-
公开(公告)号:US08887144B1
公开(公告)日:2014-11-11
申请号:US12554770
申请日:2009-09-04
CPC分类号: G06F9/4416 , G06F8/65 , G06F21/572 , H04L41/082 , H04L63/126 , H04L67/34
摘要: When providing a user with native access to at least a portion of device hardware, the user can be prevented from modifying firmware and other configuration information by controlling the mechanisms used to update that information. In some embodiments, an asymmetric keying approach can be used to encrypt or sign the firmware. In other cases access can be controlled by enabling firmware updates only through a channel or port that is not exposed to the customer, or by mapping only those portions of the hardware that are to be accessible to the user. In other embodiments, the user can be prevented from modifying firmware by only provisioning the user on a machine after an initial mutability period wherein firmware can be modified, such that the user never has access to a device when firmware can be updated. Combinations and variations of the above also can be used.
摘要翻译: 当向用户提供对至少一部分设备硬件的本地访问时,可以通过控制用于更新该信息的机制来阻止用户修改固件和其他配置信息。 在一些实施例中,可以使用非对称密钥方法来加密或签名固件。 在其他情况下,只能通过不暴露给客户的通道或端口启用固件更新,或仅映射用户可访问的硬件部分来控制访问。 在其他实施例中,可以通过在可修改固件的初始可变性周期之后仅在机器上提供用户来防止用户修改固件,使得当固件可以被更新时,用户永远不能访问设备。 上述的组合和变化也可以使用。
-
公开(公告)号:US08495557B2
公开(公告)日:2013-07-23
申请号:US12061668
申请日:2008-04-03
申请人: Anders B. Vinberg , David G. Campbell , James R. Hamilton , Donald F. Ferguson , Emre M. Kiciman
发明人: Anders B. Vinberg , David G. Campbell , James R. Hamilton , Donald F. Ferguson , Emre M. Kiciman
CPC分类号: G06F17/30
摘要: Described is a technology by which a system corresponding to a large scale application is built from subsystems that are differentiated from one another based on characteristics of each subsystem. Example characteristics include availability, reliability, redundancy, statefulness and/or performance. Subsystems are matched to known design patterns, based on each subsystem's individual characteristics. Each subsystem's characteristics are associated with that subsystem for subsequent use in operation of the system, e.g., for managing/servicing the subsystem. The known design patterns may be provided in a library, in a programming framework, in conjunction with a development tool, and/or as data associated with one or more operating system services, server systems and/or hosted services that include at least one configuration, policy and or schema. Certain design patterns and/or characteristics patterns may be blocked to prevent their usage.
摘要翻译: 描述了一种基于每个子系统的特征,从与彼此不同的子系统构建与大规模应用相对应的系统的技术。 示例特性包括可用性,可靠性,冗余性,状态性和/或性能。 基于每个子系统的各个特征,子系统与已知的设计模式相匹配。 每个子系统的特征与该子系统相关联,用于随后在系统的操作中使用,例如用于管理/维护子系统。 已知的设计模式可以在库,编程框架中与开发工具一起提供,和/或作为与一个或多个操作系统服务,服务器系统和/或托管服务相关联的数据提供,其包括至少一个配置 ,策略和/或模式。 某些设计模式和/或特征模式可能被阻止以防止其使用。
-
公开(公告)号:US08473646B1
公开(公告)日:2013-06-25
申请号:US13530050
申请日:2012-06-21
CPC分类号: G06F13/1626 , G06F3/0611 , G06F3/0659 , G06F3/0673
摘要: Input and output (I/O) operations performed by a data storage device are managed dynamically to balance aspects such as throughput and latency. Sequential read and write requests are sent to a data storage device whereby the corresponding operations are performed without time delay due to extra disk revolutions. In order to minimize latency, particularly for read operations, random read and write requests are held in a queue upstream of an I/O controller of the data storage device until the buffer of the data storage device is empty. The queued requests can be reordered when a higher priority request is received, improving the overall latency for specific requests. An I/O scheduler of a data server is still able to use any appropriate algorithm to order I/O requests, such as by prioritizing reads over writes as long as the writes do not back up in the I/O queue beyond a certain threshold.
摘要翻译: 由数据存储设备执行的输入和输出(I / O)操作被动态地管理以平衡诸如吞吐量和延迟的方面。 顺序读写请求被发送到数据存储设备,由此由于额外的磁盘转数,相应的操作没有时间延迟。 为了最小化延迟,特别是对于读取操作,随机读取和写入请求被保存在数据存储设备的I / O控制器上游的队列中,直到数据存储设备的缓冲器为空。 当接收到更高优先级的请求时,排队的请求可以重新排序,从而提高特定请求的总体延迟。 数据服务器的I / O调度器仍然能够使用任何适当的算法来排序I / O请求,例如通过对写入进行优先级排序,只要写入不在I / O队列中备份超过某个阈值 。
-
公开(公告)号:US20130080576A1
公开(公告)日:2013-03-28
申请号:US13246818
申请日:2011-09-27
申请人: Brett R. Taylor , James R. Hamilton
发明人: Brett R. Taylor , James R. Hamilton
IPC分类号: G06F15/16
CPC分类号: G06F16/9574
摘要: A remote browsing process is directed to the generation and management of a remote browse session at a network computing provider. A client computing device requests a remote browse session instance at a network computing provider. The network computing provider instantiates the browse session instance and retrieves the requested content. The network computing provider processes the requested content for display, and provides a processed representation of the requested content to the client computing device. The network computing provider further provides a historical content representation corresponding to the requested content to a historical browse storage component for storage. The network computing provider retrieves additional content referenced directly or indirectly by the requested content. The network computing provider provides historical content representations corresponding to some of the additional content to the historical browse storage component.
摘要翻译: 远程浏览过程针对在网络计算提供商处的远程浏览会话的生成和管理。 客户端计算设备在网络计算提供商处请求远程浏览会话实例。 网络计算提供者实例化浏览会话实例并检索所请求的内容。 网络计算提供商处理所请求的内容以进行显示,并将所请求的内容的处理表示提供给客户机计算设备。 网络计算提供者还向历史浏览存储组件提供对应于所请求的内容的历史内容表示以进行存储。 网络计算提供商检索由所请求的内容直接或间接引用的附加内容。 网络计算提供者向历史浏览存储组件提供对应于一些附加内容的历史内容表示。
-
公开(公告)号:US20130010796A1
公开(公告)日:2013-01-10
申请号:US13620363
申请日:2012-09-14
IPC分类号: H04L12/56
CPC分类号: H04L45/04 , H04L45/30 , H04L45/44 , H04L45/58 , H04L45/741 , H04L45/745 , H04L47/33 , H04L69/22 , H04L69/323
摘要: A hierarchical distributed routing architecture including at least three levels, or layers, for receiving, processing and forwarding data packets between network components is provided. The core level router components receive an incoming packet from a network component and identify a distribution level router component based on processing a subset of the destination address associated with the received packet. The distribution level router components that receiving a forwarded packet and identify a transit level router component based a second processing of at least a subset of the destination address associated with the received packet. The transit level router components receive the forwarded packet and forward the packet to a respective network. The mapping, or other assignment, of portions of the FIB associated with the distributed routing environment is managed by a router management component.
摘要翻译: 提供了包括用于在网络组件之间接收,处理和转发数据分组的至少三个级别或层级的分层分布式路由架构。 核心级路由器组件从网络组件接收传入分组,并且基于处理与接收到的分组相关联的目的地地址的子集来识别分布级路由器组件。 接收转发的分组并且基于与接收的分组相关联的目的地地址的至少一个子集的第二处理来识别传输级路由器组件的分发级路由器组件。 传输级路由器组件接收转发的数据包,并将数据包转发到相应的网络。 与分布式路由环境相关联的FIB的部分的映射或其他分配由路由器管理组件管理。
-
公开(公告)号:US08331371B2
公开(公告)日:2012-12-11
申请号:US12641260
申请日:2009-12-17
CPC分类号: H04L45/04 , H04L45/30 , H04L45/44 , H04L45/58 , H04L45/741 , H04L45/745 , H04L47/33 , H04L69/22 , H04L69/323
摘要: A hierarchical distributed routing architecture including at least three levels, or layers, for receiving, processing and forwarding data packets between network components is provided. The core level router components receive an incoming packet from a network component and identify a distribution level router component based on processing a subset of the destination address associated with the received packet. The distribution level router components receive a forwarded packet and identify a transit level router component based on at least a subset of the destination address associated with the received packet. The transit level router components receive the forwarded packet and forward the packet to a respective network. The mapping of destination addresses to router components of may be managed by a router management component. In some embodiments, mapping of destination address to router components may be based, at least in part, on traffic volumes associated with the mapped destination addresses.
摘要翻译: 提供了包括用于在网络组件之间接收,处理和转发数据分组的至少三个级别或层级的分层分布式路由架构。 核心级路由器组件从网络组件接收传入分组,并且基于处理与接收到的分组相关联的目的地地址的子集来识别分布级路由器组件。 分发级路由器组件接收转发的分组,并且基于与所接收的分组相关联的目的地地址的至少一个子集来识别传输级路由器组件。 传输级路由器组件接收转发的数据包,并将数据包转发到相应的网络。 目的地址到路由器组件的映射可能由路由器管理组件管理。 在一些实施例中,目的地地址到路由器组件的映射可以至少部分地基于与映射的目的地地址相关联的业务量。
-
公开(公告)号:US08331370B2
公开(公告)日:2012-12-11
申请号:US12641255
申请日:2009-12-17
IPC分类号: H04L12/28
CPC分类号: H04L45/04 , H04L45/58 , H04L47/125
摘要: A hierarchical distributed routing architecture including at least two levels, or layers, for receiving, processing and forwarding data packets between network components is provided. The core level router components receive an incoming packet from a network component and identify a distribution level router component based on processing a subset of the destination address associated with the received packet. The distribution level router components receive a forwarded packet and forward the packet to a respective network. The mapping, or other assignment, of portions of destination addresses to router components of the distributed routing environment may be managed by a router management component. In some embodiments, mapping of destination address to router components may be based, at least in part, on traffic volumes associated with the mapped destination addresses.
摘要翻译: 提供了包括用于在网络组件之间接收,处理和转发数据分组的至少两个级别或层级的分层分布式路由架构。 核心级路由器组件从网络组件接收传入分组,并且基于处理与接收到的分组相关联的目的地地址的子集来识别分布级路由器组件。 分发级路由器组件接收转发的分组,并将分组转发到相应的网络。 目标地址部分到分布式路由环境的路由器组件的映射或其他分配可以由路由器管理组件管理。 在一些实施例中,目的地地址到路由器组件的映射可以至少部分地基于与映射的目的地地址相关联的业务量。
-
公开(公告)号:US08214653B1
公开(公告)日:2012-07-03
申请号:US12554736
申请日:2009-09-04
IPC分类号: G06F21/00
CPC分类号: G06F8/65 , G06F21/572 , G06F21/629 , H04L63/0428 , H04L63/08 , H04L63/20
摘要: When providing a user with native access to at least a portion of device hardware, the user can be prevented from modifying firmware and other configuration information by controlling the mechanisms used to update that information. In some embodiments, an asymmetric keying approach can be used to encrypt or sign the firmware. In other cases access can be controlled by enabling firmware updates only through a channel or port that is not exposed to the customer, or by mapping only those portions of the hardware that are to be accessible to the user. In other embodiments, the user can be prevented from modifying firmware by only provisioning the user on a machine after an initial mutability period wherein firmware can be modified, such that the user never has access to a device when firmware can be updated. Combinations and variations of the above also can be used.
摘要翻译: 当向用户提供对至少一部分设备硬件的本地访问时,可以通过控制用于更新该信息的机制来阻止用户修改固件和其他配置信息。 在一些实施例中,可以使用非对称密钥方法来加密或签名固件。 在其他情况下,只能通过不暴露给客户的通道或端口启用固件更新,或仅映射用户可访问的硬件部分来控制访问。 在其他实施例中,可以通过在可修改固件的初始可变性周期之后仅在机器上提供用户来防止用户修改固件,使得当固件可以被更新时,用户永远不能访问设备。 上述的组合和变化也可以使用。
-
公开(公告)号:US08032767B2
公开(公告)日:2011-10-04
申请号:US12060876
申请日:2008-04-02
IPC分类号: G06F1/26
CPC分类号: G06F1/206 , H05K7/1497 , H05K7/1498 , H05K7/20745 , H05K7/20836 , Y02D10/16
摘要: An illustrative power-efficient data center is described for operating in an uncontrolled environment in one scenario. The data center includes an air moving system that applies unconditioned air to resource items. The resource items are stripped down to provide a substantially minimum set of components for performing the data center'core functions. Various illustrative techniques for managing a power-efficient data center are also described.
摘要翻译: 描述了一种说明性的功率效率数据中心,用于在一种情况下在不受控制的环境中运行。 数据中心包括一个空中移动系统,将无条件的空气应用于其资源项目。 资源项被删除以提供用于执行数据中心的核心功能的基本上最小的组件集合。 还描述了用于管理功率效率数据中心的各种说明性技术。
-
公开(公告)号:US07860793B2
公开(公告)日:2010-12-28
申请号:US12061000
申请日:2008-04-02
申请人: Chris Demetrios Karkanias , Hubert Van Hoof , Oren Rosenbloom , James R. Hamilton , Pablo Argon , Vladimir Sadovsky , Behrooz Chitsaz , Sean Patrick Nolan
发明人: Chris Demetrios Karkanias , Hubert Van Hoof , Oren Rosenbloom , James R. Hamilton , Pablo Argon , Vladimir Sadovsky , Behrooz Chitsaz , Sean Patrick Nolan
IPC分类号: G06Q40/00
CPC分类号: G06Q50/22 , G06F19/00 , G06Q20/105 , G06Q40/00 , G16H10/65
摘要: A healthcare smart card management system stores a large amount of healthcare information to overcome shortcomings of separate and largely paper medical and insurance files. Embedded security technology supports partial or separated identity proofing as well as hardware time limited storage. Dynamic contextual privacy consent enhances user, healthcare provider, and insurer privacy and proprietary information to encourage and enable universal adoption. Data is structured in self-executing (“print to device”) for legacy systems as well as in rolled-access format and archival format to balance usage and data integrity purposes. A plurality of network interfaces are incorporated as well as financial transaction codes. Card integrity is enhanced by remote usage oversight, self-destruct monitoring (e.g., time, location, hacking, malfunction, etc.), and integral write-only audit logs. Levering excess storage capacity, a user can store related healthcare information such as exercise regimen, diet journal, emergency contact information, urgent medical conditions for first providers, etc.
摘要翻译: 医疗智能卡管理系统存储大量医疗保健信息,以克服单独和大量纸张医疗保险文件的缺点。 嵌入式安全技术支持部分或分离的身份打样以及硬件时间有限的存储。 动态上下文隐私权同意增强了用户,医疗保健提供者和保险公司的隐私和专有信息,以鼓励并实现普遍采用。 数据结构采用自行执行(“打印到设备”),用于传统系统以及滚动访问格式和归档格式,以平衡使用和数据完整性的目的。 并入多个网络接口以及金融交易代码。 通过远程使用监督,自毁式监控(例如时间,位置,黑客,故障等)和完整的只写审核日志来增强卡的完整性。 利用多余的存储容量,用户可以存储运动方案,饮食日记,紧急联系信息,第一供应商的紧急医疗条件等有关的医疗信息。
-
-
-
-
-
-
-
-
-
搜索结果
110 条记录 (耗时 0.087 秒)
