Patents by Inventor David Haikney
David Haikney has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20140026124Abstract: This invention relates to updating an operating system in a hypervisor comprising: determining a new version of a component of the operating system; installing the new component version; measuring an identifying characteristic of the component and making it available to an attestation system; notifying the attestation system that a component has been updated to a new version whereby, when the attestation system finds that the identifying characteristic of the new component does not match a pre-stored attestation value it is aware that a legitimate mis-match could have occurred. The installing of the new version of the component comprises: identifying an updater associated with new version of the component; measuring an identifying characteristic of the identified updater; loading and installing the new version of the component; and making both the identifying measurement of the updater and the new version of the component available to the attestation system.Type: ApplicationFiled: January 10, 2012Publication date: January 23, 2014Applicant: International Business Machines CorporationInventors: David A. Gilbert, David Haikney, James W. Walker
-
Publication number: 20130305364Abstract: A technique for attesting a plurality of data processing systems includes generating a logical grouping for a data processing system. The logical grouping is associated with a rule that describes a condition that must be met in order for the data processing system to be considered trusted. A list of one or more children associated with the logical grouping is retrieved. The one or more children are attested to determine whether each of the one or more children is trusted. In response to the attesting, the rule is applied to determine whether the condition has been met in order for the data processing system to be considered trusted. A plurality of logical groupings is associated to determine whether an associated plurality of data processing systems can be considered trusted.Type: ApplicationFiled: September 20, 2011Publication date: November 14, 2013Inventors: David Haikney, David Nigel Mackintosh, Jose Juan Palacios Perez
-
Publication number: 20120216255Abstract: A technique for attesting a plurality of data processing systems. The method includes: configuring a chain of data processing systems wherein a first data processing system is responsible for retrieving attestation data associated with a second data processing system; sending a request for attestation of the first data processing system; in response to receiving the request, retrieving a list of associated one or more children, wherein the one or more children comprise the second data processing system; retrieving and storing attestation data associated with each child; retrieving and storing attestation data associated with the first data processing system; and sending to the requester a concatenated response containing the attestation data associated with the first and second data processing systems, such that the attestation data associated with the first and second data processing systems can be used to attest the first and second data processing systems, respectively.Type: ApplicationFiled: April 30, 2012Publication date: August 23, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: David Haikney, David N. MacKintosh, Jose J.P. Perez
-
Publication number: 20120192181Abstract: A system, method, and computer program product for controlling migration of a VM operable on a first site and a second site. The system includes an identify component for identifying the second site; a request component for sending a consent request message to a software component, wherein the consent request message comprises at least one of an identifier of the VM and an identifier of the second site; a calculate component, operable on the software component and responsive to receiving the consent request message, for determining consent for the second site; a send component, responsive to a positive determination, for sending a consent message; and a migrate component, responsive to receiving the consent message, for migrating the VM from the first site to the second site.Type: ApplicationFiled: January 10, 2012Publication date: July 26, 2012Applicant: International Business Machines CorporationInventors: David Gilbert, David Haikney, David Machintosh
-
Publication number: 20120159634Abstract: Attesting a virtual machine that is migrating from a first environment to a second environment includes in response to initiation of migration of the virtual machine from the first environment to the second environment, accessing one or more stored trust values generated during the trusted boot of the virtual machine in the first environment, determining if the accessed trust values define a security setting sufficient for the second environment, and if the accessed trust values do not define a security setting sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.Type: ApplicationFiled: December 15, 2011Publication date: June 21, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: David Haikney, Shawn P. Mullen, James Walker
-
Publication number: 20120131334Abstract: A technique for attesting a plurality of data processing systems. The method includes: configuring a chain of data processing systems wherein a first data processing system is responsible for retrieving attestation data associated with a second data processing system; sending a request for attestation of the first data processing system; in response to receiving the request, retrieving a list of associated one or more children, wherein the one or more children comprise the second data processing system; retrieving and storing attestation data associated with each child; retrieving and storing attestation data associated with the first data processing system; and sending to the requester a concatenated response containing the attestation data associated with the first and second data processing systems, such that the attestation data associated with the first and second data processing systems can be used to attest the first and second data processing systems, respectively.Type: ApplicationFiled: November 4, 2011Publication date: May 24, 2012Applicant: International Business Machines CorporationInventors: David Haikney, David N. Mackintosh, Jose J.P. Perez
-
Patent number: 8104027Abstract: An improved architecture for a program code conversion apparatus and method for generating intermediate representations for program code conversion. The program code conversion apparatus determines which types of IR nodes to generate in an intermediate representation (IR) of subject code (10) to be translated. Depending upon the particular subject and target computing environments involved in the conversion, the program code conversion apparatus utilizes either base nodes, complex nodes, polymorphic nodes, and architecture specific nodes, or some combination thereof, in generating the intermediate representation.Type: GrantFiled: May 28, 2008Date of Patent: January 24, 2012Assignee: International Business Machines CorporationInventors: Daniel Owen, Jonathan Jay Andrews, Miles Philip Howson, David Haikney
-
Patent number: 7934203Abstract: During program code conversion, such as in a dynamic binary translator, automatic code generation provides target code 21 executable by a target processor 13. Multiple instruction ports 610 disperse a group of instructions to functional units 620 of the processor 13. Disclosed is a mechanism of preparing an instruction group 606 using a plurality of pools 700 having a hierarchical structure 711-715. Each pool represents a different overlapping subset of the issue ports 610. Placing an instruction 600 into a particular pool 700 also reduces vacancies in any one or more subsidiary pools in the hierarchy. In a preferred embodiment, a counter value 702 is associated with each pool 700 to track vacancies. A valid instruction group 606 is formed by picking the placed instructions 600 from the pools 700. The instruction groups are generated accurately and automatically. Decoding errors and stalls are minimized or completely avoided.Type: GrantFiled: May 27, 2005Date of Patent: April 26, 2011Assignee: International Business Machines CorporationInventors: William O. Lovett, David Haikney, Matthew Evans
-
Patent number: 7921413Abstract: An improved architecture for a program code conversion apparatus and method for generating intermediate representations for program code conversion. The program code conversion apparatus determines which types of IR nodes to generate in an intermediate representation (IR) of subject code (10) to be translated. Depending upon the particular subject and target computing environments involved in the conversion, the program code conversion apparatus utilizes either base nodes, complex nodes, polymorphic nodes, and architecture specific nodes, or some combination thereof, in generating the intermediate representation.Type: GrantFiled: November 6, 2006Date of Patent: April 5, 2011Assignee: International Business Machines CorporationInventors: Daniel Owen, Jonathan Jay Andrews, Miles Philip Howson, David Haikney
-
Publication number: 20090007085Abstract: An improved architecture for a program code conversion apparatus and method for generating intermediate representations for program code conversion. The program code conversion apparatus determines which types of IR nodes to generate in an intermediate representation (IR) of subject code (10) to be translated. Depending upon the particular subject and target computing environments involved in the conversion, the program code conversion apparatus utilizes either base nodes, complex nodes, polymorphic nodes, and architecture specific nodes, or some combination thereof, in generating the intermediate representation.Type: ApplicationFiled: May 28, 2008Publication date: January 1, 2009Applicant: TRANSITIVE LIMITEDInventors: Daniel OWEN, Jonathan Jay ANDREWS, Miles Philip HOWSON, David HAIKNEY
-
Publication number: 20070106983Abstract: An improved architecture for a program code conversion apparatus and method for generating intermediate representations for program code conversion. The program code conversion apparatus determines which types of IR nodes to generate in an intermediate representation (IR) of subject code (10) to be translated. Depending upon the particular subject and target computing environments involved in the conversion, the program code conversion apparatus utilizes either base nodes, complex nodes, polymorphic nodes, and architecture specific nodes, or some combination thereof, in generating the intermediate representation.Type: ApplicationFiled: November 6, 2006Publication date: May 10, 2007Applicant: Transitive LimitedInventors: Daniel Owen, Jonathan Andrews, Miles Howson, David Haikney
-
Publication number: 20060224863Abstract: During program code conversion, such as in a dynamic binary translator, automatic code generation provides target code 21 executable by a target processor 13. Multiple instruction ports 610 disperse a group of instructions to functional units 620 of the processor 13. Disclosed is a mechanism of preparing an instruction group 606 using a plurality of pools 700 having a hierarchical structure 711-715. Each pool represents a different overlapping subset of the issue ports 610. Placing an instruction 600 into a particular pool 700 also reduces vacancies in any one or more subsidiary pools in the hierarchy. In a preferred embodiment, a counter value 702 is associated with each pool 700 to track vacancies. A valid instruction group 606 is formed by picking the placed instructions 600 from the pools 700. The instruction groups are generated accurately and automatically. Decoding errors and stalls are minimised or completely avoided.Type: ApplicationFiled: May 27, 2005Publication date: October 5, 2006Inventors: William Lovett, David Haikney, Matthew Evans
-
Publication number: 20040221277Abstract: An improved architecture for a program code conversion apparatus and method for generating intermediate representations for program code conversion. The program code conversion apparatus determines which types of IR nodes to generate in an intermediate representation of subject code to be translated. Depending upon the particular subject and target computing environments involved in the conversion, the program code conversion apparatus utilizes either base nodes, complex nodes, polymorphic nodes, and architecture specific nodes, or some combination thereof, in generating the intermediate representation.Type: ApplicationFiled: December 8, 2003Publication date: November 4, 2004Inventors: Daniel Owen, Jonathan Jay Andrews, Miles Philip Howson, David Haikney