Patents Issued in July 29, 2014
  • Patent number: 8793462
    Abstract: A method and controller for implementing storage adapter performance optimization with enhanced resource pool allocation, and a design structure on which the subject controller circuit resides are provided. The controller includes a plurality of hardware engines; a processor, and a plurality of resource pools. A plurality of work queues is associated with the resource pools. The processor initializes a list of types, and the associated amount of pages for each allocate type. The hardware engines maintain a count of allocate types, specifying a type on each allocation and deallocation, and performing allocation from the resource pools for deadlock avoidance.
    Type: Grant
    Filed: May 24, 2011
    Date of Patent: July 29, 2014
    Assignee: International Business Machines Corporation
    Inventors: Brian E. Bakke, Brian L. Bowles, Michael J. Carnevale, Robert E. Galbraith, II, Adrian C. Gerhard, Murali N. Iyer, Daniel F. Moertl, Mark J. Moran, Gowrisankar Radhakrishnan, Rick A. Weckwerth, Donald J. Ziebarth
  • Patent number: 8793463
    Abstract: A storage device set may allocate capacity for spaces (e.g., logical volumes) according to an allocation strategy, e.g., allocating capacity from the storage device having the greatest available capacity, or maximizing the distribution of allocated capacity across the storage devices. However, such allocation strategies may be inefficient (e.g., limiting the capability of the storage device set to satisfy subsequent requests with constraints such as a minimum distribution of capacity across several storage devices). The techniques presented herein achieve efficient allocation by first allocating capacity on storage devices having ample available capacity using a round-robin technique, and if such storage devices do not satisfy the capacity request, allocating capacity on storage devices having limited available capacity.
    Type: Grant
    Filed: September 12, 2011
    Date of Patent: July 29, 2014
    Assignee: Microsoft Corporation
    Inventors: Darren Moss, Karan Mehra, Emanuel Paleologu
  • Patent number: 8793464
    Abstract: Allocators are instantiated for each of a plurality of processors in a multi-threaded multi-processor computing system. The allocators selectively allocate and deallocate memory to threads executing on the associated processor. Related apparatus, systems, techniques and articles are also described.
    Type: Grant
    Filed: November 7, 2011
    Date of Patent: July 29, 2014
    Assignee: SAP AG
    Inventors: Ivan Schreter, Daniel Booss
  • Patent number: 8793465
    Abstract: Method and system for correcting misalignment between a virtual storage device block and a storage device block is provided. To align the blocks, an alignment module adjusts a logical block address and updates virtual storage device information such that a virtual machine can use a virtual storage device with the aligned blocks.
    Type: Grant
    Filed: March 9, 2010
    Date of Patent: July 29, 2014
    Assignee: Netapp, Inc.
    Inventors: Eric P. Forgette, Jonathan H. Dascenzo
  • Patent number: 8793466
    Abstract: A data storage system includes a processor, a system memory, and logical extents. Blocks of storage in one or more physical storage devices are allocated to each of the logical extents. The processor maintains a logical container for data objects and the volume includes one or more of the logical extents. The processor stores data objects that are uniquely identified by object identifiers in the logical extents. The processor also maintains a first index that is stored in the system memory and maps a range of the object identifiers to a second index. The second index is also stored in a logical extent and indicates storage locations of the data objects associated with the range of the object identifiers.
    Type: Grant
    Filed: April 27, 2012
    Date of Patent: July 29, 2014
    Assignee: NetApp, Inc.
    Inventors: Minglong Shao, Garth R Goodson
  • Patent number: 8793467
    Abstract: A system and method for maintaining a mapping table in a data storage subsystem. A data storage subsystem supports multiple mapping tables including a plurality of entries. Each of the entries comprise a tuple including a key. A data storage controller is configured to encode each tuple in the mapping table using a variable length encoding. Additionally, the mapping table may be organized as a plurality of time ordered levels, with each level including one or more mapping table entries. Further, a particular encoding of a plurality of encodings for a given tuple may be selected based at least in part on a size of the given tuple as unencoded, a size of the given tuple as encoded, and a time to encode the given tuple.
    Type: Grant
    Filed: September 30, 2011
    Date of Patent: July 29, 2014
    Assignee: PURE Storage, Inc.
    Inventors: John Colgrove, John Hayes, Ethan Miller
  • Patent number: 8793468
    Abstract: A method for translation map simplification may include determining a translation map based on a predetermined criterion in response to receiving input data. The method may also include determining if the translation map extends another map or a referenced map and determining if the translation map includes at least one map fragment. The referenced map is loaded in response to a determination that the translation map includes an extension of the referenced map. The map fragment is loaded in response to a determination that the translation map comprises the map fragment. A new map is compiled based on at least the translation map, the referenced map and the at least one map fragment, in response to the translation map not including a new map reference or a modification to the translation map. The input data is processed based on the new map to produce translated data specific to the new map.
    Type: Grant
    Filed: April 11, 2013
    Date of Patent: July 29, 2014
    Assignee: International Business Machines Corporation
    Inventors: Vincent Tkac, Keith Shafer, Michael R. Ingardia
  • Patent number: 8793469
    Abstract: A computer, circuit, and computer-readable medium are disclosed. In one embodiment, the processor includes an instruction decoder unit that can decode a macro instruction into at least one micro-operation with a set of data fields. The resulting micro-operation has at least one data field that is in a compressed form. The instruction decoder unit has storage that can store the micro-operation with the compressed-form data field. The instruction decoder unit also has extraction logic that is capable of extracting the compressed-form data field into an uncompressed-form data field. After extraction, the instruction decoder unit also can send the micro-operation with the extracted uncompressed-form data field to an execution unit. The computer also includes an execution unit capable of executing the sent micro-operation.
    Type: Grant
    Filed: December 17, 2010
    Date of Patent: July 29, 2014
    Assignee: Intel Corporation
    Inventors: Kameswar Subramaniam, Anthony Wojciechowski, Jonathan D. Combs
  • Patent number: 8793470
    Abstract: A method, apparatus and system are disclosed for decoding an instruction in a variable-length instruction set. The instruction is one of a set of new types of instructions that uses a new escape code value, which is two bytes in length, to indicate that a third opcode byte includes the instruction-specific opcode for a new instruction. The new instructions are defined such the length of each instruction in the opcode map for one of the new escape opcode values may be determined using the same set of inputs, where each of the inputs is relevant to determining the length of each instruction in the new opcode map. For at least one embodiment, the length of one of the new instructions is determined without evaluating the instruction-specific opcode.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: July 29, 2014
    Assignee: Intel Corporation
    Inventors: James S. Coke, Peter J. Ruscito, Masood Tahir, David B. Jackson, Ves A. Naydenov, Scott D. Rodgers, Bret L. Toll, Frank Binns
  • Patent number: 8793471
    Abstract: An apparatus for executing an atomic memory transaction comprises a processing core in a multi-processing core system, where the processing core is configured to store an atomic program in a cache line. The apparatus further comprises an atomic program execution unit that is configured to execute the atomic program as a single atomic memory transaction with a guarantee of forward progress.
    Type: Grant
    Filed: December 7, 2010
    Date of Patent: July 29, 2014
    Assignee: Advanced Micro Devices, Inc.
    Inventors: Benjamin C. Serebrin, Stephen D. Glaser
  • Patent number: 8793472
    Abstract: The described embodiments include a processor that executes a vector instruction. The processor starts by receiving a start value and an increment value, and optionally receiving a predicate vector with N elements as inputs. The processor then executes the vector instruction. Executing the vector instruction causes the processor to generate a result vector. When generating the result vector, if the predicate vector is received, for each element in the result vector for which a corresponding element of the predicate vector is active, otherwise, for each element in the result vector, the processor sets the element in the result vector equal to the start value plus a product of the increment value multiplied by a specified number of elements to the left of the element in the result vector.
    Type: Grant
    Filed: November 8, 2011
    Date of Patent: July 29, 2014
    Assignee: Apple Inc.
    Inventors: Jeffry E. Gonion, Keith E. Diefendorff
  • Patent number: 8793474
    Abstract: A first hardware thread executes a software program instruction, which instructs the first hardware thread to initiate a second hardware thread. As such, the first hardware thread identifies one or more register values accessible by the first hardware thread. Next, the first hardware thread copies the identified register values to one or more registers accessible by the second hardware thread. In turn, the second hardware thread accesses the copied register values included in the accessible registers and executes software code accordingly.
    Type: Grant
    Filed: September 20, 2010
    Date of Patent: July 29, 2014
    Assignee: International Business Machines Corporation
    Inventors: Giles Roger Frazier, Ronald P. Hall
  • Patent number: 8793475
    Abstract: An apparatus includes an instruction decoder, first and second source registers and a circuit coupled to the decoder to receive packed data from the source registers and to unpack the packed data responsive to an unpack instruction received by the decoder. A first packed data element and a third packed data element are received from the first source register. A second packed data element and a fourth packed data element are received from the second source register. The circuit copies the packed data elements into a destination register resulting with the second packed data element adjacent to the first packed data element, the third packed data element adjacent to the second packed data element, and the fourth packed data element adjacent to the third packed data element.
    Type: Grant
    Filed: December 29, 2012
    Date of Patent: July 29, 2014
    Assignee: Intel Corporation
    Inventors: Alexander Peleg, Yaakov Yaari, Millind Mittal, Larry M. Mennemeier, Benny Eitan
  • Patent number: 8793476
    Abstract: A reset control device for an electronic device having a battery for providing operating power for a system circuit is provided. The reset control device includes a signal generating unit for generating a control signal, and a control module installed in the battery and coupled to the signal generating unit for disconnecting a power supply link between the battery and the system circuit for a predetermined duration and recovering the power supply link, when the control signal conforms to a predefined rule, so as to reset the system circuit.
    Type: Grant
    Filed: August 22, 2011
    Date of Patent: July 29, 2014
    Assignee: Wistron Corporation
    Inventors: Chuan-Yuan Li, Chien-Wen Chen
  • Patent number: 8793477
    Abstract: A method, system, and computer program product for protecting a computer system provides bootstrap operating system detection and recovery and provides the capability to detect malware, such as rootkits, before the operating system has been loaded and provides the capability to patch malfunctions that block the ability of the computer system to access the Internet. A method for protecting a computer system includes reading stored status information indicating whether network connectivity was available the last time an operating system of the computer system was operational, when the stored status information indicates that network connectivity was not available, obtaining a software patch, and executing and applying the software patch.
    Type: Grant
    Filed: February 12, 2008
    Date of Patent: July 29, 2014
    Assignee: McAfee, Inc.
    Inventors: Akos Horvath, Alessandro Faieta
  • Patent number: 8793478
    Abstract: A method of using an information handling system can include communicating accessibility of a resource to a grid system, powering down the information handling system, receiving a wake request from the grid system, booting the information handling system into a grid mode where the resource is accessible to the grid system. Machine-executable code for an information handling system can include a method for indicating that a resource in the information handling system is accessible to a grid system, communicating that the resource is accessible to the grid system, and placing the information handling system into a low power state. An information handling system can include a processor that can indicate that a resource is accessible to a grid system, communicate to the grid system that the resource is accessible, and place the information handling system into a low power state.
    Type: Grant
    Filed: May 14, 2008
    Date of Patent: July 29, 2014
    Assignee: Dell Products, LP
    Inventors: Muhammed K. Jaber, Surender V. Brahmaroutu
  • Patent number: 8793479
    Abstract: A method for enabling a plurality of software appliances to be dynamically loaded onto a blade is described. During run-time and in response to receiving one or more sets of appliance loading instructions corresponding to one or more appliances, the one or more appliances is downloaded. Each appliance has a capability different from each other. The one or more appliances that are downloaded are stored at a first set of locations on a data store. Each of the first set of locations is different from each other. A first appliance of the one or more appliances that are stored is then installed at a second location on the data store. Then, the first appliance that is installed is booted on the blade.
    Type: Grant
    Filed: January 29, 2009
    Date of Patent: July 29, 2014
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Terrence Ladd Yoder, Dante Vitale, Ali Ezzet
  • Patent number: 8793480
    Abstract: Updating programmable logic devices (‘PLDs’) in a symmetric multiprocessing (‘SMP’) computer, each compute node of the SMP computer including a PLD coupled for data communications through a bus adapter, the bus adapter adapted for data communications through a set of one or more input/output (‘I/O’) memory addresses, including configuring the primary compute node with an update of the configuration instructions for the PLDs; assigning, by the PLDs at boot time in an SMP boot, a unique, separate set of one or more I/O addresses to each bus adapter on each compute node; and providing, by the primary compute node during the SMP boot, the update to all compute nodes, writing the update as a data transfer to each of the PLDs through each bus adapter at the unique, separate set of one or more I/O addresses for each bus adapter.
    Type: Grant
    Filed: April 10, 2012
    Date of Patent: July 29, 2014
    Assignee: International Business Machines Corporation
    Inventors: Alfredo Aldereguia, Grace A. Richter, William B. Schwartz
  • Patent number: 8793481
    Abstract: Methods and apparatus for partitioning a computer server system (400). A partition management application (430) residing within firmware on a central service processor (404) is configured to receive partitioning requests, to formulate partitioning instructions based on the partitioning requests, and to transmit the partitioning instructions to partition instantiation firmware (432) also residing on the central service processor (404). The partition instantiation firmware (432) is configured to direct server cell firmware (410) to create one or more partitions based on the partitioning instructions.
    Type: Grant
    Filed: December 10, 2009
    Date of Patent: July 29, 2014
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Jim Darling, Paul Bouchier
  • Patent number: 8793482
    Abstract: A computer configuration utility automatically alters system configuration parameters to sample multiple different configurations. At least one workrate metric is measured at each sampled configuration. The workrate measurements for the multiple different configurations are compared to determine the effect of different configurations with respect to at least one optimization criterion. System configuration is automatically adjusted to the optimum configuration. Preferably, the workrate metric is (non-idle) instructions executed per unit of time.
    Type: Grant
    Filed: February 14, 2013
    Date of Patent: July 29, 2014
    Assignee: International Business Machines Corporation
    Inventors: Christopher Francois, Mark R. Funk, Allan E. Johnson, Todd J. Rosedahl, Philip L. Vitale
  • Patent number: 8793483
    Abstract: Computer-based systems and method for automating the workflow for generating and sending e-mails with attached reports to external recipients in order to reduce security breaches in certain business reporting processes. The system may utilize a first computer system that may import data eligible for attachment to be sent with the e-mail based on user-entered search criteria. The attachments may be strongly encrypted using an encryption program on the user's computer. In some embodiments, a password for decrypting the attachment may be unique to combination of third party (e.g., trading name) and the role of the external recipient with respect to the attachment.
    Type: Grant
    Filed: June 1, 2011
    Date of Patent: July 29, 2014
    Assignee: Morgan Stanley
    Inventors: Nils Hesses, Roland Szabo
  • Patent number: 8793484
    Abstract: An electronic device with a message encryption function that includes a message processing module for receiving or sending or reading encrypted messages. The message processing module is electrically connected to a configure interface module, a storage module and an encryption module. The message processing module checks whether an encryption code exists. Then the message processing module checks whether the message processing event is “reading a message”. If the processing module determines the processing event is “reading a message” the processing module determines whether the encrypted message has been read or not. If the encrypted message has been read the processing module directly transmits the encrypted message back and then displays the encrypted message. If the encrypted message has not been read the processing module decrypts the encrypted message to generate a decrypted message and transmits the decrypted message back and then displays the decrypted message in a clear-text manner.
    Type: Grant
    Filed: September 28, 2011
    Date of Patent: July 29, 2014
    Assignee: Wistron Corporation
    Inventor: Ping Ge
  • Patent number: 8793485
    Abstract: A system can comprise a memory to store computer readable instructions and a processing unit to access the memory and to execute the computer readable instructions. The computer readable instructions can comprise a certificate manager configured to request generation of N number of random values, where N is an integer greater than or equal to one. The certificate manager can also be configured to request a digital certificate from at least one certificate authority of at least two different certificate authorities. The request can include a given one of the N number of random values. The certificate manager can also be configured to generate a private key of a public-private key pair, wherein the private key is generated based on a private key of each of the least two certificate authorities.
    Type: Grant
    Filed: December 15, 2011
    Date of Patent: July 29, 2014
    Assignee: Texas Instruments Incorporated
    Inventor: Eric Thierry Peeters
  • Patent number: 8793486
    Abstract: A method for buffering SSL handshake messages prior to computing a message digest for the SSL handshake includes: conducting, by an appliance with a client, an SSL handshake, the SSL handshake comprising a plurality of SSL handshake messages; storing, by the appliance, the plurality of SSL handshake messages; providing, by the appliance to a message digest computing device in response to receiving a client finish message corresponding to the SSL handshake, the plurality of SSL handshake messages; receiving, by the appliance from the message digest computing device, a message digest corresponding to the provided messages; determining by the appliance, the message digest matches a message digest included in the SSL client finish message; and completing, by the appliance with the client, the SSL handshake. Corresponding systems are also described.
    Type: Grant
    Filed: January 9, 2012
    Date of Patent: July 29, 2014
    Assignee: Citrix System, Inc.
    Inventors: Tushar Kanekar, Sivaprasad Udupa
  • Patent number: 8793487
    Abstract: A public key infrastructure comprising a participant that issues digital certificates. Each digital certificate can be relied upon in at least two different trust domains. The public key infrastructure does not employ policy mapping between or among the trust domains. Furthermore, the public key infrastructure does not link any pair of trust domains via cross-certificates. Just one trust domain is bound to the digital certificate at any given moment. The current trust domain that is to be bound to the digital certificate is elected by a relying party at the time of reliance, based upon a specific certificate validation methodology selected by the relying party.
    Type: Grant
    Filed: January 16, 2009
    Date of Patent: July 29, 2014
    Assignee: Identrust, Inc.
    Inventors: William C. Epstein, Lawrence R. Miller
  • Patent number: 8793488
    Abstract: Systems, methods and apparatus for a distributed security that detects embedded resource request identifiers. The system can identify requests, such as HTTP requests, and can identify encoded prefix data corresponding to URI prefixes, such as Base64 or Base16 encoded URI prefixes “www.” and “http:”.
    Type: Grant
    Filed: July 15, 2008
    Date of Patent: July 29, 2014
    Assignee: Zscaler, Inc.
    Inventor: Jeff Forristal
  • Patent number: 8793489
    Abstract: Embodiments are described for a system and method of controlling access to information in an organization by defining a hierarchical organizational structure of boxes, and security configuration comprising user records, security roles, rules to map users to boxes, and rules to grant roles to users via mapped boxes. Access control is applied in the context of a defined organizational structure using the effective set of access control policies computed in real time per each data access request from any given user.
    Type: Grant
    Filed: March 1, 2012
    Date of Patent: July 29, 2014
    Assignee: HumanConcepts, LLC
    Inventors: Roman Polunin, Bogdan Cirlig, Amit Bansal
  • Patent number: 8793490
    Abstract: The invention provides a method for performing an authentication (and a system for performing the method), in conjunction with a transaction, utilizing a primary channel and a secondary channel. The method may include an authenticating entity, such as a bank, (1) receiving from a customer primary authentication information via a primary channel; (2) the authenticating entity processing the primary authentication information, and retrieving customer information based on the primary authentication information; (3) the authenticating entity transmitting secondary authentication information to the customer via a secondary channel, the secondary channel being different than the primary channel; (4) the authenticating entity receiving from the customer at least a portion of the secondary authentication information; and (5) the authenticating entity performing authentication processing on the secondary authentication information received from the customer.
    Type: Grant
    Filed: December 13, 2006
    Date of Patent: July 29, 2014
    Assignee: JPMorgan Chase Bank, N.A.
    Inventor: Stanley A. Szwalbenest
  • Patent number: 8793491
    Abstract: There is described a key server which is connected to a local area network, and an encryption authority transfers private keys for clients of the local area network to the key server. In an embodiment, the key server encrypts outgoing emails using public keys for the recipients and decrypts internal emails using private keys for the recipients. In another embodiment, the clients of the local area network download their respective private keys from the key server so that encryption operations may be performed by client software.
    Type: Grant
    Filed: March 22, 2007
    Date of Patent: July 29, 2014
    Assignee: Trend Micro Incorporated
    Inventors: Andrew Dancer, Mark Chimley, Adam Tuaima, Matthew Baldwin
  • Patent number: 8793492
    Abstract: A computerized device can implement a content player to access a content stream using a network interface, the content stream comprising encrypted content and an embedded license comprising a content key encrypted according to a global key accessible by the content player. The content player determines whether a token meeting an authorization condition is present and uses the global key to decrypt the content key only if such a token is present. The authorization condition may be evaluated at least in part based on data included in the content stream. The authorization condition can include presence of a token having a content ID matching a corresponding ID in the license; presence of a token with a correct device ID; presence of a token signed according to a digital signature identified in the licenses; and/or presence of a token that is unexpired, with expiration evaluated based on a time-to-live indicator in the token.
    Type: Grant
    Filed: January 13, 2011
    Date of Patent: July 29, 2014
    Assignee: Adobe Systems Incorporated
    Inventors: Kunal Shah, Sunil Agrawal
  • Patent number: 8793493
    Abstract: A system for secure transfer of encrypted data involves a sender client, a recipient client, a main server, and a key server. The sender client receives instructions from a first user identifying transfer data and a recipient identifier, creates a key, encodes the transfer data using the key, and communicates the key and the recipient identifier to a server. The server creates a secure package identifier and communicates such to the sender client. The recipient client receives and identifies the secure package identifier and the encoded transfer data, receives from a second user a user identifier, and communicates the user identifier and the secure package identifier to the server. The server communicates the key to the recipient client only if the secure package identifier received from the recipient client matches the secure package identifier created by the server and if the user identifier matches the recipient identifier.
    Type: Grant
    Filed: April 1, 2013
    Date of Patent: July 29, 2014
    Assignee: Ceelox Patents, LLC
    Inventor: Erix Pizano
  • Patent number: 8793494
    Abstract: A method for recovering sessions includes storing, by a client, session information after a session is established between the server and the client. When the session needs to be recovered upon interruption, the client sends all state information before interruption of the session and the session information to the server, and the server recovers the session upon the received session information and all state information before interruption of the session. After a session is interrupted, the server does not need to store any session-related information, thus saving the resources of the server, and all information about the previous session can be recovered completely.
    Type: Grant
    Filed: September 7, 2010
    Date of Patent: July 29, 2014
    Assignee: Huawei Technologies Co., Ltd.
    Inventor: Shuo Shen
  • Patent number: 8793495
    Abstract: A method for authenticating a portable data carrier (10) to a terminal device employs a public key (PKG) and a secret key (SK1) of the data carrier (10) as well as a public session key (PKT) and a secret session key (SKT) of the terminal device. The data carrier (10) employs as a public key a public group key (PKG). As a secret key the data carrier (10) employs a key (SK1) that has been derived from a secret group key (SKG) associated with the public group key (PKG).
    Type: Grant
    Filed: August 19, 2011
    Date of Patent: July 29, 2014
    Assignee: Giesecke & Devrient GmbH
    Inventor: Gisela Meister
  • Patent number: 8793496
    Abstract: Embodiments of the invention may provide for systems and methods for secure authentication. The systems and methods may include receiving, by a constrained device, a random string transmitted from a server; determining, by the constrained device, a responsive output by evaluating a first deterministic function based upon the received random string, a locally generated string and a first private key stored on the constrained device; and transmitting at least one portion of the responsive output and the locally generated string from the constrained device to a server.
    Type: Grant
    Filed: August 20, 2007
    Date of Patent: July 29, 2014
    Assignee: Florida State University
    Inventors: Mike Burmester, Breno de Medeiros, Tri Van Le, Christy Chatmon
  • Patent number: 8793497
    Abstract: A puzzle-based protocol is provided that allows a token and verifier to agree on a secure symmetric key for authentication between the token and verifier. A token stores a secret key and one or more puzzle-generating algorithms. The verifier independently obtains a plurality of puzzles associated with the token, pseudorandomly selects at least one of the puzzles, and solves it to obtain a puzzle secret and a puzzle identifier. The verifier generates a verifier key based on the puzzle secret. The verifier sends the puzzle identifier and an encoded version of the verifier key to the token. The token regenerates the puzzle secret using its puzzle-generating algorithms and the puzzle identifier. The token sends an encoded response to the verifier indicating that it knows the verifier key. The token and verifier may use the verifier key as a symmetric key for subsequent authentications.
    Type: Grant
    Filed: May 9, 2008
    Date of Patent: July 29, 2014
    Assignee: QUALCOMM Incorporated
    Inventors: Gregory Gordon Rose, Alexander Gantman, Miriam Wiggers De Vries, Michael Paddon, Philip Michael Hawkes
  • Patent number: 8793498
    Abstract: A method and system for identifying a source of a copied work that in one embodiment includes obtaining at least some portions of a reference work, collecting at least some portions of the suspect work, matching the suspect work with the reference work, wherein the matching includes temporally aligning one or more frames of the reference work and the suspect work, spatially aligning frames of the reference work and the suspect work, and detecting forensic marks in the suspect work by spatiotemporal matching with the reference work.
    Type: Grant
    Filed: November 24, 2008
    Date of Patent: July 29, 2014
    Assignee: NBCUniversal Media, LLC
    Inventors: Zhaohui Sun, Catherine Mary Graichen, Corey Nicholas Bufi, Anthony James Hoogs, Aaron Shaw Markham, Budhaditya Deb, Roderic Greene Collins, Michael Shane Wilkinson, Anthony Christopher Anderson, Jenny Marie Weisenberg
  • Patent number: 8793499
    Abstract: A system and method are provided for implementing a digital signature scheme for embedding and validating multiple nested digital signatures in digitally produced documents without modifying a file size of the digitally produced and signed documents or otherwise corrupting previously-embedded digital signatures. A number of fixed fields are included in a digitally produced document, upfront, that will be populated with multiple digital signatures. With the fixed fields in the digitally produced documents, the entire file is cryptographically “hashed” and the individual digital signatures are independently verifiable via simple cryptographic schemes. Multiple digital signatures are embedded in documents including complex file formats in a manner that does not corrupt the documents. Known cryptographic techniques such as, for example, a known hash algorithm, are applied to the digitally produced documents including the multiple sequentially input digital signatures in a process that is independently verifiable.
    Type: Grant
    Filed: January 20, 2012
    Date of Patent: July 29, 2014
    Assignee: Lockheed Martin Corporation
    Inventor: Robert Joseph Loughry
  • Patent number: 8793500
    Abstract: A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination.
    Type: Grant
    Filed: March 15, 2012
    Date of Patent: July 29, 2014
    Assignees: Certicom Corp., Pitney Bowes Inc.
    Inventors: Scott Alexander Vanstone, Robert Gallant, Robert J. Lambert, Leon A. Pintsov, Frederick W. Ryan, Jr., Ari Singer
  • Patent number: 8793501
    Abstract: A mobile communication terminal having a password notification function and a method for notifying a user of a password in the mobile communication terminal that allow the transmission of a stored password or a newly generated random password to a previously selected medium by entering a secondary password when an input password is not identical to the stored password. The method includes checking whether a password notification function is set; requesting input of a stored password, receiving an input password, and checking whether the input password is identical to the stored password. If the input password is not identical to the stored password, the method further includes requesting input of a stored secondary password, checking whether an input secondary password is identical to the stored secondary password, and sending a password if the input secondary password is identical to the stored secondary password.
    Type: Grant
    Filed: October 28, 2013
    Date of Patent: July 29, 2014
    Assignee: Samsung Electronics Co., Ltd.
    Inventor: Kyong-Su Kim
  • Patent number: 8793502
    Abstract: The aim of the present invention consists of reducing the switching time from one reception channel to another. In fact, this reduction will be particularly discernable since the number of different rights stored in a security module of a multimedia unit or decoder is high. When a user selects a service among those proposed by an electronic programs guide, an access control module explores a stored service information table in order to extract an access condition associated to the service. This access condition allows determining an index in a rights table stored in the access control module of a right that fulfills the access condition. The access control module transmits to the security module the index thus determined alone or accompanied by a control message. This index allows the security module to find quickly the right that it compares afterwards with the access condition included in the control message after decryption of the latter.
    Type: Grant
    Filed: November 25, 2008
    Date of Patent: July 29, 2014
    Assignee: Nagravision S.A.
    Inventors: Xavier Carrel, Sebastien Erard, Christian Wirz, Jimmy Cochard
  • Patent number: 8793503
    Abstract: In a method for managing sequential access to secure content by a plurality of workflow participants, a key-map file for each of the participants is created. Each of the key-map files contains a subset of encryption and signature keys for the content. The key-map files are sorted in an order that is the reverse of a workflow order in which the workflow participants for which the key-map files were created are to access the secure content. An encrypted later wrap including a later key-map file for a later workflow participant along the workflow order and an encrypted first wrap including a prior key-map file for a prior workflow participant and the encrypted later wrap are created. In addition, the first wrap is incorporated into a document serialization for the content.
    Type: Grant
    Filed: May 12, 2011
    Date of Patent: July 29, 2014
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Steven J. Simske, Helen Balinsky
  • Patent number: 8793504
    Abstract: Software validation is provided for a breakout system having multiple subsystems at the edge of a mobile data network. The software validation utilizes one or more trusted platform modules (TPM) to secure multiple subsystems including virtual machines in the breakout system. Hash values for the software in the various subsystems are placed in Platform Configuration Registers (PCRs) of the TPM. The TPM cryptographically signs quotes, which are a collection of hash values from the PCRs. The breakout system produces an extensible markup language (XML) file with the signed quotes related to the subsystems and sends them to a network management system for verification. The network management system validates the software configured on the breakout system using a public key to access the quotes and compares the values to known good values stored in an inventory record associated with the specific breakout system being validated.
    Type: Grant
    Filed: February 22, 2012
    Date of Patent: July 29, 2014
    Assignee: International Business Machines Corporation
    Inventors: Ronald L. Billau, Vincenzo V. Di Luoffo, Terence K. Hennessy
  • Patent number: 8793505
    Abstract: In order to reduce the number of data transfers and to increase parallel processing of decryption processing and authentication processing, an encryption processing apparatus is provided that includes an input/output data that processes input/output data to an encryption/decryption processing unit and an authentication processing unit, where the input/output data processing unit calculates a parameter used by the authentication processing unit from input data to the input/output data processing unit and forms input data to the authentication processing unit from the calculated parameter or a parameter calculated from data processed by the encryption/decryption processing unit and the input data to the input/output data processing unit.
    Type: Grant
    Filed: June 22, 2012
    Date of Patent: July 29, 2014
    Assignee: Canon Kabushiki Kaisha
    Inventors: Manabu Ishikawa, Akihiko Yushiya
  • Patent number: 8793506
    Abstract: A mechanism is described for facilitating encryption-free integrity protection of storage data at computing systems according to one embodiment. A method of embodiments of the invention includes receiving a read request, from a software application at a computing device, to perform a read task relating to a first data block of data stored at a storage device coupled to the computing device. The read task may include reading the first data block. The method may further include accessing a first reference cryptographic code at a first metadata cache associated with the first data block, calculating a first new cryptographic code relating to the first data block, comparing the first new cryptographic code with the first reference cryptographic code, and accepting the read request if the first new cryptographic code matches the first reference cryptographic code. The accepting may further include facilitating the read task.
    Type: Grant
    Filed: August 31, 2012
    Date of Patent: July 29, 2014
    Assignee: Intel Corporation
    Inventor: Dmitry Kasatkin
  • Patent number: 8793507
    Abstract: An information processing apparatus includes an application operation file information holding unit 101 that holds application operation file information that is information related to a file operated by an application since activation of the application and includes information indicating whether the application has opened one or more encrypted files, and an encryption determination unit 102 that determines, with respect to an arbitrary file closed by an arbitrary application, whether the file is subjected to be encrypted based on the held application operation file information with regard to the application that has performed the closing operation of the file.
    Type: Grant
    Filed: January 31, 2013
    Date of Patent: July 29, 2014
    Assignee: NEC Corporation
    Inventor: Toshimitsu Usuba
  • Patent number: 8793508
    Abstract: Systems, methods, computer programs, and devices are disclosed herein for deploying a local trusted service manager within a secure element of a contactless smart card device. The secure element is a component of a contactless smart card incorporated into a contactless smart card device. An asymmetric cryptography algorithm is used to generate public-private key pairs. The private keys are stored in the secure element and are accessible by a trusted service manager (TSM) software application or a control software application in the secure element. A non-TSM computer with access to the public key encrypts and then transmits encrypted application data or software applications to the secure element, where the TSM software application decrypts and installs the software application to the secure element for transaction purposes.
    Type: Grant
    Filed: December 17, 2012
    Date of Patent: July 29, 2014
    Assignee: Google Inc.
    Inventors: Rob von Behren, Jonathan Wall, Ismail Cem Paya
  • Patent number: 8793509
    Abstract: The subject matter of this specification can be embodied in, among other things, a method that includes receiving, from a web browser, a request for a token that authorizes a third party server to access a user's data stored by a content provider server. The token specifies a first scope of authorization that indicates a portion of the user's data that the third party server is permitted to access. The method also includes determining if the first scope is substantially the same as or a subset of a second scope of a previously issued token and transmitting the token in response to the received request if the first scope is determined to be substantially the same as or a subset of the second scope.
    Type: Grant
    Filed: February 12, 2008
    Date of Patent: July 29, 2014
    Assignee: Google Inc.
    Inventors: Jeffrey Nelson, Jonathan S. Sergent, Mark B. Stahl, Shyam Sheth, Jun Yang
  • Patent number: 8793510
    Abstract: Systems and methods for encrypting a plaintext logical data object for storage in a storage device operable with at least one storage protocol, creating, reading, writing, optimization and restoring thereof. Encrypting the plaintext logical data object comprises creating in the storage device an encrypted logical data object comprising a header and one or more allocated encrypted sections with predefined size; encrypting one or more sequentially obtained chunks of plaintext data corresponding to the plaintext logical data object thus giving rise to the encrypted data chunks; and sequentially accommodating the processed data chunks into said encrypted sections in accordance with an order said chunks received, wherein said encrypted sections serve as atomic elements of encryption/decryption operations during input/output transactions on the logical data object.
    Type: Grant
    Filed: July 7, 2011
    Date of Patent: July 29, 2014
    Assignee: International Business Machines Corporation
    Inventors: Chaim Koifman, Nadav Kedem, Avi Zohar
  • Patent number: 8793511
    Abstract: A power sourcing equipment (PSE), a powered device (PD), and an approach for managing PoE power delivered from a PSE to a PD are described. Based on communication between the PD and the PSE, the PSE reduces the power made available to the PD in response to the PD entering an operational mode with reduced power requirements. Further, based on communication between the PD and the PSE, the PSE increases the power made available to the PD in response to the PD entering an operational mode with increased power requirements.
    Type: Grant
    Filed: March 12, 2010
    Date of Patent: July 29, 2014
    Assignee: Marvell International Ltd.
    Inventor: Nafea Bishara
  • Patent number: 8793512
    Abstract: An apparatus and method for per-node thermal control of processing nodes is disclosed. The apparatus includes a plurality of processing nodes, and further includes a power management unit configured to set a first frequency limit for at least one of the plurality of processing nodes responsive to receiving an indication of a first detected temperature greater than a first temperature threshold, wherein the first detected temperature is associated with the one of the plurality of processing nodes. The power management unit is further configured to set a second frequency limit for each of the plurality of processing nodes responsive to receiving an indication of a second temperature greater than a second temperature threshold.
    Type: Grant
    Filed: October 29, 2010
    Date of Patent: July 29, 2014
    Assignee: Advanced Micro Devices, Inc.
    Inventors: Alexander Branover, Samuel D. Naffziger