Abstract: A method and apparatus for filtering packets uses digital signatures to filter packets in a network. A filter point, such as a router or firewall to an intranet, receives a packet including a header, detects the existence of a signature in the header, tests the validity of the signature using a public key, and forwards the packet in accordance with the validity of the signature. A sender uses a private key obtained from an owner to generate the signature, which is created by encrypting a fingerprint which corresponds to the data in the packet. Public keys are created by an owner which installs them in a domain name system or a certification server. Private keys are also created by the owner but are disseminated only to authorized senders. A method and apparatus for sending packets stores a private key in a memory of the data processor, generates a signature using the private key, installs the signature into a header of a packet; and sends the packet.

Abstract: A system regulates access to resources requested by an operation executing on a computer. The operation invokes a plurality of methods that operate upon code during execution. The system includes a policy file, a call stack, and an execution unit. The policy file stores permissions for each of the resources. The permissions authorize particular types of access to the resource based on a source of the code and an executor of the code. The call stack stores representations of the methods and executors in an order of invocation by the operation. The execution unit grants access to the resource when the types of access authorized by the permissions of all of the methods and executors on the call stack encompass the access requested by the operation.

Abstract: A system and method are provided for distributing or sharing the processing of network traffic (e.g., through a protocol stack on a host computer system) received at a multiprocessor computer system. A packet formatted according to one or more communication protocols is received from a network entity at a network interface circuit of a multiprocessor computer. A header portion of the packet is parsed to retrieve information stored in one or more protocol headers, such as source and destination identifiers or a virtual communication connection identifier. In one embodiment, a source identifier and a destination identifier are combined to form a flow key that is subjected to a hash function. The modulus of the result of the hash function over the number of processors in the multiprocessor computer is then calculated. In another embodiment a modulus operation is performed on the packet's virtual communication connection identifier.

Abstract: The present invention is directed to an apparatus and method to clamp and terminate signals along a communication bus; the clamping and termination are performed dynamically whenever a signal exceeds a set peak value or falls below a set low value. Variations include a clamping and termination circuit made of metal oxide semiconductor (MOS) devices where one MOS device clamps for over-voltage and another MOS device clamps for under-voltage. Biasing circuits to the gates of the MOS devices assure that proper bias voltage is applied so that the MOS devices only clamp and terminate when a signal is received and that signal falls off the set high or low values, this assures dynamic clamping and termination and avoids unnecessary additional voltage from a driving device.

Abstract: A computer-implemented method of processing a document provides a user with a plurality of nested test modes for creating, reviewing and retrieving a plurality of different document configurations represented by different document data sets. The nested test modes are activated upon user request and a starting data set of the document is stored on a memory and restored after leaving the test mode. By nesting a plurality of test modes, the user can create a plurality of different configurations of a document and easily retrieve the data of every one of these configurations.

Abstract: Techniques for implementing mandatory locks for UNIX file systems are disclosed. The mandatory locks can provide similar features as the locking features provided in Windows computing environments. Mandatory locks can be defined and enforced in a secure UNIX computing environment. As a result, Windows clients (or users) can safely access files stored in the secure UNIX computing environment. Mandatory lock categories including Byte-Range locks and Shared Resource locks and can provide similar features as provided by the mandatory locking mechanisms of Windows environments. In addition, various attributes can be defined and associated with each mandatory lock category. Accordingly, access to files stored in UNIX file systems can be controlled based on the lock category and the attributes assigned to it.

Abstract: The invention relates to a method of accessing data of a database by displaying a form view onto data of said database, and simultaneously displaying a table view onto data accessed by said form view.

Abstract: The present invention relates to the use of a programmable soft fuse for disabling a signal line using an electronic switching circuit, a latch, a control circuit, and a reset circuit. In another preferred embodiment, a precharge device is included. A method of disabling a data line using a soft fuse is disclosed, where the steps are: providing a soft fuse having a control means, providing a memory array, providing an address decoder, connecting the soft fuse between the address decoder and the memory array, testing the memory array, locating a bad address line in the array, entering the location of the bad address line into the address decoder, and strobing the control means.

Abstract: A system and method for using a computer system to determine the desired decoupling components for stabilizing the electrical impedance in the power distribution system of an electrical interconnecting apparatus, including a method for measuring the ESR for an electrical device, a method for determining a number of desired decoupling components for a power distribution system, and a method for placing the desired decoupling components in the power distribution system. The method creates a model of the power distribution system based upon an M×N grid for both the power plane and the ground plane. The model receives input from a user and from a database of various characteristics for a plurality of decoupling components. The method determines a target impedance over a desired frequency range. The method selects decoupling components. The method determines a number for each of the decoupling components chosen.

Abstract: A system and method for tuning a storage system may include characterizing a maximum sustainable throughput for the storage system. The maximum sustainable throughput may be decreased by a primary derate parameter to obtain a primary throughput. Sizes for buffer units may be determined at different stream rates, where during operation the buffer units buffer a data stream between a stream requester and storage. Buffer unit sizes may be determined by generating stream simulators sufficient to consume the primary throughput and then optimizing the buffer sizes to prevent underruns. This may be repeated at different stream rates to determine a table of buffer sizes. The primary throughput may be decreased by a secondary derate parameter to obtain a maximum system bandwidth which sets an upper limit on admission of streams. When buffer sizes are determined, a prefill margin parameter may be set by which request deadlines must be met.

Abstract: Methods, systems, and articles of manufacture consistent with the present invention limit access to parts of a shared software library by using a class loader that generates a selective interface between an external process and a program file (such as a class definition) in the shared library. This prevents external processes from loading parts of the shared library that were meant to remain private or internal to the library. Methods, systems, and articles of manufacture consistent with the present invention load a program file, such as a class definition, from the shared library and generate an interface (such as an object) to the loaded program file. A determination of whether the program file can be exported is performed based upon a status indicator associated with the interface. The interface limits access to the program file if it is determined that the program file cannot be exported.

Abstract: A heat sink structure includes a heat emitting component, an inner heat sink in thermal contact with the heat emitting component, a cabinet of a computer system in thermal contact with the inner heat sink, and an outer heat sink in thermal contact with the cabinet. The cabinet defines an outer region outside of the computer system and an inner region inside of the computer system. Generally, the outer region is cooler than the inner region. Advantageously, since the outer heat sink is located in the outer region, the outer heat sink is relatively cool compared to the heat emitting component. This drives heat from the heat emitting component through the inner heat sink and the cabinet to the outer heat sink, which dissipates this heat to the outer region outside of the computer system.

Abstract: In accordance with the present invention, a cache memory subsystem includes a processor, a cache control unit and a SRAM serving as the cache memory. The SRAM is a synchronous SRAM. The cache control unit provides appropriately timed control signals to the SRAM when the processor is accessing the cache memory. The SRAM can be either a pipelined architecture SRAM (register output SRAM) or a flow-through access architecture SRAM (latch output SRAM). The cache control unit is selectably configured to operate in a pipelined mode (1-1-1) or a flow-through (2-2) mode. The cache control unit is configured in the 1-1-1 mode when the SRAM is a pipelined architecture SRAM having a clock rate equal to the processor. When the SRAM is a flow-through architecture SRAM that cannot be clocked at the same rate as the processor, the cache control unit is configured in the 2-2 mode and the SRAM is clocked at a clock rate half of the processor clock rate.

Abstract: In accordance with methods and systems consistent with the present invention, an improved object-relational mapping tool is provided that generates source code containing classes which preserve both changes to the database schema as well as customizations to a preexisting version of the classes. This functionality alleviates the programmer from having to recreate their changes to the classes when the database changes, thus saving significant development time over conventional systems.

Abstract: In an input receiver circuit includes a signal input for receiving a signal input to a chip, a chip output for supplying a buffered signal to circuitry on the chip and a positive feedback circuit coupled between the chip output and the signal input. The positive feedback circuit might comprise a first inverter having an input coupled to the signal input, a second inverter having an input coupled to an output of the first inverter, wherein an output of the second inverter provides the chip output, and an inverting buffer having an input coupled to the output of the second inverter and an output coupled to the signal input.

Abstract: A computer system employs a hierarchical ring structure for communication. Computer system elements are configured into modules with ring interface hardware, and the modules are coupled to one or more rings. Bridge modules may be included for transmitting between rings in the hierarchy. The rings are time division multiplexed, and each time slot on a ring carries a frame. According to an address carried within the frame, bridge modules determine whether or not to transmit a frame circulating on a source ring onto a target ring. If the address of the frame indicates a module upon the source ring, the bridge module retransmits the frame on the source ring. Otherwise, the bridge module transmits the frame on the target ring. The bridge module operates in this fashion at any level of the hierarchy. The owner of a time slot on a ring is permitted to release the time slot for use by other modules. To reclaim a time slot, the owner marks the time slot owned.

Abstract: Systems and methods for implementing site specific message dispatch in an object-oriented environment are provided. Receiver type information may be saved at a message dispatch site in order to provide site specific message dispatch. By allowing message dispatch to vary at different call sites, object-oriented systems may be more efficient and flexible.

Abstract: An optimized, superscalar microprocessor architecture for supporting graphics operations in addition to the standard microprocessor integer and floating point operations. A number of specialized graphics instructions and accompanying hardware for executing them are disclosed to optimize the execution of graphics instruction with minimal additional hardware for a general purpose CPU.

Abstract: A heat sink structure includes a lower heat sink in thermal contact with a heat emitting component. The heat sink structure further includes an upper heat sink and at least one heat pipe extending from the lower heat sink to the upper heat sink. At least one spring urges the upper heat sink away from the lower heat sink and into thermal contact with a cabinet, sometimes called a cover or a lid, of a computer system. During use, the heat emitting component generates heat. This heat is conducted to the lower heat sink, the upper heat sink, and the cabinet. The cabinet dissipates heat to the outside of the computer system.

Abstract: A device input/output (“I/O”) monitoring mechanism serving as an interface between a computer operating system kernel and a device driver which obviates the necessity of implementing specific pseudo-device drivers for various peripheral devices and provides a standard interface between, for example, computer mass storage devices and a computer operating system. The I/O monitoring mechanism disclosed is of especial utility in the measurement of general storage device I/O performance and allows I/O statistics to be presented to application-level software operating in conjunction with a computer operating system which facilitates the identification of storage device “hot spots” within metadevices and sub-metadevices. The mechanism of the present invention is usable across a wide range of storage device peripheral hardware and device drivers and allows user-level program code to readily determine the associated physical sub-component.