Abstract: Typical computer programs may incur costly memory errors that result in corrupted data. A new memory model is presented wherein it may be determined that certain data is critical and critical data may be stored and protected during computer application execution. Critical Memory allows that data determined to be critical may be stored and retrieved using functions enabled to increase the reliability of the data. Critical Memory presents a memory model where a subset of memory designated as critical memory may be used to store a subset of data deemed critical data. Probabilistic guarantees of data value consistency are provided by the employment of the new memory model. The memory model and functions presented are compatible with existing third-party libraries such that third-party libraries may be compatibly called from processes using critical memory.

Abstract: An apparatus and associated method including a first storage device and a second storage device, each coupled to a remote server independently of the other via a network. Resilient mirroring logic is stored in each of the storage devices that establishes a peer-to-peer communication connection with the other storage device in response to receiving a data access command from the remote server.

Abstract: A flash system has multiple channels of flash memory chips that can be accessed in parallel. Host data is assigned to one of the channels by a multi-channel controller processor and accumulated in a multi-channel page buffer. When a page boundary in the page buffer is reached, the page buffer is written to a target physical block if full, or combined with old data fragments in an Aggregating Flash Block (AFB) when the logical-sector addresses (LSA's) match. Thus small fragments are aggregated using the AFB, reducing erases and wear of flash blocks. The page buffer is copied to the AFB when a STOP command occurs. Each channel has one or more AFB's, which are tracked by an AFB tracking table.

Abstract: A data access method for writing data into a storage apparatus is provided, wherein the storage apparatus has a storage unit, the storage unit has a partition, the storage property of the partition is set as a write protect mode and the storage apparatus is coupled to a host system having an operation system. The data access method includes transmitting a command from the host system to the storage apparatus through a human interface device path and setting the storage property of the first partition as a writable mode in response the command. The data access method also includes storing data into the partition by using built-in commands of the operation system. Accordingly, the data access method can write data into a partition that has been at the write protect mode when a user logins the operation system with a limited user authority mode.

Abstract: A system, method, and computer program product for handling shared cache lines to allow forward progress among processors in a multi-processor environment is provided. A counter and a threshold are provided a processor of the multi-processor environment, such that the counter is incremented for every exclusive cross interrogate (XI) reject that is followed by an instruction completion, and reset on an exclusive XI acknowledgement. If the XI reject counter reaches a preset threshold value, the processor's pipeline is drained by blocking instruction issue and prefetching attempts, creating a window for an exclusive XI from another processor to be honored, after which normal instruction processing is resumed. Configuring the preset threshold value as a programmable value allows for fine-tuning of system performance.

Abstract: The invention provides a portable memory medium with a memory area and a memory management system for managing the memory area, wherein different options for access to the memory area are provided. The memory management system comprises a configuration command, the execution of which causes an activation of one of at least two different activatable memory configurations.

Abstract: A method for accessing memory by a first processor of a plurality of processors in a multi-processor system includes, responsive to a memory access instruction within a speculative region of a program, accessing contents of a memory location using a transactional memory access to the memory access instruction unless the memory access instruction indicates a non-transactional memory access. The method may include accessing contents of the memory location using a non-transactional memory access by the first processor according to the memory access instruction responsive to the instruction not being in the speculative region of the program. The method may include updating contents of the memory location responsive to the speculative region of the program executing successfully and the memory access instruction not being annotated to be a non-transactional memory access.

Abstract: In the computer system including at least one host computer, and at least one storage system, the storage system includes a physical disk and a disk controller, and provides the host computer with a storage area of the physical disk as at least one logical unit, and the host computer includes at least one application program accessing the logical unit, and a storage area access control unit for, before the application program makes access to the logical unit, transmitting authentication information guaranteeing the application program as a source of the access to the storage system.

Abstract: A first SMP computer has first and second processing units and a first system memory pool, a second SMP computer has third and fourth processing units and a second system memory pool, and a third SMP computer has at least fifth and sixth processing units and third, fourth and fifth system memory pools. The fourth system memory pool is inaccessible to the third, fourth and sixth processing units and accessible to at least the second and fifth processing units, and the fifth system memory pool is inaccessible to the first, second and sixth processing units and accessible to at least the fourth and fifth processing units. A first interconnect couples the second processing unit for load-store coherent, ordered access to the fourth system memory pool, and a second interconnect couples the fourth processing unit for load-store coherent, ordered access to the fifth system memory pool.

Abstract: A microcontroller system, such as a system-on-a-chip integrated circuit, including a processor (e.g., a Von Neumann processor), memory, and a memory protection unit (MPU), where the MPU provides execute-only access rights for one or more protected areas of the memory. The MPU can allow instructions fetched from within a protected area to access data in the protected area while preventing instructions fetched from outside the protected area from accessing data in the protected area.

Abstract: A device is connected between an storage device controller and a storage device, providing data storage device protection in a manner transparent to the computing system and to the user of the computing system independent of operating system. The device protects the user from malicious code by preventing its execution and the unauthorized or unwanted user data modification by making the contents of one of the storage device read only. All the operations of the device are invisible to the computing system and to the user independent of installed operating system. The device can be disabled by a switch or by other means. When this happens the effect is the same as if the device were physically removed of the computing system.

Abstract: The present invention aims to provide an apparatus capable of determining whether or not content is permitted to be taken out, by managing contents permitted to be taken out. One aspect of the invention is characterized by comprising: a storage means that stores therein taking-out-permitted-content identification data which is data generated on the basis of a part or entirety of each content permitted to be taken out; and a generating means that generates the taking-out-permitted-content identification data. Another aspect of the present invention is characterized by comprising: a storage means that stores therein taking-out-permitted-content identification data which is data generated on the basis of a part or entirety of each content permitted to be taken out to the outside; and an approving means that determines whether a content is permitted to be taken out, with reference to the taking-out-permitted-content identification data.

Abstract: A method for executing an atomic transaction includes receiving the atomic transaction at a processor for execution, determining a transactional memory location needed in memory for the atomic transaction, reserving the transactional memory location while all computation and store operations of the atomic transaction are deferred, and performing the computation and store operations, wherein the atomic transaction cannot be aborted after the reservation, and further wherein the store operation is directly committed to the memory without being buffered.

Abstract: Private or shared read-only memory regions. One embodiment may be practiced in a computing environment including a plurality of agents. A method includes acts for declaring one or more memory regions private to a particular agent or shared read only amongst agents by having software utilize processor level instructions to specify to hardware the private or shared read only memory address regions. The method includes an agent executing a processor level instruction to specify one or more memory regions as private to the agent or shared read-only amongst a plurality of agents. As a result of an agent executing a processor level instruction to specify one or more memory regions as private to the agent or shared read-only amongst a plurality of agents, a hardware component monitoring the one or more memory regions for conflicting accesses or prevents conflicting accesses on the one or more memory regions.

Abstract: In a storage apparatus comprising a communication interface that receives an I/O request sent from a host apparatus, a storage device controller that performs writing and reading of data with respect to a storage device, and a cache memory that stores data to be written in the storage device or data read from the storage device, a journal volume operated as a volume for which update writing is prohibited and write once is permitted is provided, on the basis of a storage area provided by the storage device, and a virtual volume is provided as a volume accessible from the host apparatus, the journal volume being the entity of the virtual volume, the virtual volume being a volume for which an attribute (Read/Add) that permits only reading and write once is settable.

Abstract: A memory region protection unit is disclosed that comprises a first register for storing a memory region address, a second register for storing the memory region size, an arithmetic function block for executing an arithmetic function on a memory address provided to the region protection unit and the address value in the first register. The unit further has a comparator for comparing the output of the arithmetic function block with the size value in the second register, the comparator being coupled to an output for signalling the validity of the memory address on the bus The region protection unit has a controller configured to retrieve the memory region address and the memory region size from instructions issued to the region protection unit for associating the unit with said region, and to dissociate the unit from its memory region in response to a further instruction.

Abstract: A storage device has a storage medium and a processor. The processor is disposed within the storage device and is adapted to receive multiple commands as a command block over an interface. The processor is adapted to extract each of the multiple commands from the single block for execution on the storage device.

Abstract: When an address indicating an access destination of a data storing unit, and a command indicating a content of a process for the address are input, block information corresponding to the input address is output from an information holding unit. Whether or not to execute the command for the address is decided on the basis of the output block information and the input command.

Abstract: A method for the improvement of the security of microprocessors (1) with a cache memory (3, 4), whereas with a cache-instruction data can be written into the cache memory (3, 4), is improved to enhance the security of a system by inhibiting the direct writing of the cache-instruction into the cache memory (3, 4).

Abstract: A method of unlocking usable memory space of a portable memory device, such as a flash drive, includes connecting the portable memory device to a network access device, such as a computer. The network access device executes a control program and accesses a website through the network access device by execution of the control program. A specific task is executed at the website, which sends an unlocking code upon completion of the task. The usable memory space of the portable memory device is unlocked in response to receiving the unlocking code at the network access device.

Abstract: A computing system includes; a memory having first and second storage areas, and a processor sending a memory control signal to the memory to define a data access period during which data is accessed, and a read source control signal indicating whether the first storage area or the second storage area is to be accessed during the data access period. The memory activates a wait signal in response to the memory access signal and the read source control signal, and the processor is further configured to adjust the duration of the data access period in response to the wait signal.

Abstract: A security system designed to trap computer viruses is described. The system storage has an external alarm configured to monitor the time every file takes to load by monitoring the drive activity LED of the storage device. The document storage location is hidden and can optionally be accessed via password. If a virus spends an unexpected amount of time attempting to access storage the alarm will trigger. Downloads and other untrusted files are stored in quarantine storage. Documents can only be transferred from the quarantine storage to the system storage via a copy and paste program.

Abstract: Apparatus for controlling atomic access to a memory includes an access request evaluator for receiving an atomic access request to an address in the memory from a client and determining whether to allow atomic access to the requested address. An access indicator indicates whether a select address is currently under atomic access in the memory, and an access release indicates whether the atomic access is completed at the select address. The access request evaluator enables the client atomic access to the requested address if the access indicator indicates that the requested address is currently not under atomic access.

Abstract: A method for supporting low-overhead memory locks within a multi-processor system is disclosed. A lock control section is initially assigned to a data block within a system memory of the multiprocessor system. In response to a request for accessing the data block by a processing unit within the multiprocessor system, a determination is made by a memory controller whether or not the lock control section of the data block has been set. If the lock control section of the data block has been set, the request for accessing the data block is ignored. Otherwise, if the lock control section of the data block has not been set, the lock control section of the data block is set, and the request for accessing the data block is allowed.

Abstract: A method is provided for securing a microprocessor containing at least one main program, which operates with at least one memory. The method includes implementing counter-measures, during which additional operations, that are not required for the main program, are implemented so as to modify the consumption of current and/or the processing time of the microprocessor. The method also includes: identification of at least one address or one memory zone of the memory(ies), called critical addresses, and which contain, or which may contain, critical data for said main program; monitoring the addressing ports of the memory(ies), so as to detect the access to the critical address(es); and activation of the step of implementing counter-measures, when an access to the critical address(es) is detected.

Abstract: A memory control device that can improve the speed of a memory interface. A packet disassembly section disassembles packet data into segments and detects packet quality information. A memory management section has an address management table and manages a state in which the packet data is stored according to the packet quality information. A segment/request information disassembler disassembles the segments into data by an access unit by which memories can be written/read, and generates write requests and read requests according to the access unit. A memory access controller avoids a bank access to which is prohibited because of a bank constraint, extracts a write request or a read request corresponding to an accessible bank from the write requests or the read requests generated, and gains write/read access to the memories.

Abstract: Systems and methods for controlling memory devices are disclosed. In one embodiment, a memory system comprises a memory controller for forwarding a command signal and an address signal and for receiving and forwarding a data signal, and a first memory device for receiving the command signal and the address signal from the memory controller, where the first memory device comprises a first command judging circuit for receiving and forwarding the data signal and for decoding the command signal. The memory system further comprises a second memory device for receiving the command signal and the address signal from the memory controller, where the second memory device comprises a second command judging circuit for receiving and generating the data signal and for decoding the command signal. The command signal, the address signal and the data signal are commonly connected to the first memory device and the second memory device.

Abstract: A system comprises a plurality of computing nodes and a plurality of separate memory devices. A separate memory device is associated with each computing node. The separate memory devices are configured as partition memory in which memory accesses are interleaved across multiple of such memory devices. A protected portion of the partition memory is reserved for use by complex management (CM) code that coordinates partitions implemented on the system. The protected portion of partition memory is restricted from access by operating systems running in the partitions.

Abstract: A register having a security function is provided. The register includes: a write security unit and a storage unit. The write security unit outputs a first control signal to control whether a write operation is permissible, in response to a write signal, an address signal, and a write permission signal. The storage unit writes and stores input data, in response to the first control signal. The write permission signal is received from an external source and indicates whether to protect the written data.

Abstract: A method for executing an atomic transaction includes receiving the atomic transaction at a processor for execution, determining a transactional memory location needed in memory for the atomic transaction, reserving the transactional memory location while all computation and store operations of the atomic transaction are deferred, and performing the computation and store operations, wherein the atomic transaction cannot be aborted after the reservation, and further wherein the store operation is directly committed to the memory without being buffered.

Abstract: An information processing apparatus includes a restriction section, an acquisition section and a change section. The restriction section restricts maximum amount of stored data to be stored in each of information storage area in response to a reference value predetermined to each of information storage area. The acquisition section acquires relevant information about the stored data stored in each of the information storage area. The change section that changes the reference value determined to each of the information storage areas based on the acquired relevant information.

Abstract: A pin strap setting override system comprises logic configured to determine whether a pin strap setting for at least one feature of an integrated circuit (IC) is set to enable, the logic further configured to automatically override the enable pin strap setting if a flag stored in a memory indicates a disable setting for the at least one feature.

Abstract: A system is described in which a plurality of host computers are coupled to a storage system for storing and retrieving data in the storage system. The storage system includes individually addressable units of storage such as volumes or logical unit numbers. A security management system controls access to each of the individually addressable units of storage based upon the identification of the host permitted to access that unit of storage.

Abstract: A system and method for providing multiprocessors with private memory are described. In one embodiment, a first chip couples to a plurality of processor chips. In one embodiment, the first chip includes memory management circuitry and system coherency circuitry. In one embodiment, the memory management circuitry assigns segments of memory to be system memory sections or private memory sections within a segment. In one embodiment, the system coherency circuitry maintains coherence of entries in the system memory.

Abstract: The present invention discloses systems and methods for communicating with a storage device configured to store signed program files, the method including the steps of: generating, by a program process, a respective command number associated with a process command; issuing, by the program process, the process command with the respective command number to the storage device; and according to the respective command number, verifying, by the storage device, whether the process command originated from a trusted program process launched from the program files stored in the storage device. Preferably, the step of verifying includes: generating, by the storage device, a respective initial command number associated with a requested program file; and attaching, by the storage device, the respective initial command number to a copy of the requested program file.