公开(公告)号：US5495614A

公开(公告)日：1996-02-27

申请号：US355756

申请日：1994-12-14

申请人： Glen A. Brent ,  Thomas J. Dewkett ,  Casper A. Scalzi

发明人： Glen A. Brent ,  Thomas J. Dewkett ,  Casper A. Scalzi

IPC分类号： G06F13/10 ,  G06F9/00

CPC分类号： G06F13/102

摘要： A control process which enables a non-supervisory "using program" (e.g. application programs) to directly interface one or more shared asynchronous hardware facilities in a computer system. Any using program may request the operating system (OS) to set up a "special environment" with an AHF during which the using program can directly issue requests to the AHF for its services. The OS sets up a session for the using program having the "special environment", which specifies restrictions on storage accesses by the AHF for accesses made on behalf of the using program--to insure system data integrity. These restrictions are not changeable by the using program. The "special environment" exists until the session is ended by the using program or by a terminating condition. The "special environment" is tailored to be different among the different using program concurrently using the same AHF, so that the "special environment" of one using program cannot interfere with the "special environment" of another using program. During a session, work requests for any using program are communicated directly to the AHF from the using program, and completion of any work request is communicated directly by the AHF to the using program without any interruption of the using program or OS involvement.

摘要翻译： 能够使非监督“使用程序”（例如应用程序）直接接入计算机系统中的一个或多个共享异步硬件设施的控制过程。 任何使用程序可以请求操作系统（OS）与AHF建立“特殊环境”，在此期间，使用程序可以直接向AHF发送其服务请求。 操作系统为具有“特殊环境”的使用程序设置会话，该特定环境指定AHF对代表使用程序进行访问的存储访问的限制，以确保系统数据完整性。 使用程序不能更改这些限制。 存在“特殊环境”，直到会话由使用程序或终止条件结束。 “特殊环境”在不同的使用程序中使用相同的AHF进行了不同的定制，使得一个使用程序的“特殊环境”不能干扰另一个使用程序的“特殊环境”。 在会议期间，任何使用程序的工作请求都从使用程序直接发送到AHF，AHF直接将任务完成任务发送到使用程序，而不会中断使用程序或操作系统的参与。

公开(公告)号：US5377337A

公开(公告)日：1994-12-27

申请号：US73815

申请日：1993-06-08

申请人： James Antognini ,  Glen A. Brent ,  Thomas E. Cook ,  Thomas J. Dewkett ,  Joseph C. Elliott ,  Francis E. Johnson ,  Casper A. Scalzi ,  Kenneth R. Veraska ,  Joseph A. Williams ,  Harry M. Yudenfriend

发明人： James Antognini ,  Glen A. Brent ,  Thomas E. Cook ,  Thomas J. Dewkett ,  Joseph C. Elliott ,  Francis E. Johnson ,  Casper A. Scalzi ,  Kenneth R. Veraska ,  Joseph A. Williams ,  Harry M. Yudenfriend

IPC分类号： G06F13/12 ,  G06F12/10 ,  G06F13/14 ,  G06F9/30

CPC分类号： G06F12/109

摘要： Provides a software-to-software interface and a software-to-hardware interface between software users and a hardware ADM facility (ADMF) in a data processing system. Such software user presents only virtual addresses to the software-to-software interface in a MSB list. The user list defines virtual address spaces, including a "hiperspace", in a manner that represents physical backing media as different random-access electronic storages, such main storage (MS) and expanded storage (ES). The real data transfers are within or between the backing storages. The user list is transformed into an ADM operation block (AOB), which is assigned an ADM UCB in a UCB queue which is associated with an ADM subchannel. The software-to-hardware interface generates an ORB, containing the AOB address, as an operand of a SSCB instruction which is executed to queue the associated subchannel onto one of plural co-processor queues in the ADMF. The ADMF uses the AOB to perform the requested page moves, and generates an interruption upon completion of each request which is sent to the hardware-to-software interface to remove the associated ADMF request from the ADM software request queue and free the associated ADM UCB for use by another user request.

摘要翻译： 在软件用户和数据处理系统中的硬件ADM工具（ADMF）之间提供软件到软件界面和软件到硬件接口。 这样的软件用户仅在MSB列表中向软件到软件界面呈现虚拟地址。 用户列表以表示作为不同随机存取电子存储器（诸如主存储器和扩展存储器（ES））的物理备用介质的方式定义虚拟地址空间，包括“时间空间”。 真正的数据传输在支持存储之间或之间。 用户列表被转换成ADM操作块（AOB），其在与ADM子信道相关联的UCB队列中被分配有ADM UCB。 软件到硬件接口生成包含AOB地址的ORB作为SSCB指令的操作数，该操作数被执行以将相关联的子信道排队到ADMF中的多个协处理器队列中的一个上。 ADMF使用AOB执行所请求的页面移动，并且在完成每个请求时产生中断，该请求被发送到硬件到软件接口以从ADM软件请求队列中移除相关联的ADMF请求并释放相关联的ADM UCB 供其他用户请求使用。

公开(公告)号：US5442802A

公开(公告)日：1995-08-15

申请号：US240301

申请日：1994-05-09

申请人： Glen A. Brent ,  Thomas J. Dewkett ,  David B. Lindquist ,  Casper A. Scalzi

发明人： Glen A. Brent ,  Thomas J. Dewkett ,  David B. Lindquist ,  Casper A. Scalzi

IPC分类号： G06F12/02 ,  G06F12/00 ,  G06F13/28

CPC分类号： G06F13/28

摘要： Virtual addressing is available to a co-processor to asynchronously control the movement of multiple page units of data between different locations in the same or a different media, e.g. main store (MS) and expanded store (ES), or both may be in ES, or both may be in MS. The co-processor controls the asynchronous page movement in parallel with continuing execution of other instructions by the central processor (CP) which requested the page movement. Each page to be moved is specified by an MSB (Move Specification Block). A set of MSBs are addressed by a special type of channel control word (CCW) in a channel program containing one or more CCWs, some of which may address one or more sets of MSBs (one MSB set per CCW) to control the movement of any number of pages. The CPU executes a special ADM SSCH (start subchannel) instruction that passes the page move work to the co-processor to perform the requested page transfer involving one or more sets of MSBs. Flag fields in source and sink specifications in each MSB contains a plurality of flag bits that define: the associated source or sink media, whether the specified address is to be translated as a virtual address or to be handled as an absolute address, whether replication of the source page(s) is to be done at the sink location, and whether the page(s) are to be erased by only accessing the sink pages to control the writing of a predetermined padding character, such as zero, through-out the content of the sink page(s).

摘要翻译： 虚拟寻址可用于协处理器以异步地控制在相同或不同介质中的不同位置之间的多页数据单元的移动，例如， 主存储（MS）和扩展存储（ES），或两者可以在ES中，或者两者都可以是MS。 协处理器通过请求页面移动的中央处理器（CP）继续执行其他指令来并行控制异步页面移动。 要移动的每个页面由MSB（移动规范块）指定。 一组MSB由包含一个或多个CCW的信道节目中的特殊类型的信道控制字（CCW）寻址，其中一些可以寻址一个或多个MSB集合（每个CCW设置一个MSB）以控制移动 任意数量的页面。 CPU执行特殊的ADM SSCH（启动子信道）指令，该指令将页面移动工作传递给协处理器，以执行涉及一个或多个MSB集合的所请求的页面传送。 每个MSB中的源和接收器规范中的标志字段包含多个标志位，其定义：相关联的源或宿介质，指定的地址是否被转换为虚拟地址或被作为绝对地址处理，是否复制 源页面将在接收器位置完成，并且通过仅访问接收器页面来擦除页面，以控制写入预定的填充字符，例如零，通过 内容页面的内容。

公开(公告)号：US5459864A

公开(公告)日：1995-10-17

申请号：US12187

申请日：1993-02-02

申请人： Glen A. Brent ,  Thomas J. Dewkett ,  Christine R. Panner ,  Casper A. Scalzi

发明人： Glen A. Brent ,  Thomas J. Dewkett ,  Christine R. Panner ,  Casper A. Scalzi

IPC分类号： G06F15/17 ,  G06F9/48 ,  G06F9/50 ,  G06F11/00 ,  G06F11/20 ,  G06F15/16 ,  G06F13/00

CPC分类号： G06F9/505 ,  G06F11/2017 ,  G06F11/1471 ,  G06F11/2035 ,  G06F11/2043 ,  G06F3/061 ,  G06F3/0647

摘要： Provides load balancing, recovery and reconfiguration control for a data move subsystem comprised of a plurality of interconnected and cooperating data move processors (DMPs). Each DMP processor has an associated queue for receiving queue elements (QEs) from central processing units of a data processing system which specify data move requirements of the data processing system. QEs can be transferred between queues of other DMPs or a common queue to achieve load balancing, recovery and reconfiguration control.

摘要翻译： 为由多个互连和协作的数据移动处理器（DMP）组成的数据移动子系统提供负载平衡，恢复和重新配置控制。 每个DMP处理器具有用于从指定数据处理系统的数据移动要求的数据处理系统的中央处理单元接收队列元素（QE）的关联队列。 QE可以在其他DMP或公共队列的队列之间传输，以实现负载均衡，恢复和重新配置控制。

公开(公告)号：US08041990B2

公开(公告)日：2011-10-18

申请号：US11769929

申请日：2007-06-28

申请人： James A. O'Connor ,  Luis A. Lastras-Montano ,  Luis C. Alves ,  William J. Clarke ,  Timothy J. Dell ,  Thomas J. Dewkett ,  Kevin C. Gower

发明人： James A. O'Connor ,  Luis A. Lastras-Montano ,  Luis C. Alves ,  William J. Clarke ,  Timothy J. Dell ,  Thomas J. Dewkett ,  Kevin C. Gower

IPC分类号： G06F11/00

CPC分类号： G06F11/108 ,  G06F2211/1045 ,  G06F2211/1057 ,  G06F2211/1064

摘要： A system and method for error correction and detection in a memory system. The system includes a memory controller, a plurality of memory modules and a mechanism. The memory modules are in communication with the memory controller and with a plurality of memory devices. The mechanism detects that one of the memory modules has failed possibly coincident with a memory device failure on an other of the memory modules. The mechanism allows the memory system to continue to run unimpaired in the presence of the memory module failure and the memory device failure.

摘要翻译： 一种用于存储系统中的纠错和检测的系统和方法。 该系统包括存储器控制器，多个存储器模块和机构。 存储器模块与存储器控制器和多个存储器件通信。 该机制检测到其中一个内存模块出现故障，可能与其他内存模块上的内存设备故障一致。 该机制允许内存系统在内存模块故障和内存设备故障的情况下继续运行不受损坏。

公开(公告)号：US07921234B2

公开(公告)日：2011-04-05

申请号：US12407879

申请日：2009-03-20

申请人： Vincenzo Condorelli ,  Thomas J. Dewkett ,  Michael D. Hocker ,  Tamas Visegrady

发明人： Vincenzo Condorelli ,  Thomas J. Dewkett ,  Michael D. Hocker ,  Tamas Visegrady

IPC分类号： G06F3/00 ,  G06F11/00

CPC分类号： G06F11/1608 ,  G06F11/1616 ,  G06F11/1625

摘要： In a communications channel coupled to multiple duplicated subsystems, a method, interposer and program product are provided for verifying integrity of subsystem responses. Within the communications channel, a first checksum is calculated with receipt of a first response from a first subsystem responsive to a common request, and a second checksum is calculated for a second response of a second subsystem received responsive to the common request. The first checksum and the second checksum are compared, and if matching, only one of the first response and the second response is forwarded from the communications channel as the response to the common request, with the other of the first response and the second response being discarded by the communications channel.

摘要翻译： 在耦合到多个重复子系统的通信信道中，提供了用于验证子系统响应的完整性的方法，插入器和程序产品。 在通信信道中，响应于公共请求从第一子系统接收到第一响应来计算第一校验和，并且响应于公共请求而接收响应于第二子系统的第二响应的第二校验和。 比较第一校验和和第二校验和，如果匹配，则只有第一响应和第二响应中的仅一个作为对公共请求的响应从通信信道转发，第一响应和第二响应中的另一个为 由通信信道丢弃。

公开(公告)号：US07516246B2

公开(公告)日：2009-04-07

申请号：US11260285

申请日：2005-10-27

申请人： Vincenzo Condorelli ,  Thomas J. Dewkett ,  Michael D. Hocker ,  Tamas Visegrady

发明人： Vincenzo Condorelli ,  Thomas J. Dewkett ,  Michael D. Hocker ,  Tamas Visegrady

IPC分类号： G06F3/00 ,  G06F11/00

CPC分类号： G06F11/1608 ,  G06F11/1616 ,  G06F11/1625

摘要： In a communications channel coupled to multiple duplicated subsystems, a method, interposer and program product are provided for verifying integrity of subsystem responses. Within the communications channel, a first checksum is calculated with receipt of a first response from a first subsystem responsive to a common request, and a second checksum is calculated for a second response of a second subsystem received responsive to the common request. The first checksum and the second checksum are compared, and if matching, only one of the first response and the second response is forwarded from the communications channel as the response to the common request, with the other of the first response and the second response being discarded by the communications channel.

摘要翻译： 在耦合到多个重复子系统的通信信道中，提供了用于验证子系统响应的完整性的方法，插入器和程序产品。 在通信信道中，响应于公共请求从第一子系统接收到第一响应来计算第一校验和，并且响应于公共请求而接收响应于第二子系统的第二响应的第二校验和。 比较第一校验和和第二校验和，如果匹配，则只有第一响应和第二响应中的仅一个作为对公共请求的响应从通信信道转发，第一响应和第二响应中的另一个为 由通信信道丢弃。

公开(公告)号：US09264230B2

公开(公告)日：2016-02-16

申请号：US13047344

申请日：2011-03-14

申请人： Todd W. Arnold ,  Elizabeth A. Dames ,  Thomas J. Dewkett ,  Carsten D. Frehr ,  Michael J. Kelly ,  Kenneth B. Kerr ,  Richard V. Kisley ,  Eric D. Rossman ,  Eric B. Smith

发明人： Todd W. Arnold ,  Elizabeth A. Dames ,  Thomas J. Dewkett ,  Carsten D. Frehr ,  Michael J. Kelly ,  Kenneth B. Kerr ,  Richard V. Kisley ,  Eric D. Rossman ,  Eric B. Smith

IPC分类号： G06F7/04 ,  H04L9/08

CPC分类号： H04L9/0897

摘要： A system for implementing computer security is provided. The system includes a computer processor and an application configured to execute on the computer processor, the application implementing a method that includes creating a token and populating a payload section of the token with key material and selecting a wrapping method that specifies how the key material is securely bound to key control information. A structure of the key control information in the token is independent of the wrapping method. Implementing computer security also includes wrapping the key material and binding key control information to the key material in the token. The key control information includes information relating to usage and management of the key material.

摘要翻译： 提供了一种实现计算机安全的系统。 该系统包括计算机处理器和被配置为在计算机处理器上执行的应用程序，该应用程序实现一种方法，该方法包括使用密钥材料创建令牌和填充令牌的有效载荷部分，并且选择包装方法，该方法指定密钥材料 安全地绑定到关键控制信息。 令牌中的关键控制信息的结构与包装方法无关。 实施计算机安全还包括将密钥材料和密钥控制信息绑定到令牌中的密钥材料。 关键控制信息包括与密钥材料的使用和管理有关的信息。

公开(公告)号：US07478246B2

公开(公告)日：2009-01-13

申请号：US10902670

申请日：2004-07-29

申请人： Richard Louis Arndt ,  Steven A. Bade ,  Thomas J. Dewkett ,  Charles W. Gainey, Jr. ,  Nia Letise Kelley ,  Siegfried Sutter ,  Helmut H. Weber

发明人： Richard Louis Arndt ,  Steven A. Bade ,  Thomas J. Dewkett ,  Charles W. Gainey, Jr. ,  Nia Letise Kelley ,  Siegfried Sutter ,  Helmut H. Weber

IPC分类号： G06F11/30 ,  H04K1/10

CPC分类号： H04L63/20 ,  G06F21/57 ,  H04L63/0876 ,  H04L63/102

摘要： A method is described for implementing a trusted computing environment within a data processing system where the data processing system includes a single hardware trusted platform module (TPM). Multiple logical partitions are provided in the data processing system. A unique context is generated for each one of the logical partitions. When one of the logical partitions requires access to the hardware TPM, that partition's context is required to be stored in the hardware TPM. The hardware TPM includes a finite number of storage locations, called context slots, for storing contexts. Each context slot can store one partition's context. Each one of the partitions is associated with one of the limited number of context storage slots in the hardware TPM. At least one of the context slots is simultaneously associated with more than one of the logical partitions. Contexts are swapped into and out of the hardware TPM during runtime of the data processing system so that when ones of the partitions require access to the hardware TPM, their required contexts are currently stored in the hardware TPM.

摘要翻译： 描述了一种在数据处理系统内实现可信计算环境的方法，其中数据处理系统包括单个硬件可信平台模块（TPM）。 在数据处理系统中提供了多个逻辑分区。 为每个逻辑分区生成唯一的上下文。 当其中一个逻辑分区需要访问硬件TPM时，该分区的上下文需要存储在硬件TPM中。 硬件TPM包括有限数量的存储位置，称为上下文时隙，用于存储上下文。 每个上下文时隙都可以存储一个分区的上下文。 每个分区与硬件TPM中的有限数量的上下文存储时隙中的一个相关联。 至少一个上下文时隙同时与多于一个的逻辑分区相关联。 在数据处理系统的运行期间，上下文交换进出硬件TPM，以便当这些分区中的一个需要访问硬件TPM时，其所需的上下文当前存储在硬件TPM中。

公开(公告)号：US5646676A

公开(公告)日：1997-07-08

申请号：US452920

申请日：1995-05-30

申请人： Thomas J. Dewkett ,  William Todd Boyd

发明人： Thomas J. Dewkett ,  William Todd Boyd

IPC分类号： G06F13/00 ,  H04N5/765 ,  H04N5/781 ,  H04N5/93 ,  H04N7/14 ,  H04N7/173 ,  H04N21/226 ,  H04N21/2387

CPC分类号： H04N21/21 ,  H04N21/23 ,  H04N7/148 ,  H04N7/17336

摘要： Connects a host computer system (such as a mainframe or host server system) to a large multimedia (MM) distribution network having wide scalability without being limited by bandwidth constraints in the host system or in any multimedia controller for controlling "on demand" viewing of movies at a large number of set-top-boxes (STBs) with TV sets. Connected to the host system is a network distribution arrangement comprised of a plurality of multimedia (MM) adapters, each MM adapter containing a plurality of MM controllers, each MM controller being connected to a multiplicity of MM pairs, each MM pair being connected to the network for controlling a direct distribution of movies to a large number of STBs. Each MM pair includes a disk adapter and a network adapter connected by a common MM pair bus for transmitting disk data blocks directly to the STBs. The disk adapter controls and receives data from one or more disk devices. The network adapter sends the disk data to the network. In each MM pair, a pair bus connects the network adapter to transmit data from the disk adapter to the network. Data files (movies) are stored on the disks, and any file can be selected by an STB for transmission to the STB. Data blocks are read directly from the disk to the pair bus and then directly through the network to the requesting STB. Any STB may issue interactive commands to control a data file while it is being received.

摘要翻译： 将主计算机系统（例如主机或主机服务器系统）连接到具有广泛可扩展性的大型多媒体（MM）分配网络，而不受主机系统或任何多媒体控制器中的带宽限制的限制，用于控制“按需”观看 电影在大量具有电视机的机顶盒（STB）。 连接到主机系统的是由多个多媒体（MM）适配器组成的网络分配装置，每个MM适配器包含多个MM控制器，每个MM控制器连接到多个MM对，每个MM对连接到 用于控制电影直接分发到大量STB的网络。 每个MM对包括通过公共MM对总线连接的磁盘适配器和网络适配器，用于将磁盘数据块直接发送到STB。 磁盘适配器控制和接收来自一个或多个磁盘设备的数据。 网络适​​配器将磁盘数据发送到网络。 在每个MM对中，一对总线连接网络适配器，以将数据从磁盘适配器传输到网络。 数据文件（电影）存储在磁盘上，STB可以选择任何文件传输到STB。 数据块从磁盘直接读取到对总线，然后直接通过网络读取到请求的STB。 任何机顶盒可能会发出交互式命令来在数据文件被接收时控制数据文件。