Patents by Inventor David John Craft

David John Craft has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 8838950
    Abstract: The present invention provides for authenticating code and/or data and providing a protected environment for execution. The present invention provides for dynamically partitioning and un-partitioning a local store for the authentication of code or data. The local store is partitioned into an isolated and non-isolated section. Code or data is loaded into the isolated section. The code or data is authenticated in the isolated section of the local store. After authentication, the code is executed. After execution, the memory within the isolated region of the attached processor unit is erased, and the attached processor unit de-partitions the isolated section within the local store.
    Type: Grant
    Filed: June 23, 2003
    Date of Patent: September 16, 2014
    Assignee: International Business Machines Corporation
    Inventors: David John Craft, Michael Norman Day, Harm Peter Hofstee, Charles Ray Johns, John Samuel Liberty
  • Patent number: 7650491
    Abstract: A secure communication methodology is presented. The client device is configured to download application code and/or content data from a server operated by a service provider. Embedded within the client is a client private key, a client serial number, and a copy of a server public key. The client forms a request, which includes the client serial number, encrypts the request with the server public key, and sends the download request to the server. The server decrypts the request with the server's private key and authenticates the client. The received client serial number is used to search for a client public key that corresponds to the embedded client private key. The server encrypts its response, which includes the requested information, with the client public key of the requesting client, and only the private key in the requesting client can be used to decrypt the information downloaded from the server.
    Type: Grant
    Filed: November 29, 2008
    Date of Patent: January 19, 2010
    Assignee: International Business Machines Corporation
    Inventors: David John Craft, Pradeep K. Dubey, Harm Peter Hofstee, James Allan Kahle
  • Patent number: 7603703
    Abstract: A secure communication methodology is presented. The client device is configured to download application code and/or content data from a server operated by a service provider. Embedded within the client is a client private key, a client serial number, and a copy of a server public key. The client forms a request, which includes the client serial number, encrypts the request with the server public key, and sends the download request to the server. The server decrypts the request with the server's private key and authenticates the client. The received client serial number is used to search for a client public key that corresponds to the embedded client private key. The server encrypts its response, which includes the requested information, with the client public key of the requesting client, and only the private key in the requesting client can be used to decrypt the information downloaded from the server.
    Type: Grant
    Filed: April 12, 2001
    Date of Patent: October 13, 2009
    Assignee: International Business Machines Corporation
    Inventors: David John Craft, Pradeep K. Dubey, Harm Peter Hofstee, James Allan Kahle
  • Publication number: 20090083542
    Abstract: A secure communication methodology is presented. The client device is configured to download application code and/or content data from a server operated by a service provider. Embedded within the client is a client private key, a client serial number, and a copy of a server public key. The client forms a request, which includes the client serial number, encrypts the request with the server public key, and sends the download request to the server. The server decrypts the request with the server's private key and authenticates the client. The received client serial number is used to search for a client public key that corresponds to the embedded client private key. The server encrypts its response, which includes the requested information, with the client public key of the requesting client, and only the private key in the requesting client can be used to decrypt the information downloaded from the server.
    Type: Application
    Filed: November 29, 2008
    Publication date: March 26, 2009
    Inventors: David John Craft, Pradeep K. Dubey, Harm Peter Hofstee, James Allan Kahle
  • Publication number: 20080294703
    Abstract: A computer implemented method, apparatus, and computer program product for obtaining an absolute path name for an open file system object. A file descriptor for the open file system object is identified in response to a process in a first software partition opening a file system object to form the open file system object. The absolute path name for the open file system object is cached in a path name field in a file structure associated with the file descriptor for the open file system object. The absolute path name for the open file system object in the path name field is used during migration of the first software partition to restore the open file system object in a second software partition.
    Type: Application
    Filed: May 21, 2007
    Publication date: November 27, 2008
    Inventors: David John Craft, Srikanth Vishwanathan
  • Publication number: 20080270829
    Abstract: A computer implemented method, apparatus, and computer program product for managing state data in a workload partitioned environment. Process state data for a process in a workload partition is saved. Process state data is used to restore the process to a given state. State data associated with open sockets and open files bound to the first process is saved. In response to a determination that the process is associated with a domain socket that is bound to a socket file, an absolute pathname for the socket file is saved. A domain socket associated with a connecting process in the workload partition uses the socket file to connect to a domain socket associated with a listening process in the same workload partition to enable the two processes to communicate with each other.
    Type: Application
    Filed: April 27, 2007
    Publication date: October 30, 2008
    Inventors: DAVID JOHN CRAFT, Vinit Jain, Lance Warren Russell
  • Patent number: 7248696
    Abstract: The present invention provides data encryption for a differential bus employing transitional coding. The present invention maps, encodes and encrypts input data as a logic status for a given bus transfer cycle. The mapping, encoding and encrypting of the input data changes from bus transfer cycle to bus transfer cycle. The mapping, encoding and encrypting is a function of a pseudo-random number. A logic status is differentially transmitted from a bus transmitter to a bus receiver, to be mapped, decrypted and decoded as the corresponding output data.
    Type: Grant
    Filed: September 12, 2002
    Date of Patent: July 24, 2007
    Assignee: International Business Machines Corporation
    Inventors: David John Craft, Charles Ray Johns
  • Patent number: 7194626
    Abstract: The present invention provides for authentication of code, such as boot code. A memory addressing engine is employable to select a portion of a memory, as a function of a step value, as a first input hash value. The step value allows for the non-commutative cumulative hashing of a plurality of memory portions with a second input hash value, such as a previous hash value that has been rotated left. An authenticator circuit is employable to perform a hash upon the portion of memory and the second input hash value. A comparison circuit is then employable to compare an output of the authenticator circuit to an expected value.
    Type: Grant
    Filed: November 21, 2002
    Date of Patent: March 20, 2007
    Assignee: International Business Machines Corporation
    Inventor: David John Craft
  • Patent number: 7171563
    Abstract: The present invention provides for validating downloaded code. Code is transferred to a volatile memory of a system on a chip from a source. The volatile memory is decoupled from the source of the transferred code through employment of an isolation bus. An embedded security value, associated with the downloaded code, is determined. The security value is compared to an unlock sequence stored within the non-volatile memory in the system on a chip. If the security value matches the unlock sequence, the downloaded code is allowed access to secure data stored in the non-volatile memory. If the security value does not match the unlock sequence, the downloaded code is denied access to the secure data stored in the non-volatile memory.
    Type: Grant
    Filed: May 15, 2003
    Date of Patent: January 30, 2007
    Assignee: International Business Machines Corporation
    Inventor: David John Craft
  • Patent number: 7003605
    Abstract: The present invention provides employing differential transitional encoding with a differential bus. Employing the differential transitional encoding comprises dividing the differential bus into one or more groups comprising four bus lines. Employment of the differential bus also comprises asserting half the bus lines of a group during a bus data transfer, thereby defining an asserted set of bus lines and a de-asserted set of bus lines. The method and system further comprises transmitting data by differentially driving two of the bus lines, one bus line per set, by de-asserting one of the bus lines of the asserted set, and asserting one of the bus lines of the de-asserted set.
    Type: Grant
    Filed: September 12, 2002
    Date of Patent: February 21, 2006
    Assignee: International Business Machines Corporation
    Inventors: David John Craft, Charles Ray Johns
  • Publication number: 20040230818
    Abstract: The present invention provides for validating downloaded code. Code is transferred to a volatile memory of a system on a chip from a source. The volatile memory is decoupled from the source of the transferred code through employment of an isolation bus. An embedded security value, associated with the downloaded code, is determined. The security value is compared to an unlock sequence stored within the non-volatile memory in the system on a chip. If the security value matches the unlock sequence, the downloaded code is allowed access to secure data stored in the non-volatile memory. If the security value does not match the unlock sequence, the downloaded code is denied access to the secure data stored in the non-volatile memory.
    Type: Application
    Filed: May 15, 2003
    Publication date: November 18, 2004
    Applicant: International Business Machines Corporation
    Inventor: David John Craft
  • Patent number: 6771193
    Abstract: An encoder for compressing data is described, including a history buffer having multiple storage locations for storing target data units. The encoder is configured to input a target data string including multiple target data units, and additional data (e.g., security data associated with the target data string). In the event the history buffer contains multiple matching strings that match the target data string, the encoder is configured to select a displacement value of one of the matching strings dependent on a portion of the additional data, and to produce a copy pointer corresponding to the target data string and including the selected displacement. The selected displacement value in the copy pointer conveys the portion of the additional data. A decoder for decompressing data is also described, including a history buffer having multiple storage locations for storing data units.
    Type: Grant
    Filed: August 22, 2002
    Date of Patent: August 3, 2004
    Assignee: International Business Machines Corporation
    Inventor: David John Craft
  • Publication number: 20040103291
    Abstract: The present invention provides for authentication of code, such as boot code. A memory addressing engine is employable to select a portion of a memory, as a function of a step value, as a first input hash value. The step value allows for the non-commutative cumulative hashing of a plurality of memory portions with a second input hash value, such as a previous hash value that has been rotated left. An authenticator circuit is employable to perform a hash upon the portion of memory and the second input hash value. A comparison circuit is then employable to compare an output of the authenticator circuit to an expected value.
    Type: Application
    Filed: November 21, 2002
    Publication date: May 27, 2004
    Applicant: International Business Machines Corporation
    Inventor: David John Craft
  • Publication number: 20040052375
    Abstract: The present invention provides data encryption for a differential bus employing transitional coding. The present invention maps, encodes and encrypts input data as a logic status for a given bus transfer cycle. The mapping, encoding and encrypting of the input data changes from bus transfer cycle to bus transfer cycle. The mapping, encoding and encrypting is a function of a pseudo-random number. A logic status is differentially transmitted from a bus transmitter to a bus receiver, to be mapped, decrypted and decoded as the corresponding output data.
    Type: Application
    Filed: September 12, 2002
    Publication date: March 18, 2004
    Applicant: International Business Machines Corporation
    Inventors: David John Craft, Charles Ray Johns
  • Publication number: 20040054830
    Abstract: The present invention provides employing differential transitional encoding with a differential bus. Employing the differential transitional encoding comprises dividing the differential bus into one or more groups comprising four bus lines. Employment of the differential bus also comprises asserting half the bus lines of a group during a bus data transfer, thereby defining an asserted set of bus lines and a de-asserted set of bus lines. The method and system further comprises transmitting data by differentially driving two of the bus lines, one bus line per set, by de-asserting one of the bus lines of the asserted set, and asserting one of the bus lines of the de-asserted set.
    Type: Application
    Filed: September 12, 2002
    Publication date: March 18, 2004
    Applicant: International Business Machines Corporation
    Inventors: David John Craft, Charles Ray Johns
  • Publication number: 20040036633
    Abstract: An encoder for compressing data is described, including a history buffer having multiple storage locations for storing target data units. The encoder is configured to input a target data string including multiple target data units, and additional data (e.g., security data associated with the target data string). In the event the history buffer contains multiple matching strings that match the target data string, the encoder is configured to select a displacement value of one of the matching strings dependent on a portion of the additional data, and to produce a copy pointer corresponding to the target data string and including the selected displacement. The selected displacement value in the copy pointer conveys the portion of the additional data. A decoder for decompressing data is also described, including a history buffer having multiple storage locations for storing data units.
    Type: Application
    Filed: August 22, 2002
    Publication date: February 26, 2004
    Applicant: International Business Machines Corporation
    Inventor: David John Craft
  • Patent number: 6697974
    Abstract: A method for adaptively compensating skews during data transmission on a bus is disclosed. A bus includes one or more groups of multiple signal paths. Each of the signal paths within a group is assigned a unique binary data value. During data transmissions, only one signal path within each group is activated at a time, and each activation of one of the signal paths represents its associated unique binary data value. Thus, a sequence of consecutive activations represents the same information as if the data were transmitted in parallel. Before signal transmission, a time delay between a transition on a first and a second of the signal lines is measured by utilizing a control frame. The time delay measurement is repeated to establish the relative time delays associated with all possible transitions on all the signal lines. In response to the measured time delays, an appropriate compensating delay is introduced accordingly before launching each transition on the signal lines.
    Type: Grant
    Filed: March 14, 2001
    Date of Patent: February 24, 2004
    Assignee: International Business Machines Corporation
    Inventor: David John Craft
  • Patent number: 6678768
    Abstract: A method and apparatus for configuring redundant array of independent disks (RAID) are disclosed. A RAID includes a processor tray having a host processor, and a drive tray having a bridge chip and multiple attachment chips. The attachment chips are connected to each other in a loop configuration. Each of the attachment chips, which is assigned with an unique node ID, is connected to a respective disk drive. The host processor can direct more than one attachment chip to participate, in various ways, to a single data transfer around the loop. This is accomplished by directing the data transfer to a specified node ID, after configuring all the other attachment chips with temporary alias node ID identical to the specified node ID to which the data transfer operation is directed.
    Type: Grant
    Filed: October 6, 2000
    Date of Patent: January 13, 2004
    Assignee: International Business Machines Corporation
    Inventor: David John Craft
  • Publication number: 20020174390
    Abstract: A method for adaptively compensating skews during data transmission on a bus is disclosed. A bus includes one or more groups of multiple signal paths. Each of the signal paths within a group is assigned a unique binary data value. During data transmissions, only one signal path within each group is activated at a time, and each activation of one of the signal paths represents its associated unique binary data value. Thus, a sequence of consecutive activations represents the same information as if the data were transmitted in parallel. Before signal transmission, a time delay between a transition on a first and a second of the signal lines is measured by utilizing a control frame. The time delay measurement is repeated to establish the relative time delays associated with all possible transitions on all the signal lines. In response to the measured time delays, an appropriate compensating delay is introduced accordingly before launching each transition on the signal lines.
    Type: Application
    Filed: March 14, 2001
    Publication date: November 21, 2002
    Applicant: International Business Corp.
    Inventor: David John Craft
  • Publication number: 20020150243
    Abstract: A secure communication methodology is presented. The client device is configured to download application code and/or content data from a server operated by a service provider. Embedded within the client is a client private key, a client serial number, and a copy of a server public key. The client forms a request, which includes the client serial number, encrypts the request with the server public key, and sends the download request to the server. The server decrypts the request with the server's private key and authenticates the client. The received client serial number is used to search for a client public key that corresponds to the embedded client private key. The server encrypts its response, which includes the requested information, with the client public key of the requesting client, and only the private key in the requesting client can be used to decrypt the information downloaded from the server.
    Type: Application
    Filed: April 12, 2001
    Publication date: October 17, 2002
    Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: David John Craft, Pradeep K. Dubey, Harm Peter Hofstee, James Allan Kahle