Patents by Inventor Diego M. Zamboni
Diego M. Zamboni has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9250942Abstract: At least one anomaly associated with at least one actual hardware element in a computer system having a plurality of hardware elements is addressed. The anomaly is detected, and, responsive to the detection, a virtualization layer is inserted between (i) an operating system of the computer system, and (ii) the plurality of hardware elements. Hardware emulation and/or selective hardware activation/deactivation are performed on the at least one actual hardware element by the virtualization layer. The insertion of the virtualization layer is accomplished in an on-the-fly manner.Type: GrantFiled: January 30, 2008Date of Patent: February 2, 2016Assignee: International Business Machines CorporationInventors: Martim Carbone, Bernhard Jansen, HariGovind V. Ramasamy, Matthias Schunter, Axel Tanner, Diego M. Zamboni
-
Patent number: 8516564Abstract: A first virtualization layer is inserted between (i) an operating system of a computer system, and (ii) at least first and second hardware devices of the computer system. Data is communicated between the first hardware device and the second hardware device, via the first virtualization layer, without exposing the data to the operating system.Type: GrantFiled: July 18, 2008Date of Patent: August 20, 2013Assignee: International Business Machines CorporationInventors: Bernhard Jansen, Matthias Schunter, Axel Tanner, Diego M. Zamboni
-
Patent number: 8055751Abstract: Methods and apparatus are provided for managing an IP network interconnecting a plurality of network hosts (2). Status information, indicative of status of a host, is automatically acquired from each host (2). The status information, such as MAC address, security and/or operational information, acquired from a host (2) is automatically recorded in at least one DNS record, associated with the IP address of that host (2), of a DNS server (4). The host status information in the DNS records can then be accessed for network management operations. The automatic acquisition and recording of the status information may be performed by a DHCP server (3) of the network on allocation of dynamic IP addresses to hosts (2).Type: GrantFiled: November 20, 2008Date of Patent: November 8, 2011Assignee: International Business Machines CorporationInventors: James F. Riordan, Ruediger Rissmann, Diego M. Zamboni
-
Patent number: 7908350Abstract: The invention relates to a method for operating virtual networks.Type: GrantFiled: December 12, 2006Date of Patent: March 15, 2011Assignee: International Business Machines CorporationInventors: Yann Duponchel, James F. Riordan, Ruediger Rissmann, Diego M. Zamboni
-
Publication number: 20100017866Abstract: A first virtualization layer is inserted between (i) an operating system of a computer system, and (ii) at least first and second hardware devices of the computer system. Data is communicated between the first hardware device and the second hardware device, via the first virtualization layer, without exposing the data to the operating system.Type: ApplicationFiled: July 18, 2008Publication date: January 21, 2010Applicant: International Business Machines CorporationInventors: Bernhard Jansen, Matthias Schunter, Axel Tanner, Diego M. Zamboni
-
Publication number: 20090315916Abstract: A specification of a set of objects associated with at least one virtual world is obtained. The objects are laid out in a three-dimensional virtual representation. An on-the-fly virtual place is created in the virtual world, based on the layout.Type: ApplicationFiled: June 24, 2008Publication date: December 24, 2009Applicant: International Business Machines CorporationInventors: Dirk Husemann, Samuel Muller, Michael Elton Nidd, Matthias Schunter, Diego M. Zamboni
-
Publication number: 20090192780Abstract: At least one anomaly associated with at least one actual hardware element in a computer system having a plurality of hardware elements is addressed. The anomaly is detected, and, responsive to the detection, a virtualization layer is inserted between (i) an operating system of the computer system, and (ii) the plurality of hardware elements. Hardware emulation and/or selective hardware activation/deactivation are performed on the at least one actual hardware element by the virtualization layer. The insertion of the virtualization layer is accomplished in an on-the-fly manner.Type: ApplicationFiled: January 30, 2008Publication date: July 30, 2009Applicant: International Business Machines CorporationInventors: Martim Carbone, Bernhard Jansen, HariGovind V. Ramasamy, Matthias Schunter, Axel Tanner, Diego M. Zamboni
-
Patent number: 7555777Abstract: A method and apparatus for facilitating reduction in successful attacks on a monitored data processing system, such as a host computer. An intrusion detection system comprises a host or application based sensor for detecting code based intrusions with a relatively low false-positive rate. Malicious code strings related to a detected intrusion are identified, extracted and forwarded to a pattern filter located in the monitored data processing system to prevent further intrusions using said malicious code strings. The malicious code strings may be forwarded to a response server for assembling sets of similar malicious code strings for which signatures are generated to permit identification of all malicious code strings contained in a set. The generated signatures are then distributed to monitored and/or monitoring systems of a protected network to prevent further intrusions using the malicious code strings and variations thereof.Type: GrantFiled: January 13, 2004Date of Patent: June 30, 2009Assignee: International Business Machines CorporationInventors: Morton D. Swimmer, Andreas Wespi, Diego M. Zamboni
-
Publication number: 20090144419Abstract: Methods and apparatus are provided for managing an IP network interconnecting a plurality of network hosts (2). Status information, indicative of status of a host, is automatically acquired from each host (2). The status information, such as MAC address, security and/or operational information, acquired from a host (2) is automatically recorded in at least one DNS record, associated with the IP address of that host (2), of a DNS server (4). The host status information in the DNS records can then be accessed for network management operations. The automatic acquisition and recording of the status information may be performed by a DHCP server (3) of the network on allocation of dynamic IP addresses to hosts (2).Type: ApplicationFiled: November 20, 2008Publication date: June 4, 2009Applicant: International Business Machines CorporationInventors: James F. Riordan, Ruediger Rissmann, Diego M. Zamboni
-
Publication number: 20090037583Abstract: A method and apparatus are provided for detecting peer-to-peer communication on a data communication network, between an internal client machine within an internal address space and an external client machine. The method includes routing all messages addressed to internal client machines to an analysis device. The analysis device identifies messages pertaining to peer-to-peer communication and identifies the internal client machine to which the messages of a specified nature were addressed. The analysis device terminates the connection with the external client machine if the establishing of the peer-to-peer communication is in violation of a pre-determined internal network rule.Type: ApplicationFiled: February 27, 2007Publication date: February 5, 2009Inventors: Dominique Alessandri, Daniela Bourges-Waldegg, James F. Riordan, Diego M. Zamboni
-
Publication number: 20090006603Abstract: The invention relates to a method for operating virtual networks.Type: ApplicationFiled: December 12, 2006Publication date: January 1, 2009Applicant: International Business Machines CorporationInventors: Yann Duponchel, James F. Riordan, Ruediger Rissmann, Diego M. Zamboni
-
Publication number: 20040255163Abstract: A method and apparatus for facilitating reduction in successful attacks on a monitored data processing system, such as a host computer. An intrusion detection system comprises a host or application based sensor for detecting code based intrusions with a relatively low false-positive rate. Malicious code strings related to a detected intrusion are identified, extracted and forwarded to a pattern filter located in the monitored data processing system to prevent further intrusions using said malicious code strings. The malicious code strings may be forwarded to a response server for assembling sets of similar malicious code strings for which signatures are generated to permit identification of all malicious code strings contained in a set. The generated signatures are then distributed to monitored and/or monitoring systems of a protected network to prevent further intrusions using the malicious code strings and variations thereof.Type: ApplicationFiled: January 13, 2004Publication date: December 16, 2004Applicant: International Business Machines CorporationInventors: Morton D Swimmer, Andreas Wespi, Diego M. Zamboni