logical block addresses specified in a region table. At least one of the regions may be mapped to a logical drive letter. One or more others of the regions may be mapped to a subfolder with respect to the logical drive letter. The storage device may include an access control table. Each entry of the access control table may correspond to a respective region of the physical storage. Each of the entries of the access control table may indicate whether the respective region is protected and whether at least one entity is permitted protected access to the respective region after being successfully authenticated.
摘要翻译：可以提供一种方法和存储装置。存储设备可以包括细分为多个区域的物理存储器。区域可以基于区域表中指定的逻辑块地址开始和结束。至少一个区域可以被映射到逻辑驱动器盘符。可以将该区域中的一个或多个其他区域映射到相对于逻辑驱动器盘符的子文件夹。存储装置可以包括访问控制表。访问控制表的每个条目可以对应于物理存储器的相应区域。访问控制表的每个条目可以指示相应区域是否受到保护，以及是否允许至少一个实体在被成功认证之后被保护对相应区域的访问。

6. 发明授权

US08898460B2 Device enforced file level protection 有权
标题翻译：设备强制执行文件级别保护
公开(公告)号：US08898460B2
公开(公告)日：2014-11-25
申请号：US12364523
申请日：2009-02-03
申请人： David Abzarian , Harish S. Kulkarni , Todd L. Carpenter , Cinthya R. Urasaki
发明人： David Abzarian , Harish S. Kulkarni , Todd L. Carpenter , Cinthya R. Urasaki
IPC分类号： H04L29/06
CPC分类号： G06F21/805
摘要： Described is a technology by which files that are hardware protected on a storage device, such as a USB flash drive, are managed on a host, including by integration with an existing file system. Each file maintained on a storage device is associated with a protection attribute that corresponds to that file's device hardware protection level. Requests directed towards accessing metadata or actual file data are processed based upon the protection attribute and a state of authentication, e.g., to allow or deny access, show file icons along with their level of protection, change levels, and so forth. Also described is splitting a file system file table into multiple file tables, one file table for each level of protection. Entries in the split file tables are maintained based on each file's current level; space allocation tracking entries are also maintained to track the space used by other split tables.
摘要翻译：描述了通过在主机上管理诸如USB闪存驱动器的存储设备上被硬件保护的文件的技术，包括通过与现有文件系统的集成。存储设备上维护的每个文件都与保护属性相关联，该属性对应于该文件的设备硬件保护级别。基于保护属性和认证状态（例如，允许或拒绝访问）显示文件图标以及其保护级别，改变级别等来处理针对访问元数据或实际文件数据的请求。还描述了将文件系统文件表分割成多个文件表，一个文件表用于每个级别的保护。分割文件表中的条目将根据每个文件的当前级别进行维护; 还维护空间分配跟踪条目以跟踪其他拆分表使用的空间。

7. 发明申请

US20090307451A1 DYNAMIC LOGICAL UNIT NUMBER CREATION AND PROTECTION FOR A TRANSIENT STORAGE DEVICE 审中-公开
标题翻译：动态逻辑单元创建和保护瞬态存储设备
公开(公告)号：US20090307451A1
公开(公告)日：2009-12-10
申请号：US12262134
申请日：2008-10-30
申请人： David Abzarian , Harish S. Kulkarni , Todd L. Carpenter
发明人： David Abzarian , Harish S. Kulkarni , Todd L. Carpenter
IPC分类号： G06F12/14 , G06F12/00
CPC分类号： G06F12/1483
摘要： A dynamic logical unit number system is implemented as a storage device that includes processing logic and storage functionality. A storage device may be configured to provide a first logical unit number when the storage device is attached to a computer system or other computing device. The storage device through its dynamic logical unit number system provides a configuration interface through which the computer system can configure additional logical unit numbers and reconfigure existing logical unit numbers of the storage device. After the redefinition of the logical unit numbers, the dynamic logical unit number system may cause a reestablishment of the connection between the storage device and the computer system. Upon establishing the new connection, the computer system recognizes the redefined logical unit numbers and treats each logical unit number as a separate storage device, including assigning a different number to each logical unit number.
摘要翻译：动态逻辑单元号系统被实现为包括处理逻辑和存储功能的存储设备。存储设备可以被配置为当存储设备附接到计算机系统或其他计算设备时提供第一逻辑单元号。存储设备通过其动态逻辑单元号系统提供配置接口，计算机系统可通过该配置接口配置附加的逻辑单元号，并重新配置存储设备的现有逻辑单元号。在重新定义逻辑单元号之后，动态逻辑单元号系统可能导致重新建立存储设备和计算机系统之间的连接。在建立新的连接之后，计算机系统识别重新定义的逻辑单元号码，并将每个逻辑单元号码视为单独的存储设备，包括为每个逻辑单元号码分配不同的号码。

8. 发明授权

US08806220B2 Device side host integrity validation 有权
标题翻译：设备端主机完整性验证
公开(公告)号：US08806220B2
公开(公告)日：2014-08-12
申请号：US12349516
申请日：2009-01-07
申请人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni , Salahuddin J. Khan
发明人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni , Salahuddin J. Khan
IPC分类号： G06F11/30 , G06F21/00
CPC分类号： G06F12/1416 , G06F21/57 , G06F2212/1052 , G06F2221/2101
摘要： Described is a technology by which a transient storage device or secure execution environment-based (e.g., including an embedded processor) device validates a host computer system. The device compares hashes of host system data against valid hashes maintained in protected storage of the device. The host data may be a file, data block, and/or memory contents. The device takes action when the host system data does not match the information in protected storage, such as to log information about the mismatch and/or provide an indication of validation failure, e.g., via an LED and/or display screen output. Further, the comparison may be part of a boot process validation, and the action may prevent the boot process from continuing, or replace an invalid file. Alternatively, the validation may take place at anytime.
摘要翻译：描述了一种瞬态存储设备或基于安全执行环境（例如，包括嵌入式处理器）设备验证主计算机系统的技术。该设备将主机系统数据的哈希值与在设备的受保护存储中维护的有效散列进行比较。主机数据可以是文件，数据块和/或存储器内容。当主机系统数据与受保护存储器中的信息不匹配时，该装置采取行动，例如记录关于不匹配的信息和/或提供验证失败的指示，例如经由LED和/或显示屏幕输出。此外，比较可以是引导过程验证的一部分，并且该操作可以阻止引导过程继续或替换无效文件。或者，验证可以在任何时间进行。

9. 发明授权

US08209501B2 Capturing and loading operating system states 有权
标题翻译：捕获和加载操作系统状态
公开(公告)号：US08209501B2
公开(公告)日：2012-06-26
申请号：US12435737
申请日：2009-05-05
申请人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni
发明人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni
IPC分类号： G06F13/00
CPC分类号： G06F17/3007 , G06F9/4418
摘要： Operating system states capture and loading technique embodiments are presented that involve the capture and loading of baseline system states. This is accomplished, in one embodiment, by storing the states of a computer's operating system memory that it is desired to restore at a future time. No changes are permitted to the persisted storage associated with the computer. Instead, changes that would have been made to the persisted storage during an ensuing computing session, had they not been prevented, are stored in a separate computing session file. Whenever it is desired to return the operating system to its baseline condition, the stored baseline system memory states are loaded into the operating system memory, in lieu of the operating system memory's current states.
摘要翻译：提出了涉及捕获和加载基线系统状态的操作系统状态捕获和加载技术实施例。这在一个实施例中通过存储希望在将来的时间恢复的计算机的操作系统存储器的状态来实现。与计算机相关联的持久存储器不允许更改。相反，如果没有阻止在随后的计算会话期间对持久存储进行的更改将被存储在单独的计算会话文件中。无论何时需要将操作系统恢复到其基准状态，存储的基线系统存储器状态将被加载到操作系统存储器中，以代替操作系统存储器的当前状态。

10. 发明授权

US08949407B2 Capturing a computing experience 有权
标题翻译：捕获计算体验
公开(公告)号：US08949407B2
公开(公告)日：2015-02-03
申请号：US12486069
申请日：2009-06-17
申请人： Todd L. Carpenter , David Abzarian , Seshagiri Panchapagesan , Harish S. Kulkarni
发明人： Todd L. Carpenter , David Abzarian , Seshagiri Panchapagesan , Harish S. Kulkarni
IPC分类号： G06F15/173 , G06F11/34 , G06Q30/02 , G06F15/16 , G06F15/177
CPC分类号： G06F11/3414 , G06F11/3438 , G06Q30/02
摘要： The described implementations relate to capturing a computing experience. In one case, a user session capture tool can launch a remote user session where a user-interface and user inputs are gathered from a single computing device. Remote user session data produced by the remote user session can be analyzed to determine user activity.
摘要翻译：所描述的实现涉及捕获计算体验。在一种情况下，用户会话捕获工具可以启动用户界面和用户输入从单个计算设备收集的远程用户会话。可以分析由远程用户会话产生的远程用户会话数据以确定用户活动。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式