Patents by Inventor Xiaohan Qin

Xiaohan Qin has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11907405
    Abstract: A return address of a caller of a software function within an access control component is determined, the caller comprising a software component seeking access to a protected resource protected by the access control component. From the return address, a filename of the caller is determined. Responsive to determining that the filename is included in a set of filenames of components allowed to access the protected resource, the caller is allowed to access the protected resource.
    Type: Grant
    Filed: October 14, 2020
    Date of Patent: February 20, 2024
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Xiaohan Qin, Pedro V. Torres, Xinya Wang, Amit Agarwal
  • Publication number: 20220114271
    Abstract: A return address of a caller of a software function within an access control component is determined, the caller comprising a software component seeking access to a protected resource protected by the access control component. From the return address, a filename of the caller is determined. Responsive to determining that the filename is included in a set of filenames of components allowed to access the protected resource, the caller is allowed to access the protected resource.
    Type: Application
    Filed: October 14, 2020
    Publication date: April 14, 2022
    Applicant: International Business Machines Corporation
    Inventors: Xiaohan Qin, Pedro V. Torres, Xinya Wang, Amit Agarwal
  • Patent number: 10732991
    Abstract: Concurrent maintenance of an input/output (I/O) adapter backing a virtual network interface connection (VNIC) including receiving, by a hardware management console (HMC), a request to disconnect the I/O adapter from a computing system, wherein the computing system comprises a logical partition and virtual I/O server; instructing, by the HMC over a communications link, the virtual I/O server to deconfigure and remove the server VNIC driver; determining, by the HMC, that a replacement I/O adapter is installed on the computing system; and in response to determining that the replacement I/O adapter is installed on the computing system, instructing, by the HMC over the communications link, the virtual I/O server to add and configure a replacement server VNIC driver.
    Type: Grant
    Filed: October 25, 2019
    Date of Patent: August 4, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Curtis S. Eide, Dwayne G. McConnell, Xiaohan Qin
  • Publication number: 20200057655
    Abstract: Concurrent maintenance of an input/output (I/O) adapter backing a virtual network interface connection (VNIC) including receiving, by a hardware management console (HMC), a request to disconnect the I/O adapter from a computing system, wherein the computing system comprises a logical partition and virtual I/O server; instructing, by the HMC over a communications link, the virtual I/O server to deconfigure and remove the server VNIC driver; determining, by the HMC, that a replacement I/O adapter is installed on the computing system; and in response to determining that the replacement I/O adapter is installed on the computing system, instructing, by the HMC over the communications link, the virtual I/O server to add and configure a replacement server VNIC driver.
    Type: Application
    Filed: October 25, 2019
    Publication date: February 20, 2020
    Inventors: CURTIS S. EIDE, DWAYNE G. MCCONNELL, XIAOHAN QIN
  • Patent number: 10545771
    Abstract: Concurrent maintenance of an input/output (I/O) adapter backing a virtual network interface connection (VNIC) including receiving, by a hardware management console (HMC), a request to disconnect the I/O adapter from a computing system, wherein the computing system comprises a logical partition and virtual I/O server; instructing, by the HMC over a communications link, the virtual I/O server to deconfigure and remove the server VNIC driver; determining, by the HMC, that a replacement I/O adapter is installed on the computing system; and in response to determining that the replacement I/O adapter is installed on the computing system, instructing, by the HMC over the communications link, the virtual I/O server to add and configure a replacement server VNIC driver.
    Type: Grant
    Filed: June 26, 2017
    Date of Patent: January 28, 2020
    Assignee: International Business Machines Corporation
    Inventors: Curtis S. Eide, Dwayne G. McConnell, Xiaohan Qin
  • Publication number: 20180157496
    Abstract: Concurrent maintenance of an input/output (I/O) adapter backing a virtual network interface connection (VNIC) including receiving, by a hardware management console (HMC), a request to disconnect the I/O adapter from a computing system, wherein the computing system comprises a logical partition and virtual I/O server; instructing, by the HMC over a communications link, the virtual I/O server to deconfigure and remove the server VNIC driver; determining, by the HMC, that a replacement I/O adapter is installed on the computing system; and in response to determining that the replacement I/O adapter is installed on the computing system, instructing, by the HMC over the communications link, the virtual I/O server to add and configure a replacement server VNIC driver.
    Type: Application
    Filed: June 26, 2017
    Publication date: June 7, 2018
    Inventors: CURTIS S. EIDE, DWAYNE G. MCCONNELL, XIAOHAN QIN
  • Patent number: 9967105
    Abstract: A system, and computer program product for leader device selection in a control cluster using a shared virtual local area network (VLAN) are provided in the illustrative embodiments. A broadcast Hello packet is received from a sender virtual device over the VLAN at a first virtual device. When the first virtual device satisfies a partnership criterion specified in the Hello packet, a first ranking of the first virtual device is evaluated to be higher than a ranking of a sender virtual device. A first Live packet is unicast over the VLAN to the sender virtual device and a leadership role in the control cluster is taken by the first virtual device. The sender virtual device is caused to stop a broadcasting operation at the sender virtual device. A second Hello packet is broadcasted from the first virtual device over the VLAN.
    Type: Grant
    Filed: March 25, 2015
    Date of Patent: May 8, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
  • Patent number: 9929934
    Abstract: At a first virtual device executing in a data processing system, a determination is made whether a partner list associated with the first virtual device includes a threshold number of partner virtual devices, the first virtual device participating in the control cluster. A first Live packet is unicast over the VLAN to each partner virtual device identified in the partner list. A unicast of a second Live packet from a second virtual device to the first virtual device is received over the VLAN, the second virtual device being identified in the partner list. A Hello packet is broadcast over the VLAN to cause the Hello packet to reach a third virtual device, wherein the Hello packet is configured to discover a new partner virtual device to add to the partner list, discovering the new partner enlarging the control cluster.
    Type: Grant
    Filed: June 3, 2015
    Date of Patent: March 27, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
  • Patent number: 9906432
    Abstract: At a first virtual device executing in a data processing system, a determination is made whether a partner list associated with the first virtual device includes a threshold number of partner virtual devices, the first virtual device participating in the control cluster. A first Live packet is unicast over the VLAN to each partner virtual device identified in the partner list. A unicast of a second Live packet from a second virtual device to the first virtual device is received over the VLAN, the second virtual device being identified in the partner list. A Hello packet is broadcast over the VLAN to cause the Hello packet to reach a third virtual device, wherein the Hello packet is configured to discover a new partner virtual device to add to the partner list, discovering the new partner enlarging the control cluster.
    Type: Grant
    Filed: December 9, 2014
    Date of Patent: February 27, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
  • Patent number: 9755846
    Abstract: A method for leader device selection in a control cluster using a shared virtual local area network (VLAN) is provided in the illustrative embodiments. A broadcast Hello packet is received from a sender virtual device over the VLAN at a first virtual device. When the first virtual device satisfies a partnership criterion specified in the Hello packet, a first ranking of the first virtual device is evaluated to be higher than a ranking of a sender virtual device. A first Live packet is unicast over the VLAN to the sender virtual device and a leadership role in the control cluster is taken by the first virtual device. The sender virtual device is caused to stop a broadcasting operation at the sender virtual device. A second Hello packet is broadcasted from the first virtual device over the VLAN.
    Type: Grant
    Filed: June 3, 2015
    Date of Patent: September 5, 2017
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
  • Patent number: 9473518
    Abstract: Embodiments of the present invention provide methods, systems, and computer program products that enable secure network communications with logical partitions. A gateway between a physical network adapter and at least one virtual network trunk adapter receives a packet. The gateway tags the packet with an indication of an origin of the packet. The gateway delivers the tagged packet to an intrusion prevention system for intrusion analysis. When the gateway receives the tagged packet from the intrusion prevention system, the gateway forwards the tagged packet according to the indication of origin of the tagged packet.
    Type: Grant
    Filed: October 22, 2010
    Date of Patent: October 18, 2016
    Assignee: International Business Machines Corporation
    Inventors: Shaival J. Chokshi, Xiaohan Qin, Rakesh Sharma
  • Publication number: 20160285733
    Abstract: A method for leader device selection in a control cluster using a shared virtual local area network (VLAN) is provided in the illustrative embodiments. A broadcast Hello packet is received from a sender virtual device over the VLAN at a first virtual device. When the first virtual device satisfies a partnership criterion specified in the Hello packet, a first ranking of the first virtual device is evaluated to be higher than a ranking of a sender virtual device. A first Live packet is unicast over the VLAN to the sender virtual device and a leadership role in the control cluster is taken by the first virtual device. The sender virtual device is caused to stop a broadcasting operation at the sender virtual device. A second Hello packet is broadcasted from the first virtual device over the VLAN.
    Type: Application
    Filed: June 3, 2015
    Publication date: September 29, 2016
    Applicant: International Business Machines Corporation
    Inventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
  • Publication number: 20160285739
    Abstract: A system, and computer program product for leader device selection in a control cluster using a shared virtual local area network (VLAN) are provided in the illustrative embodiments. A broadcast Hello packet is received from a sender virtual device over the VLAN at a first virtual device. When the first virtual device satisfies a partnership criterion specified in the Hello packet, a first ranking of the first virtual device is evaluated to be higher than a ranking of a sender virtual device. A first Live packet is unicast over the VLAN to the sender virtual device and a leadership role in the control cluster is taken by the first virtual device. The sender virtual device is caused to stop a broadcasting operation at the sender virtual device. A second Hello packet is broadcasted from the first virtual device over the VLAN.
    Type: Application
    Filed: March 25, 2015
    Publication date: September 29, 2016
    Applicant: International Business Machines Corporation
    Inventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
  • Patent number: 9426022
    Abstract: Provided are techniques for active SEA learning about a client LPAR MAC addresses via address resolution protocol (ARP) packets received on a virtual interface (of the active SEA). Any new client MAC addresses learned on the active SEA are sent to the inactive SEA via a control channel. When SEA failover happens, as the previously inactive SEA is about to become active, it will first send out RARP (reverse ARP) packets with the client MAC addresses as the source MAC addresses respectively. This effectively informs the switch connected to the previously inactive SEA that these client MAC addresses are to be routed through this switch port; the client MAC addresses saved on the switch connected to the previously active SEA are cleared as a result.
    Type: Grant
    Filed: December 13, 2013
    Date of Patent: August 23, 2016
    Assignee: International Business Machines Corporation
    Inventors: Kavitha Vittal Murthy Baratakke, Shaival Jagdishbhai Chokshi, Vishal Ramachandra Mansur, Xiaohan Qin
  • Publication number: 20160164740
    Abstract: At a first virtual device executing in a data processing system, a determination is made whether a partner list associated with the first virtual device includes a threshold number of partner virtual devices, the first virtual device participating in the control cluster. A first Live packet is unicast over the VLAN to each partner virtual device identified in the partner list. A unicast of a second Live packet from a second virtual device to the first virtual device is received over the VLAN, the second virtual device being identified in the partner list. A Hello packet is broadcast over the VLAN to cause the Hello packet to reach a third virtual device, wherein the Hello packet is configured to discover a new partner virtual device to add to the partner list, discovering the new partner enlarging the control cluster.
    Type: Application
    Filed: June 3, 2015
    Publication date: June 9, 2016
    Applicant: International Business Machines Corporation
    Inventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
  • Publication number: 20160164771
    Abstract: At a first virtual device executing in a data processing system, a determination is made whether a partner list associated with the first virtual device includes a threshold number of partner virtual devices, the first virtual device participating in the control cluster. A first Live packet is unicast over the VLAN to each partner virtual device identified in the partner list. A unicast of a second Live packet from a second virtual device to the first virtual device is received over the VLAN, the second virtual device being identified in the partner list. A Hello packet is broadcast over the VLAN to cause the Hello packet to reach a third virtual device, wherein the Hello packet is configured to discover a new partner virtual device to add to the partner list, discovering the new partner enlarging the control cluster.
    Type: Application
    Filed: December 9, 2014
    Publication date: June 9, 2016
    Applicant: International Business Machines Corporation
    Inventors: SHAIVAL J. CHOKSHI, Xiaohan Qin, Patrick T. Vo
  • Patent number: 9128893
    Abstract: Byte utilization is improved in Remote Direct Memory Access (RDMA) communications by detecting a plurality of concurrent messages on a plurality of application sockets which are destined for the same application, client or computer, intercepting those messages and consolidating their payloads into larger payloads, and then transmitting those consolidated messages to the destination, thereby increasing the payload-to-overhead byte utilization of the RDMA transmissions. At the receiving end, multiplexing information is used to unpack the consolidated messages, and to put the original payloads into a plurality of messages which are then fed into the receiving sockets to the destination application, client or computer, thereby making the consolidation process transparent between the initiator and the target.
    Type: Grant
    Filed: January 14, 2013
    Date of Patent: September 8, 2015
    Assignee: International Business Machines Corporation
    Inventors: Omar Cardona, Shaival Jagdishbhai Chokshi, Rakesh Sharma, Xiaohan Qin
  • Patent number: 9002970
    Abstract: Byte utilization is improved in Remote Direct Memory Access (RDMA) communications by detecting a plurality of concurrent messages on a plurality of application sockets which are destined for the same application, client or computer, intercepting those messages and consolidating their payloads into larger payloads, and then transmitting those consolidated messages to the destination, thereby increasing the payload-to-overhead byte utilization of the RDMA transmissions. At the receiving end, multiplexing information is used to unpack the consolidated messages, and to put the original payloads into a plurality of messages which are then fed into the receiving sockets to the destination application, client or computer, thereby making the consolidation process transparent between the initiator and the target.
    Type: Grant
    Filed: July 12, 2012
    Date of Patent: April 7, 2015
    Assignee: International Business Machines Corporation
    Inventors: Omar Cardona, Shaival Jagdishbhai Chokshi, Rakesh Sharma, Xiaohan Qin
  • Patent number: 8959515
    Abstract: A system, method, and program product for scheduling applications in a data processing system. The method of the invention includes a step of monitoring memory availability within the data processing system during execution of one or more applications. The method further includes recording a memory usage history for one or more applications from which a memory requirement may be determined. A kernel scheduler is utilized to schedule a next application for execution in accordance with the memory availability and the determined memory requirements of the one or more monitored applications.
    Type: Grant
    Filed: January 18, 2006
    Date of Patent: February 17, 2015
    Assignee: International Business Machines Corporation
    Inventor: Xiaohan Qin
  • Publication number: 20140140201
    Abstract: Provided are techniques for active SEA learning about a client LPAR MAC addresses via address resolution protocol (ARP) packets received on a virtual interface (of the active SEA). Any new client MAC addresses learned on the active SEA are sent to the inactive SEA via a control channel. When SEA failover happens, as the previously inactive SEA is about to become active, it will first send out RARP (reverse ARP) packets with the client MAC addresses as the source MAC addresses respectively. This effectively informs the switch connected to the previously inactive SEA that these client MAC addresses are to be routed through this switch port; the client MAC addresses saved on the switch connected to the previously active SEA are cleared as a result.
    Type: Application
    Filed: December 13, 2013
    Publication date: May 22, 2014
    Applicant: International Business Machines Corporation
    Inventors: Kavitha Vittal Murthy Baratakke, Shaival Jagdishbhai Chokshi, Vishal Ramachandra Mansur, Xiaohan Qin