-
公开(公告)号:US20120075314A1
公开(公告)日:2012-03-29
申请号:US12893985
申请日:2010-09-29
申请人: Meher P. Malakapalli , B. Anil Kumar , Parag Chakraborty , Karthik Lakshminarayanan , Mahesh Lotlikar , Bradley Stephen Post
发明人: Meher P. Malakapalli , B. Anil Kumar , Parag Chakraborty , Karthik Lakshminarayanan , Mahesh Lotlikar , Bradley Stephen Post
CPC分类号: G06T1/20 , G06F21/53 , G06F21/84 , G06F2009/45587
摘要: A mechanism is described for mitigating the effects of such a DoS attack by detecting a multiple TDR situation within a short duration, identifying the errant virtual machines, and suspending all rendering ability for that virtual machine or set of virtual machines. While the disclosed embodiments are described in the context of virtual machines, the principles may be extended to the general problem of DoS attacks due to TDRs and bugchecks on any physical machine that includes a GPU. For example, DoS attacks can be generated from web sites directly using GPU rendering.
摘要翻译: 描述了一种机制,用于通过在短时间内检测多个TDR情况来减轻这种DoS攻击的影响,识别错误的虚拟机,并暂停对该虚拟机或一组虚拟机的所有渲染能力。 虽然所公开的实施例在虚拟机的上下文中被描述,但是这些原理可以被扩展到由于在包括GPU的任何物理机器上的TDR和错误检查引起的DoS攻击的一般问题。 例如,可以直接使用GPU渲染从网站生成DoS攻击。
-
2.发明授权Techniques for enabling remote management of servers configured with graphics processors 有权实现对配置有图形处理器的服务器进行远程管理的技术公开(公告)号:US08830228B2
公开(公告)日:2014-09-09
申请号:US12973622
申请日:2010-12-20
CPC分类号: H04L41/22 , G06F9/4411 , H04L41/0809
摘要: A technique for enabling the use of a baseboard management controller in a computer system configured to stream 3D graphical user interfaces to remote clients is described. In an exemplary configuration, a cap driver that is written to conform to a driver model that can interface with a 3D graphics application program interface can be loaded for use with the baseboard management controller instead of a legacy driver that was written to conform to a legacy driver model. This allows a control program to load a graphics driver that can interoperate with the 3D graphics application program interface. In addition to the foregoing, other aspects are described in the text of the summary and detailed description, the claims, and drawings.
摘要翻译: 描述了一种用于在被配置成将3D图形用户界面流向远程客户端的计算机系统中使用基板管理控制器的技术。 在示例性配置中,可以加载写入以符合可与3D图形应用程序接口连接的驱动程序模型的盖帽驱动程序,以便与基板管理控制器不同地使用已编写以符合遗留的传统驱动程序 司机模式。 这允许控制程序加载可与3D图形应用程序接口互操作的图形驱动程序。 除了上述之外,其他方面在摘要和详细描述,权利要求和附图的文本中描述。
-
3.发明申请Techniques For Enabling Remote Management Of Servers Configured With Graphics Processors 有权使用图形处理器配置的服务器的远程管理技术公开(公告)号:US20120154375A1
公开(公告)日:2012-06-21
申请号:US12973622
申请日:2010-12-20
IPC分类号: G06T15/00
CPC分类号: H04L41/22 , G06F9/4411 , H04L41/0809
摘要: A technique for enabling the use of a baseboard management controller in a computer system configured to stream 3D graphical user interfaces to remote clients is described. In an exemplary configuration, a cap driver that is written to conform to a driver model that can interface with a 3D graphics application program interface can be loaded for use with the baseboard management controller instead of a legacy driver that was written to conform to a legacy driver model. This allows a control program to load a graphics driver that can interoperate with the 3D graphics application program interface. In addition to the foregoing, other aspects are described in the text of the summary and detailed description, the claims, and drawings.
摘要翻译: 描述了一种用于在被配置成将3D图形用户界面流向远程客户端的计算机系统中使用基板管理控制器的技术。 在示例性配置中,可以加载写入以符合可与3D图形应用程序接口连接的驱动程序模型的盖帽驱动程序,以便与基板管理控制器不同地使用已编写以符合遗留的传统驱动程序 司机模式。 这允许控制程序加载可与3D图形应用程序接口互操作的图形驱动程序。 除了上述之外,其他方面在摘要和详细描述,权利要求和附图的文本中描述。
-
公开(公告)号:US08201218B2
公开(公告)日:2012-06-12
申请号:US11680518
申请日:2007-02-28
IPC分类号: H04L29/06
CPC分类号: H04L63/18 , H04L29/08846 , H04L63/0807 , H04L63/10 , H04L63/20
摘要: A strategy is described for securely applying connection policies in a system that includes a first entity (e.g., a TS client) connected to a second entity (e.g., a TS server) via a gateway using a remote-operating protocol (e.g., RDP). The strategy involves establishing a first secure channel between the gateway and the TS server and transmitting policy information from the gateway to the TS server. The strategy then involves deactivating the first secure channel and setting up a second secure channel between the TS client and the TS server. The strategy uses the second secure channel to transmit RDP data from the TS client to the TS server. The TS server uses the previously-transmitted policy information to determine whether to enable or disable a feature that affects the TS client, such as device redirection.
摘要翻译: 描述了用于在包括通过使用远程操作协议(例如RDP)的网关连接到第二实体(例如,TS服务器)的第一实体(例如,TS服务器))的系统中安全地应用连接策略的策略, 。 该策略涉及在网关和TS服务器之间建立第一安全通道,并将策略信息从网关发送到TS服务器。 然后,该策略涉及停用第一安全通道并在TS客户端与TS服务器之间建立第二安全通道。 该策略使用第二个安全通道将RDP数据从TS客户端传输到TS服务器。 TS服务器使用先前发送的策略信息来确定是否启用或禁用影响TS客户端的功能,例如设备重定向。
-
公开(公告)号:US20110153716A1
公开(公告)日:2011-06-23
申请号:US12643892
申请日:2009-12-21
申请人: Meher P. Malakapalli , Ido Ben-Shachar , Mahadeva K. Alladi , Vadim Ponomarev , Ersev Samim Erdogan , Ashwin Palekar
发明人: Meher P. Malakapalli , Ido Ben-Shachar , Mahadeva K. Alladi , Vadim Ponomarev , Ersev Samim Erdogan , Ashwin Palekar
CPC分类号: G06F9/45533 , G06F9/452 , G06F9/505
摘要: Disclosed are techniques for providing a platform that allows a user to remotely establish a connection with a virtual machine operating on a server farm In a typical scenario, when a user requests for a connection to access third party plug-in applications, the application program interface may interact with the session broker process to identify sessions or suitable servers to which the user can be connected. The user may access the third party plug-in applications through the identified sessions or suitable servers.
摘要翻译: 公开了用于提供允许用户远程建立与在服务器场上运行的虚拟机的连接的平台的技术。在典型情况下,当用户请求连接以访问第三方插件应用时,应用程序接口 可以与会话代理进程交互以识别用户可以连接的会话或合适的服务器。 用户可以通过识别的会话或合适的服务器访问第三方插件应用程序。
-
6.发明申请公开(公告)号:US20090259757A1
公开(公告)日:2009-10-15
申请号:US12103542
申请日:2008-04-15
IPC分类号: G06F15/16
CPC分类号: H04L63/0807 , G06F21/335
摘要: Systems and techniques for securely pushing connection settings to a terminal server using tickets are described. In one embodiment, a request is received at a first network component from a client for access to a second network component. A ticket associated with one or more connection settings is created and provided to the client. The ticket is provided by the client to the second network component. The ticket is provided from the second network component to the first network component, and the one or more connection settings associated with the ticket are received from the first network component back to the second network component. The one or more connection settings are enforced at the second network component.
摘要翻译: 描述使用票据将连接设置安全地推送到终端服务器的系统和技术。 在一个实施例中,在来自客户端的用于访问第二网络组件的第一网络组件处接收到请求。 创建与一个或多个连接设置相关联的故障单并提供给客户端。 该客票由客户端提供给第二网络组件。 从第二网络组件提供票据到第一网络组件,并且将与票据相关联的一个或多个连接设置从第一网络组件接收回第二网络组件。 一个或多个连接设置在第二个网络组件实施。
-
公开(公告)号:US20090183225A1
公开(公告)日:2009-07-16
申请号:US11972443
申请日:2008-01-10
IPC分类号: G06F21/00
CPC分类号: H04L63/0823 , G06F21/335 , H04L63/0272 , H04L63/102
摘要: Embodiments that facilitate the use of pluggable policy modules and authentication modules for access to a Terminal Services (TS) server are disclosed. In accordance with various embodiments, a method includes accessing one or more pluggable modules at a Terminal Services Gateway (TSG) server or a Terminal Services (TS) server. The method further includes processing a TS server access request from a TS client at the TSG server or the TS server. The TS server access request is processed in part based on the one or more pluggable modules. In one particular embodiment, the one or more pluggable modules include at least one of a connection authorization policy (CAP) module, a resource authorization policy (RAP) module, and an authentication module.
摘要翻译: 公开了有助于使用可插拔策略模块和认证模块来访问终端服务(TS)服务器的实施例。 根据各种实施例,一种方法包括访问终端服务网关(TSG)服务器或终端服务(TS)服务器处的一个或多个可插拔模块。 该方法还包括从TSG服务器或TS服务器处的TS客户机处理TS服务器访问请求。 TS服务器访问请求部分基于一个或多个可插拔模块进行处理。 在一个特定实施例中,一个或多个可插拔模块包括连接授权策略(CAP)模块,资源授权策略(RAP)模块和认证模块中的至少一个。
-
公开(公告)号:US10146566B2
公开(公告)日:2018-12-04
申请号:US12643892
申请日:2009-12-21
申请人: Meher P. Malakapalli , Ido Ben-Shachar , Mahadeva K. Alladi , Vadim Ponomarev , Ersev Samim Erdogan , Ashwin Palekar
发明人: Meher P. Malakapalli , Ido Ben-Shachar , Mahadeva K. Alladi , Vadim Ponomarev , Ersev Samim Erdogan , Ashwin Palekar
摘要: Disclosed are techniques for providing a platform that allows a user to remotely establish a connection with a virtual machine operating on a server farm In a typical scenario, when a user requests for a connection to access third party plug-in applications, the application program interface may interact with the session broker process to identify sessions or suitable servers to which the user can be connected. The user may access the third party plug-in applications through the identified sessions or suitable servers.
-
公开(公告)号:US07685633B2
公开(公告)日:2010-03-23
申请号:US11326992
申请日:2006-01-05
申请人: Ido Ben-Shachar , Ashwin Palekar , David C. Steere , Joy Chik , Tudor A. Baraboi , Meher P. Malakapalli
发明人: Ido Ben-Shachar , Ashwin Palekar , David C. Steere , Joy Chik , Tudor A. Baraboi , Meher P. Malakapalli
IPC分类号: G06F15/16
CPC分类号: H04L63/029 , H04L63/0227 , H04L63/08 , H04L63/102
摘要: Implementations of the present invention relate to a communication framework that is readily adaptable to a wide variety of resources intended to be accessible through a firewall. In general, a communication framework at a gateway server can provide a specific connection to a requested resource in accordance with a wide range of resource and/or network access policies. In one instance, a client requests a connection to a specific resource behind a firewall. The communication framework authenticates the connection, and quarantines the connection until determining, for example, that the client is using an appropriate resource features. If appropriately authenticated, the communication framework can pass control of the connection to an appropriately identified protocol plug-in processor, which facilitates a direct connection to the requested resource at an application layer of a communication stack.
摘要翻译: 本发明的实现涉及一种易于适应旨在通过防火墙访问的各种资源的通信框架。 通常,网关服务器处的通信框架可以根据广泛的资源和/或网络访问策略提供与请求的资源的特定连接。 在一种情况下,客户端请求与防火墙后面的特定资源的连接。 通信框架认证连接,并隔离连接,直到确定客户端正在使用适当的资源特征。 如果适当地认证,则通信框架可以将连接的控制传递到适当识别的协议插件处理器,这有助于在通信栈的应用层处直接连接到所请求的资源。
-
公开(公告)号:US20080209538A1
公开(公告)日:2008-08-28
申请号:US11680518
申请日:2007-02-28
IPC分类号: G06F15/16
CPC分类号: H04L63/18 , H04L29/08846 , H04L63/0807 , H04L63/10 , H04L63/20
摘要: A strategy is described for securely applying connection policies in a system that includes a first entity (e.g., a TS client) connected to a second entity (e.g., a TS server) via a gateway using a remote-operating protocol (e.g., RDP). The strategy involves establishing a first secure channel between the gateway and the TS server and transmitting policy information from the gateway to the TS server. The strategy then involves deactivating the first secure channel and setting up a second secure channel between the TS client and the TS server. The strategy uses the second secure channel to transmit RDP data from the TS client to the TS server. The TS server uses the previously-transmitted policy information to determine whether to enable or disable a feature that affects the TS client, such as device redirection.
摘要翻译: 描述了用于在包括通过使用远程操作协议(例如RDP)的网关连接到第二实体(例如,TS服务器)的第一实体(例如,TS服务器))的系统中安全地应用连接策略的策略, 。 该策略涉及在网关和TS服务器之间建立第一安全通道,并将策略信息从网关发送到TS服务器。 然后,该策略涉及停用第一安全通道并在TS客户端与TS服务器之间建立第二安全通道。 该策略使用第二个安全通道将RDP数据从TS客户端传输到TS服务器。 TS服务器使用先前发送的策略信息来确定是否启用或禁用影响TS客户端的功能,例如设备重定向。
-
-
-
-
-
-
-
-
-
搜索结果
10 条记录 (耗时 0.031 秒)
