Patents by Inventor William Eric Hall
William Eric Hall has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11907361Abstract: An apparatus, system and method for protecting the confidentiality and integrity of a secure object running on a computer system by protecting the memory pages owned by the secure object, including assigning a secure object an ID, labeling the memory pages owned by a secure object with the ID of the secure object, maintaining an Access Control Monitor (ACM) table for the memory pages on the system, controlling access to memory pages by monitoring load and store instructions and comparing information in the ACM table with the ID of the software that is executing these instructions; and limiting access to a memory page to the owner of the memory page.Type: GrantFiled: March 17, 2020Date of Patent: February 20, 2024Assignee: International Business Machines CorporationInventors: Richard Harold Boivie, Kattamuri Ekanadham, Kenneth Alan Goldman, William Eric Hall, Guerney D. Hunt, Bhushan Pradip Jain, Mohit Kapur, Dimitrios Pendarakis, David Robert Safford, Peter Anthony Sandon, Enriquillo Valdez
-
Publication number: 20200218799Abstract: An apparatus, system and method for protecting the confidentiality and integrity of a secure object running on a computer system by protecting the memory pages owned by the secure object, including assigning a secure object an ID, labeling the memory pages owned by a secure object with the ID of the secure object, maintaining an Access Control Monitor (ACM) table for the memory pages on the system, controlling access to memory pages by monitoring load and store instructions and comparing information in the ACM table with the ID of the software that is executing these instructions; and limiting access to a memory page to the owner of the memory page.Type: ApplicationFiled: March 17, 2020Publication date: July 9, 2020Inventors: Richard Harold Boivie, Kattamuri Ekanadham, Kenneth Alan Goldman, William Eric Hall, Guerney D. Hunt, Bhushan Pradip Jain, Mohit Kapur, Dimitrios Pendarakis, David Robert Safford, Peter Anthony Sandon, Enriquillo Valdez
-
Patent number: 10628579Abstract: A processor in a computer system, the processor including a mechanism supporting a Secure Object that comprises information that is protected so that other software on said computer system cannot access or undetectably tamper with said information, thereby protecting both a confidentiality and an integrity of the Secure Object information while making the Secure Object information available to the Secure Object itself during execution of the Secure Object. The mechanism includes a crypto mechanism that decrypts and integrity-checks Secure Object information as said Secure Object information moves into the computer system from an external storage system, and encrypts and updates an integrity value for Secure Object information as said Secure Object information moves out of the computer system to the external storage system, and a memory protection mechanism that protects the confidentiality and integrity of Secure Object information when that information is in the memory of the computer system.Type: GrantFiled: August 28, 2015Date of Patent: April 21, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Richard Harold Boivie, Kattamuri Ekanadham, Kenneth Alan Goldman, William Eric Hall, Guerney Douglass Holloway Hunt, Bhushan Pradip Jain, Mohit Kapur, Dimitrios Pendarakis, David Robert Safford, Peter Anthony Sandon, Enriquillo Valdez
-
Publication number: 20160171250Abstract: A processor in a computer system, the processor including a mechanism supporting a Secure Object that comprises information that is protected so that other software on said computer system cannot access or undetectably tamper with said information, thereby protecting both a confidentiality and an integrity of the Secure Object information while making the Secure Object information available to the Secure Object itself during execution of the Secure Object. The mechanism includes a crypto mechanism that decrypts and integrity-checks Secure Object information as said Secure Object information moves into the computer system from an external storage system, and encrypts and updates an integrity value for Secure Object information as said Secure Object information moves out of the computer system to the external storage system, and a memory protection mechanism that protects the confidentiality and integrity of Secure Object information when that information is in the memory of the computer system.Type: ApplicationFiled: August 28, 2015Publication date: June 16, 2016Inventors: Richard Harold Boivie, Kattamuri Ekanadham, Kenneth Alan Goldman, William Eric Hall, Guerney D. Hunt, Bhushan Pradip Jain, Mohit Kapur, Dimitrios Pendarakis, David Robert Safford, Peter Anthony Sandon, Enriquillo Valdez
-
Patent number: 8468337Abstract: A system and method are described for secure data transfer over a network. According to an exemplary embodiment a system for secure data transfer over a network includes memory and a memory controller configured to transfer data received from the network to the memory. The system includes a processor, having logic configured to retrieve a portion of the data from the memory using the memory controller. The processor also includes logic configured to perform security operations on the retrieved portion of the data, and logic configured to store the operated-on portion of the data in the memory using the memory controller. The memory controller is further configured to transfer the operated-on portion of the data from the memory to the network.Type: GrantFiled: March 2, 2004Date of Patent: June 18, 2013Assignee: International Business Machines CorporationInventors: Santosh P. Gaur, William Eric Hall
-
Patent number: 8332652Abstract: A computing device for securely executing authorized code includes a protected memory for storing authorized code, which contains an original digital signature, and a processor in signal communication with the protected memory for preparing to execute code from the protected memory by verifying that a digital signature contained in the code is original in accordance with a public key, and if the original digital signature is verified, then branching to a copy of the authorized code in the protected memory to begin execution.Type: GrantFiled: October 1, 2003Date of Patent: December 11, 2012Assignee: International Business Machines CorporationInventors: Richard H. Boivie, William Eric Hall
-
Publication number: 20120054773Abstract: A system to increase the security of the state of interrupted applications may include a computer processor to process software running in a plurality of runtime environments. The system may also include an interrupt stack per runtime environment to assist in how the computer processor switches from one subroutine to another in the same environment and from one runtime environment to any of the other runtime environments. The system may further include a plurality of hardware-managed areas to store processor state information and to assist in how the computer processor switches from one runtime environment to any of the other runtime environments.Type: ApplicationFiled: August 31, 2010Publication date: March 1, 2012Applicant: International Business Machines CorporationInventors: William Eric Hall, Marcel C. Rosu
-
Patent number: 8121286Abstract: A system and method for coding data to help resist differential attacks. Data in m columns may be initialized to an initialized value. One new column of data may be mixed with a new input word and input to an advanced mixer. The advanced mixer may include linear mixing having indexed bytes and performing of exclusive-OR operation and transposing. An output of the advanced mixer may be a new m column state. A value of m could be 0 through 30. The value of m may have a preferred range of 27 through 36. Systems to implement the foregoing method are also described.Type: GrantFiled: October 28, 2008Date of Patent: February 21, 2012Assignee: International Buisness Machines CorporationInventors: Shai Halevi, William Eric Hall, Charanjit S. Jutla
-
Patent number: 7907725Abstract: A simple universal hash apparatus and method include input means for inputting at least one of a plurality of Plaintext blocks into an integrity aware encryption scheme using at least one of two secret keys to obtain a plurality of Ciphertext blocks; Plaintext checksum means for computing a Plaintext checksum value from said plurality of Plaintext blocks; Ciphertext checksum means for processing said plurality of Ciphertext blocks and a third key to obtain a Ciphertext checksum; and combination means for combining said Plaintext checksum and said Ciphertext checksum to obtain the simple universal hash value.Type: GrantFiled: May 29, 2008Date of Patent: March 15, 2011Assignee: International Business Machines CorporationInventors: William Eric Hall, Charanjit Singh Jutla
-
Patent number: 7860241Abstract: A simple universal hash apparatus and method include input means for inputting at least one of a plurality of Plaintext blocks into an integrity aware encryption scheme using at least one of two secret keys to obtain a plurality of Ciphertext blocks; Plaintext checksum means for computing a Plaintext checksum value from said plurality of Plaintext blocks; Ciphertext checksum means for processing said plurality of Ciphertext blocks and a third key to obtain a Ciphertext checksum; and combination means for combining said Plaintext checksum and said Ciphertext checksum to obtain the simple universal hash value.Type: GrantFiled: August 23, 2007Date of Patent: December 28, 2010Assignee: International Business Machines CorporationInventors: William Eric Hall, Charanjit Singh Jutla
-
Publication number: 20100104095Abstract: A system and method for coding data to help resist differential attacks. Data in m columns may be initialized to an initialized value. One new column of data may be mixed with a new input word and input to an advanced mixer. The advanced mixer may include linear mixing having indexed bytes and performing of exclusive-OR operation and transposing. An output of the advanced mixer may be a new m column state. A value of m could be 0 through 30. The value of m may have a preferred range of 27 through 36. Systems to implement the foregoing method are also described.Type: ApplicationFiled: October 28, 2008Publication date: April 29, 2010Inventors: Shai Halevi, William Eric Hall, Charanjit S. Jutla
-
Patent number: 7564976Abstract: A system and method are described for performing security operations on network data. According to an exemplary embodiment, a system for performing security operations on network data includes memory and a data coprocessor configured to transfer data into and out of the memory. A plurality of processors are coupled to the memory and to the data coprocessor. Each processor is configured to perform, in parallel to one another, security operations on a portion of the data. The system includes a plurality of security coprocessors coupled to the memory. Each security coprocessor is coupled to a respective one of the processors and configured to assist the respective processor in performing security operations on the portion of the data.Type: GrantFiled: March 2, 2004Date of Patent: July 21, 2009Assignee: International Business Machines CorporationInventors: Santosh P. Gaur, William Eric Hall
-
Publication number: 20090031142Abstract: A method for processing a memory page, the method includes: retrieving, in response to a request to provide a first memory page to a processor, first memory page metadata associated with first memory page address information; wherein the first memory page address information is stored in a memory page table; and performing a page operation in response to the memory page metadata; wherein the page operation is selected from a group consisting of compression, cryptography, searching a page for a virus signature, searching a page for digital right management signature, error correction code verification, error correction code addition.Type: ApplicationFiled: July 25, 2007Publication date: January 29, 2009Inventors: Shai Halevi, William Eric Hall, Hugo Mario Krawczyk, Julian Satran, Ilan Shimony
-
Publication number: 20080226063Abstract: A simple universal hash apparatus and method include input means for inputting at least one of a plurality of Plaintext blocks into an integrity aware encryption scheme using at least one of two secret keys to obtain a plurality of Ciphertext blocks; Plaintext checksum means for computing a Plaintext checksum value from said plurality of Plaintext blocks; Ciphertext checksum means for processing said plurality of Ciphertext blocks and a third key to obtain a Ciphertext checksum; and combination means for combining said Plaintext checksum and said Ciphertext checksum to obtain the simple universal hash value.Type: ApplicationFiled: May 29, 2008Publication date: September 18, 2008Inventors: William Eric Hall, Charanjit Singh Jutla
-
Patent number: 7321659Abstract: A simple universal hash apparatus and method include input means for inputting at least one of a plurality of Plaintext blocks into an integrity aware encryption scheme using at least one of two secret keys to obtain a plurality of Ciphertext blocks; Plaintext checksum means for computing a Plaintext checksum value from the said plurality of Plaintext blocks; Ciphertext checksum means for processing said plurality of Ciphertext blocks and a third key to obtain a Ciphertext checksum; and combination means for combining the said Plaintext checksum and the said Ciphertext checksum to obtain the simple universal hash value.Type: GrantFiled: October 27, 2003Date of Patent: January 22, 2008Assignee: International Business Machines CorporationInventors: William Eric Hall, Charanjit Singh Jutla
-
Patent number: 7117196Abstract: Aspects for optimizing leaf comparisons from a tree search of data stored in external memory of an embedded processing system are described. The aspects include providing a control structure for leaf data comparisons as a control vector and a match key, and utilizing the control vector to direct types of comparison tests performed with the match key.Type: GrantFiled: November 22, 2002Date of Patent: October 3, 2006Assignee: International Business Machines CorporationInventors: Santosh Prasad Gaur, William Eric Hall
-
Patent number: 6941292Abstract: Aspects for optimizing data searches in tree structures are described. The aspects include organizing multiple search levels of data into sub-trees contained in fixed size blocks of shared external memory of an embedded processing system, and requiring each reference to the data to proceed from one-half of a sub-tree during a descent of the search tree based on a search pattern.Type: GrantFiled: November 22, 2002Date of Patent: September 6, 2005Assignee: International Business Machines CorporationInventors: Santosh Prasad Gaur, William Eric Hall
-
Publication number: 20040103083Abstract: Aspects for optimizing leaf comparisons from a tree search of data stored in external memory of an embedded processing system are described. The aspects include providing a control structure for leaf data comparisons as a control vector and a match key, and utilizing the control vector to direct types of comparison tests performed with the match key.Type: ApplicationFiled: November 22, 2002Publication date: May 27, 2004Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Santosh Prasad Gaur, William Eric Hall
-
Publication number: 20040103081Abstract: Aspects for optimizing data searches in tree structures are described. The aspects include organizing multiple search levels of data into sub-trees contained in fixed size blocks of shared external memory of an embedded processing system, and requiring each reference to the data to proceed from one-half of a sub-tree during a descent of the search tree based on a search pattern.Type: ApplicationFiled: November 22, 2002Publication date: May 27, 2004Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Santosh Prasad Gaur, William Eric Hall
-
Patent number: 6359713Abstract: A fiberoptic communication system is presented which allows an open-link condition on one link of a multi-link fiberoptic connection to be propagated to other links of the connection while satisfying the Open Fiber Control safety standard. Each link comprises a duplex link and at least one optical repeater is employed. The at least one optical repeater is adapted to propagate an open-link condition in one link of the multiple duplex links between the links of the fiberoptic connection. Propagating the open-link condition can be accomplished using an out band signal, an electrical wrap mode, or a hybrid approach using both an out band signal and electrical wrap mode. Automatic propagation of a closed-link condition is provided once the originally opened link is closed.Type: GrantFiled: October 28, 1998Date of Patent: March 19, 2002Assignee: International Business Machines CorporationInventors: Casimer Maurice DeCusatis, William Eric Hall