Patents by Inventor Reinhard Buendgen
Reinhard Buendgen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10891170Abstract: In an approach to grouping related tasks, one or more computer processors receive a first task initialization by a first user. The one or more computer processors determine whether one or more additional tasks contained in one or more task groups are in use by the first user. Responsive to determining one or more additional tasks contained in one or more task groups are in use, the one or more computer processors determine whether the first task is related to at least one task of the one or more additional tasks. Responsive to determining the first task is related to at least one task of the one or more additional tasks, the one or more computer processors add the first task to the task group containing the at least one related task of the one or more additional tasks.Type: GrantFiled: July 20, 2016Date of Patent: January 12, 2021Assignee: International Business Machines CorporationInventors: Volker M. Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob C. Lang, Mareike Lattermann, Angel Nunez Mencias
-
Patent number: 10489201Abstract: A technique for monitoring a shared hardware resource in a computer system running at least two partitions includes collecting measurement data from the hardware resource. An aggregation of the measurement data over a certain time interval is computed. A noise level value adapted to a workload is calculated using a workload dependent heuristic. Noise data, based on the calculated noise level value, is generated. The computed aggregation of measurement data is mixed with the generated noise data. The mixed aggregation of measurement data is output to an external interface for monitoring.Type: GrantFiled: June 9, 2015Date of Patent: November 26, 2019Assignee: International Business Machines CorporationInventors: Reinhard Buendgen, Ulrich Mayer, Klaus Werner, Matthias Huber
-
Patent number: 10459763Abstract: A technique for monitoring a shared hardware resource in a computer system running at least two partitions includes collecting measurement data from the hardware resource. An aggregation of the measurement data over a certain time interval is computed. A noise level value adapted to a workload is calculated using a workload dependent heuristic. Noise data, based on the calculated noise level value, is generated. The computed aggregation of measurement data is mixed with the generated noise data. The mixed aggregation of measurement data is output to an external interface for monitoring.Type: GrantFiled: January 9, 2015Date of Patent: October 29, 2019Assignee: International Business Machines CorporationInventors: Reinhard Buendgen, Ulrich Mayer, Klaus Werner, Matthias Huber
-
Patent number: 10168995Abstract: Generating a pool of random numbers for use by computer applications. Vibration sensors are placed throughout a machine and collects information theoretic entropy data from the measurement of the vibration sensors. The data is then filtered and added to an entropy pool. Applications needing a random number may acquire a number from the pool. A method, computer program product and system to generate the pool are provided.Type: GrantFiled: November 28, 2017Date of Patent: January 1, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Volker Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob Lang, Mareike Lattermann, Budy D. Notohardjono, Angel Nunez-Mencias
-
Patent number: 9973496Abstract: Methods are provided for using a hardware module connectable to multiple computer systems, where the multiple computer systems are connectable to a server within a common network. The method includes: providing a network address of the server in persistent memory of the hardware security module; providing an encrypted secret entity in the persistent memory of the hardware security module; providing a private key in the persistent memory of the hardware security module; and based on the hardware security module being connectable to one of the computer systems, the method includes: establishing a secure connection between the hardware security module and the server; retrieving, via the secure connection, a wrapping key from the server and storing it in volatile memory of the hardware security module; and decrypting the encrypted secret entity with the wrapping key and storing the decrypted secret entity in the volatile memory of the hardware security module.Type: GrantFiled: October 6, 2015Date of Patent: May 15, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Volker M. M. Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob C. Lang, Mareike Lattermann, Angel Nunez-Mencias
-
Patent number: 9928080Abstract: Trusted firmware on a host server is used for managing access to a hardware security module (HSM) connected to the host server. The HSM stores confidential information associated with an operating system. As part of access management, the firmware detects a boot device identifier associated with a boot device configured to boot the operating system on the host server. The firmware then receives a second boot device identifier from the HSM. The boot device identifier and the second boot device identifier are then compared by the firmware. Based on the comparison, the firmware determines that the boot device identifier matches with the second boot device identifier. Based on this determination, the firmware grants the operating system access to the HSM.Type: GrantFiled: September 30, 2014Date of Patent: March 27, 2018Assignee: International Business Machines CorporationInventors: Volker M. M. Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob C. Lang, Mareike Lattermann, Angel Nunez Mencias
-
Publication number: 20180081636Abstract: Generating a pool of random numbers for use by computer applications. Vibration sensors are placed throughout a machine and collects information theoretic entropy data from the measurement of the vibration sensors. The data is then filtered and added to an entropy pool. Applications needing a random number may acquire a number from the pool. A method, computer program product and system to generate the pool are provided.Type: ApplicationFiled: November 28, 2017Publication date: March 22, 2018Inventors: Volker Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob Lang, Mareike Lattermann, Budy D. Notohardjono, Angel Nunez-Mencias
-
Patent number: 9880812Abstract: Generating a pool of random numbers for use by computer applications. Vibration sensors are placed throughout a machine and collects information theoretic entropy data from the measurement of the vibration sensors. The data is then filtered and added to an entropy pool. Applications needing a random number may acquire a number from the pool. A method, computer program product and system to generate the pool are provided.Type: GrantFiled: November 23, 2015Date of Patent: January 30, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Volker Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob Lang, Mareike Lattermann, Budy D Notohardjono, Angel Nunez-Mencias
-
Patent number: 9836308Abstract: Trusted firmware on a host server is used for managing access to a hardware security module (HSM) connected to the host server. The HSM stores confidential information associated with an operating system. As part of access management, the firmware detects a boot device identifier associated with a boot device configured to boot the operating system on the host server. The firmware then receives a second boot device identifier from the HSM. The boot device identifier and the second boot device identifier are then compared by the firmware. Based on the comparison, the firmware determines that the boot device identifier matches with the second boot device identifier. Based on this determination, the firmware grants the operating system access to the HSM.Type: GrantFiled: December 18, 2014Date of Patent: December 5, 2017Assignee: International Business Machines CorporationInventors: Volker M. M. Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob C. Lang, Mareike Lattermann, Angel Nunez Mencias
-
Patent number: 9767293Abstract: At least one hardware security module out of a plurality of hardware security modules is assigned to a guest system. The at least one hardware security module out of the plurality of hardware security modules is configured with a master key. A data pattern is used for a challenge protocol adapted to prove that the at least one hardware security module out of the plurality of hardware security modules is configured with the master key. The at least one hardware security module including the master key is assigned to the guest system based on a positive outcome of the challenge protocol.Type: GrantFiled: February 13, 2015Date of Patent: September 19, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Volker M. M. Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob C. Lang, Mareike Lattermann, Angel Nunez Mencias
-
Patent number: 9767295Abstract: At least one hardware security module out of a plurality of hardware security modules is assigned to a guest system. The at least one hardware security module out of the plurality of hardware security modules is configured with a master key. A data pattern is used for a challenge protocol adapted to prove that the at least one hardware security module out of the plurality of hardware security modules is configured with the master key. The at least one hardware security module including the master key is assigned to the guest system based on a positive outcome of the challenge protocol.Type: GrantFiled: November 14, 2015Date of Patent: September 19, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Volker M. M. Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob C. Lang, Mareike Lattermann, Angel Nunez Mencias
-
Patent number: 9690947Abstract: Method of processing a guest event in a hypervisor-controlled system, which includes: triggering a first firmware service specific for the guest event; the firmware processing information associated with the guest event, and presenting only a subset of the information of a guest state and memory in decrypted form to a hypervisor, where the subset of the information is selected to allow the hypervisor to process the guest event; the firmware retaining a part of the information of the guest state and memory not sent to the hypervisor; the hypervisor processing the guest event based on the received subset of the information, and sending a process result to the firmware, triggering a second firmware service; the firmware processing the received process result together with the part of the information of the guest state and memory not sent to the hypervisor, and generates and performs a state and/or memory modification.Type: GrantFiled: March 14, 2014Date of Patent: June 27, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Utz Bacher, Reinhard Buendgen, Einar Lueck
-
Patent number: 9542234Abstract: In an approach to grouping tasks initialized by a first user, one or more computer processors receive a first task initialization by a first user. The one or more computer processors determine whether one or more additional tasks contained in one or more task groups are in use by the first user. Responsive to determining one or more additional tasks contained in one or more task groups are in use, the one or more computer processors determine whether the first task is related to at least one task of the one or more additional tasks. Responsive to determining the first task is related to at least one task of the one or more additional tasks, the one or more computer processors add the first task to the task group containing the at least one related task of the one or more additional tasks.Type: GrantFiled: November 3, 2015Date of Patent: January 10, 2017Assignee: International Business Machines CorporationInventors: Volker M. Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob C. Lang, Mareike Lattermann, Angel Nunez Mencias
-
Publication number: 20160328275Abstract: In an approach to grouping related tasks, one or more computer processors receive a first task initialization by a first user. The one or more computer processors determine whether one or more additional tasks contained in one or more task groups are in use by the first user. Responsive to determining one or more additional tasks contained in one or more task groups are in use, the one or more computer processors determine whether the first task is related to at least one task of the one or more additional tasks. Responsive to determining the first task is related to at least one task of the one or more additional tasks, the one or more computer processors add the first task to the task group containing the at least one related task of the one or more additional tasks.Type: ApplicationFiled: July 20, 2016Publication date: November 10, 2016Inventors: Volker M. Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob C. Lang, Mareike Lattermann, Angel Nunez Mencias
-
Patent number: 9454346Abstract: Generating a pool of random numbers for use by computer applications. Vibration sensors are placed throughout a machine and collect entropy data from the measurements of the vibration sensors. The data is then filtered and sent via secure connection to a second machine to be added to the second machine's entropy pool. Applications needing a random number may acquire a number from the pool. A method, computer program product and system to generate the pool are provided.Type: GrantFiled: November 23, 2015Date of Patent: September 27, 2016Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Volker Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob Lang, Mareike Lattermann, Budy D Notohardjono, Angel Nunez-Mencias
-
Patent number: 9424102Abstract: In an approach to grouping tasks initialized by a first user, one or more computer processors receive a first task initialization by a first user. The one or more computer processors determine whether one or more additional tasks contained in one or more task groups are in use by the first user. Responsive to determining one or more additional tasks contained in one or more task groups are in use, the one or more computer processors determine whether the first task is related to at least one task of the one or more additional tasks. Responsive to determining the first task is related to at least one task of the one or more additional tasks, the one or more computer processors add the first task to the task group containing the at least one related task of the one or more additional tasks.Type: GrantFiled: May 14, 2014Date of Patent: August 23, 2016Assignee: International Business Machines CorporationInventors: Volker M. Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob C. Lang, Mareike Lattermann, Angel Nunez Mencias
-
Publication number: 20160239667Abstract: At least one hardware security module out of a plurality of hardware security modules is assigned to a guest system. The at least one hardware security module out of the plurality of hardware security modules is configured with a master key. A data pattern is used for a challenge protocol adapted to prove that the at least one hardware security module out of the plurality of hardware security modules is configured with the master key. The at least one hardware security module including the master key is assigned to the guest system based on a positive outcome of the challenge protocol.Type: ApplicationFiled: February 13, 2015Publication date: August 18, 2016Inventors: Volker M. M. Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob C. Lang, Mareike Lattermann, Angel Nunez Mencias
-
Publication number: 20160241393Abstract: At least one hardware security module out of a plurality of hardware security modules is assigned to a guest system. The at least one hardware security module out of the plurality of hardware security modules is configured with a master key. A data pattern is used for a challenge protocol adapted to prove that the at least one hardware security module out of the plurality of hardware security modules is configured with the master key. The at least one hardware security module including the master key is assigned to the guest system based on a positive outcome of the challenge protocol.Type: ApplicationFiled: November 14, 2015Publication date: August 18, 2016Inventors: Volker M. M. Boenisch, Reinhard Buendgen, Franziska Geisert, Jakob C. Lang, Mareike Lattermann, Angel Nunez Mencias
-
Publication number: 20160148001Abstract: Method of processing a guest event in a hypervisor-controlled system, which includes: triggering a first firmware service specific for the guest event; the firmware processing information associated with the guest event, and presenting only a subset of the information of a guest state and memory in decrypted form to a hypervisor, where the subset of the information is selected to allow the hypervisor to process the guest event; the firmware retaining a part of the information of the guest state and memory not sent to the hypervisor; the hypervisor processing the guest event based on the received subset of the information, and sending a process result to the firmware, triggering a second firmware service; the firmware processing the received process result together with the part of the information of the guest state and memory not sent to the hypervisor, and generates and performs a state and/or memory modification.Type: ApplicationFiled: March 14, 2014Publication date: May 26, 2016Inventors: Utz BACHER, Reinhard BUENDGEN, Einar LUECK
-
Patent number: 9342360Abstract: A virtual machine (VM) migration from a source virtual machine monitor (VMM) to a destination VMM on a computer system. Each of the VMMs includes virtualization software, and one or more VMs are executed in each of the VMMs. The virtualization software allocates hardware resources in a form of virtual resources for the concurrent execution of one or more VMs and the virtualization software. A portion of a memory of the hardware resources includes hardware memory segments. A first portion of the memory segments is assigned to a source logical partition and a second portion is assigned to a destination logical partition. The source VMM operates in the source logical partition and the destination VMM operates in the destination logical partition. The first portion of the memory segments is mapped into a source VMM memory, and the second portion of the memory segments is mapped into a destination VMM memory.Type: GrantFiled: May 1, 2015Date of Patent: May 17, 2016Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Utz Bacher, Reinhard Buendgen, Einar Lueck, Angel Nunez Mencias