Patents by Inventor George C. Wilson
George C. Wilson has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11909770Abstract: Providing an accurate and on-demand status of audit compliance is disclosed. A security policy, agreed upon by a service provider and a service user, is provisioned in a compliance log. A service provider requests to add a first update to the compliance log, the first update indicating that a compliance action has been taken. The first update is added to the compliance log, and a first computational digest of the compliance log is added after adding the first update. An auditor of the compliance action requests to add a second update to the compliance log. The second update is added to the compliance log, and a second computational digest of the compliance log is added after adding the second update. Thereby, the user is provided a more current view of audit compliance that that can be trusted based on the tamper-proof compliance log.Type: GrantFiled: December 27, 2021Date of Patent: February 20, 2024Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Michael T. Strosaker, Sandra P. Nava, Eric Richter, Jon P. Weiser, Matt Hartenbower, George C. Wilson
-
Patent number: 11503030Abstract: A service processor is provided that includes a processor, a memory coupled to the processor and having instructions for executing an operating system kernel having an integrity management subsystem, secure boot firmware, and a tamper-resistant secure trusted dedicated microprocessor. The secure boot firmware performs a secure boot operation to boot the operating system kernel of the service processor. The secure boot firmware records first measurements of code executed by the secure boot firmware when performing the boot operation, in one or more registers of the tamper-resistant secure trusted dedicated microprocessor. The operating system kernel enables the integrity management subsystem. The integrity management subsystem records second measurements of software executed by the operating system kernel, in the one or more registers of the tamper-resistant secure trusted dedicated microprocessor.Type: GrantFiled: August 6, 2019Date of Patent: November 15, 2022Assignee: International Business Machines CorporationInventors: Patrick J. Callaghan, Kenneth A. Goldman, Guerney D. H. Hunt, Elaine R. Palmer, Dimitrios Pendarakis, David R. Safford, Brian D. Valentine, George C. Wilson, Miriam Zohar
-
Publication number: 20220124121Abstract: Providing an accurate and on-demand status of audit compliance is disclosed. A security policy, agreed upon by a service provider and a service user, is provisioned in a compliance log. A service provider requests to add a first update to the compliance log, the first update indicating that a compliance action has been taken. The first update is added to the compliance log, and a first computational digest of the compliance log is added after adding the first update. An auditor of the compliance action requests to add a second update to the compliance log. The second update is added to the compliance log, and a second computational digest of the compliance log is added after adding the second update. Thereby, the user is provided a more current view of audit compliance that that can be trusted based on the tamper-proof compliance log.Type: ApplicationFiled: December 27, 2021Publication date: April 21, 2022Inventors: MICHAEL T. STROSAKER, SANDRA P. NAVA, ERIC RICHTER, JON P. WEISER, MATT HARTENBOWER, GEORGE C. WILSON
-
Patent number: 11265348Abstract: Providing an accurate and on-demand status of audit compliance is disclosed. A security policy, agreed upon by a service provider and a service user, is provisioned in a compliance log. A service provider requests to add a first update to the compliance log, the first update indicating that a compliance action has been taken. The first update is added to the compliance log, and a first computational digest of the compliance log is added after adding the first update. An auditor of the compliance action requests to add a second update to the compliance log. The second update is added to the compliance log, and a second computational digest of the compliance log is added after adding the second update. Thereby, the user is provided a more current view of audit compliance that that can be trusted based on the tamper-proof compliance log.Type: GrantFiled: January 14, 2019Date of Patent: March 1, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Michael T. Strosaker, Sandra P. Nava, Eric Richter, Jon P. Weiser, Matt Hartenbower, George C. Wilson
-
Patent number: 11176255Abstract: Mechanisms for booting a service processor are provided. With these mechanisms, the service processor executes a secure boot operation of secure boot firmware to boot an operating system kernel of the service processor. The secure boot firmware records first measurements of code executed by the secure boot firmware when performing the boot operation, in one or more registers of a tamper-resistant secure trusted dedicated microprocessor of the service processor. The operating system kernel executing in the service processor enables an integrity management subsystem of the operating system kernel which records second measurements of software executed by the operating system kernel, in the one or more registers of the tamper-resistant secure trusted dedicated microprocessor.Type: GrantFiled: December 13, 2019Date of Patent: November 16, 2021Assignee: International Business Machines CorporationInventors: Patrick J. Callaghan, Kenneth A. Goldman, Guerney D. H. Hunt, Elaine R. Palmer, Dimitrios Pendarakis, David R. Safford, Brian D. Valentine, George C. Wilson, Miriam Zohar
-
Patent number: 10764613Abstract: A method, computer program product, and a system where a processor(s) obtains a request, from a first client, to stream selected content, uploaded by a second client, on a streaming media platform. The processor(s) identifies a similarity between metadata associated with the selected content and metadata associated with relevant additional content uploaded to the streaming media platform, by a third client. The metadata associated with the selected content and the metadata associated with the relevant additional content describe elements in the selected content and the relevant additional content identified, based on the processor(s) performing a content analysis of the selected content and the relevant additional content. The processor(s) selects the relevant additional content to provide to the first client, with the selected content, based on the similarity. The processor(s) displays the relevant additional content with the selected content on a viewer on the first client.Type: GrantFiled: October 31, 2018Date of Patent: September 1, 2020Assignee: International Business Machines CorporationInventors: Mike Strosaker, Sandra P. Nava, Eric Richter, Jon P. Weiser, George C. Wilson, Matt Hartenbower
-
Patent number: 10754630Abstract: Systems, methods, and computer-readable media are described for selecting, at build time, a respective compiler and/or a respective set of compiler options for each section of code to be compiled such that the compiler/compiler options selected for each code section are optimized for that code section with respect to one or more metrics. Abstract syntax tree (AST) analysis and semantic analysis may be performed at build time for each section of code to identify the compiler/compiler options that produce compiled object code for that code section that maximizes or minimizes a desired metric. The metric according to which compiler/compiler option optimization is performed may be any suitable metric including, without limitation, performance, binary size, security, reliability, scalability, and so forth.Type: GrantFiled: June 6, 2018Date of Patent: August 25, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Michael T. Strosaker, George C. Wilson, Nathan Fontenot, Christy L. Norman
-
Patent number: 10733081Abstract: A static analysis tool configured to determine a significance of static analysis results. The static analysis tool can perform operations that include performing a static analysis of a computer program and generating the static analysis results in response to the performing the static analysis of the computer program. The operations can further include analyzing a description of a result item from the static analysis results, and based on the analyzing the description of the result item, assigning to the result item information from an ontology scheme. The operations can further include determining a significance value for the result item in response to the assigning the information from the ontology scheme and automatically performing an action associated with the result item based on one or more of the information assigned from the ontology scheme or the significance value.Type: GrantFiled: February 15, 2017Date of Patent: August 4, 2020Assignee: International Business Machines CorporationInventors: Fionnuala G. Gunter, Christy L. Norman Perez, Michael T. Strosaker, George C. Wilson
-
Patent number: 10733080Abstract: A static analysis tool configured to determine a significance of static analysis results. The static analysis tool includes computer program code to perform a static analysis of a computer program and generate the static analysis results in response to the performance of the static analysis of the computer program. The program code can further analyze a description of a result item from the static analysis results, and based on the analysis of the description of the result item, assign to the result item information from an ontology scheme. The program code can further include code determine a significance value for the result item in response to the assignment of the information from the ontology scheme and automatically perform an action associated with the result item based on one or more of the information assigned from the ontology scheme or the significance value.Type: GrantFiled: June 27, 2016Date of Patent: August 4, 2020Assignee: International Business Machines CorporationInventors: Fionnuala G. Gunter, Christy L. Norman Perez, Michael T. Strosaker, George C. Wilson
-
Publication number: 20200228570Abstract: Providing an accurate and on-demand status of audit compliance is disclosed. A security policy, agreed upon by a service provider and a service user, is provisioned in a compliance log. A service provider requests to add a first update to the compliance log, the first update indicating that a compliance action has been taken. The first update is added to the compliance log, and a first computational digest of the compliance log is added after adding the first update. An auditor of the compliance action requests to add a second update to the compliance log. The second update is added to the compliance log, and a second computational digest of the compliance log is added after adding the second update. Thereby, the user is provided a more current view of audit compliance that that can be trusted based on the tamper-proof compliance log.Type: ApplicationFiled: January 14, 2019Publication date: July 16, 2020Inventors: MICHAEL T. STROSAKER, SANDRA P. NAVA, ERIC RICHTER, JON P. WEISER, MATT HARTENBOWER, GEORGE C. WILSON
-
Publication number: 20200137429Abstract: A method, computer program product, and a system where a processor(s) obtains a request, from a first client, to stream selected content, uploaded by a second client, on a streaming media platform. The processor(s) identifies a similarity between metadata associated with the selected content and metadata associated with relevant additional content uploaded to the streaming media platform, by a third client. The metadata associated with the selected content and the metadata associated with the relevant additional content describe elements in the selected content and the relevant additional content identified, based on the processor(s) performing a content analysis of the selected content and the relevant additional content. The processor(s) selects the relevant additional content to provide to the first client, with the selected content, based on the similarity. The processor(s) displays the relevant additional content with the selected content on a viewer on the first client.Type: ApplicationFiled: October 31, 2018Publication date: April 30, 2020Inventors: Mike Strosaker, Sandra P. Nava, Eric Richter, Jon P. Weiser, George C. Wilson, Matt Hartenbower
-
Publication number: 20200117806Abstract: Mechanisms for booting a service processor are provided. With these mechanisms, the service processor executes a secure boot operation of secure boot firmware to boot an operating system kernel of the service processor. The secure boot firmware records first measurements of code executed by the secure boot firmware when performing the boot operation, in one or more registers of a tamper-resistant secure trusted dedicated microprocessor of the service processor. The operating system kernel executing in the service processor enables an integrity management subsystem of the operating system kernel which records second measurements of software executed by the operating system kernel, in the one or more registers of the tamper-resistant secure trusted dedicated microprocessor.Type: ApplicationFiled: December 13, 2019Publication date: April 16, 2020Inventors: Patrick J. Callaghan, Kenneth A. Goldman, Guerney D.H. Hunt, Elaine R. Palmer, Dimitrios Pendarakis, David R. Safford, Brian D. Valentine, George C. Wilson, Miriam Zohar
-
Publication number: 20200065233Abstract: A static analysis tool configured to determine a significance of static analysis results. The static analysis tool can perform operations that include performing a static analysis of a computer program and generating the static analysis results in response to the performing the static analysis of the computer program. The operations can further include analyzing a description of a result item from the static analysis results, and based on the analyzing the description of the result item, assigning to the result item information from an ontology scheme. The operations can further include determining a significance value for the result item in response to the assigning the information from the ontology scheme and automatically performing an action associated with the result item based on one or more of the information assigned from the ontology scheme or the significance value.Type: ApplicationFiled: October 29, 2019Publication date: February 27, 2020Inventors: Fionnuala G. Gunter, Christy L. Norman Perez, Michael T. Strosaker, George C. Wilson
-
Patent number: 10540350Abstract: A source code search comprises a two-pass search. The first pass comprises a topological measure of similarity. The second pass comprises a semantic measure of similarity. The query source code is a user-selected portion of source code. The results may be ranked and output to an I/O device.Type: GrantFiled: August 23, 2018Date of Patent: January 21, 2020Assignee: International Business Machines CorporationInventors: Nathan Fontenot, Fionnuala G. Gunter, Michael T. Strosaker, George C. Wilson
-
Patent number: 10528740Abstract: Mechanisms for booting a service processor are provided. With these mechanisms, the service processor executes a secure boot operation of secure boot firmware to boot an operating system kernel of the service processor. The secure boot firmware records first measurements of code executed by the secure boot firmware when performing the boot operation, in one or more registers of a tamper-resistant secure trusted dedicated microprocessor of the service processor. The operating system kernel executing in the service processor enables an integrity management subsystem of the operating system kernel which records second measurements of software executed by the operating system kernel, in the one or more registers of the tamper-resistant secure trusted dedicated microprocessor.Type: GrantFiled: June 15, 2017Date of Patent: January 7, 2020Assignee: International Business Machines CorporationInventors: Patrick J. Callaghan, Kenneth A. Goldman, Guerney D.H. Hunt, Elaine R. Palmer, Dimitrios Pendarakis, David R. Safford, Brian D. Valentine, George C. Wilson, Miriam Zohar
-
Publication number: 20190377559Abstract: Systems, methods, and computer-readable media are described for selecting, at build time, a respective compiler and/or a respective set of compiler options for each section of code to be compiled such that the compiler/compiler options selected for each code section are optimized for that code section with respect to one or more metrics. Abstract syntax tree (AST) analysis and semantic analysis may be performed at build time for each section of code to identify the compiler/compiler options that produce compiled object code for that code section that maximizes or minimizes a desired metric. The metric according to which compiler/compiler option optimization is performed may be any suitable metric including, without limitation, performance, binary size, security, reliability, scalability, and so forth.Type: ApplicationFiled: June 6, 2018Publication date: December 12, 2019Inventors: Michael T. STROSAKER, George C. WILSON, Nathan FONTENOT, Christy L. NORMAN
-
Publication number: 20190364048Abstract: A service processor is provided that includes a processor, a memory coupled to the processor and having instructions for executing an operating system kernel having an integrity management subsystem, secure boot firmware, and a tamper-resistant secure trusted dedicated microprocessor. The secure boot firmware performs a secure boot operation to boot the operating system kernel of the service processor. The secure boot firmware records first measurements of code executed by the secure boot firmware when performing the boot operation, in one or more registers of the tamper-resistant secure trusted dedicated microprocessor. The operating system kernel enables the integrity management subsystem. The integrity management subsystem records second measurements of software executed by the operating system kernel, in the one or more registers of the tamper-resistant secure trusted dedicated microprocessor.Type: ApplicationFiled: August 6, 2019Publication date: November 28, 2019Inventors: Patrick J. Callaghan, Kenneth A. Goldman, Guerney D.H. Hunt, Elaine R. Palmer, Dimitrios Pendarakis, David R. Safford, Brian D. Valentine, George C. Wilson, Miriam Zohar
-
Patent number: 10397230Abstract: A service processor is provided that includes a processor, a memory coupled to the processor and having instructions for executing an operating system kernel having an integrity management subsystem, secure boot firmware, and a tamper-resistant secure trusted dedicated microprocessor. The secure boot firmware performs a secure boot operation to boot the operating system kernel of the service processor. The secure boot firmware records first measurements of code executed by the secure boot firmware when performing the boot operation, in one or more registers of the tamper-resistant secure trusted dedicated microprocessor. The operating system kernel enables the integrity management subsystem. The integrity management subsystem records second measurements of software executed by the operating system kernel, in the one or more registers of the tamper-resistant secure trusted dedicated microprocessor.Type: GrantFiled: June 15, 2017Date of Patent: August 27, 2019Assignee: International Business Machines CorporationInventors: Patrick J. Callaghan, Kenneth A. Goldman, Guerney D. H. Hunt, Elaine R. Palmer, Dimitrios Pendarakis, David R. Safford, Brian D. Valentine, George C. Wilson, Miriam Zohar
-
Patent number: 10262134Abstract: Detection of a key logger includes determining a count of keystrokes that occur during each of a plurality of time windows. Write activity that occurs during each of the plurality of time windows can be measured. The number of key strokes occurring in window is compared with the write activity occurring during the window. In response to determining that the count of keystrokes in a time window is linearly related to the measurement of write activity in the time window for a threshold number of time windows of the plurality of windows, a notification of a potential presence of a key logger is provided.Type: GrantFiled: October 7, 2016Date of Patent: April 16, 2019Assignee: International Business Machines CorporationInventors: Fionnuala G. Gunter, Christy L. Norman Perez, Michael T. Strosaker, George C. Wilson
-
Patent number: 10218689Abstract: Technical solutions are described for extending shrouding capability of a virtual server hosting system. An example method includes receiving a request to deploy a shrouded virtual server using a predetermined set of hardware components, and using a shrouded mode. The method also includes adding a guest server to the hosting system, the guest server including the predetermined set of hardware components. The method also includes deploying a preconfigured hypervisor on the guest server, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending an identifier of the virtual server for receipt by the client device.Type: GrantFiled: June 7, 2016Date of Patent: February 26, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Reinhard T. Buendgen, Jeffrey A. Frey, Jeb R. Linton, James A. O'Connor, William J. Rooney, George C. Wilson