Patents by Inventor John K. Ahlstrom

John K. Ahlstrom has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 6418468
    Abstract: A method and apparatus are provided for verifying policies that govern a policy-based system. The method and apparatus may be implemented as a policy verifier that acts upon one or more policies. Each policy comprises a condition and a consequent. The policy verifier acquires configuration information about the system under management, thereby acquiring an understanding of the system. The policy verifier determines whether all the policies are feasible for the system, and if not, reports problems or errors that cause the policies to be non-feasible. The policy verifier also verifies that a configuration required by a particular policy consequent can be actually carried out by the managed system. In one embodiment, the policy verifier operates on network management policies, of a policy-based network management system. As a result, the invention improves the accuracy and safety of policies prepared for a network that previously did not use policy-based management.
    Type: Grant
    Filed: July 11, 2001
    Date of Patent: July 9, 2002
    Assignee: Cisco Technology, Inc.
    Inventors: John K. Ahlstrom, Stephen I. Schleimer
  • Patent number: 6327618
    Abstract: A method and apparatus are provided for recognizing and processing conflicts in policies that govern a policy-based system. The method and apparatus may be implemented as a policy verifier that acts upon one or more policies. Each policy is formally defined and comprises a condition and a consequent, each of which are further formally defined in terms of component elements. A conflict among two or more policies is formally defined to occur when the condition of a first policy and the condition of a second policy may be simultaneously true, and when the consequent of the first policy and the consequent of the second policy may not be carried out simultaneously. When a policy conflict is detected, the conflict is resolved by bringing it to the attention of a user or external system, and receiving information that corrects one of the policies or specifies a precedence relationship among the policies.
    Type: Grant
    Filed: December 3, 1998
    Date of Patent: December 4, 2001
    Assignee: Cisco Technology, Inc.
    Inventors: John K. Ahlstrom, Stephen I. Schleimer
  • Patent number: 6301613
    Abstract: A method and apparatus are provided for verifying policies that govern a policy-based system. The method and apparatus may be implemented as a policy verifier that acts upon one or more policies. Each policy comprises a condition and a consequent. The policy verifier acquires configuration information about the system under management, thereby acquiring an understanding of the system. The policy verifier determines whether all the policies can be satisfied by the system, and if not, reports problems or errors in the policies that cause the policies to be non-satisfiable. The policy verifier determines whether all the policies are feasible for the system, and if not, reports problems or errors that cause the policies to be non-feasible. The policy verifier also verifies that a configuration required by a particular policy consequent can be actually carried out by the managed system. In one embodiment, the policy verifier operates on network management policies, of a policy-based network management system.
    Type: Grant
    Filed: December 3, 1998
    Date of Patent: October 9, 2001
    Assignee: Cisco Technology, Inc.
    Inventors: John K. Ahlstrom, Stephen I. Schleimer
  • Patent number: 6249787
    Abstract: A network browsing system includes a host computer coupled to a client computer by a network. A network browser process implemented on the client computer is capable of establishing a connection with the host computer and of generating a request for desired data from the host computer which is to generate desired images on the display of the client computer. A server process implemented on the host computer services the request for desired data received from the client computer by modifying the desired data into modified data such that no additional connection between the client computer and the host computer is required to receive the entirety of the modified data. The browser process of the client computer can generate the desired images from the modified data to the same extent that it could from the originally requested desired data.
    Type: Grant
    Filed: February 22, 2000
    Date of Patent: June 19, 2001
    Assignee: Cisco Systems, Inc.
    Inventors: Stephen I. Schleimer, John K. Ahlstrom, Paul L. Hickman
  • Patent number: 6108655
    Abstract: A network browsing system includes a host computer coupled to a client computer by a network. A network browser process implemented on the client computer is capable of establishing a connection with the host computer and of generating a request for desired data from the host computer which is to generate desired images on the display of the client computer. A server process implemented on the host computer services the request for desired data received from the client computer by modifying the desired data into modified data such that no additional connection between the client computer and the host computer is required to receive the entirety of the modified data. The browser process of the client computer can generate the desired images from the modified data to the same extent that it could from the originally requested desired data.
    Type: Grant
    Filed: July 18, 1997
    Date of Patent: August 22, 2000
    Assignee: Cisco Technology, Inc.
    Inventors: Stephen I. Schleimer, John K. Ahlstrom, Paul L. Hickman
  • Patent number: 4803619
    Abstract: Apparatus in a digital computer system capable of performing a call operation and a return operation for obtaining addresses of data from names representing the data. Each name is permanently associated with a procedure containing instructions to which the digital computer system responds. Each name further corresponds to a name table entry which is permanently associated with the same procedure. The corresponding name table entry for a name specifies how a base address and a displacement are to be derived using a plurality of current base addresses. The values of these addresses change only when the computer system executes a call operation suspending a current execution of a procedure and commencing another current execution or a return operation terminating the current execution and resuming the execution which was suspended to commence the terminated execution. The operation of resolving a name, i.e.
    Type: Grant
    Filed: June 20, 1986
    Date of Patent: February 7, 1989
    Inventors: David H. Bernstein, Walter A. Wallach, Michael S. Richmond, John K. Ahlstrom, John F. Pilat, David A. Farber, Richard A. Belgard, Richard G. Bratt
  • Patent number: 4731734
    Abstract: A digital computer system having a memory system organized into objects for storing data and a processor for processing data in response to instructions. An object identifier and an access control list are associated with each object. The memory system responds to logical addresses for data which specify the object containing the data and the offset of the data in the object and to a current subject for which the processor is referencing the data. The memory system performs a memory operation for the processor only if the access control list for the object specified by the logical address allows the current subject to perform the desired memory operation. The objects include procedure objects and data objects. The procedure objects contain procedures including the instructions and name tables associated with the procedures. The instructions contain operations codes and names representing data. Each name corresponds to a name table entry in the name table associated with the procedure.
    Type: Grant
    Filed: February 14, 1986
    Date of Patent: March 15, 1988
    Assignee: Data General Corporation
    Inventors: Ronald H. Gruner, Gerald F. Clancy, Craig J. Mundie, Stephen I. Schleimer, Steven J. Wallach, Richard G. Bratt, Edward S. Gavrin, Walter A. Wallach, Jr., John K. Ahlstrom, Michael S. Richmond, David H. Bernstein
  • Patent number: 4675810
    Abstract: A digital computer system having a memory system organized into procedure and data objects, each having a unique identifier code and an access control list, for storing items of information and a processor for processing data in response to instructions. The instructions contain operation codes and names representing data. Each name corresponds to a name table entry in a name table which contains information from which the processor determines the location and the format for the data. The name table entry specifies a base address of one of a set thereof which change value only when a call or a return instruction is executed. A name interpretation system fetches a name table entry, calculates the base address and a displacement using the name table entry and the current architectural base address and adds the base address to the displacement to form the address of the data represented by the name.
    Type: Grant
    Filed: May 22, 1981
    Date of Patent: June 23, 1987
    Assignee: Data General Corp.
    Inventors: Ronald H. Gruner, Gerald F. Clancy, Craig J. Mundie, Stephen I. Schleimer, Steven J. Wallach, Richard G. Bratt, Edward S. Gavrin, Walter A. Wallach, Jr., John K. Ahlstrom, Michael S. Richmond, David H. Bernstein, John F. Pilat, David A. Farber, Richard A. Belgard
  • Patent number: 4661903
    Abstract: Apparatus in a digital computer system for obtaining descriptors of data from names representing the data. The digital computer system executes sequences of instructions. Names representing data processed during execution of an instruction sequence are associated with the instruction sequence. Each name associated with the instruction sequence corresponds to a name table entry associated with the instruction sequence. The operation of resolving a name, i.e., obtaining the descriptor for the data represented by the name, is performed by name processing apparatus in processors of the data processing system. In response to a name, the name processing apparatus locates the name table entry corresponding to the name obtains the descriptor for the item represented by the name using the information in the name table entry corresponding to the name. In a present embodiment, the descriptor specifies the address and length of a data item.
    Type: Grant
    Filed: September 4, 1984
    Date of Patent: April 28, 1987
    Assignee: Data General Corporation
    Inventors: Walter A. Wallach, Jr., Michael S. Richmond, John K. Ahlstrom, David H. Bernstein, Richard G. Bratt
  • Patent number: 4517642
    Abstract: A digital computer system in which data operands are represented by names. Each procedure includes a name table, and means are provided to employ the name table to resolve the names into storage addresses at run time. The system also has the ability to run any of a plurality of S-Languages (an S-Language being conceptually similar to a machine language but of higher order); each S-Language can be optimally tailored to a high-order user language. Each procedure includes a dialect code which indicates the dialect of S-Language to which the instructions in the current procedure belong, and the system has provision to execute each procedure accordingly.
    Type: Grant
    Filed: May 22, 1981
    Date of Patent: May 14, 1985
    Assignee: Data General Corporation
    Inventors: John K. Ahlstrom, David H. Bernstein, Gerald F. Clancy, Ronald H. Gruner, Craig J. Mundie, Michael S. Richmond, Stephen I. Schleimer, Steven J. Wallach, Walter A. Wallach, Jr.
  • Patent number: 4514800
    Abstract: A digital computer system including a memory and a processor. The memory operates in response to memory commands received from the processor. Items of data stored in the memory include instructions to which the processor responds. Each instruction contains an operation code which belongs to one of several sets of operation codes. The meaning of a given operation code is determined by the operation code set to which the instruction belongs. Some of the instructions also contain names representing items of data used in the operation specified by the operation code. The processor includes an operation code decoding system which decodes the operation code as required for the instruction set to which it belongs, a name resolution system for deriving the address of the data item represented by a name from the name using an architectural base address contained in the name resolution system, and a control system which controls the operation of the processor.
    Type: Grant
    Filed: May 22, 1981
    Date of Patent: April 30, 1985
    Assignee: Data General Corporation
    Inventors: Ronald H. Gruner, Gerald F. Clancy, Craig J. Mundie, Steven J. Wallach, Stephen I. Schleimer, Walter A. Wallach, Jr., John K. Ahlstrom, David H. Bernstein, Michael S. Richmond, David A. Farber, John F. Pilat, Richard A. Belgard, Richard G. Bratt
  • Patent number: 4499604
    Abstract: A digital computer system having a memory for storing and providing data including instructions and a processor for processing data in response to the instructions and providing memory operation specifiers to the memory which specify an address of a data item and the memory operation to be performed on it. The instructions in the digital computer system include operation codes belonging to more than one set of operation codes and names representing items to be processed in the operation specified by the operation code. The data in memory further includes name table entries. Each name table entry corresponds to a name and contains information specifying the address of the item represented by the name. The processor includes apparatus for decoding each operation code in response to the operation code and to a dialect value contained in the decoding apparatus which specifies which operation code set the operation code being decoded belongs to.
    Type: Grant
    Filed: May 22, 1981
    Date of Patent: February 12, 1985
    Assignee: Data General Corporation
    Inventors: Gerald F. Clancy, Ronald H. Gruner, Stephen I. Schleimer, Craig J. Mundie, Steven J. Wallach, Walter A. Wallach, Jr., John K. Ahlstrom, Michael S. Richmond, David H. Bernstein, Richard G. Bratt
  • Patent number: 4498132
    Abstract: A digital data processing system has a memory organized into objects containing at least operands and instructions. Each object is identified by a unique and permanent identifier code which identifies the data processing system and the object. The system further uses multilevel microcode techniques for controlling sequences of microinstructions and for controlling the interval operations of the processor. The system uses a protection technique to prevent unauthorized access to objects by users who are identified by a subject number which identifies the user, a process of the system for executing a user's procedure, and the type of operation of the system to be performed by the user's procedure. An access control list for each object includes an access control list entry for each subject having access rights to the object and means for confirming that a particular active subject has access rights to a particular object before permitting access to the object.
    Type: Grant
    Filed: May 22, 1981
    Date of Patent: February 5, 1985
    Assignee: Data General Corporation
    Inventors: John K. Ahlstrom, Brett L. Bachman, Richard A. Belgard, David H. Bernstein, Richard G. Bratt, Gerald F. Clancy, Edward S. Gavrin, Ronald H. Gruner, Thomas M. Jones, Lawrence H. Katz, Craig J. Mundie, Michael S. Richmond, Stephen I. Schleimer, Steven J. Wallach, Walter A. Wallach, Jr., Douglas M. Wells
  • Patent number: 4498131
    Abstract: A digital data processing system has a memory organized into objects containing at least operands and instructions. Each object is identified by a unique and permanent identifier code which identifies the data processing system and the object. The system utilizes unique addressing mechanisms the addresses of which have object fields, offset fields and length fields for specifying the location and the total number of bits of an addressed object. The system uses a protection technique to prevent unauthorized access to objects by users who are identified by a subject number which identifies the user, a process of the system for executing the user's procedure, and the type of operation of the system to be performed by the user's procedure. An access control list for each object includes an access control list entry for each subject having access rights to the object and means for confirming that a particular active subject has access rights to a particular object before permitting access to the object.
    Type: Grant
    Filed: May 22, 1981
    Date of Patent: February 5, 1985
    Assignee: Data General Corporation
    Inventors: Richard G. Bratt, Edward S. Gavrin, Stephen I. Schleimer, John F. Pilat, Walter A. Wallach, Jr., Michael S. Richmond, Richard A. Belgard, David A. Farber, John K. Ahlstrom, Steven J. Wallach, Lawrence H. Katz, Douglas M. Wells, Craig J. Mundie, Gerald F. Clancy, David H. Bernstein, Thomas M. Jones, Brett L. Bachman
  • Patent number: 4493027
    Abstract: A method for executing call and return instructions in a digital computer system operating under control of microcode. The microcode may specify calls to and returns from sequences of microinstructions. A call microinstruction sequence corresponds to the call instruction. The call microcode in turn calls other microinstruction sequences for deriving pointers representing the location of the called procedure and of arguments from operands in the call instruction. As the call microcode obtains each argument pointer, it places the pointer on the stack. After it has obtained all of the argument pointers, it passes the pointer to the called procedure and a pointer to the argument pointers to a general call microinstruction sequence. That microinstruction sequence locates the called procedure, makes a new frame including the argument pointers, and saves the state necessary to resume execution of the call microinstruction sequence itself.
    Type: Grant
    Filed: May 22, 1981
    Date of Patent: January 8, 1985
    Assignee: Data General Corporation
    Inventors: Lawrence H. Katz, Douglas M. Wells, Michael S. Richmond, Richard A. Belgard, Walter A. Wallach, Jr., David H. Bernstein, John K. Ahlstrom, John F. Pilat, David A. Farber, Richard G. Bratt
  • Patent number: 4493023
    Abstract: A data processing system having a flexible internal structure, protected from and effectively invisible to users, with multilevel control and stack mechanisms and capability of performing multiple, concurrent operations, and providing a flexible, simplified interface to users. The system is internally comprised of a plurality of separate, independent processors, each having a separate microinstruction control and at least one separate, independent port to a central communications and memory node. The communications and memory node is an independent processor having separate, independent microinstruction control and comprised of a plurality of independently operating, microinstruction controlled processors capable of performing multiple, concurrent memory and communications operations. Addressing mechanisms allow permanent, unique identification of information and an extremely large address space accessible and common to all such systems. Addresses are independent of system physical configuration.
    Type: Grant
    Filed: May 22, 1981
    Date of Patent: January 8, 1985
    Assignee: Data General Corporation
    Inventors: Edward S. Gavrin, Richard G. Bratt, Stephen I. Schleimer, John F. Pilat, Michael S. Richmond, Walter A. Wallach, Jr., Richard A. Belgard, David A. Farber, John K. Ahlstrom, Steven J. Wallach, Gerald F. Clancy, Craig J. Mundie, Thomas M. Jones, Brett L. Bachman, David H. Bernstein
  • Patent number: 4455604
    Abstract: The processor of the present invention executes procedures, which comprise S-language instructions and names. S-languages are of higher order than typical machine languages and can be tailored to user high-order languages. Each procedure includes a dialect code which the processor interprets, enabling it to execute any of a plurality of dialects of S-languages. The processor includes means for resolving names into operand logical addresses. The processor possosses multiple levels of microcode control means, each with its own set of stacks.
    Type: Grant
    Filed: May 22, 1981
    Date of Patent: June 19, 1984
    Assignee: Data General Corporation
    Inventors: John K. Ahlstrom, Brett Bachman, Richard A. Belgard, David H. Bernstein, Richard G. Bratt, Ronald H. Gruner, Thomas M. Jones, Lawrence H. Katz, Craig J. Mundie, Michael S. Richmond, Stephen I. Schleimer, Steven J. Wallach, Walter A. Wallach, Jr, Douglas M. Well