-
公开(公告)号:US20070014295A1
公开(公告)日:2007-01-18
申请号:US11182712
申请日:2005-07-15
IPC分类号: H04L12/28
摘要: Sharing access to resources using an inter-process communication (“IPC”) provides a connection in which references to resources may be passed from a sender to a receiver in a trusted third party environment. A sender in possession of a reference to a resource, such as a handle to an object, may initiate the connection with the receiver. In turn, the receiver may accept or refuse the connection, and may further specify the types of resources in which the receiver is interested when accepting through the connection. Sharing access to resources in this manner advantageously insures that only a process that already has access to a resource is able to share that access with another process, and further that only processes that wish to do so will accept such access.
摘要翻译: 使用进程间通信(“IPC”)共享对资源的访问提供了在可信第三方环境中可以将资源的引用从发送者传递到接收者的连接。 拥有对资源(例如对象的句柄)的引用的发送者可以发起与接收者的连接。 反过来,接收机可以接受或拒绝连接,并且可以进一步指定接收者在通过连接接受时感兴趣的资源的类型。 以这种方式共享对资源的访问有利地确保仅具有对资源的访问的进程能够与另一进程共享该访问,并且进一步地,仅希望这样访问的进程将接受该访问。
-
公开(公告)号:US20070094669A1
公开(公告)日:2007-04-26
申请号:US11257649
申请日:2005-10-25
申请人: John Rector , Arun Kishan , Neill Clift , Adrian Marinescu
发明人: John Rector , Arun Kishan , Neill Clift , Adrian Marinescu
IPC分类号: G06F9/46
CPC分类号: G06F9/526
摘要: A technology for exclusively acquiring a shared resource is disclosed. In one method approach, the method determines that a shared resource is available to be exclusively acquired by a first thread. The method also prevents partial execution of operations by a second thread, during operations to exclusively acquire the shared resource by the first thread, which may be accomplished by using an interrupt. The preventing of partial execution of operations by the second thread may be initiated by the first thread. The method embodiment then performs operations to exclusively acquire the shared resource by the first thread.
摘要翻译: 公开了专门获取共享资源的技术。 在一种方法方法中,该方法确定共享资源可用于由第一线程专门获取。 该方法还防止第二线程在由第一线程独占地获取共享资源的操作期间的部分执行,这可以通过使用中断来实现。 可以由第一线程启动防止第二线程的部分执行操作。 然后,方法实施例执行由第一线程独占地获取共享资源的操作。
-
公开(公告)号:US20060004760A1
公开(公告)日:2006-01-05
申请号:US10872722
申请日:2004-06-21
申请人: Neill Clift , Adrian Marinescu
发明人: Neill Clift , Adrian Marinescu
IPC分类号: G06F17/30
CPC分类号: G06F17/30362 , Y10S707/99932 , Y10S707/99938 , Y10S707/99944
摘要: In accordance with an embodiment of this invention, a mechanism for managing a plurality of access requests for a data object is provided. The mechanism includes a lock control identifying whether a requested data object is in use and a waiter control identifying whether at least one of the plurality of access requests have been denied immediate access to the data object and is currently waiting for access to the data object. Additionally, the mechanism maintains a list optimize control identifying whether one of the plurality of access requests is currently optimizing a waiters list of access requests waiting to access to the data object.
摘要翻译: 根据本发明的实施例,提供了一种用于管理数据对象的多个访问请求的机制。 该机制包括识别所请求的数据对象是否在使用中的锁定控制以及标识多个访问请求中的至少一个访问请求是否已被拒绝立即访问数据对象并且正在等待访问数据对象的服务员控制。 另外,机制维护列表优化控制,以确定多个访问请求之一当前是否正在优化等待访问数据对象的访问请求的服务器列表。
-
公开(公告)号:US20070130621A1
公开(公告)日:2007-06-07
申请号:US11294835
申请日:2005-12-06
申请人: Adrian Marinescu , Neill Clift
发明人: Adrian Marinescu , Neill Clift
IPC分类号: H04L9/32 , G06F12/14 , G06F11/00 , G06K9/00 , G06F17/30 , G06F12/16 , G06F7/04 , G06F15/18 , G08B23/00
CPC分类号: G06F21/6281 , G06F21/52 , G06F2221/2147 , G06F2221/2149
摘要: Generally described, a method, software system, and computer-readable medium are provided for preventing a malware from colliding on a named object. In accordance with one aspect, a method is provided for creating a private namespace. More specifically, the method includes receiving a request to create a private namespace that contains data for defining the boundary of the private namespace from the current process. Then a determination is made regarding whether a principle associated with the current process has the security attributes that are alleged in the request. In this regard, if the principle that is associated with the current process has the security attributes that are alleged in the request, the method creates a container object to implement the private namespace that is defined by the data received in the request.
摘要翻译: 通常描述,提供了一种方法,软件系统和计算机可读介质,用于防止恶意软件与命名对象冲突。 根据一个方面,提供了一种创建私有命名空间的方法。 更具体地,该方法包括接收创建私有命名空间的请求,该私有命名空间包含用于从当前进程定义私有命名空间的边界的数据。 然后确定与当前进程相关联的原则是否具有在请求中被指称的安全属性。 在这方面,如果与当前进程相关联的原则具有在请求中声称的安全属性,则该方法将创建一个容器对象来实现由请求中接收的数据定义的私有命名空间。
-
公开(公告)号:US07571288B2
公开(公告)日:2009-08-04
申请号:US11480799
申请日:2006-07-03
IPC分类号: G06F12/00
CPC分类号: G06F12/0261
摘要: Object rundown protection that scales with the number of processors in a shared-memory computer system is disclosed. Prior to object rundown, a cache-aware reference count data structure is used to prevent cache-pinging that would otherwise result from data sharing across processors in a multiprocessor computer system. In this data structure, a counter of positive references and negative dereferences, aligned on a particular cache line, is maintained for each processor. When an object is to be destroyed, a rundown wait process is begun, during which new references on the object are prohibited, and the total number of outstanding references is added to an on-stack global counter. Destruction is delayed until the global reference count is reduced to zero. In an implementation on non-uniform memory access multiprocessor machines, each processor's reference count is additionally allocated in a region of main memory that is physically close to that processor.
摘要翻译: 公开了与共享存储器计算机系统中的处理器数量相比较的对象破坏保护。 在对象清除之前,使用缓存感知引用计数数据结构来防止否则会在多处理器计算机系统中的处理器之间的数据共享导致的缓存ping。 在这种数据结构中,为每个处理器维护在特定高速缓存线上对齐的正引用和负解除引用的计数器。 当一个对象被销毁时,就会开始一个破坏的等待过程,在这个过程中,对对象的新引用被禁止,并且未完成引用的总数被添加到一个堆栈全局计数器中。 破坏延迟,直到全局引用计数减少为零。 在非均匀内存访问多处理器机器上的实现中,每个处理器的引用计数额外分配在物理上靠近该处理器的主存储器的区域中。
-
公开(公告)号:US20070101431A1
公开(公告)日:2007-05-03
申请号:US11263599
申请日:2005-10-31
申请人: Neill Clift , Thushara Wijeratna
发明人: Neill Clift , Thushara Wijeratna
IPC分类号: G06F12/14
CPC分类号: G06F21/56
摘要: A method, software system, and computer-readable medium are provided for determining whether a malware that implements stealth techniques is resident on a computer. In one exemplary embodiment, a method is provided that obtains a first set of data that describes the processes that are reported as being active on the computer in a non-interrupt environment. Then, the method causes program execution to be interrupted at runtime so that an analysis of the active processes on the computer may be performed. After program execution is interrupted, a second set data that describes the processes that are reported as being active on the computer in a interrupt environment is obtained. By performing a comparison between the first and second sets of data, a determination may be made regarding whether the collected data contains inconsistencies that are characteristic of malware.
摘要翻译: 提供了一种方法,软件系统和计算机可读介质,用于确定实施隐形技术的恶意软件是否驻留在计算机上。 在一个示例性实施例中,提供了一种方法,其获得在非中断环境中描述在计算机上被报告为活动的进程的第一组数据。 然后,该方法使得程序执行在运行时被中断,从而可以对计算机上的活动进程进行分析。 在程序执行中断之后,获得描述在中断环境中报告为在计算机上被激活的进程的第二组数据。 通过执行第一和第二组数据之间的比较,可以确定收集的数据是否包含恶意软件的特征的不一致。
-
公开(公告)号:US20070016905A1
公开(公告)日:2007-01-18
申请号:US11180338
申请日:2005-07-12
申请人: John Rector , Jonathan Morrison , Neill Clift , Arun Kishan
发明人: John Rector , Jonathan Morrison , Neill Clift , Arun Kishan
IPC分类号: G06F9/46
CPC分类号: G06F9/52 , G06F9/522 , Y10S707/99938
摘要: A blocking local sense synchronization barrier is provided. The local sense variable is not processor private or global, but truly local to the synchronization barrier function. Safe deletion is provided by making sure the last operation a thread performs on a barrier is a write. Just before returning, threads increment a field that indicates the count of threads that have left the barrier. Blocking is supported such that threads spin for some interval, and when they decide to block, examine and set (if not already set) the indication of whether a thread is blocking that is to be examined by the last thread to arrive at the barrier to determine whether to set an event to release blocking threads.
摘要翻译: 提供阻塞的本地感测同步屏障。 局部感知变量不是处理器私有的或全局的,而是真正的本地的同步屏障功能。 通过确保线程在屏障上执行的最后一个操作是写入来提供安全删除。 在返回之前,线程会增加一个字段,指示已经离开屏障的线程数。 阻塞被支持,使得线程旋转一段时间,并且当它们决定阻塞,检查和设置(如果尚未设置)时线程是否阻塞的指示被最后线程检查以到达屏障 确定是否设置事件以释放阻塞线程。
-
公开(公告)号:US20060200635A1
公开(公告)日:2006-09-07
申请号:US11402493
申请日:2006-04-11
IPC分类号: G06F12/00
CPC分类号: G06F12/0261
摘要: A system and method for object rundown protection that scales with the number of processors in a shared-memory computer system is disclosed. In an embodiment of the present invention, prior to object rundown, a cache-aware reference count data structure is used to prevent cache-pinging that would otherwise result from data sharing across processors in a multiprocessor computer system. In this data structure, a counter of positive references and negative dereferences, aligned on a particular cache line, is maintained for each processor. When an object is to be destroyed, a rundown wait process is begun, during which new references on the object are prohibited, and the total number of outstanding references is added to an on-stack global counter. Destruction is delayed until the global reference count is reduced to zero. In an embodiment of the invention suited to implementation on non-uniform memory access multiprocessor machines, each processor's reference count is additionally allocated in a region of main memory that is physically close to that processor.
摘要翻译: 公开了一种与共享存储器计算机系统中的处理器数量相比较的对象破坏保护的系统和方法。 在本发明的一个实施例中,在对象清除之前,使用高速缓存感知引用计数数据结构来防止否则将在多处理器计算机系统中的处理器之间的数据共享导致的高速缓存ping。 在这种数据结构中,为每个处理器维护在特定高速缓存线上对齐的正引用和负解除引用的计数器。 当一个对象被破坏时,开始一个等待时间的过程,在该过程中,禁止对对象的新引用,并将未完成引用的总数添加到堆栈中的全局计数器。 破坏延迟,直到全局引用计数减少为零。 在适于在非均匀存储器访问多处理器机器上实现的本发明的实施例中,每个处理器的引用计数额外分配在物理上靠近该处理器的主存储器的区域中。
-
公开(公告)号:US07743418B2
公开(公告)日:2010-06-22
申请号:US11263599
申请日:2005-10-31
申请人: Neill Clift , Thushara K. Wijeratna
发明人: Neill Clift , Thushara K. Wijeratna
CPC分类号: G06F21/56
摘要: A method, software system, and computer-readable medium are provided for determining whether a malware that implements stealth techniques is resident on a computer. In one exemplary embodiment, a method is provided that obtains a first set of data that describes the processes that are reported as being active on the computer in a non-interrupt environment. Then, the method causes program execution to be interrupted at runtime so that an analysis of the active processes on the computer may be performed. After program execution is interrupted, a second set data that describes the processes that are reported as being active on the computer in a interrupt environment is obtained. By performing a comparison between the first and second sets of data, a determination may be made regarding whether the collected data contains inconsistencies that are characteristic of malware.
摘要翻译: 提供了一种方法,软件系统和计算机可读介质,用于确定实施隐形技术的恶意软件是否驻留在计算机上。 在一个示例性实施例中,提供了一种方法,其获得在非中断环境中描述在计算机上被报告为活动的进程的第一组数据。 然后,该方法使得程序执行在运行时被中断,从而可以对计算机上的活动进程进行分析。 在程序执行中断之后,获得描述在中断环境中报告为在计算机上被激活的进程的第二组数据。 通过执行第一和第二组数据之间的比较,可以确定收集的数据是否包含恶意软件的特征的不一致。
-
公开(公告)号:US20070266386A1
公开(公告)日:2007-11-15
申请号:US11432888
申请日:2006-05-12
申请人: Arun Kishan , Neill Clift
发明人: Arun Kishan , Neill Clift
IPC分类号: G06F9/46
CPC分类号: G06F9/4806
摘要: Aspects of the present invention are directed at providing safe and efficient ways for a program to perform a one-time initialization of a data item in a multi-threaded environment. In accordance with one embodiment, a method is provided that allows a program to perform a synchronized initialization of a data item that may be accessed by multiple threads. More specifically, the method includes receiving a request to initialize the data item from a current thread. In response to receiving the request, the method determines whether the current thread is the first thread to attempt to initialize the data item. If the current thread is the first thread to attempt to initialize the data item, the method enforces mutual exclusion and blocks other attempts to initialize the data item made by concurrent threads. Then, the current thread is allowed to execute program code provided by the program to initialize the data item.
摘要翻译: 本发明的方面旨在为程序在多线程环境中执行数据项的一次初始化提供安全和有效的方式。 根据一个实施例,提供了一种允许程序执行可被多个线程访问的数据项的同步初始化的方法。 更具体地说,该方法包括从当前线程接收初始化数据项的请求。 响应于接收到请求,该方法确定当前线程是否是尝试初始化数据项的第一线程。 如果当前线程是尝试初始化数据项的第一个线程,则该方法会强制执行互斥,并阻止其他尝试初始化由并发线程创建的数据项。 然后,允许当前线程执行程序提供的程序代码来初始化数据项。
-
-
-
-
-
-
-
-
-
搜索结果
15 条记录 (耗时 0.021 秒)
