Patents Issued in July 29, 2014
-
Patent number: 8793462Abstract: A method and controller for implementing storage adapter performance optimization with enhanced resource pool allocation, and a design structure on which the subject controller circuit resides are provided. The controller includes a plurality of hardware engines; a processor, and a plurality of resource pools. A plurality of work queues is associated with the resource pools. The processor initializes a list of types, and the associated amount of pages for each allocate type. The hardware engines maintain a count of allocate types, specifying a type on each allocation and deallocation, and performing allocation from the resource pools for deadlock avoidance.Type: GrantFiled: May 24, 2011Date of Patent: July 29, 2014Assignee: International Business Machines CorporationInventors: Brian E. Bakke, Brian L. Bowles, Michael J. Carnevale, Robert E. Galbraith, II, Adrian C. Gerhard, Murali N. Iyer, Daniel F. Moertl, Mark J. Moran, Gowrisankar Radhakrishnan, Rick A. Weckwerth, Donald J. Ziebarth
-
Patent number: 8793463Abstract: A storage device set may allocate capacity for spaces (e.g., logical volumes) according to an allocation strategy, e.g., allocating capacity from the storage device having the greatest available capacity, or maximizing the distribution of allocated capacity across the storage devices. However, such allocation strategies may be inefficient (e.g., limiting the capability of the storage device set to satisfy subsequent requests with constraints such as a minimum distribution of capacity across several storage devices). The techniques presented herein achieve efficient allocation by first allocating capacity on storage devices having ample available capacity using a round-robin technique, and if such storage devices do not satisfy the capacity request, allocating capacity on storage devices having limited available capacity.Type: GrantFiled: September 12, 2011Date of Patent: July 29, 2014Assignee: Microsoft CorporationInventors: Darren Moss, Karan Mehra, Emanuel Paleologu
-
Patent number: 8793464Abstract: Allocators are instantiated for each of a plurality of processors in a multi-threaded multi-processor computing system. The allocators selectively allocate and deallocate memory to threads executing on the associated processor. Related apparatus, systems, techniques and articles are also described.Type: GrantFiled: November 7, 2011Date of Patent: July 29, 2014Assignee: SAP AGInventors: Ivan Schreter, Daniel Booss
-
Patent number: 8793465Abstract: Method and system for correcting misalignment between a virtual storage device block and a storage device block is provided. To align the blocks, an alignment module adjusts a logical block address and updates virtual storage device information such that a virtual machine can use a virtual storage device with the aligned blocks.Type: GrantFiled: March 9, 2010Date of Patent: July 29, 2014Assignee: Netapp, Inc.Inventors: Eric P. Forgette, Jonathan H. Dascenzo
-
Patent number: 8793466Abstract: A data storage system includes a processor, a system memory, and logical extents. Blocks of storage in one or more physical storage devices are allocated to each of the logical extents. The processor maintains a logical container for data objects and the volume includes one or more of the logical extents. The processor stores data objects that are uniquely identified by object identifiers in the logical extents. The processor also maintains a first index that is stored in the system memory and maps a range of the object identifiers to a second index. The second index is also stored in a logical extent and indicates storage locations of the data objects associated with the range of the object identifiers.Type: GrantFiled: April 27, 2012Date of Patent: July 29, 2014Assignee: NetApp, Inc.Inventors: Minglong Shao, Garth R Goodson
-
Patent number: 8793467Abstract: A system and method for maintaining a mapping table in a data storage subsystem. A data storage subsystem supports multiple mapping tables including a plurality of entries. Each of the entries comprise a tuple including a key. A data storage controller is configured to encode each tuple in the mapping table using a variable length encoding. Additionally, the mapping table may be organized as a plurality of time ordered levels, with each level including one or more mapping table entries. Further, a particular encoding of a plurality of encodings for a given tuple may be selected based at least in part on a size of the given tuple as unencoded, a size of the given tuple as encoded, and a time to encode the given tuple.Type: GrantFiled: September 30, 2011Date of Patent: July 29, 2014Assignee: PURE Storage, Inc.Inventors: John Colgrove, John Hayes, Ethan Miller
-
Patent number: 8793468Abstract: A method for translation map simplification may include determining a translation map based on a predetermined criterion in response to receiving input data. The method may also include determining if the translation map extends another map or a referenced map and determining if the translation map includes at least one map fragment. The referenced map is loaded in response to a determination that the translation map includes an extension of the referenced map. The map fragment is loaded in response to a determination that the translation map comprises the map fragment. A new map is compiled based on at least the translation map, the referenced map and the at least one map fragment, in response to the translation map not including a new map reference or a modification to the translation map. The input data is processed based on the new map to produce translated data specific to the new map.Type: GrantFiled: April 11, 2013Date of Patent: July 29, 2014Assignee: International Business Machines CorporationInventors: Vincent Tkac, Keith Shafer, Michael R. Ingardia
-
Patent number: 8793469Abstract: A computer, circuit, and computer-readable medium are disclosed. In one embodiment, the processor includes an instruction decoder unit that can decode a macro instruction into at least one micro-operation with a set of data fields. The resulting micro-operation has at least one data field that is in a compressed form. The instruction decoder unit has storage that can store the micro-operation with the compressed-form data field. The instruction decoder unit also has extraction logic that is capable of extracting the compressed-form data field into an uncompressed-form data field. After extraction, the instruction decoder unit also can send the micro-operation with the extracted uncompressed-form data field to an execution unit. The computer also includes an execution unit capable of executing the sent micro-operation.Type: GrantFiled: December 17, 2010Date of Patent: July 29, 2014Assignee: Intel CorporationInventors: Kameswar Subramaniam, Anthony Wojciechowski, Jonathan D. Combs
-
Patent number: 8793470Abstract: A method, apparatus and system are disclosed for decoding an instruction in a variable-length instruction set. The instruction is one of a set of new types of instructions that uses a new escape code value, which is two bytes in length, to indicate that a third opcode byte includes the instruction-specific opcode for a new instruction. The new instructions are defined such the length of each instruction in the opcode map for one of the new escape opcode values may be determined using the same set of inputs, where each of the inputs is relevant to determining the length of each instruction in the new opcode map. For at least one embodiment, the length of one of the new instructions is determined without evaluating the instruction-specific opcode.Type: GrantFiled: March 15, 2013Date of Patent: July 29, 2014Assignee: Intel CorporationInventors: James S. Coke, Peter J. Ruscito, Masood Tahir, David B. Jackson, Ves A. Naydenov, Scott D. Rodgers, Bret L. Toll, Frank Binns
-
Patent number: 8793471Abstract: An apparatus for executing an atomic memory transaction comprises a processing core in a multi-processing core system, where the processing core is configured to store an atomic program in a cache line. The apparatus further comprises an atomic program execution unit that is configured to execute the atomic program as a single atomic memory transaction with a guarantee of forward progress.Type: GrantFiled: December 7, 2010Date of Patent: July 29, 2014Assignee: Advanced Micro Devices, Inc.Inventors: Benjamin C. Serebrin, Stephen D. Glaser
-
Patent number: 8793472Abstract: The described embodiments include a processor that executes a vector instruction. The processor starts by receiving a start value and an increment value, and optionally receiving a predicate vector with N elements as inputs. The processor then executes the vector instruction. Executing the vector instruction causes the processor to generate a result vector. When generating the result vector, if the predicate vector is received, for each element in the result vector for which a corresponding element of the predicate vector is active, otherwise, for each element in the result vector, the processor sets the element in the result vector equal to the start value plus a product of the increment value multiplied by a specified number of elements to the left of the element in the result vector.Type: GrantFiled: November 8, 2011Date of Patent: July 29, 2014Assignee: Apple Inc.Inventors: Jeffry E. Gonion, Keith E. Diefendorff
-
Patent number: 8793474Abstract: A first hardware thread executes a software program instruction, which instructs the first hardware thread to initiate a second hardware thread. As such, the first hardware thread identifies one or more register values accessible by the first hardware thread. Next, the first hardware thread copies the identified register values to one or more registers accessible by the second hardware thread. In turn, the second hardware thread accesses the copied register values included in the accessible registers and executes software code accordingly.Type: GrantFiled: September 20, 2010Date of Patent: July 29, 2014Assignee: International Business Machines CorporationInventors: Giles Roger Frazier, Ronald P. Hall
-
Patent number: 8793475Abstract: An apparatus includes an instruction decoder, first and second source registers and a circuit coupled to the decoder to receive packed data from the source registers and to unpack the packed data responsive to an unpack instruction received by the decoder. A first packed data element and a third packed data element are received from the first source register. A second packed data element and a fourth packed data element are received from the second source register. The circuit copies the packed data elements into a destination register resulting with the second packed data element adjacent to the first packed data element, the third packed data element adjacent to the second packed data element, and the fourth packed data element adjacent to the third packed data element.Type: GrantFiled: December 29, 2012Date of Patent: July 29, 2014Assignee: Intel CorporationInventors: Alexander Peleg, Yaakov Yaari, Millind Mittal, Larry M. Mennemeier, Benny Eitan
-
Patent number: 8793476Abstract: A reset control device for an electronic device having a battery for providing operating power for a system circuit is provided. The reset control device includes a signal generating unit for generating a control signal, and a control module installed in the battery and coupled to the signal generating unit for disconnecting a power supply link between the battery and the system circuit for a predetermined duration and recovering the power supply link, when the control signal conforms to a predefined rule, so as to reset the system circuit.Type: GrantFiled: August 22, 2011Date of Patent: July 29, 2014Assignee: Wistron CorporationInventors: Chuan-Yuan Li, Chien-Wen Chen
-
Patent number: 8793477Abstract: A method, system, and computer program product for protecting a computer system provides bootstrap operating system detection and recovery and provides the capability to detect malware, such as rootkits, before the operating system has been loaded and provides the capability to patch malfunctions that block the ability of the computer system to access the Internet. A method for protecting a computer system includes reading stored status information indicating whether network connectivity was available the last time an operating system of the computer system was operational, when the stored status information indicates that network connectivity was not available, obtaining a software patch, and executing and applying the software patch.Type: GrantFiled: February 12, 2008Date of Patent: July 29, 2014Assignee: McAfee, Inc.Inventors: Akos Horvath, Alessandro Faieta
-
Patent number: 8793478Abstract: A method of using an information handling system can include communicating accessibility of a resource to a grid system, powering down the information handling system, receiving a wake request from the grid system, booting the information handling system into a grid mode where the resource is accessible to the grid system. Machine-executable code for an information handling system can include a method for indicating that a resource in the information handling system is accessible to a grid system, communicating that the resource is accessible to the grid system, and placing the information handling system into a low power state. An information handling system can include a processor that can indicate that a resource is accessible to a grid system, communicate to the grid system that the resource is accessible, and place the information handling system into a low power state.Type: GrantFiled: May 14, 2008Date of Patent: July 29, 2014Assignee: Dell Products, LPInventors: Muhammed K. Jaber, Surender V. Brahmaroutu
-
Patent number: 8793479Abstract: A method for enabling a plurality of software appliances to be dynamically loaded onto a blade is described. During run-time and in response to receiving one or more sets of appliance loading instructions corresponding to one or more appliances, the one or more appliances is downloaded. Each appliance has a capability different from each other. The one or more appliances that are downloaded are stored at a first set of locations on a data store. Each of the first set of locations is different from each other. A first appliance of the one or more appliances that are stored is then installed at a second location on the data store. Then, the first appliance that is installed is booted on the blade.Type: GrantFiled: January 29, 2009Date of Patent: July 29, 2014Assignee: Hewlett-Packard Development Company, L.P.Inventors: Terrence Ladd Yoder, Dante Vitale, Ali Ezzet
-
Patent number: 8793480Abstract: Updating programmable logic devices (‘PLDs’) in a symmetric multiprocessing (‘SMP’) computer, each compute node of the SMP computer including a PLD coupled for data communications through a bus adapter, the bus adapter adapted for data communications through a set of one or more input/output (‘I/O’) memory addresses, including configuring the primary compute node with an update of the configuration instructions for the PLDs; assigning, by the PLDs at boot time in an SMP boot, a unique, separate set of one or more I/O addresses to each bus adapter on each compute node; and providing, by the primary compute node during the SMP boot, the update to all compute nodes, writing the update as a data transfer to each of the PLDs through each bus adapter at the unique, separate set of one or more I/O addresses for each bus adapter.Type: GrantFiled: April 10, 2012Date of Patent: July 29, 2014Assignee: International Business Machines CorporationInventors: Alfredo Aldereguia, Grace A. Richter, William B. Schwartz
-
Patent number: 8793481Abstract: Methods and apparatus for partitioning a computer server system (400). A partition management application (430) residing within firmware on a central service processor (404) is configured to receive partitioning requests, to formulate partitioning instructions based on the partitioning requests, and to transmit the partitioning instructions to partition instantiation firmware (432) also residing on the central service processor (404). The partition instantiation firmware (432) is configured to direct server cell firmware (410) to create one or more partitions based on the partitioning instructions.Type: GrantFiled: December 10, 2009Date of Patent: July 29, 2014Assignee: Hewlett-Packard Development Company, L.P.Inventors: Jim Darling, Paul Bouchier
-
Patent number: 8793482Abstract: A computer configuration utility automatically alters system configuration parameters to sample multiple different configurations. At least one workrate metric is measured at each sampled configuration. The workrate measurements for the multiple different configurations are compared to determine the effect of different configurations with respect to at least one optimization criterion. System configuration is automatically adjusted to the optimum configuration. Preferably, the workrate metric is (non-idle) instructions executed per unit of time.Type: GrantFiled: February 14, 2013Date of Patent: July 29, 2014Assignee: International Business Machines CorporationInventors: Christopher Francois, Mark R. Funk, Allan E. Johnson, Todd J. Rosedahl, Philip L. Vitale
-
Patent number: 8793483Abstract: Computer-based systems and method for automating the workflow for generating and sending e-mails with attached reports to external recipients in order to reduce security breaches in certain business reporting processes. The system may utilize a first computer system that may import data eligible for attachment to be sent with the e-mail based on user-entered search criteria. The attachments may be strongly encrypted using an encryption program on the user's computer. In some embodiments, a password for decrypting the attachment may be unique to combination of third party (e.g., trading name) and the role of the external recipient with respect to the attachment.Type: GrantFiled: June 1, 2011Date of Patent: July 29, 2014Assignee: Morgan StanleyInventors: Nils Hesses, Roland Szabo
-
Patent number: 8793484Abstract: An electronic device with a message encryption function that includes a message processing module for receiving or sending or reading encrypted messages. The message processing module is electrically connected to a configure interface module, a storage module and an encryption module. The message processing module checks whether an encryption code exists. Then the message processing module checks whether the message processing event is “reading a message”. If the processing module determines the processing event is “reading a message” the processing module determines whether the encrypted message has been read or not. If the encrypted message has been read the processing module directly transmits the encrypted message back and then displays the encrypted message. If the encrypted message has not been read the processing module decrypts the encrypted message to generate a decrypted message and transmits the decrypted message back and then displays the decrypted message in a clear-text manner.Type: GrantFiled: September 28, 2011Date of Patent: July 29, 2014Assignee: Wistron CorporationInventor: Ping Ge
-
Patent number: 8793485Abstract: A system can comprise a memory to store computer readable instructions and a processing unit to access the memory and to execute the computer readable instructions. The computer readable instructions can comprise a certificate manager configured to request generation of N number of random values, where N is an integer greater than or equal to one. The certificate manager can also be configured to request a digital certificate from at least one certificate authority of at least two different certificate authorities. The request can include a given one of the N number of random values. The certificate manager can also be configured to generate a private key of a public-private key pair, wherein the private key is generated based on a private key of each of the least two certificate authorities.Type: GrantFiled: December 15, 2011Date of Patent: July 29, 2014Assignee: Texas Instruments IncorporatedInventor: Eric Thierry Peeters
-
Patent number: 8793486Abstract: A method for buffering SSL handshake messages prior to computing a message digest for the SSL handshake includes: conducting, by an appliance with a client, an SSL handshake, the SSL handshake comprising a plurality of SSL handshake messages; storing, by the appliance, the plurality of SSL handshake messages; providing, by the appliance to a message digest computing device in response to receiving a client finish message corresponding to the SSL handshake, the plurality of SSL handshake messages; receiving, by the appliance from the message digest computing device, a message digest corresponding to the provided messages; determining by the appliance, the message digest matches a message digest included in the SSL client finish message; and completing, by the appliance with the client, the SSL handshake. Corresponding systems are also described.Type: GrantFiled: January 9, 2012Date of Patent: July 29, 2014Assignee: Citrix System, Inc.Inventors: Tushar Kanekar, Sivaprasad Udupa
-
Patent number: 8793487Abstract: A public key infrastructure comprising a participant that issues digital certificates. Each digital certificate can be relied upon in at least two different trust domains. The public key infrastructure does not employ policy mapping between or among the trust domains. Furthermore, the public key infrastructure does not link any pair of trust domains via cross-certificates. Just one trust domain is bound to the digital certificate at any given moment. The current trust domain that is to be bound to the digital certificate is elected by a relying party at the time of reliance, based upon a specific certificate validation methodology selected by the relying party.Type: GrantFiled: January 16, 2009Date of Patent: July 29, 2014Assignee: Identrust, Inc.Inventors: William C. Epstein, Lawrence R. Miller
-
Patent number: 8793488Abstract: Systems, methods and apparatus for a distributed security that detects embedded resource request identifiers. The system can identify requests, such as HTTP requests, and can identify encoded prefix data corresponding to URI prefixes, such as Base64 or Base16 encoded URI prefixes “www.” and “http:”.Type: GrantFiled: July 15, 2008Date of Patent: July 29, 2014Assignee: Zscaler, Inc.Inventor: Jeff Forristal
-
Patent number: 8793489Abstract: Embodiments are described for a system and method of controlling access to information in an organization by defining a hierarchical organizational structure of boxes, and security configuration comprising user records, security roles, rules to map users to boxes, and rules to grant roles to users via mapped boxes. Access control is applied in the context of a defined organizational structure using the effective set of access control policies computed in real time per each data access request from any given user.Type: GrantFiled: March 1, 2012Date of Patent: July 29, 2014Assignee: HumanConcepts, LLCInventors: Roman Polunin, Bogdan Cirlig, Amit Bansal
-
Patent number: 8793490Abstract: The invention provides a method for performing an authentication (and a system for performing the method), in conjunction with a transaction, utilizing a primary channel and a secondary channel. The method may include an authenticating entity, such as a bank, (1) receiving from a customer primary authentication information via a primary channel; (2) the authenticating entity processing the primary authentication information, and retrieving customer information based on the primary authentication information; (3) the authenticating entity transmitting secondary authentication information to the customer via a secondary channel, the secondary channel being different than the primary channel; (4) the authenticating entity receiving from the customer at least a portion of the secondary authentication information; and (5) the authenticating entity performing authentication processing on the secondary authentication information received from the customer.Type: GrantFiled: December 13, 2006Date of Patent: July 29, 2014Assignee: JPMorgan Chase Bank, N.A.Inventor: Stanley A. Szwalbenest
-
Patent number: 8793491Abstract: There is described a key server which is connected to a local area network, and an encryption authority transfers private keys for clients of the local area network to the key server. In an embodiment, the key server encrypts outgoing emails using public keys for the recipients and decrypts internal emails using private keys for the recipients. In another embodiment, the clients of the local area network download their respective private keys from the key server so that encryption operations may be performed by client software.Type: GrantFiled: March 22, 2007Date of Patent: July 29, 2014Assignee: Trend Micro IncorporatedInventors: Andrew Dancer, Mark Chimley, Adam Tuaima, Matthew Baldwin
-
Patent number: 8793492Abstract: A computerized device can implement a content player to access a content stream using a network interface, the content stream comprising encrypted content and an embedded license comprising a content key encrypted according to a global key accessible by the content player. The content player determines whether a token meeting an authorization condition is present and uses the global key to decrypt the content key only if such a token is present. The authorization condition may be evaluated at least in part based on data included in the content stream. The authorization condition can include presence of a token having a content ID matching a corresponding ID in the license; presence of a token with a correct device ID; presence of a token signed according to a digital signature identified in the licenses; and/or presence of a token that is unexpired, with expiration evaluated based on a time-to-live indicator in the token.Type: GrantFiled: January 13, 2011Date of Patent: July 29, 2014Assignee: Adobe Systems IncorporatedInventors: Kunal Shah, Sunil Agrawal
-
Patent number: 8793493Abstract: A system for secure transfer of encrypted data involves a sender client, a recipient client, a main server, and a key server. The sender client receives instructions from a first user identifying transfer data and a recipient identifier, creates a key, encodes the transfer data using the key, and communicates the key and the recipient identifier to a server. The server creates a secure package identifier and communicates such to the sender client. The recipient client receives and identifies the secure package identifier and the encoded transfer data, receives from a second user a user identifier, and communicates the user identifier and the secure package identifier to the server. The server communicates the key to the recipient client only if the secure package identifier received from the recipient client matches the secure package identifier created by the server and if the user identifier matches the recipient identifier.Type: GrantFiled: April 1, 2013Date of Patent: July 29, 2014Assignee: Ceelox Patents, LLCInventor: Erix Pizano
-
Patent number: 8793494Abstract: A method for recovering sessions includes storing, by a client, session information after a session is established between the server and the client. When the session needs to be recovered upon interruption, the client sends all state information before interruption of the session and the session information to the server, and the server recovers the session upon the received session information and all state information before interruption of the session. After a session is interrupted, the server does not need to store any session-related information, thus saving the resources of the server, and all information about the previous session can be recovered completely.Type: GrantFiled: September 7, 2010Date of Patent: July 29, 2014Assignee: Huawei Technologies Co., Ltd.Inventor: Shuo Shen
-
Patent number: 8793495Abstract: A method for authenticating a portable data carrier (10) to a terminal device employs a public key (PKG) and a secret key (SK1) of the data carrier (10) as well as a public session key (PKT) and a secret session key (SKT) of the terminal device. The data carrier (10) employs as a public key a public group key (PKG). As a secret key the data carrier (10) employs a key (SK1) that has been derived from a secret group key (SKG) associated with the public group key (PKG).Type: GrantFiled: August 19, 2011Date of Patent: July 29, 2014Assignee: Giesecke & Devrient GmbHInventor: Gisela Meister
-
Patent number: 8793496Abstract: Embodiments of the invention may provide for systems and methods for secure authentication. The systems and methods may include receiving, by a constrained device, a random string transmitted from a server; determining, by the constrained device, a responsive output by evaluating a first deterministic function based upon the received random string, a locally generated string and a first private key stored on the constrained device; and transmitting at least one portion of the responsive output and the locally generated string from the constrained device to a server.Type: GrantFiled: August 20, 2007Date of Patent: July 29, 2014Assignee: Florida State UniversityInventors: Mike Burmester, Breno de Medeiros, Tri Van Le, Christy Chatmon
-
Patent number: 8793497Abstract: A puzzle-based protocol is provided that allows a token and verifier to agree on a secure symmetric key for authentication between the token and verifier. A token stores a secret key and one or more puzzle-generating algorithms. The verifier independently obtains a plurality of puzzles associated with the token, pseudorandomly selects at least one of the puzzles, and solves it to obtain a puzzle secret and a puzzle identifier. The verifier generates a verifier key based on the puzzle secret. The verifier sends the puzzle identifier and an encoded version of the verifier key to the token. The token regenerates the puzzle secret using its puzzle-generating algorithms and the puzzle identifier. The token sends an encoded response to the verifier indicating that it knows the verifier key. The token and verifier may use the verifier key as a symmetric key for subsequent authentications.Type: GrantFiled: May 9, 2008Date of Patent: July 29, 2014Assignee: QUALCOMM IncorporatedInventors: Gregory Gordon Rose, Alexander Gantman, Miriam Wiggers De Vries, Michael Paddon, Philip Michael Hawkes
-
Patent number: 8793498Abstract: A method and system for identifying a source of a copied work that in one embodiment includes obtaining at least some portions of a reference work, collecting at least some portions of the suspect work, matching the suspect work with the reference work, wherein the matching includes temporally aligning one or more frames of the reference work and the suspect work, spatially aligning frames of the reference work and the suspect work, and detecting forensic marks in the suspect work by spatiotemporal matching with the reference work.Type: GrantFiled: November 24, 2008Date of Patent: July 29, 2014Assignee: NBCUniversal Media, LLCInventors: Zhaohui Sun, Catherine Mary Graichen, Corey Nicholas Bufi, Anthony James Hoogs, Aaron Shaw Markham, Budhaditya Deb, Roderic Greene Collins, Michael Shane Wilkinson, Anthony Christopher Anderson, Jenny Marie Weisenberg
-
Patent number: 8793499Abstract: A system and method are provided for implementing a digital signature scheme for embedding and validating multiple nested digital signatures in digitally produced documents without modifying a file size of the digitally produced and signed documents or otherwise corrupting previously-embedded digital signatures. A number of fixed fields are included in a digitally produced document, upfront, that will be populated with multiple digital signatures. With the fixed fields in the digitally produced documents, the entire file is cryptographically “hashed” and the individual digital signatures are independently verifiable via simple cryptographic schemes. Multiple digital signatures are embedded in documents including complex file formats in a manner that does not corrupt the documents. Known cryptographic techniques such as, for example, a known hash algorithm, are applied to the digitally produced documents including the multiple sequentially input digital signatures in a process that is independently verifiable.Type: GrantFiled: January 20, 2012Date of Patent: July 29, 2014Assignee: Lockheed Martin CorporationInventor: Robert Joseph Loughry
-
Patent number: 8793500Abstract: A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination.Type: GrantFiled: March 15, 2012Date of Patent: July 29, 2014Assignees: Certicom Corp., Pitney Bowes Inc.Inventors: Scott Alexander Vanstone, Robert Gallant, Robert J. Lambert, Leon A. Pintsov, Frederick W. Ryan, Jr., Ari Singer
-
Patent number: 8793501Abstract: A mobile communication terminal having a password notification function and a method for notifying a user of a password in the mobile communication terminal that allow the transmission of a stored password or a newly generated random password to a previously selected medium by entering a secondary password when an input password is not identical to the stored password. The method includes checking whether a password notification function is set; requesting input of a stored password, receiving an input password, and checking whether the input password is identical to the stored password. If the input password is not identical to the stored password, the method further includes requesting input of a stored secondary password, checking whether an input secondary password is identical to the stored secondary password, and sending a password if the input secondary password is identical to the stored secondary password.Type: GrantFiled: October 28, 2013Date of Patent: July 29, 2014Assignee: Samsung Electronics Co., Ltd.Inventor: Kyong-Su Kim
-
Patent number: 8793502Abstract: The aim of the present invention consists of reducing the switching time from one reception channel to another. In fact, this reduction will be particularly discernable since the number of different rights stored in a security module of a multimedia unit or decoder is high. When a user selects a service among those proposed by an electronic programs guide, an access control module explores a stored service information table in order to extract an access condition associated to the service. This access condition allows determining an index in a rights table stored in the access control module of a right that fulfills the access condition. The access control module transmits to the security module the index thus determined alone or accompanied by a control message. This index allows the security module to find quickly the right that it compares afterwards with the access condition included in the control message after decryption of the latter.Type: GrantFiled: November 25, 2008Date of Patent: July 29, 2014Assignee: Nagravision S.A.Inventors: Xavier Carrel, Sebastien Erard, Christian Wirz, Jimmy Cochard
-
Patent number: 8793503Abstract: In a method for managing sequential access to secure content by a plurality of workflow participants, a key-map file for each of the participants is created. Each of the key-map files contains a subset of encryption and signature keys for the content. The key-map files are sorted in an order that is the reverse of a workflow order in which the workflow participants for which the key-map files were created are to access the secure content. An encrypted later wrap including a later key-map file for a later workflow participant along the workflow order and an encrypted first wrap including a prior key-map file for a prior workflow participant and the encrypted later wrap are created. In addition, the first wrap is incorporated into a document serialization for the content.Type: GrantFiled: May 12, 2011Date of Patent: July 29, 2014Assignee: Hewlett-Packard Development Company, L.P.Inventors: Steven J. Simske, Helen Balinsky
-
Patent number: 8793504Abstract: Software validation is provided for a breakout system having multiple subsystems at the edge of a mobile data network. The software validation utilizes one or more trusted platform modules (TPM) to secure multiple subsystems including virtual machines in the breakout system. Hash values for the software in the various subsystems are placed in Platform Configuration Registers (PCRs) of the TPM. The TPM cryptographically signs quotes, which are a collection of hash values from the PCRs. The breakout system produces an extensible markup language (XML) file with the signed quotes related to the subsystems and sends them to a network management system for verification. The network management system validates the software configured on the breakout system using a public key to access the quotes and compares the values to known good values stored in an inventory record associated with the specific breakout system being validated.Type: GrantFiled: February 22, 2012Date of Patent: July 29, 2014Assignee: International Business Machines CorporationInventors: Ronald L. Billau, Vincenzo V. Di Luoffo, Terence K. Hennessy
-
Patent number: 8793505Abstract: In order to reduce the number of data transfers and to increase parallel processing of decryption processing and authentication processing, an encryption processing apparatus is provided that includes an input/output data that processes input/output data to an encryption/decryption processing unit and an authentication processing unit, where the input/output data processing unit calculates a parameter used by the authentication processing unit from input data to the input/output data processing unit and forms input data to the authentication processing unit from the calculated parameter or a parameter calculated from data processed by the encryption/decryption processing unit and the input data to the input/output data processing unit.Type: GrantFiled: June 22, 2012Date of Patent: July 29, 2014Assignee: Canon Kabushiki KaishaInventors: Manabu Ishikawa, Akihiko Yushiya
-
Mechanism for facilitating encryption-free integrity protection of storage data at computing systems
Patent number: 8793506Abstract: A mechanism is described for facilitating encryption-free integrity protection of storage data at computing systems according to one embodiment. A method of embodiments of the invention includes receiving a read request, from a software application at a computing device, to perform a read task relating to a first data block of data stored at a storage device coupled to the computing device. The read task may include reading the first data block. The method may further include accessing a first reference cryptographic code at a first metadata cache associated with the first data block, calculating a first new cryptographic code relating to the first data block, comparing the first new cryptographic code with the first reference cryptographic code, and accepting the read request if the first new cryptographic code matches the first reference cryptographic code. The accepting may further include facilitating the read task.Type: GrantFiled: August 31, 2012Date of Patent: July 29, 2014Assignee: Intel CorporationInventor: Dmitry Kasatkin -
Patent number: 8793507Abstract: An information processing apparatus includes an application operation file information holding unit 101 that holds application operation file information that is information related to a file operated by an application since activation of the application and includes information indicating whether the application has opened one or more encrypted files, and an encryption determination unit 102 that determines, with respect to an arbitrary file closed by an arbitrary application, whether the file is subjected to be encrypted based on the held application operation file information with regard to the application that has performed the closing operation of the file.Type: GrantFiled: January 31, 2013Date of Patent: July 29, 2014Assignee: NEC CorporationInventor: Toshimitsu Usuba
-
Patent number: 8793508Abstract: Systems, methods, computer programs, and devices are disclosed herein for deploying a local trusted service manager within a secure element of a contactless smart card device. The secure element is a component of a contactless smart card incorporated into a contactless smart card device. An asymmetric cryptography algorithm is used to generate public-private key pairs. The private keys are stored in the secure element and are accessible by a trusted service manager (TSM) software application or a control software application in the secure element. A non-TSM computer with access to the public key encrypts and then transmits encrypted application data or software applications to the secure element, where the TSM software application decrypts and installs the software application to the secure element for transaction purposes.Type: GrantFiled: December 17, 2012Date of Patent: July 29, 2014Assignee: Google Inc.Inventors: Rob von Behren, Jonathan Wall, Ismail Cem Paya
-
Patent number: 8793509Abstract: The subject matter of this specification can be embodied in, among other things, a method that includes receiving, from a web browser, a request for a token that authorizes a third party server to access a user's data stored by a content provider server. The token specifies a first scope of authorization that indicates a portion of the user's data that the third party server is permitted to access. The method also includes determining if the first scope is substantially the same as or a subset of a second scope of a previously issued token and transmitting the token in response to the received request if the first scope is determined to be substantially the same as or a subset of the second scope.Type: GrantFiled: February 12, 2008Date of Patent: July 29, 2014Assignee: Google Inc.Inventors: Jeffrey Nelson, Jonathan S. Sergent, Mark B. Stahl, Shyam Sheth, Jun Yang
-
Patent number: 8793510Abstract: Systems and methods for encrypting a plaintext logical data object for storage in a storage device operable with at least one storage protocol, creating, reading, writing, optimization and restoring thereof. Encrypting the plaintext logical data object comprises creating in the storage device an encrypted logical data object comprising a header and one or more allocated encrypted sections with predefined size; encrypting one or more sequentially obtained chunks of plaintext data corresponding to the plaintext logical data object thus giving rise to the encrypted data chunks; and sequentially accommodating the processed data chunks into said encrypted sections in accordance with an order said chunks received, wherein said encrypted sections serve as atomic elements of encryption/decryption operations during input/output transactions on the logical data object.Type: GrantFiled: July 7, 2011Date of Patent: July 29, 2014Assignee: International Business Machines CorporationInventors: Chaim Koifman, Nadav Kedem, Avi Zohar
-
Patent number: 8793511Abstract: A power sourcing equipment (PSE), a powered device (PD), and an approach for managing PoE power delivered from a PSE to a PD are described. Based on communication between the PD and the PSE, the PSE reduces the power made available to the PD in response to the PD entering an operational mode with reduced power requirements. Further, based on communication between the PD and the PSE, the PSE increases the power made available to the PD in response to the PD entering an operational mode with increased power requirements.Type: GrantFiled: March 12, 2010Date of Patent: July 29, 2014Assignee: Marvell International Ltd.Inventor: Nafea Bishara
-
Patent number: 8793512Abstract: An apparatus and method for per-node thermal control of processing nodes is disclosed. The apparatus includes a plurality of processing nodes, and further includes a power management unit configured to set a first frequency limit for at least one of the plurality of processing nodes responsive to receiving an indication of a first detected temperature greater than a first temperature threshold, wherein the first detected temperature is associated with the one of the plurality of processing nodes. The power management unit is further configured to set a second frequency limit for each of the plurality of processing nodes responsive to receiving an indication of a second temperature greater than a second temperature threshold.Type: GrantFiled: October 29, 2010Date of Patent: July 29, 2014Assignee: Advanced Micro Devices, Inc.Inventors: Alexander Branover, Samuel D. Naffziger