公开(公告)号：US20120131334A1

公开(公告)日：2012-05-24

申请号：US13289044

申请日：2011-11-04

申请人： David Haikney ,  David N. Mackintosh ,  Jose J.P. Perez

发明人： David Haikney ,  David N. Mackintosh ,  Jose J.P. Perez

IPC分类号： H04L29/06

CPC分类号： G06F21/57 ,  G06F9/4401 ,  G06F2009/45587 ,  G06F2221/034

摘要： A technique for attesting a plurality of data processing systems. The method includes: configuring a chain of data processing systems wherein a first data processing system is responsible for retrieving attestation data associated with a second data processing system; sending a request for attestation of the first data processing system; in response to receiving the request, retrieving a list of associated one or more children, wherein the one or more children comprise the second data processing system; retrieving and storing attestation data associated with each child; retrieving and storing attestation data associated with the first data processing system; and sending to the requester a concatenated response containing the attestation data associated with the first and second data processing systems, such that the attestation data associated with the first and second data processing systems can be used to attest the first and second data processing systems, respectively.

摘要翻译： 一种证明多个数据处理系统的技术。 该方法包括：配置数据处理系统链，其中第一数据处理系统负责检索与第二数据处理系统相关联的认证数据; 发送第一数据处理系统的认证请求; 响应于接收到所述请求，检索相关联的一个或多个子项的列表，其中所述一个或多个子组成所述第二数据处理系统; 检索和存储与每个孩子相关联的证明数据; 检索和存储与第一数据处理系统相关联的证明数据; 以及向所述请求者发送包含与所述第一和第二数据处理系统相关联的认证数据的级联响应，使得与所述第一和第二数据处理系统相关联的证明数据可以分别用于证明所述第一和第二数据处理系统 。

公开(公告)号：US20120216255A1

公开(公告)日：2012-08-23

申请号：US13460080

申请日：2012-04-30

申请人： David Haikney ,  David N. MacKintosh ,  Jose J.P. Perez

发明人： David Haikney ,  David N. MacKintosh ,  Jose J.P. Perez

IPC分类号： G06F21/00

CPC分类号： G06F21/57 ,  G06F9/4401 ,  G06F2009/45587 ,  G06F2221/034

摘要： A technique for attesting a plurality of data processing systems. The method includes: configuring a chain of data processing systems wherein a first data processing system is responsible for retrieving attestation data associated with a second data processing system; sending a request for attestation of the first data processing system; in response to receiving the request, retrieving a list of associated one or more children, wherein the one or more children comprise the second data processing system; retrieving and storing attestation data associated with each child; retrieving and storing attestation data associated with the first data processing system; and sending to the requester a concatenated response containing the attestation data associated with the first and second data processing systems, such that the attestation data associated with the first and second data processing systems can be used to attest the first and second data processing systems, respectively.

摘要翻译： 一种证明多个数据处理系统的技术。 该方法包括：配置数据处理系统链，其中第一数据处理系统负责检索与第二数据处理系统相关联的认证数据; 发送第一数据处理系统的认证请求; 响应于接收到所述请求，检索相关联的一个或多个子项的列表，其中所述一个或多个子组成所述第二数据处理系统; 检索和存储与每个孩子相关联的证明数据; 检索和存储与第一数据处理系统相关联的证明数据; 以及向所述请求者发送包含与所述第一和第二数据处理系统相关联的认证数据的级联响应，使得与所述第一和第二数据处理系统相关联的证明数据可以分别用于证明所述第一和第二数据处理系统 。

公开(公告)号：US20120192181A1

公开(公告)日：2012-07-26

申请号：US13347374

申请日：2012-01-10

申请人： David Gilbert ,  David Haikney ,  David Machintosh

发明人： David Gilbert ,  David Haikney ,  David Machintosh

IPC分类号： G06F9/455

CPC分类号： G06F9/45558 ,  G06F9/45533 ,  G06F9/4856 ,  G06F9/5088 ,  G06F2009/4557

摘要： A system, method, and computer program product for controlling migration of a VM operable on a first site and a second site. The system includes an identify component for identifying the second site; a request component for sending a consent request message to a software component, wherein the consent request message comprises at least one of an identifier of the VM and an identifier of the second site; a calculate component, operable on the software component and responsive to receiving the consent request message, for determining consent for the second site; a send component, responsive to a positive determination, for sending a consent message; and a migrate component, responsive to receiving the consent message, for migrating the VM from the first site to the second site.

摘要翻译： 一种用于控制在第一站点和第二站点上可操作的VM的迁移的系统，方法和计算机程序产品。 该系统包括用于识别第二站点的识别组件; 用于向软件组件发送同意请求消息的请求组件，其中所述同意请求消息包括所述VM的标识符和所述第二站点的标识符中的至少一个; 计算组件，可在软件组件上操作并响应于接收到同意请求消息，以确定第二站点的同意; 发送组件，响应于积极的确定，发送同意消息; 以及响应于接收到同意消息的迁移组件，用于将VM从第一站点迁移到第二站点。

公开(公告)号：US20120159634A1

公开(公告)日：2012-06-21

申请号：US13327488

申请日：2011-12-15

申请人： David Haikney ,  Shawn P. Mullen ,  James Walker

发明人： David Haikney ,  Shawn P. Mullen ,  James Walker

IPC分类号： G06F21/00

CPC分类号： G06F21/57 ,  G06F9/4856 ,  G06F21/53

摘要： Attesting a virtual machine that is migrating from a first environment to a second environment includes in response to initiation of migration of the virtual machine from the first environment to the second environment, accessing one or more stored trust values generated during the trusted boot of the virtual machine in the first environment, determining if the accessed trust values define a security setting sufficient for the second environment, and if the accessed trust values do not define a security setting sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.

摘要翻译： 验证从第一环境迁移到第二环境的虚拟机包括响应于虚拟机从第一环境到第二环境的迁移的启动，访问在虚拟机的可信引导期间生成的一个或多个存储的信任值 机器在第一环境中，确定所访问的信任值是否定义足够用于第二环境的安全设置，并且如果所访问的信任值没有定义足够用于第二环境的安全设置，则执行关于迁移的预定动作 虚拟机到第二个环境。

公开(公告)号：US20070106983A1

公开(公告)日：2007-05-10

申请号：US11593442

申请日：2006-11-06

申请人： Daniel Owen ,  Jonathan Andrews ,  Miles Howson ,  David Haikney

发明人： Daniel Owen ,  Jonathan Andrews ,  Miles Howson ,  David Haikney

IPC分类号： G06F9/45

CPC分类号： G06F9/45516

摘要： An improved architecture for a program code conversion apparatus and method for generating intermediate representations for program code conversion. The program code conversion apparatus determines which types of IR nodes to generate in an intermediate representation (IR) of subject code (10) to be translated. Depending upon the particular subject and target computing environments involved in the conversion, the program code conversion apparatus utilizes either base nodes, complex nodes, polymorphic nodes, and architecture specific nodes, or some combination thereof, in generating the intermediate representation.

摘要翻译： 一种用于生成用于程序代码转换的中间表示的程序代码转换装置和方法的改进的架构。 程序代码转换装置确定要转换的主题代码（10）的中间表示（IR）中要生成哪种类型的IR节点。 根据转换中涉及的特定主题和目标计算环境，程序代码转换装置在生成中间表示时使用基本节点，复杂节点，多态节点和架构特定节点或其某种组合。