-
公开(公告)号:US20100138639A1
公开(公告)日:2010-06-03
申请号:US12326114
申请日:2008-12-02
IPC分类号: G06F9/30
CPC分类号: H04L63/1425 , G06F21/53 , H04L67/02
摘要: A sandbox architecture that isolates and identifies misbehaving plug-ins (intentional or unintentional) to prevent system interruptions and failure. Based on plug-in errors, the architecture automatically disables and blocks registration of the bad plug-in via a penalty point system. Publishers of bad plug-ins are controlled by disabling the bad plug-ins and registering the publisher in an unsafe list. Isolation can be provided in multiple levels, such as machine isolation, process isolation, secure accounts with limited access rights, and application domain isolation within processes using local security mechanisms. A combination of the multiple levels of isolation achieves a high level of security. Isolation provides separation from other plug-in executions and restriction to system resources such as file system and network IP. Moreover, the architecture is highly scalable, stateless, and low administration architecture for the execution of the plug-ins, which can be scaled by adding/removing additional sandbox servers on-the-fly without prior configuration.
摘要翻译: 一种沙盒结构,可隔离和识别不正常的插件(有意或无意的),以防止系统中断和故障。 基于插件错误,架构自动禁用并阻止坏插件的注册。 出版商的坏插件是通过禁用不良插件并将发布者注册在不安全的列表中进行控制的。 隔离可以在多个级别提供,例如机器隔离,进程隔离,具有有限访问权限的安全帐户以及使用本地安全机制的进程内的应用程序域隔离。 多级隔离的组合实现了高水平的安全性。 隔离提供与其他插件执行的分离和对系统资源(如文件系统和网络IP)的限制。 此外,该架构具有高度可扩展性,无状态和低管理体系结构,可用于执行插件,可通过在未配置的情况下即时添加/删除其他沙箱服务器进行扩展。
-
公开(公告)号:US08745361B2
公开(公告)日:2014-06-03
申请号:US12326114
申请日:2008-12-02
IPC分类号: G06F21/53 , H04L1/00 , G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00 , G06F7/38 , G06F9/44 , H04L29/08
CPC分类号: H04L63/1425 , G06F21/53 , H04L67/02
摘要: A sandbox architecture that isolates and identifies misbehaving plug-ins (intentional or unintentional) to prevent system interruptions and failure. Based on plug-in errors, the architecture automatically disables and blocks registration of the bad plug-in via a penalty point system. Publishers of bad plug-ins are controlled by disabling the bad plug-ins and registering the publisher in an unsafe list. Isolation can be provided in multiple levels, such as machine isolation, process isolation, secure accounts with limited access rights, and application domain isolation within processes using local security mechanisms. A combination of the multiple levels of isolation achieves a high level of security. Isolation provides separation from other plug-in executions and restriction to system resources such as file system and network IP. Moreover, the architecture is highly scalable, stateless, and low administration architecture for the execution of the plug-ins, which can be scaled by adding/removing additional sandbox servers on-the-fly without prior configuration.
摘要翻译: 一种沙盒结构,可隔离和识别不正常的插件(有意或无意的),以防止系统中断和故障。 基于插件错误,架构自动禁用并阻止坏插件的注册。 出版商的坏插件是通过禁用不良插件并将发布者注册在不安全的列表中进行控制的。 隔离可以在多个级别提供,例如机器隔离,进程隔离,具有有限访问权限的安全帐户以及使用本地安全机制的进程内的应用程序域隔离。 多级隔离的组合实现了高水平的安全性。 隔离提供与其他插件执行的分离和对系统资源(如文件系统和网络IP)的限制。 此外,该架构具有高度可扩展性,无状态和低管理体系结构,可用于执行插件,可通过在未配置的情况下即时添加/删除其他沙箱服务器进行扩展。
-
公开(公告)号:US09489243B2
公开(公告)日:2016-11-08
申请号:US13454764
申请日:2012-04-24
IPC分类号: G06F15/173 , G06F9/50 , G06F15/16
CPC分类号: G06F9/5061
摘要: Hardware and software are configured to select and provision computing resources from heterogeneous on-demand computing environments through the framework of a layered, federated on-demand computing ecology of computing resource providers, users, and federation servers. These pieces of hardware and software include a mechanism for defining and managing the life cycle of different resource types; a mechanism for extending document-centric protocols to support computing resources as first order objects; a mechanism for routing messages to computing resources; federation topologies; and a mechanism for federation servers to access and use computing resources from providers controlled by other federation servers.
摘要翻译: 硬件和软件被配置为通过计算资源提供者,用户和联合服务器的分层的联合按需计算生态学的框架,从异构的按需计算环境中选择和提供计算资源。 这些硬件和软件包括用于定义和管理不同资源类型的生命周期的机制; 一种扩展以文档为中心的协议以支持计算资源作为一级对象的机制; 用于将消息路由到计算资源的机制; 联合拓扑 以及联合服务器访问和使用由其他联合服务器控制的提供商的计算资源的机制。
-
公开(公告)号:US20130232254A1
公开(公告)日:2013-09-05
申请号:US13570002
申请日:2012-08-08
IPC分类号: H04L12/26
CPC分类号: H04L43/0876 , H04L43/06 , H04L43/0817
摘要: User are alerted by software and hardware when the in-use dynamic computing resources are underutilized so as to allow the user to effectively contain and reduce the operating cost of computing resources' services and application. The software categorizes and publishes workloads and suggests low cost alternatives to the user so as to match a user search criteria or usage pattern of computing resources or workloads.
摘要翻译: 当使用中的动态计算资源未得到充分利用时,用户被软件和硬件提醒,以便用户能够有效地包含和降低计算资源的服务和应用的运营成本。 软件对工作负载进行分类和发布,并为用户提供低成本的替代方案,以便匹配用户搜索标准或计算资源或工作负载的使用模式。
-
5.发明授权System determining whether to activate public and private components operating within multiple applications of a component-based computing system 有权系统确定是否激活在基于组件的计算系统的多个应用程序中运行的公共和私有组件公开(公告)号:US06996830B1
公开(公告)日:2006-02-07
申请号:US09850318
申请日:2001-05-07
申请人: Keith S. Hamilton , Steve Jamieson
发明人: Keith S. Hamilton , Steve Jamieson
IPC分类号: G06F15/16
摘要: A method, apparatus, and article of manufacture provide a component-based computing system having both publicly accessible and privately-only accessible computing components within multiple applications for providing component addressing/identification and naming spaces. A requested processing component is initiated by a calling component within a local computing system having one or more applications. The identity of the requested processing component, including an identity of a class ID and an identity of a partition from a request to activate a component initiated by a calling component, is obtained using configuration data for the requested component. The configuration data provides an indication of public-private status for the requested component. An instance of the requested component can be activated based on the public-private status.
摘要翻译: 一种方法,装置和制品提供了一种基于组件的计算系统,其在多个应用中具有可访问的和仅可私有地访问的计算组件,用于提供组件寻址/识别和命名空间。 所请求的处理组件由具有一个或多个应用的本地计算系统内的主叫组件启动。 使用所请求组件的配置数据,获得所请求的处理组件的身份,包括来自激活由呼叫组件发起的组件的请求的类ID的身份和分区的身份。 配置数据提供所请求组件的公私状态的指示。 可以基于公共 - 私有状态来激活所请求的组件的实例。
-
6.发明申请公开(公告)号:US20120198073A1
公开(公告)日:2012-08-02
申请号:US13348533
申请日:2012-01-11
IPC分类号: G06F15/173
CPC分类号: H04L67/10 , G06F9/5027 , G06F9/5072 , G06F16/958 , H04W4/60
摘要: Pieces of hardware on which pieces of software are executed are configured to organize computing resources from different computing resource providers so as to facilitate their discovery. A catalog, which stores instances of cloud computing resources and their providers, and a knowledge base, which stores types of computing resources including rules which reveal their discovery, are formed by the software. A curating method is performed to enable semantic search including searching for cloud computing resources that in combination cooperate to satisfy a workload or a task in addition to having a simple computational function. Semantic indexing is performed to facilitate the semantic search.
摘要翻译: 将执行软件的硬件部分配置为组织来自不同计算资源提供商的计算资源,以便于其发现。 存储云计算资源及其提供商的实例的目录,以及存储包括揭示其发现的规则的计算资源类型的知识库由软件形成。 执行策略方法以实现语义搜索,包括搜索结合协作以满足工作负载或任务的云计算资源,以及具有简单的计算功能。 执行语义索引以便于语义搜索。
-
公开(公告)号:US07305658B1
公开(公告)日:2007-12-04
申请号:US09850458
申请日:2001-05-07
申请人: Keith S. Hamilton , Steve Jamieson
发明人: Keith S. Hamilton , Steve Jamieson
CPC分类号: G06F8/65 , Y10S707/99939
摘要: Systems and methods for activating a component in a computing system having a plurality of partitions. One method includes receiving a request to activate a component having an object class ID and a partition ID and detecting if the object class ID is contained within a default partition corresponding to the partition ID. If the object class ID is contained within the default partition, an instance of the component in the partition ID is activated. If the object class ID is not contained within the default partition, the method includes detecting if the object class ID is contained within a base partition. If the object class ID is contained in the base partition, an instance of the component in the base partition is activated.
摘要翻译: 用于激活具有多个分区的计算系统中的组件的系统和方法。 一种方法包括接收激活具有对象类ID和分区ID的组件的请求,并检测对象类ID是否包含在与分区ID对应的默认分区中。 如果对象类ID包含在默认分区中,则分区ID中组件的实例将被激活。 如果对象类ID不包含在默认分区中,则该方法包括检测对象类ID是否包含在基本分区内。 如果对象类ID包含在基本分区中,则会激活基本分区中组件的实例。
-
公开(公告)号:US07251732B2
公开(公告)日:2007-07-31
申请号:US10464627
申请日:2003-06-18
申请人: Steve Jamieson , Anil Balakrishnan , Christopher Robert Houser , Rex George Torres , Guy Paul Larsen , Joseph W. Sharp
发明人: Steve Jamieson , Anil Balakrishnan , Christopher Robert Houser , Rex George Torres , Guy Paul Larsen , Joseph W. Sharp
IPC分类号: H04L9/32
CPC分类号: H04L63/0815
摘要: A mechanism that synchronizes passwords maintained for plural domains. A user maintains accounts in two domains. The first and second domains each maintain tables correlating userIDs with passwords, such that the same user's password can be different in the different domains. A database stores tables that correlate a given user's userID/password combination in the first domain with his corresponding userID/password combination in the second domain. The database is used to sign the user onto one domain when the user is working in the other domain. When the user changes his password in the first domain, the change is reported to the database, so that the database stores the current password. Optionally, the password change may be reported to the second domain, such that the user will have the same password in both domains.
摘要翻译: 同步保留多个域的密码的机制。 用户在两个域中维护帐户。 第一和第二域各自维护与用户ID与密码相关联的表,使得相同用户的密码在不同域中可以不同。 数据库存储将第一域中的给定用户的用户ID /密码组合与其在第二域中的相应用户ID /密码组合相关联的表。 当用户在另一个域中工作时,数据库用于将用户签到一个域。 当用户在第一个域中更改密码时,将更改报告给数据库,以便数据库存储当前密码。 可选地,密码更改可以被报告给第二域,使得用户将在两个域中具有相同的密码。
-
公开(公告)号:US20050005094A1
公开(公告)日:2005-01-06
申请号:US10464648
申请日:2003-06-18
申请人: Steve Jamieson , Anil Balakrishnan , Hilal Al-Hilali , Christopher Houser , Rex Torres , Joseph Sharp , Jean-Emile Elien
发明人: Steve Jamieson , Anil Balakrishnan , Hilal Al-Hilali , Christopher Houser , Rex Torres , Joseph Sharp , Jean-Emile Elien
CPC分类号: H04L63/0807
摘要: A mechanism is provided for signing on a user of a first domain into an affiliate application in a second domain. When the user needs access to the affiliate application, the request for access causes a ticket to be generated. The ticket identifies the user and is passed to an adapter. The adapter, which ultimately will perform the sign on in the affiliate application, redeems the ticket for the user's credentials (e.g., a valid userID/password combination for the affiliate application), and then presents the credentials to the affiliate application. A service is provided that issues tickets, redeems tickets, manages the registration and de-registration of affiliate applications, manages the correlation between a user and the user's credentials with an affiliate application, and manages encryption of stored records.
摘要翻译: 提供了一种用于将第一域的用户签入到第二域中的关联应用的机制。 当用户需要访问联盟应用程序时,访问请求会生成故障单。 票证标识用户,并传递给适配器。 最终将在联盟应用程序中执行登录的适配器兑换用户凭据的票据(例如,联属应用程序的有效用户ID /密码组合),然后将凭证提供给联属应用程序。 提供服务,发放票证,兑换票据,管理联属应用程序的注册和取消注册,管理用户与用户凭据之间的联系与联属应用程序,并管理存储记录的加密。
-
公开(公告)号:US20130198386A1
公开(公告)日:2013-08-01
申请号:US13454764
申请日:2012-04-24
IPC分类号: G06F15/173
CPC分类号: G06F9/5061
摘要: Hardware and software are configured to select and provision computing resources from heterogeneous on-demand computing environments through the framework of a layered, federated on-demand computing ecology of computing resource providers, users, and federation servers. These pieces of hardware and software include a mechanism for defining and managing the life cycle of different resource types; a mechanism for extending document-centric protocols to support computing resources as first order objects; a mechanism for routing messages to computing resources; federation topologies; and a mechanism for federation servers to access and use computing resources from providers controlled by other federation servers.
摘要翻译: 硬件和软件被配置为通过计算资源提供者,用户和联合服务器的分层的联合按需计算生态学的框架,从异构的按需计算环境中选择和提供计算资源。 这些硬件和软件包括用于定义和管理不同资源类型的生命周期的机制; 一种扩展以文档为中心的协议以支持计算资源作为一级对象的机制; 用于将消息路由到计算资源的机制; 联合拓扑 以及联合服务器访问和使用由其他联合服务器控制的提供商的计算资源的机制。
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.027 秒)
