Patents by Inventor Juscelino Candido De Lima Junior
Juscelino Candido De Lima Junior has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10997289Abstract: Identifying malicious code execution of executing subject code of a software enclave of a processing system follows a process that includes monitoring performance characteristics of the processing system attributed to execution of the subject code of the software enclave. The monitoring produces performance data, which is stored to a relational database. The process applies a classification model to the stored performance data to obtain an output, and, based on the output of the classification model, identifies anomalous behavior in the execution of the subject code and determines a confidence level that the anomalous behavior exhibits malicious activity. Based on the confidence level exceeding a threshold, the process determines that the executing subject code is malicious and initiates halting of the execution of the subject code.Type: GrantFiled: May 21, 2018Date of Patent: May 4, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Juscelino Candido De Lima Junior, Breno H. Leitao, Camilla Ogurtsova, Marcel de Toledo Pineda
-
Patent number: 10972276Abstract: Aspects define a union mixed secure virtual machine image to include an encrypted code virtualization machine for code machine instructions of a first retrieved package; and an unsecure virtualization hypervisor that includes a non-encrypted code virtualization machine for code machine instructions of a second retrieved package and a non-encrypted data storage device.Type: GrantFiled: August 9, 2019Date of Patent: April 6, 2021Assignee: International Business Machines CorporationInventors: Juscelino Candido De Lima Junior, Breno H. Leitao, Fabio M. Tanada
-
Patent number: 10884776Abstract: Managing seamless server halt and restart is provided. A suspend event corresponding to a non-non-volatile dual-inline memory module (non-NVDIMM) server that comprises a set of virtual machines is received. In response to receiving the suspend event corresponding to the non-NVDIMM server, running virtual machine processes are stopped on the non-NVDIMM server. Virtual machine state information corresponding to stopped non-NVDIMM server virtual machine processes is saved on a set of non-volatile dual-inline memory modules (NVDIMMs) located in a non-volatile dual-inline memory module (NVDIMM) server.Type: GrantFiled: April 27, 2018Date of Patent: January 5, 2021Assignee: International Business Machines CorporationInventors: Breno H. Leitao, Rafael Camarda Silva Folco, Juscelino Candido De Lima Junior
-
Publication number: 20200394852Abstract: A service request for an automobile is detected. The service request includes a service version number. A first integrated circuit of the automobile is verified. The verification of the first integrated circuit is in response to detecting the service request. A component version number of the first integrated circuit is determined in response to verifying the first integrated circuit. The service version number is compared to the component version number of the first integrated circuit. The comparison is based on the determining the component version number. A service operation regarding the automobile is performed. The service operation is performed based on the comparing the service version number to the component version number.Type: ApplicationFiled: June 14, 2019Publication date: December 17, 2020Inventors: Juscelino Candido De Lima Junior, Breno H. Leitao, Carlos Eduardo Seo, ANTONIO JOAO Schwartz Soares
-
Publication number: 20200348935Abstract: Embodiments are disclosed for managing a non-volatile dual in-line memory module (NVDIMM) storage system. The techniques include loading an executable to a volatile random access memory. The techniques also include in response to a store operation attempted by the executable, determining that a target address of the store operation is not mapped from an address in the random access memory to an address in an NVDIMM. The techniques further include mapping the target address from the address in the volatile random access memory to the address in the NVDIMM. Additionally, the techniques include performing the store operation in the address in the NVDIMM based on the mapping.Type: ApplicationFiled: May 2, 2019Publication date: November 5, 2020Inventors: Carlos Eduardo Seo, Juscelino Candido De Lima Junior, Breno H. Leitao
-
Patent number: 10776009Abstract: A computer-implemented method, a computer program product, and a computer system for journaling on an appendable non-volatile memory module. A kernel receives a request for a write operation of a file on a disk. The kernel instructs a memory management unit to perform an access control list verification. The memory management unit determines whether a user associated with the write operation is permitted to write a filesystem journal onto a non-volatile dual in-line memory module, by performing the access control list verification. The memory management unit writes the filesystem journal onto the non-volatile dual in-line memory module, in response to that the user associated with the write operation is permitted to write the filesystem journal. The kernel writes the file onto the disk.Type: GrantFiled: January 3, 2019Date of Patent: September 15, 2020Assignee: International Business Machines CorporationInventors: Breno H. Leitao, Juscelino Candido de Lima Junior, Carlos Eduardo Seo
-
Publication number: 20200218449Abstract: A computer-implemented method, a computer program product, and a computer system for journaling on an appendable non-volatile memory module. A kernel receives a request for a write operation of a file on a disk. The kernel instructs a memory management unit to perform an access control list verification. The memory management unit determines whether a user associated with the write operation is permitted to write a filesystem journal onto a non-volatile dual in-line memory module, by performing the access control list verification. The memory management unit writes the filesystem journal onto the non-volatile dual in-line memory module, in response to that the user associated with the write operation is permitted to write the filesystem journal. The kernel writes the file onto the disk.Type: ApplicationFiled: January 3, 2019Publication date: July 9, 2020Inventors: Breno H. Leitao, Juscelino Candido de Lima Junior, Carlos Eduardo Seo
-
Publication number: 20200167280Abstract: Embodiments of the present invention include receiving, by an operating system, a request from an application to reserve a subset of a memory allocated to the application for mirroring. The request specifies a size of the subset. A first portion of the specified size and a second portion of the specified size of the memory are reserved by the operating system for the mirroring. Data to write to the first portion of the memory is received from the application. The operating system writes the data to the first portion of the memory and initiates a background write-back process of the data to the second portion of the memory.Type: ApplicationFiled: November 28, 2018Publication date: May 28, 2020Inventors: Breno H. Leitao, Juscelino Candido De Lima Junior, Camilla da Graca Portes Ogurtsova, Yuri Henrique Sierakowski
-
Publication number: 20200167194Abstract: An approach for allocating mainframe resources in a networked computing environment (e.g., a cloud computing environment) is provided. In an embodiment, each workload that executes on a mainframe system is classified into one or a plurality of workload classes. Each workload class has workloads that share a common objective. A historical allocation of initiators for each workload class over time is analyzed. Based on this analysis, a number of allocation selections, which each assign a number of initiators to each workload class, are generated based on the historical utilization data. The allocation selection that is ultimately implemented is selected from these allocation selections based on KPI factors.Type: ApplicationFiled: November 26, 2018Publication date: May 28, 2020Inventors: Aldair F. Filho, Juscelino Candido de Lima Junior, Marcos Vinicius L. Paraiso, Rosana Rueda Elias, Ana Silvia Moretto Braga
-
Publication number: 20200133490Abstract: Memory management that includes allocating physical memory having an append-only permission associated therewith to requesting user space applications is described. If a page frame is append-only, then data written to the page frame cannot be overwritten. Rather, any new data written to an append-only page frame must be written beginning at the next available write location within the page frame. An MMU determines whether a write request is requesting an append-only page frame, in which case, the MMU reserves the append-only page frame for the write request and consults a corresponding entry in a page table append to determine whether an offset associated with the write request is larger than a stored value in the entry that indicates the next available write location in the page frame. If so, the write request is executed and the data is written to the page frame beginning at the next available write location.Type: ApplicationFiled: October 30, 2018Publication date: April 30, 2020Inventors: Breno H. Leitao, Juscelino Candido De Lima Junior, Carlos Eduardo Seo
-
Publication number: 20200125392Abstract: A computer-implemented method comprises receiving a request to write to a file and, in response to the request, determining that the file exists in a storage device. In response to the determination that the file exists, the method further comprises mapping the file into a region of a non-volatile dual in-line memory module (NVDIMM); initiating a transaction to write to the mapped file in the NVDIMM without acquiring a speculative lock on the mapped file; and determining whether a conflict occurred in writing to the mapped file in the NVDIMM. In response to a determination that a conflict occurred, the method comprises restarting the transaction to write to the mapped file in the NVDIMM without acquiring the speculative lock on the mapped file. In response to a determination that no conflict occurred, the method comprises committing changes made to the mapped file to the file in the storage device.Type: ApplicationFiled: October 17, 2018Publication date: April 23, 2020Inventors: Breno H. Leitao, Juscelino Candido De Lima Junior, Camilla da Graca Portes Ogurtsova, Alexander Aguina
-
Publication number: 20200097254Abstract: Embodiments include method, systems and computer program products for providing entropy to generate random numbers.Type: ApplicationFiled: September 25, 2018Publication date: March 26, 2020Inventors: BRENO H. LEITAO, JUSCELINO CANDIDO DE LIMA JUNIOR, ALEXANDER AGUINA, CAMILLA da GRACA PORTES OGURTSOVA
-
Patent number: 10587412Abstract: Aspects provide for a virtual machine structure wherein processors are configured to create an encrypted code virtualization machine for code machine instructions of a retrieved package that has a security field value that indicates secure code, wherein the code machine instructions of the first retrieved package are allocated to encrypted code memory regions of a computer memory resource. Configured processors further create a non-encrypted code virtualization machine in non-encrypted code memory regions of a computer memory resource comprising code machine instructions of another retrieved package that has a security field value that does not indicate secure code; and define a union mixed secure virtual machine image to include (as a function of) the encrypted code virtualization machine and the non-encrypted code virtualization machine.Type: GrantFiled: November 7, 2017Date of Patent: March 10, 2020Assignee: International Business Machines CorporationInventors: Juscelino Candido De Lima Junior, Breno H. Leitao, Fabio M. Tanada
-
Publication number: 20200020447Abstract: Techniques for detecting a possible health issue in a user are described. Data related to social media activity for a user is received over a communications network from one or more computing devices. A user analysis profile is generated for the user using a first machine learning model. The user analysis profile includes a personality profile and a mood score. A weighted score associated with potential health issues for the user is determined by classifying the user analysis profile using a second machine learning model. The weighted score exceeds a pre-determined threshold, and electronic notification is provided to a pre-designated person regarding the potential health issue.Type: ApplicationFiled: July 12, 2018Publication date: January 16, 2020Inventors: Tiago Dias GENEROSO, Ayron Dal PONT, Juscelino Candido DE LIMA JUNIOR, Marcos Vinicius L. PARAISO
-
Publication number: 20190392045Abstract: A system and method for tailoring container images stored in a container image registry to a specific microarchitecture that a host operating system is running on in a virtualized environment includes sending a container image fetch request to the container image registry, receiving microarchitecture identification instructions from the image registry in response to the container image fetch request, the microarchitecture identification instructions configured to be run on the host operating system, transmitting results from the microarchitecture identification instructions to the container image registry to identify the specific microarchitecture that the host operating system is running on in the virtualized environment, and starting a container within the virtualized environment using an optimal container image received from the container image registry, the optimal container image being tailored to the specific microarchitecture to leverage as many functionalities and capabilities of the specific microarcType: ApplicationFiled: June 20, 2018Publication date: December 26, 2019Inventors: Juscelino Candido De Lima Junior, Breno H. Leitao, Fabio M. Tanada
-
Publication number: 20190363887Abstract: Aspects define a union mixed secure virtual machine image to include an encrypted code virtualization machine for code machine instructions of a first retrieved package; and an unsecure virtualization hypervisor that includes a non-encrypted code virtualization machine for code machine instructions of a second retrieved package and a non-encrypted data storage device.Type: ApplicationFiled: August 9, 2019Publication date: November 28, 2019Inventors: JUSCELINO CANDIDO DE LIMA JUNIOR, BRENO H. LEITAO, FABIO M. TANADA
-
Publication number: 20190354680Abstract: Identifying malicious code execution of executing subject code of a software enclave of a processing system follows a process that includes monitoring performance characteristics of the processing system attributed to execution of the subject code of the software enclave. The monitoring produces performance data, which is stored to a relational database. The process applies a classification model to the stored performance data to obtain an output, and, based on the output of the classification model, identifies anomalous behavior in the execution of the subject code and determines a confidence level that the anomalous behavior exhibits malicious activity. Based on the confidence level exceeding a threshold, the process determines that the executing subject code is malicious and initiates halting of the execution of the subject code.Type: ApplicationFiled: May 21, 2018Publication date: November 21, 2019Inventors: Juscelino Candido DE LIMA JUNIOR, Breno H. LEITAO, Camilla OGURTSOVA, Marcel de Toledo PINEDA
-
Publication number: 20190332411Abstract: Managing seamless server halt and restart is provided. A suspend event corresponding to a non-non-volatile dual-inline memory module (non-NVDIMM) server that comprises a set of virtual machines is received. In response to receiving the suspend event corresponding to the non-NVDIMM server, running virtual machine processes are stopped on the non-NVDIMM server. Virtual machine state information corresponding to stopped non-NVDIMM server virtual machine processes is saved on a set of non-volatile dual-inline memory modules (NVDIMMs) located in a non-volatile dual-inline memory module (NVDIMM) server.Type: ApplicationFiled: April 27, 2018Publication date: October 31, 2019Inventors: Breno H. Leitao, Rafael Camarda Silva Folco, Juscelino Candido De Lima Junior
-
Publication number: 20190140831Abstract: Aspects provide for a virtual machine structure wherein processors are configured to create an encrypted code virtualization machine for code machine instructions of a retrieved package that has a security field value that indicates secure code, wherein the code machine instructions of the first retrieved package are allocated to encrypted code memory regions of a computer memory resource. Configured processors further create a non-encrypted code virtualization machine in non-encrypted code memory regions of a computer memory resource comprising code machine instructions of another retrieved package that has a security field value that does not indicate secure code; and define a union mixed secure virtual machine image to include (as a function of) the encrypted code virtualization machine and the non-encrypted code virtualization machine.Type: ApplicationFiled: November 7, 2017Publication date: May 9, 2019Inventors: JUSCELINO CANDIDO DE LIMA JUNIOR, BRENO H. LEITAO, FABIO M. TANADA
-
Patent number: 10169076Abstract: A computer-implemented method for batch code promotion between enterprise scheduling system environments is provided. The computer-implemented method comprises connecting a graphical interface of an entity to one or more enterprise scheduling environments for promoting changes of batch code of the entity between the one or more enterprise scheduling environments. The computer-implemented method further comprises mapping parameters to batch code fields of the batch code that changes between a first scheduling level of the one or more enterprise scheduling environments to a second scheduling level of the one or more enterprise scheduling environments. The computer-implemented method comprises assigning identification to the changes of the batch code fields. The computer implemented method comprises promoting the requested identified changes from the first scheduling level to the second scheduling level using the mapped parameters of the first scheduling level and the second scheduling level.Type: GrantFiled: March 21, 2014Date of Patent: January 1, 2019Assignee: International Business Machines CorporationInventor: Juscelino Candido De Lima Junior