-
公开(公告)号:US07926103B2
公开(公告)日:2011-04-12
申请号:US10455472
申请日:2003-06-05
IPC分类号: G06F11/00
CPC分类号: H04L63/0254 , H04L63/1466
摘要: Preventing replay attacks on servers. At least one Bloom filter may be set up in a server for tracking requests received from clients. Identifying data may be generated for each request. The identifying data may be checked against the Bloom filter array. If a match is found, the message may be a replay and may be rejected. If a match is not found, the request identifying data may be added to the Bloom filter and the request may be processed.
摘要翻译: 防止服务器上的重播攻击。 可以在服务器中设置至少一个布隆过滤器来跟踪从客户端接收到的请求。 可以为每个请求生成识别数据。 可以针对Bloom过滤器阵列检查识别数据。 如果找到匹配,该消息可能是重播,可能被拒绝。 如果没有找到匹配,则可以将请求标识数据添加到布隆过滤器,并且可以处理该请求。
-
公开(公告)号:US06728781B1
公开(公告)日:2004-04-27
申请号:US09310546
申请日:1999-05-12
申请人: Marcos K. Aguilera , Wei Chen , Sam Toueg
发明人: Marcos K. Aguilera , Wei Chen , Sam Toueg
IPC分类号: G06F15173
CPC分类号: G06F11/0751 , G06F9/546 , G06F11/0709 , G06F11/0715 , G06F11/0757 , H04L43/0811 , H04L43/10
摘要: The Heartbeat Failure Detector of the present invention, is a new, simple method and device that has several identical modules, and each module is attached to a processor in the system. Roughly speaking, the module of a processor x maintains a heartbeat counter for every other process. For each process y, the counter of y at x (called the heartbeat of y at x) periodically increases while y is alive and in the same network partition, and the counter stops increasing after y crashes or becomes partitioned away. Using such a device, x can solve the communication problem above by resending m only if the heartbeat of y at x increases. Note that if y is crashed (or partitioned away from x), its heartbeat at x stops almost immediately, and so x will also immediately stop sending copies of m to y.
摘要翻译: 本发明的心跳故障检测器是一种新的,简单的方法和装置,其具有几个相同的模块,并且每个模块附接到系统中的处理器。 大致来说,处理器x的模块为每个其他进程维护一个心跳计数器。 对于每个进程y,x处的y的计数器(在x处称为y的心跳)在y活着的同时在相同的网络分区中周期性地增加,并且在y崩溃或被分割之后计数器停止增加。 使用这样的设备,x只有在y的心跳增加时才能通过重新发送m来解决上述通信问题。 请注意,如果y崩溃(或远离x),则其心跳几乎立即停止,因此x也将立即停止将m的副本发送给y。
-
公开(公告)号:US09417938B2
公开(公告)日:2016-08-16
申请号:US12405817
申请日:2009-03-17
CPC分类号: G06F9/547 , G06F2209/509 , H04L67/40
摘要: A remote procedure call chain is provided that replaces multiple consecutive remote procedure calls to multiple servers from a client by allowing a client to specify multiple functions to be performed consecutively at multiple servers in a single remote procedure call chain. The remote procedure call chain is executed by a sequence of multiple servers. Each server executes a service function and a chaining function of the remote procedure call chain. The chaining function uses the state of the remote procedure call chain in the sequence of servers to determine the next server to receive the remote procedure call chain, and the service function to be executed by that server. After the last service function is performed, the last server in the sequence of servers sends the results of the executed service functions to the client that originated the remote procedure call chain.
摘要翻译: 提供了一个远程过程调用链,通过允许客户端指定要在单个远程过程调用链中的多个服务器上连续执行的多个函数,将多个连续远程过程调用替换为多个服务器。 远程过程调用链由多个服务器的序列执行。 每个服务器执行远程过程调用链的服务功能和链接功能。 链接功能使用服务器序列中的远程过程调用链的状态来确定接收远程过程调用链的下一个服务器以及由该服务器执行的服务功能。 在执行最后一个服务功能之后,服务器序列中的最后一个服务器将执行的服务功能的结果发送给发起远程过程调用链的客户端。
-
公开(公告)号:US08935206B2
公开(公告)日:2015-01-13
申请号:US11700270
申请日:2007-01-31
CPC分类号: G06F11/2094 , G06F11/1464 , G06F11/1469 , G06F11/182 , G06F2201/84
摘要: Embodiments include methods, apparatus, and systems for snapshots in distributed storage systems. One method of software execution includes using a version tree to determine what data blocks are shared between various storage nodes in the version tree in order to create a clone or a snapshot of a storage volume in a distributed storage system that uses quorum-based replication.
摘要翻译: 实施例包括用于分布式存储系统中的快照的方法,装置和系统。 软件执行的一种方法包括使用版本树来确定在版本树中的各种存储节点之间共享哪些数据块,以便在使用基于quorum的复制的分布式存储系统中创建存储卷的克隆或快照。
-
15.
公开(公告)号:US20120203888A1
公开(公告)日:2012-08-09
申请号:US13022635
申请日:2011-02-08
IPC分类号: G06F15/173
CPC分类号: G06F9/505 , G06F11/2094
摘要: A cloud statistics server generates statistics for a cloud service based on an identified data item and an identified operation. The cloud service may include various computing nodes and storage nodes. The cloud statistics may include expected completion times for the identified operation and the identified data item with respect to each of the computing nodes. A computing node may be selected to execute the identified operation based on the expected completion times. The generated statistics may be generated by the cloud statistics server using a network topology associated with the data item that is based on the latencies or expected transfer times between the various storage nodes and computing nodes, and a replication strategy used by the cloud service. The topology may be implemented as a directed graph with edge weights corresponding to expected transfer times between each node.
摘要翻译: 云统计服务器根据识别的数据项和识别的操作生成云服务的统计信息。 云服务可以包括各种计算节点和存储节点。 云统计可以包括针对每个计算节点的所识别的操作和所识别的数据项的预期完成时间。 可以选择计算节点以基于预期的完成时间来执行所识别的操作。 所生成的统计信息可以由云统计服务器使用与数据项关联的网络拓扑生成,该网络拓扑基于各种存储节点和计算节点之间的延迟或预期传送时间,以及由云服务使用的复制策略。 拓扑可以被实现为具有对应于每个节点之间的预期传送时间的边权重的有向图。
-
公开(公告)号:US20070288587A1
公开(公告)日:2007-12-13
申请号:US11450987
申请日:2006-06-12
IPC分类号: G06F15/167
CPC分类号: G06F9/466 , G06F9/526 , G06F2209/521
摘要: A transactional shared memory system has a plurality of discrete application nodes; a plurality of discrete memory nodes; a network interconnecting the application nodes and the memory nodes, and a controller for directing transactions in a distributed system utilizing the shared memory. The memory nodes collectively provide an address space of shared memory that is provided to the application nodes via the network. The controller has instructions to transfer a batched transaction instruction set from an application node to at least one memory node. This instruction set includes one or more write, compare and read instruction subsets, and/or combinations thereof. At least one subset has a valid non null memory node identifier and memory address range. The memory node identifier may be indicated by the memory address range. The controller controls the memory node responsive to receipt of the batched transaction instruction set, to safeguard the associated memory address range during execution of the transaction instruction set. The batched transaction instruction set is collectively executed atomically. A notification instruction set may also be used to establish a notification, triggered upon a subsequent write event upon at least a portion of a specified address range.
摘要翻译: 交易共享存储器系统具有多个离散应用节点; 多个离散存储器节点; 互连应用节点和存储器节点的网络,以及用于在利用共享存储器的分布式系统中指导事务的控制器。 存储器节点共同地提供通过网络提供给应用节点的共享存储器的地址空间。 控制器具有将批处理交易指令集从应用节点传送到至少一个存储器节点的指令。 该指令集包括一个或多个写入,比较和读取指令子集,和/或其组合。 至少一个子集具有有效的非空存储器节点标识符和存储器地址范围。 存储器节点标识符可以由存储器地址范围指示。 所述控制器响应于接收到所述批处理指令集来控制所述存储器节点,以在所述事务指令集的执行期间保护所述相关联的存储器地址范围。 批量事务指令集合是以原子方式共同执行的。 也可以使用通知指令集来建立在指定地址范围的至少一部分上的后续写入事件时触发的通知。
-
17.
公开(公告)号:US09110724B2
公开(公告)日:2015-08-18
申请号:US13022635
申请日:2011-02-08
IPC分类号: G06F15/173 , G06F9/50 , G06F11/20
CPC分类号: G06F9/505 , G06F11/2094
摘要: A cloud statistics server generates statistics for a cloud service based on an identified data item and an identified operation. The cloud service may include various computing nodes and storage nodes. The cloud statistics may include expected completion times for the identified operation and the identified data item with respect to each of the computing nodes. A computing node may be selected to execute the identified operation based on the expected completion times. The generated statistics may be generated by the cloud statistics server using a network topology associated with the data item that is based on the latencies or expected transfer times between the various storage nodes and computing nodes, and a replication strategy used by the cloud service. The topology may be implemented as a directed graph with edge weights corresponding to expected transfer times between each node.
摘要翻译: 云统计服务器根据识别的数据项和识别的操作生成云服务的统计信息。 云服务可以包括各种计算节点和存储节点。 云统计可以包括针对每个计算节点的所识别的操作和所识别的数据项的预期完成时间。 可以选择计算节点以基于预期的完成时间来执行所识别的操作。 所生成的统计信息可以由云统计服务器使用与数据项关联的网络拓扑生成,该网络拓扑基于各种存储节点和计算节点之间的延迟或预期传送时间,以及由云服务使用的复制策略。 拓扑可以被实现为具有对应于每个节点之间的预期传送时间的边权重的有向图。
-
公开(公告)号:US07882508B1
公开(公告)日:2011-02-01
申请号:US11796234
申请日:2007-04-27
申请人: Marcos K. Aguilera
发明人: Marcos K. Aguilera
CPC分类号: G06F11/3636 , G06F11/3476
摘要: To perform information tracing, at least one signature to be traced is received. It is detected that a first process causes data to be provided to at least one of a second process and a file. It is determined whether the data contains the at least one signature. In response to determining that the data contains the at least one signature, a log is updated. The log contains information identifying at least one of processes and files that are part of a flow of the at least one signature.
摘要翻译: 为了执行信息跟踪,接收到要跟踪的至少一个签名。 检测到第一处理使数据被提供给第二处理和文件中的至少一个。 确定数据是否包含至少一个签名。 响应于确定数据包含至少一个签名,更新日志。 日志包含标识作为至少一个签名流的一部分的进程和文件中的至少一个的信息。
-
公开(公告)号:US20100106974A1
公开(公告)日:2010-04-29
申请号:US12258273
申请日:2008-10-24
CPC分类号: H04L9/3281 , G06F11/1612 , G06F11/2094 , G06F2201/835 , H04L9/3247 , H04L9/3297
摘要: In accordance with an embodiment of the invention, a method of writing and reading redundant data is provided. Data is written by storing a copy of the data along with a timestamp and a signature at each of a set of storage devices. The data is read by retrieving the copy of the data, the timestamp and the signature from each of a plurality of the set of data storage devices. One of the copies of the data is selected to be provided to a requestor of the data. Each of the storage devices of the set is requested to certify the selected copy of the data. Provided that a proof of certification of the selected copy of the data is valid, the storage devices of the set are instructed to store the selected copy of the data along with a new timestamp.
摘要翻译: 根据本发明的实施例,提供了一种写入和读取冗余数据的方法。 通过在一组存储设备的每一个上存储数据的副本以及时间戳和签名来写入数据。 通过从多个数据存储设备组中的每一个检索数据的副本,时间戳和签名来读取数据。 选择数据副本之一提供给数据的请求者。 请求集合的每个存储设备证明所选择的数据副本。 如果所选择的数据副本的认证证明是有效的,则指示该组的存储设备存储所选择的数据副本以及新的时间戳。
-
公开(公告)号:US07647454B2
公开(公告)日:2010-01-12
申请号:US11450987
申请日:2006-06-12
IPC分类号: G06F12/00 , G06F13/00 , G06F13/28 , G06F15/167
CPC分类号: G06F9/466 , G06F9/526 , G06F2209/521
摘要: A transactional shared memory system has a plurality of discrete application nodes; a plurality of discrete memory nodes; a network interconnecting the application nodes and the memory nodes, and a controller for directing transactions in a distributed system utilizing the shared memory. The memory nodes collectively provide an address space of shared memory that is provided to the application nodes via the network. The controller has instructions to transfer a batched transaction instruction set from an application node to at least one memory node. This instruction set includes one or more write, compare and read instruction subsets, and/or combinations thereof. At least one subset has a valid non null memory node identifier and memory address range. The memory node identifier may be indicated by the memory address range. The controller controls the memory node responsive to receipt of the batched transaction instruction set, to safeguard the associated memory address range during execution of the transaction instruction set. The batched transaction instruction set is collectively executed atomically. A notification instruction set may also be used to establish a notification, triggered upon a subsequent write event upon at least a portion of a specified address range.
摘要翻译: 交易共享存储器系统具有多个离散应用节点; 多个离散存储器节点; 互连应用节点和存储器节点的网络,以及用于在利用共享存储器的分布式系统中指导事务的控制器。 存储器节点共同地提供通过网络提供给应用节点的共享存储器的地址空间。 控制器具有将批处理交易指令集从应用节点传送到至少一个存储器节点的指令。 该指令集包括一个或多个写入,比较和读取指令子集,和/或其组合。 至少一个子集具有有效的非空存储器节点标识符和存储器地址范围。 存储器节点标识符可以由存储器地址范围指示。 所述控制器响应于接收到所述批处理指令集来控制所述存储器节点,以在所述事务指令集的执行期间保护所述相关联的存储器地址范围。 批量事务指令集合是以原子方式共同执行的。 也可以使用通知指令集来建立在指定地址范围的至少一部分上的后续写入事件时触发的通知。
-
-
-
-
-
-
-
-
-