Patents by Inventor Michael Charles Osborne

Michael Charles Osborne has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11228457
    Abstract: The present invention discloses a method for managing priority-arbitrated access to a set of one or more computational engines of a physical computing device. The method includes providing a multiplexer module and a network bus in the physical computing device, wherein the multiplexer module is connected to the network bus. The method further includes receiving, by the multiplexer module, a first data processing request from a driver and inferring, by the multiplexer module, a first priority class from the first data processing request according to at least one property of the first data processing request. The method further includes manipulating, by the multiplexer module, a priority according to which the physical computing device handles data associated with the first data processing request in relation to data associated with other data processing requests, wherein the priority is determined by the first priority class.
    Type: Grant
    Filed: April 7, 2020
    Date of Patent: January 18, 2022
    Assignee: International Business Machines Corporation
    Inventors: Silvio Dragone, Tamas Visegrady, Michael Charles Osborne, William Santiago-Fernandez
  • Patent number: 11165588
    Abstract: A key identifier that identifies a cryptographic key is transmitted to a cryptographic coprocessor. A first set of attributes is received from the cryptographic coprocessor. The first set of attributes and a second set of attributes are serialized into a first sequence of attributes. The first sequence of attributes are stored to an attribute frame. One or more attributes in the second set of attributes are associated with the cryptographic key and originate from a key attribute storage of the key management system. The second set of attributes is different from the first set of attributes. The first sequence of attributes is transmitted to the cryptographic coprocessor. A first message authentication code (MAC) calculated from the first sequence of attributes is received from the cryptographic coprocessor. The attribute frame is verified by comparing the first MAC, or a value derived from the first MAC, to a reference value.
    Type: Grant
    Filed: April 9, 2020
    Date of Patent: November 2, 2021
    Assignee: International Business Machines Corporation
    Inventors: Tamas Visegrady, Silvio Dragone, Michael Charles Osborne, Elaine R. Palmer
  • Publication number: 20210320802
    Abstract: A key identifier that identifies a cryptographic key is transmitted to a cryptographic coprocessor. A first set of attributes is received from the cryptographic coprocessor. The first set of attributes and a second set of attributes are serialized into a first sequence of attributes. The first sequence of attributes are stored to an attribute frame. One or more attributes in the second set of attributes are associated with the cryptographic key and originate from a key attribute storage of the key management system. The second set of attributes is different from the first set of attributes. The first sequence of attributes is transmitted to the cryptographic coprocessor. A first message authentication code (MAC) calculated from the first sequence of attributes is received from the cryptographic coprocessor. The attribute frame is verified by comparing the first MAC, or a value derived from the first MAC, to a reference value.
    Type: Application
    Filed: April 9, 2020
    Publication date: October 14, 2021
    Inventors: Tamas Visegrady, Silvio Dragone, Michael Charles Osborne, Elaine R. Palmer
  • Publication number: 20210314185
    Abstract: The present invention discloses a method for managing priority-arbitrated access to a set of one or more computational engines of a physical computing device. The method includes providing a multiplexer module and a network bus in the physical computing device, wherein the multiplexer module is connected to the network bus. The method further includes receiving, by the multiplexer module, a first data processing request from a driver and inferring, by the multiplexer module, a first priority class from the first data processing request according to at least one property of the first data processing request. The method further includes manipulating, by the multiplexer module, a priority according to which the physical computing device handles data associated with the first data processing request in relation to data associated with other data processing requests, wherein the priority is determined by the first priority class.
    Type: Application
    Filed: April 7, 2020
    Publication date: October 7, 2021
    Inventors: Silvio Dragone, Tamas Visegrady, Michael Charles Osborne, William Santiago-Fernandez
  • Patent number: 11068411
    Abstract: A method including: receiving, via a processor, established upper bounds for dynamic structures in a multi-tenant system; creating, via the processor, arrays comprising related memory-management unit (MMU) mappings to be placed together; and placing the dynamic structures within the arrays, the placing comprising for each array: skipping an element of the array based on determining that placing a dynamic structure in that element would cause the array to become overcommitted and result in a layout where accessing all elements would impose a translation look aside buffer (TLB) replacement action; and scanning for an array-start entry by placing the start of a first element at an address from which an entire array can be placed without TLB contention, and accessing, via the processors, all non-skipped elements without incurring TLB replacements.
    Type: Grant
    Filed: July 29, 2019
    Date of Patent: July 20, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Elaine Palmer, Tamas Visegrady, Silvio Dragone, Michael Charles Osborne
  • Publication number: 20210034545
    Abstract: A method including: receiving, via a processor, established upper bounds for dynamic structures in a multi-tenant system; creating, via the processor, arrays comprising related memory-management unit (MMU) mappings to be placed together; and placing the dynamic structures within the arrays, the placing comprising for each array: skipping an element of the array based on determining that placing a dynamic structure in that element would cause the array to become overcommitted and result in a layout where accessing all elements would impose a translation look aside buffer (TLB) replacement action; and scanning for an array-start entry by placing the start of a first element at an address from which an entire array can be placed without TLB contention, and accessing, via the processors, all non-skipped elements without incurring TLB replacements.
    Type: Application
    Filed: July 29, 2019
    Publication date: February 4, 2021
    Inventors: Elaine Palmer, Tamas Visegrady, Silvio Dragone, Michael Charles Osborne
  • Patent number: 10896140
    Abstract: The present disclosure relates to a computer-implemented method for controlling operation of multiple computational engines of a physical computing device. The computer-implemented method includes providing a multiplexer module in the device, the multiplexer module including a first and second memory region. The multiplexer module may receive from a first driver at the multiplexer module a data processing request to be processed by a first set of one or more computational engines of the computational engines. Subsequent to receiving the data processing request, the multiplexer module may assign a request sub-region of the first region and a response sub-region of the second region to the first driver. Data indicative of the request sub-region and the response sub-region may be submitted to the first driver. Results of processing the request may be received at the response sub-region.
    Type: Grant
    Filed: April 19, 2019
    Date of Patent: January 19, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: William Santiago-Fernandez, Tamas Visegrady, Silvio Dragone, Michael Charles Osborne
  • Publication number: 20200334175
    Abstract: The present disclosure relates to a computer-implemented method for controlling operation of multiple computational engines of a physical computing device. The computer-implemented method includes providing a multiplexer module in the device, the multiplexer module including a first and second memory region. The multiplexer module may receive from a first driver at the multiplexer module a data processing request to be processed by a first set of one or more computational engines of the computational engines. Subsequent to receiving the data processing request, the multiplexer module may assign a request sub-region of the first region and a response sub-region of the second region to the first driver. Data indicative of the request sub-region and the response sub-region may be submitted to the first driver. Results of processing the request may be received at the response sub-region.
    Type: Application
    Filed: April 19, 2019
    Publication date: October 22, 2020
    Inventors: William Santiago-Fernandez, Tamas Visegrady, Silvio Dragone, Michael Charles Osborne
  • Patent number: 10614128
    Abstract: Graph data of a DAG is received. The data describes a module to be started by way of nodes connected by edges, wherein some nodes are submodule nodes that correspond to submodules of said module. Submodule nodes are connected via edge(s) that reflect a data dependency between the corresponding submodules. Each of said submodules is a hardware module or a software submodule, capable of producing and/or consuming data that can be consumed and/or produced, by other submodule(s) of said module, based on the DAG. Asynchronous execution is started of two of said submodules, respectively corresponding to two submodule nodes located in independent branches of the DAG. A third submodule node(s) is determined that is a descendant of each of said two submodule nodes, according to an outcome of the execution of the corresponding two submodules. Execution is started of a third submodule that corresponds to the determined third submodule node.
    Type: Grant
    Filed: January 23, 2017
    Date of Patent: April 7, 2020
    Assignee: International Business Machines Corporation
    Inventors: Michael Charles Osborne, Elaine Rivette Palmer, Tamas Visegrady
  • Patent number: 10389728
    Abstract: A computer-implemented method, a computer system, and a computer program product are provided for enforcing multi-level security (MLS) on a message transmitted over a network that may be insecure. The method includes the processor obtaining a request from a source to send a message to a target, where the request includes the message and a context indicating a requested security level for the message. The processor encrypts the message based on ascertaining the message received in the request is a plaintext. The processor authenticates the encrypted message based on ascertaining the encrypted message is a ciphertext, where the target is enabled to trace the authenticated ciphertext back to the source. The processor transmits the authenticated encrypted message to the target across the network.
    Type: Grant
    Filed: April 4, 2018
    Date of Patent: August 20, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: John C. Dayka, Michael Charles Osborne, Tamas Visegrady
  • Patent number: 10389727
    Abstract: A computer-implemented method, a computer system, and a computer program product are provided for enforcing multi-level security (MLS) on a message transmitted over a network that may be insecure. The method includes the processor obtaining a request from a source to send a message to a target, where the request includes the message and a context indicating a requested security level for the message. The processor encrypts the message based on ascertaining the message received in the request is a plaintext. The processor authenticates the encrypted message based on ascertaining the encrypted message is a ciphertext, where the target is enabled to trace the authenticated ciphertext back to the source. The processor transmits the authenticated encrypted message to the target across the network.
    Type: Grant
    Filed: January 8, 2018
    Date of Patent: August 20, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: John C. Dayka, Michael Charles Osborne, Tamas Visegrady
  • Patent number: 10110611
    Abstract: A computer-implemented method, a computer system, and a computer program product are provided for enforcing multi-level security (MLS) on a message transmitted over a network that may be insecure. The method includes the processor obtaining a request from a source to send a message to a target, where the request includes the message and a context indicating a requested security level for the message. The processor encrypts the message based on ascertaining the message received in the request is a plaintext. The processor authenticates the encrypted message based on ascertaining the encrypted message is a ciphertext, where the target is enabled to trace the authenticated ciphertext back to the source. The processor transmits the authenticated encrypted message to the target across the network.
    Type: Grant
    Filed: June 28, 2016
    Date of Patent: October 23, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: John C. Dayka, Michael Charles Osborne, Tamas Visegrady
  • Publication number: 20180227310
    Abstract: A computer-implemented method, a computer system, and a computer program product are provided for enforcing multi-level security (MLS) on a message transmitted over a network that may be insecure. The method includes the processor obtaining a request from a source to send a message to a target, where the request includes the message and a context indicating a requested security level for the message. The processor encrypts the message based on ascertaining the message received in the request is a plaintext. The processor authenticates the encrypted message based on ascertaining the encrypted message is a ciphertext, where the target is enabled to trace the authenticated ciphertext back to the source. The processor transmits the authenticated encrypted message to the target across the network.
    Type: Application
    Filed: April 4, 2018
    Publication date: August 9, 2018
    Inventors: John C. DAYKA, Michael Charles OSBORNE, Tamas VISEGRADY
  • Publication number: 20180152423
    Abstract: A computer-implemented method, a computer system, and a computer program product are provided for enforcing multi-level security (MLS) on a message transmitted over a network that may be insecure. The method includes the processor obtaining a request from a source to send a message to a target, where the request includes the message and a context indicating a requested security level for the message. The processor encrypts the message based on ascertaining the message received in the request is a plaintext. The processor authenticates the encrypted message based on ascertaining the encrypted message is a ciphertext, where the target is enabled to trace the authenticated ciphertext back to the source. The processor transmits the authenticated encrypted message to the target across the network.
    Type: Application
    Filed: January 8, 2018
    Publication date: May 31, 2018
    Inventors: John C. DAYKA, Michael Charles OSBORNE, Tamas VISEGRADY
  • Patent number: 9973480
    Abstract: A computer-implemented method, a computer system, and a computer program product are provided for enforcing multi-level security (MLS) on a message transmitted over a network that may be insecure. The method includes the processor obtaining a request from a source to send a message to a target, where the request includes the message and a context indicating a requested security level for the message. The processor encrypts the message based on ascertaining the message received in the request is a plaintext. The processor authenticates the encrypted message based on ascertaining the encrypted message is a ciphertext, where the target is enabled to trace the authenticated ciphertext back to the source. The processor transmits the authenticated encrypted message to the target across the network.
    Type: Grant
    Filed: September 30, 2015
    Date of Patent: May 15, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: John C. Dayka, Michael Charles Osborne, Tamas Visegrady
  • Patent number: 9747129
    Abstract: Graph data of a DAG is received. The data describes a module to be started by way of nodes connected by edges, wherein some nodes are submodule nodes that correspond to submodules of said module. Submodule nodes are connected via edge(s) that reflect a data dependency between the corresponding submodules. Each of said submodules is a hardware module or a software submodule, capable of producing and/or consuming data that can be consumed and/or produced, by other submodule(s) of said module, based on the DAG. Asynchronous execution is started of two of said submodules, respectively corresponding to two submodule nodes located in independent branches of the DAG. A third submodule node(s) is determined that is a descendant of each of said two submodule nodes, according to an outcome of the execution of the corresponding two submodules. Execution is started of a third submodule that corresponds to the determined third submodule node.
    Type: Grant
    Filed: October 22, 2015
    Date of Patent: August 29, 2017
    Assignee: International Business Machines Corporation
    Inventors: Michael Charles Osborne, Elaine Rivette Palmer, Tamas Visegrady
  • Publication number: 20170132330
    Abstract: Graph data of a DAG is received. The data describes a module to be started by way of nodes connected by edges, wherein some nodes are submodule nodes that correspond to submodules of said module. Submodule nodes are connected via edge(s) that reflect a data dependency between the corresponding submodules. Each of said submodules is a hardware module or a software submodule, capable of producing and/or consuming data that can be consumed and/or produced, by other submodule(s) of said module, based on the DAG. Asynchronous execution is started of two of said submodules, respectively corresponding to two submodule nodes located in independent branches of the DAG. A third submodule node(s) is determined that is a descendant of each of said two submodule nodes, according to an outcome of the execution of the corresponding two submodules. Execution is started of a third submodule that corresponds to the determined third submodule node.
    Type: Application
    Filed: January 23, 2017
    Publication date: May 11, 2017
    Inventors: Michael Charles Osborne, Elaine Rivette Palmer, Tamas Visegrady
  • Publication number: 20170093879
    Abstract: A computer-implemented method, a computer system, and a computer program product are provided for enforcing multi-level security (MLS) on a message transmitted over a network that may be insecure. The method includes the processor obtaining a request from a source to send a message to a target, where the request includes the message and a context indicating a requested security level for the message. The processor encrypts the message based on ascertaining the message received in the request is a plaintext. The processor authenticates the encrypted message based on ascertaining the encrypted message is a ciphertext, where the target is enabled to trace the authenticated ciphertext back to the source. The processor transmits the authenticated encrypted message to the target across the network.
    Type: Application
    Filed: September 30, 2015
    Publication date: March 30, 2017
    Inventors: John C. Dayka, Michael Charles Osborne, Tamas Visegrady
  • Publication number: 20170093818
    Abstract: A computer-implemented method, a computer system, and a computer program product are provided for enforcing multi-level security (MLS) on a message transmitted over a network that may be insecure. The method includes the processor obtaining a request from a source to send a message to a target, where the request includes the message and a context indicating a requested security level for the message. The processor encrypts the message based on ascertaining the message received in the request is a plaintext. The processor authenticates the encrypted message based on ascertaining the encrypted message is a ciphertext, where the target is enabled to trace the authenticated ciphertext back to the source. The processor transmits the authenticated encrypted message to the target across the network.
    Type: Application
    Filed: June 28, 2016
    Publication date: March 30, 2017
    Inventors: John C. Dayka, Michael Charles Osborne, Tamas Visegrady
  • Publication number: 20160117189
    Abstract: Graph data of a DAG is received. The data describes a module to be started by way of nodes connected by edges, wherein some nodes are submodule nodes that correspond to submodules of said module. Submodule nodes are connected via edge(s) that reflect a data dependency between the corresponding submodules. Each of said submodules is a hardware module or a software submodule, capable of producing and/or consuming data that can be consumed and/or produced, by other submodule(s) of said module, based on the DAG. Asynchronous execution is started of two of said submodules, respectively corresponding to two submodule nodes located in independent branches of the DAG. A third submodule node(s) is determined that is a descendant of each of said two submodule nodes, according to an outcome of the execution of the corresponding two submodules. Execution is started of a third submodule that corresponds to the determined third submodule node.
    Type: Application
    Filed: October 22, 2015
    Publication date: April 28, 2016
    Inventors: Michael Charles Osborne, Elaine Rivette Palmer, Tamas Visegrady