Patents by Inventor Thomas Gschwind
Thomas Gschwind has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9810119Abstract: The invention relates to a mixer for a device for selective catalytic reduction of exhaust gases from internal combustion engines. The mixer comprises a structure of mixer elements through which the mixture of exhaust gas and reducing agent is to flow. The mixer elements have an electric current flowing through them for electrical heating due to the electrical resistance thereof. The invention further relates to a device for selective catalytic reaction of exhaust gases from an internal combustion engine having an exhaust gas pipe leading to a mixer according to the invention and having a reducing agent pipe which is connected to a reservoir for reducing agent and which opens into the exhaust gas pipe in the flow direction upstream of the mixer, and a catalyst in the flow direction downstream of the mixer.Type: GrantFiled: September 25, 2013Date of Patent: November 7, 2017Assignee: Eberspacher catem GmbH & Co. KGInventor: Thomas Gschwind
-
Patent number: 9805199Abstract: A method for allowing a computer to boot from a user trusted device is provided. The computer includes a long-term data storage device storing operating system (OS) services. The user trusted device is connectable to the computer and stores a boot loader detectable and executable by a firmware of the computer, an OS loader designed to load an OS of the computer, and one or more crypto drivers designed for allowing access to the OS and data stored encrypted on the data storage device. The method comprises letting the boot loader be executed to cause to transfer the OS loader from the user trusted device to the computer and executing the transferred OS loader to cause to execute the one or more crypto drivers for the OS and the data stored encrypted on the data storage device to start the OS services and complete booting of the computer.Type: GrantFiled: March 12, 2015Date of Patent: October 31, 2017Assignee: International Business Machines CorporationInventor: Thomas Gschwind
-
Patent number: 9733856Abstract: Various embodiments manage deployable computing environments. In one embodiment, a system model of a computing environment that includes a set of computing resources is analyzed. The system model at least describes properties of each of the set of computing nodes and identifies a plurality of configuration operations to be executed by each of the set of computing nodes during deployment. A set of dependency information is generated for each of the set of computing nodes based on analyzing the system model. The set of dependency information identifies at least one dependency between two or more of the plurality of configuration operations. An executable coordination operation is added to each of the plurality of configuration operations. The executable coordination operation automatically coordinates execution of the plurality of configuration operations on the computing node.Type: GrantFiled: June 25, 2015Date of Patent: August 15, 2017Assignee: International Business Machines CorporationInventors: Hoi Y. Chan, Thomas Gschwind, Michael H. Kalantar, Lakshminaraya Renganarayana, Florian Rosenberg
-
Patent number: 9665299Abstract: Various embodiments manage deployable computing environments. In one embodiment, a system model of a computing environment that includes a set of computing resources is analyzed. The system model at least describes properties of each of the set of computing nodes and identifies a plurality of configuration operations to be executed by each of the set of computing nodes during deployment. A set of dependency information is generated for each of the set of computing nodes based on analyzing the system model. The set of dependency information identifies at least one dependency between two or more of the plurality of configuration operations. An executable coordination operation is added to each of the plurality of configuration operations. The executable coordination operation automatically coordinates execution of the plurality of configuration operations on the computing node.Type: GrantFiled: March 31, 2015Date of Patent: May 30, 2017Assignee: International Business Machines CorporationInventors: Hoi Y. Chan, Thomas Gschwind, Michael H. Kalantar, Lakshminaraya Renganarayana, Florian Rosenberg
-
Patent number: 9639690Abstract: The present invention is notably directed to a user trusted device (10), comprising: a connection interface (12) enabling connection (S2) with a computer (101); and a persistent memory (14) storing modules (15, 16, 17), which are configured, upon connection of the user trusted device (10) with said computer (101) via said connection interface (12), to: enable said computer (101) to start booting (S3, S3a) from the user trusted device (10); map (S6) firmware data to a code, the firmware data comprising program code of an initialization firmware and/or data accessible by the initialization firmware (122) of the computer while starting to boot; attest (S7-S12) trustworthiness of the code; and enable (S14) said computer (101) to complete booting from the user trusted device (10) if the code is attested. The present invention is further directed to related systems and methods.Type: GrantFiled: November 26, 2013Date of Patent: May 2, 2017Assignee: International Business Machines CorporationInventors: Michael Baentsch, Thomas Gschwind, Andreas Schade
-
Patent number: 9589128Abstract: The present invention is notably directed to a method for enabling a computer (101) to boot from a user trusted device (10), the user trusted device (10) comprising a connection interface (12) enabling connection (S2) with said computer (101), the method comprising: enabling (S3) said computer (101) to start booting from the user trusted device (10) upon connection (S2) of the user trusted device with said computer (101) via said connection interface (12); instructing a processor (105) of the computer (101) to execute (S7) virtualization sensitive code and issue (S8) completion data upon completion of execution, which completion data depends on the virtualization sensitive code and its execution by the processor (105); determining (S9-S14), based on said completion data, whether the execution was not performed in a virtualized environment; and enabling (S15) said computer (101) to complete booting from the user trusted device (10) upon determining that the execution was not performed in a virtualized environmType: GrantFiled: November 26, 2013Date of Patent: March 7, 2017Assignee: International Business Machines CorporationInventors: Michael Baentsch, Thomas Gschwind, Andreas Schade
-
Publication number: 20160294979Abstract: Various embodiments manage deployable computing environments. In one embodiment, a system model of a computing environment that includes a set of computing resources is analyzed. The system model at least describes properties of each of the set of computing nodes and identifies a plurality of configuration operations to be executed by each of the set of computing nodes during deployment. A set of dependency information is generated for each of the set of computing nodes based on analyzing the system model. The set of dependency information identifies at least one dependency between two or more of the plurality of configuration operations. An executable coordination operation is added to each of the plurality of configuration operations. The executable coordination operation automatically coordinates execution of the plurality of configuration operations on the computing node.Type: ApplicationFiled: March 31, 2015Publication date: October 6, 2016Inventors: Hoi Y. CHAN, Thomas GSCHWIND, Michael H. KALANTAR, Lakshminaraya RENGANARAYANA, Florian ROSENBERG
-
Publication number: 20160291893Abstract: Various embodiments manage deployable computing environments. In one embodiment, a system model of a computing environment that includes a set of computing resources is analyzed. The system model at least describes properties of each of the set of computing nodes and identifies a plurality of configuration operations to be executed by each of the set of computing nodes during deployment. A set of dependency information is generated for each of the set of computing nodes based on analyzing the system model. The set of dependency information identifies at least one dependency between two or more of the plurality of configuration operations. An executable coordination operation is added to each of the plurality of configuration operations. The executable coordination operation automatically coordinates execution of the plurality of configuration operations on the computing node.Type: ApplicationFiled: June 25, 2015Publication date: October 6, 2016Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Hoi Y. CHAN, Thomas GSCHWIND, Michael H. KALANTAR, Lakshminaraya RENGANARAYANA, Florian ROSENBERG
-
Publication number: 20160267275Abstract: System and computer program product for allowing a computer to boot from a user trusted device. The computer comprises a long-term data storage device storing operating system (OS) services; and the user trusted device is connectable to the computer and stores: a boot loader, detectable and executable by a firmware of the computer, upon connection of the user trusted device to said computer; an OS loader for the OS; and one or more crypto drivers designed for allowing access to the OS and data, stored encrypted on said data storage device. The user trusted device is designed to prevent unauthenticated access of each of: the boot loader; the one or more crypto drivers; and the OS loader, as stored thereon.Type: ApplicationFiled: August 12, 2015Publication date: September 15, 2016Inventor: Thomas Gschwind
-
Publication number: 20160267274Abstract: The present invention is notably directed to methods for allowing a computer (10) to boot from a user trusted device (20), wherein: the computer (10) comprises a long-term data storage device (11) storing operating system services (25), or OS services; and the user trusted device (20) is connectable to the computer (10) and stores: a boot loader (16a), detectable and executable by a firmware (122) of the computer, upon connection of the user trusted device (20) to said computer (10); an OS loader (24a) for an operating system (112), or OS, of the computer; and one or more crypto drivers (26a) for said OS, designed for allowing access to the OS and data, stored encrypted on said data storage device (11); wherein the user trusted device is designed to prevent unauthenticated access of each of: the boot loader; the one or more crypto drivers; and the OS loader, as stored thereon, the method comprising: upon connection (S21) of the user trusted device to the computer, letting (S22) the boot loader (16a) be detectType: ApplicationFiled: March 12, 2015Publication date: September 15, 2016Inventor: Thomas Gschwind
-
Patent number: 9411702Abstract: Various embodiments monitor a distributed software system. In one embodiment, at least one monitoring policy associated with a distributed software system is selected. A policy type associated with the monitoring policy is identified. An installer is selected based on the policy type associated with the monitoring policy. Monitoring software is installed in a computing environment utilizing the installer. The monitoring software is configured to monitor the distributed software system based on the monitoring policy.Type: GrantFiled: August 30, 2013Date of Patent: August 9, 2016Assignee: GLOBALFOUNDRIES INC.Inventors: Tamar Eilam, Thomas Gschwind, Florian Rosenberg, Andreas Schade
-
Publication number: 20160070914Abstract: A system and method for executing software modules on a computer, the method comprising: executing (S4) a bootloader (15, 16), at least partly (16) in the computer (101); and upon execution of the bootloader: accessing (S5) requirements as to an initial set (IS) of software modules (SMn); and hardware specifications of the computer; determining (S6) within said initial set, one or more candidate sets (CS1, CS2) of software modules that are compatible (S6a) with said hardware specifications and can (S6b) be stored as a RAM disk; and storing (S9) the software modules of a final set (FS) on a RAM disk (121), the final set (FS) being one of the one or more candidate sets, and instructing to execute the software modules stored on the RAM disk, wherein each of the initial set and the final set of software modules comprises application components and operating system image components, and preferably further comprises hardware component drivers.Type: ApplicationFiled: March 14, 2014Publication date: March 10, 2016Inventors: Michael Baentsch, Peter Buhler, Luis Garces-Erice, Thomas Gschwind, Frank Hoering, Michael Kuyper, Sean Rooney, Paolo Scotton
-
Patent number: 9256442Abstract: A user trusted device and a software update method for updating the device. The device includes: a connection interface enabling connection with a host computer; a persistent memory storing a boot enabling data structure and a network updater, wherein: the network updater is configured to interact with firmware of the host computer to initiate communication over a network; and the boot enabling data structure: is detectable by the firmware upon connection of the user trusted device with the host computer; is such that host computer can boot from the user trusted device, as per the data structure of the boot enabling data structure; and includes instructions for the firmware to initiate a transfer of the network updater on the host computer for subsequent execution, upon the host computer booting from the user trusted device.Type: GrantFiled: March 3, 2014Date of Patent: February 9, 2016Assignee: International Business Machines CorporationInventors: Thomas Gschwind, Frank Hoering, Michael P Kuyper-Hammond
-
Patent number: 9235344Abstract: Redundant data in a streaming disk image is identified using commands to indicate unused disk blocks, such as TRIM/UNMAP commands. A TRIM/UNMAP layer is added between an operating system and a disk driver to support the use of TRIM/UNMAP commands. Using the TRIM/UNMAP layer, blocks of a streamed disk image that are unallocated by the operating system are identified. The identified unallocated blocks are streamed to a server for analysis and storage.Type: GrantFiled: November 28, 2012Date of Patent: January 12, 2016Assignee: International Business Machines CorporationInventor: Thomas Gschwind
-
Patent number: 9229641Abstract: Redundant data in a streaming disk image is identified using commands to indicate unused disk blocks, such as TRIM/UNMAP commands. A TRIM/UNMAP layer is added between an operating system and a disk driver to support the use of TRIM/UNMAP commands. Using the TRIM/UNMAP layer, blocks of a streamed disk image that are unallocated by the operating system are identified. The identified unallocated blocks are streamed to a server for analysis and storage.Type: GrantFiled: September 11, 2013Date of Patent: January 5, 2016Assignee: International Business Machines CorporationInventor: Thomas Gschwind
-
Publication number: 20150378744Abstract: In an approach to allowing a computer to boot from a user trusted device (UTD), the computer comprises a data storage device storing operating system (OS) services, and a version of an OS loader. The UTD is connectable to the computer and stores a boot loader, detectable by a firmware executing at the computer, and an OS loader, and wherein the UTD prevents an unauthenticated user to modify the boot loader and the OS loader stored thereon. The computer then, upon connection, lets the boot loader be detected by the firmware for execution of the boot loader at least partly at the computer, to cause to transfer the OS loader from the UTD to the computer, and executes the transferred OS loader at least partly from the computer, to execute at least one crypto driver for the OS, to start the OS services and complete booting of the computer.Type: ApplicationFiled: May 29, 2015Publication date: December 31, 2015Inventor: Thomas Gschwind
-
Publication number: 20150332052Abstract: A method for allowing an operating system (OS), to access an encrypted data storage system of a computer, wherein: the data storage system comprises: a partition; and first encrypted data units that comprise partition table data of said data storage system; and said computer is connectable to an external device comprising: a boot loader for an external OS that is not installed on the computer; and partitioning information capturing an expected location of said partition in the data storage system; and wherein second encrypted data units that comprise reference partition table data for said data storage system are available from said computer or said external device, the method comprising: upon connection of said external device to the computer, instructing to boot the computer from said boot loader; and during or after booting of the computer: comparing the first and second encrypted data units; and if the first and second encrypted data units match, allow the external OS to access, based on the partitioningType: ApplicationFiled: July 23, 2015Publication date: November 19, 2015Inventors: Peter Buhler, Thomas Gschwind, Paolo Scotton
-
Publication number: 20150317472Abstract: The present invention is notably directed to a method for enabling a computer (101) to boot from a user trusted device (10), the user trusted device (10) comprising a connection interface (12) enabling connection (S2) with said computer (101), the method comprising: enabling (S3) said computer (101) to start booting from the user trusted device (10) upon connection (S2) of the user trusted device with said computer (101) via said connection interface (12); instructing a processor (105) of the computer (101) to execute (S7) virtualization sensitive code and issue (S8) completion data upon completion of execution, which completion data depends on the virtualization sensitive code and its execution by the processor (105); determining (S9-S14), based on said completion data, whether the execution was not performed in a virtualized environment; and enabling (S15) said computer (101) to complete booting from the user trusted device (10) upon determining that the execution was not performed in a virtualized environmType: ApplicationFiled: November 26, 2013Publication date: November 5, 2015Inventors: Michael Baentsch, Thomas Gschwind, Andreas Schade
-
Publication number: 20150315943Abstract: The invention relates to a mixer for a device for selective catalytic reduction of exhaust gases from internal combustion engines. The mixer comprises a structure of mixer elements through which the mixture of exhaust gas and reducing agent is to flow. The mixer elements have an electric current flowing through them for electrical heating due to the electrical resistance thereof. The invention further relates to a device for selective catalytic reaction of exhaust gases from an internal combustion engine having an exhaust gas pipe leading to a mixer according to the invention and having a reducing agent pipe which is connected to a reservoir for reducing agent and which opens into the exhaust gas pipe in the flow direction upstream of the mixer, and a catalyst in the flow direction downstream of the mixer.Type: ApplicationFiled: September 25, 2013Publication date: November 5, 2015Inventor: Thomas Gschwind
-
Publication number: 20150317471Abstract: The present invention is notably directed to a user trusted device (10), comprising: a connection interface (12) enabling connection (S2) with a computer (101); and a persistent memory (14) storing modules (15, 16, 17), which are configured, upon connection of the user trusted device (10) with said computer (101) via said connection interface (12), to: enable said computer (101) to start booting (S3, S3a) from the user trusted device (10); map (S6) firmware data to a code, the firmware data comprising program code of an initialization firmware and/or data accessible by the initialization firmware (122) of the computer while starting to boot; attest (S7-S12) trustworthiness of the code; and enable (S14) said computer (101) to complete booting from the user trusted device (10) if the code is attested. The present invention is further directed to related systems and methods.Type: ApplicationFiled: November 26, 2013Publication date: November 5, 2015Inventors: Michael Baentsch, Thomas Gschwind, Andreas Schade