-
公开(公告)号:US20090178135A1
公开(公告)日:2009-07-09
申请号:US12126905
申请日:2008-05-25
申请人: Oded Dubovsky , Itzhack Goldberg , Ido Levy , Ilan Shimony , Grant D. Williamson
发明人: Oded Dubovsky , Itzhack Goldberg , Ido Levy , Ilan Shimony , Grant D. Williamson
CPC分类号: G06F21/36
摘要: The present invention prevents illegitimate access to a user computing machine. A method in accordance with an embodiment includes: setting an authentication routine in the user computing machine; generating a virtual keyboard on the user computing machine; entering a user identification through the virtual keyboard, the user identification being entered according to a virtual keyboard form factor; comparing the entered user identification with a secure user identification previously stored in the user computing machine; and validating the user access to the user computing machine if a match occurs, otherwise denying access.
摘要翻译: 本发明防止非法访问用户计算机。 根据实施例的方法包括:在用户计算机中设置认证例程; 在所述用户计算机上生成虚拟键盘; 通过虚拟键盘输入用户识别,根据虚拟键盘的形状来输入用户标识; 将输入的用户标识与先前存储在用户计算机中的安全用户标识进行比较; 并且如果发生匹配则验证用户对用户计算机的访问,否则拒绝访问。
-
公开(公告)号:US08752164B2
公开(公告)日:2014-06-10
申请号:US12126905
申请日:2008-05-25
申请人: Oded Dubovsky , Itzhack Goldberg , Ido Levy , Ilan Shimony , Grant D. Williamson
发明人: Oded Dubovsky , Itzhack Goldberg , Ido Levy , Ilan Shimony , Grant D. Williamson
IPC分类号: H04L29/06
CPC分类号: G06F21/36
摘要: The present invention prevents illegitimate access to a user computing machine. A method in accordance with an embodiment includes: setting an authentication routine in the user computing machine; generating a virtual keyboard on the user computing machine; entering a user identification through the virtual keyboard, the user identification being entered according to a virtual keyboard form factor; comparing the entered user identification with a secure user identification previously stored in the user computing machine; and validating the user access to the user computing machine if a match occurs, otherwise denying access.
摘要翻译: 本发明防止非法访问用户计算机。 根据实施例的方法包括:在用户计算机中设置认证例程; 在所述用户计算机上生成虚拟键盘; 通过虚拟键盘输入用户识别,根据虚拟键盘的形状来输入用户标识; 将输入的用户标识与先前存储在用户计算机中的安全用户标识进行比较; 并且如果发生匹配则验证用户对用户计算机的访问,否则拒绝访问。
-
公开(公告)号:US20080222700A1
公开(公告)日:2008-09-11
申请号:US11682895
申请日:2007-03-07
申请人: Itzhack Goldberg , Ilan Shimony
发明人: Itzhack Goldberg , Ilan Shimony
IPC分类号: H04L9/00
CPC分类号: H04L9/3271 , G06F21/31 , G06F2221/2105 , H04L2209/56
摘要: a secure challenge-response virtualization system including a computer having a memory divided into at least a first and a second logical partition, where the first partition is operative to receive a challenge from an entity, and a challenge/response manager configured with the second partition, where the first partition is configured to provide the challenge to the challenge/response manager configured with the second partition, and where the challenge/response manager is configured to generate a response to the challenge and provide the response to the first partition.
摘要翻译: 一种安全的挑战 - 响应虚拟化系统,包括具有划分为至少第一和第二逻辑分区的存储器的计算机,其中第一分区可操作以从实体接收挑战,以及配置有第二分区的挑战/响应管理器 ,其中所述第一分区被配置为向配置有所述第二分区的所述挑战/响应管理器提供所述挑战,并且所述挑战/响应管理器被配置为生成对所述挑战的响应并将所述响应提供给所述第一分区。
-
公开(公告)号:US08949569B2
公开(公告)日:2015-02-03
申请号:US12111968
申请日:2008-04-30
申请人: Alan Frederic Benner , Shmuel Ben-Yehuda , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith, III
发明人: Alan Frederic Benner , Shmuel Ben-Yehuda , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith, III
CPC分类号: G06F9/3851 , G06F9/3824 , G06F12/0877 , G06F12/0891
摘要: A method for facilitating direct memory access in a computing system in response to a request to transfer data is provided. The method comprises selecting a thread for transferring the data, wherein the thread executes on a processing core within the computing system; providing the thread with the request, wherein the request comprises information for carrying out a data transfer; and transferring the data according to the request. The method may further comprise: coordinating the request with a memory management unit, such that virtual addresses may be used to transfer data; invalidating a cache line associated with the source address or flushing a cache line associated with the destination address, if requested. Multiple threads can be selected to transfer data based on their proximity to the destination address.
摘要翻译: 提供了一种用于响应于传送数据的请求而促进计算系统中的直接存储器访问的方法。 该方法包括选择用于传送数据的线程,其中线程在计算系统内的处理核上执行; 向所述线程提供所述请求,其中所述请求包括用于执行数据传送的信息; 并根据请求传送数据。 该方法还可以包括:将请求与存储器管理单元协调,使得可以使用虚拟地址来传送数据; 如果请求,则使与源地址相关联的高速缓存行无效或者刷新与目的地地址相关联的高速缓存行。 可以选择多个线程以根据其到目的地地址的接近度传输数据。
-
公开(公告)号:US08650406B2
公开(公告)日:2014-02-11
申请号:US13405367
申请日:2012-02-27
申请人: Michael Backes , Shmuel S Ben-Yehuda , Jan Leonhard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith, III , Michael Waidner
发明人: Michael Backes , Shmuel S Ben-Yehuda , Jan Leonhard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith, III , Michael Waidner
CPC分类号: G06F12/1433 , G06F12/1441 , G06F12/1466
摘要: A computer-implemented system and method for protecting a memory are provided. The system includes a memory section with privileged and non-privileged sections, a host gateway (HG) to generate a capability credential, a device controller (DC) to append the credential to data transmitted to the memory, and at least one IO device enabled to do direct memory access (DMA) transactions with the memory.
摘要翻译: 提供了一种用于保护存储器的计算机实现的系统和方法。 该系统包括具有特权和非特权部分的存储器部分,用于生成能力证书的主机网关(HG),将证书附加到传输到存储器的数据的设备控制器(DC),以及启用的至少一个IO设备 与内存进行直接内存访问(DMA)事务。
-
6.发明授权公开(公告)号:US08161287B2
公开(公告)日:2012-04-17
申请号:US12792766
申请日:2010-06-03
申请人: Michael Backes , Shmuel Ben-Yehuda , Jan Leonard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith , Michael Waidner
发明人: Michael Backes , Shmuel Ben-Yehuda , Jan Leonard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith , Michael Waidner
IPC分类号: G06F21/00
CPC分类号: G06F12/1433 , G06F12/1441 , G06F12/1466
摘要: A computer-implemented system and method for protecting a memory are provided. The system includes a memory section with privileged and non-privileged sections, a host gateway (HG) to generate a capability credential, a device controller (DC) to append the credential to data transmitted to the memory, and at least one IO device enabled to do direct memory access (DMA) transactions with the memory.
摘要翻译: 提供了一种用于保护存储器的计算机实现的系统和方法。 该系统包括具有特权和非特权部分的存储器部分,用于生成能力证书的主机网关(HG),将证书附加到传输到存储器的数据的设备控制器(DC),以及启用的至少一个IO设备 与内存进行直接内存访问(DMA)事务。
-
公开(公告)号:US07733875B2
公开(公告)日:2010-06-08
申请号:US11132853
申请日:2005-05-19
申请人: Giora Biran , Zorik Machulsky , Vadim Makhervaks , Renato John Recio , Julian Satran , Leah Shalev , Ilan Shimony
发明人: Giora Biran , Zorik Machulsky , Vadim Makhervaks , Renato John Recio , Julian Satran , Leah Shalev , Ilan Shimony
IPC分类号: H04L12/28 , G06F15/16 , G06F15/167
CPC分类号: H04L69/16 , H04L69/12 , H04L69/161 , H04L69/163
摘要: A method for receiving data in a network acceleration architecture for use with TCP (transport control protocol), iSCSI (Internet Small Computer System Interface) and/or RDMA (Remote Direct Memory Access) over TCP, including providing a hardware acceleration engine, called a streamer, adapted for communication with and processing data from a consumer application in a system that supports TCP, iSCSI and RDMA over TCP, providing a software protocol processor adapted for carrying out TCP implementation, the software control processor being called a TCE (TCP Control Engine), wherein the streamer and the TCE are adapted to operate asynchronously and independently of one another, and transmitting a TCP segment with the streamer.
摘要翻译: 一种用于在TCP(传输控制协议),iSCSI(因特网小型计算机系统接口)和/或RDMA(远程直接存储器访问)TCP上使用的网络加速架构中接收数据的方法,包括提供称为 流式传输器,适用于通过TCP支持TCP,iSCSI和RDMA的系统中的消费者应用程序的通信和处理数据,提供适用于执行TCP实现的软件协议处理器,该软件控制处理器被称为TCE(TCP控制引擎 ),其中所述流送器和所述TCE适于彼此异步地且彼此独立地操作,并且与所述流送器传输TCP段。
-
公开(公告)号:US07636800B2
公开(公告)日:2009-12-22
申请号:US11426588
申请日:2006-06-27
申请人: Shmuel Ben-Yehuda , Scott Guthridge , Orran Yaakov Krieger , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , James Xenidis
发明人: Shmuel Ben-Yehuda , Scott Guthridge , Orran Yaakov Krieger , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , James Xenidis
CPC分类号: G06F12/1081 , G06F12/126 , G06F2212/1016 , G06F2212/1044
摘要: A method and system for memory address translation and pinning are provided. The method includes attaching a memory address space identifier to a direct memory access (DMA) request, the DMA request is sent by a consumer and using a virtual address in a given address space. The method further includes looking up for the memory address space identifier to find a translation of the virtual address in the given address space used in the DMA request to a physical page frame. Provided that the physical page frame is found, pinning the physical page frame al song as the DMA request is in progress to prevent an unmapping operation of said virtual address in said given address space, and completing the DMA request, wherein the steps of attaching, looking up and pinning are centrally controlled by a host gateway.
摘要翻译: 提供了一种用于存储器地址转换和钉扎的方法和系统。 该方法包括将存储器地址空间标识符附加到直接存储器访问(DMA)请求,DMA请求由消费者发送并且使用给定地址空间中的虚拟地址。 该方法还包括查找存储器地址空间标识符以找到在DMA请求中使用的给定地址空间中的虚拟地址到物理页面帧的转换。 如果发现物理页框,则在进行DMA请求时固定物理页框al歌,以防止在所述给定地址空间中所述虚拟地址的解映射操作,并完成DMA请求,其中, 查找和固定由主机网关集中控制。
-
公开(公告)号:US06611538B1
公开(公告)日:2003-08-26
申请号:US09321469
申请日:1999-05-27
申请人: Oren Malerevich , Ilan Shimony
发明人: Oren Malerevich , Ilan Shimony
IPC分类号: H04J306
CPC分类号: H04L7/042 , H04L2007/045
摘要: An apparatus and method for providing synchronization in a data transmission system via the use of a short cyclic synchronization sequence inserted in the header of cells to be transmitted. A 2-bit sync sequence is inserted at the beginning of the header in each cell. At the receiving end, a pair of state machines search for and track the sync sequence. A feedback signal is generated that is used by the receiver to adjust its framing so as to align the received data with the boundaries of the cells. To aid in detecting the sync sequence, the two sync bits are rotated each cell cycle. To avoid confusion with data that mimics the sync sequence, the transmitter transmits idle cells containing all ones except for the 2-bit sync sequence field during the period that the receiver is attempting to sync up with the transmitter.
摘要翻译: 一种用于在数据传输系统中提供同步的装置和方法,所述装置和方法通过使用插入要发送的小区头部的短循环同步序列。 在每个单元格的头部的开头插入2位同步序列。 在接收端,一对状态机搜索并跟踪同步序列。 产生反馈信号,由接收机使用该反馈信号来调整其成帧,以使接收到的数据与单元格的边界对齐。 为了帮助检测同步序列,每个单元周期旋转两个同步位。 为了避免与模拟同步序列的数据混淆,在接收机试图与发射机同步的时间段期间,发射机发送包含除2位同步序列字段之外的所有信息的空闲信元。
-
公开(公告)号:US5898669A
公开(公告)日:1999-04-27
申请号:US621055
申请日:1996-03-22
申请人: Ilan Shimony , Zvika Bronstein , Eytan Mann , Avinoam Rubinstain , Gennady Dosovitsky , Eldad Bar-Eli
发明人: Ilan Shimony , Zvika Bronstein , Eytan Mann , Avinoam Rubinstain , Gennady Dosovitsky , Eldad Bar-Eli
CPC分类号: H04L12/66 , H04Q11/0478 , H04L2012/5615 , H04L2012/5636
摘要: A traffic management unit for implementing Traffic Management (TM) of Available Bit Rate (ABR) traffic on an Asynchronous Transfer Mode (ATM) network is described. The traffic management unit comprises a traffic management processor coupled to a traffic management memory. The traffic management processor is coupled between a data processor and an ATM interface. An Ethernet workstation is coupled to the data processor through an Ethernet interface. An ATM switch is coupled to the traffic management processor through the ATM interface. The traffic management unit is implemented as a unit separate from the cell scheduling data processor. In addition, in order to utilize network congestion information more efficiently, VCs are grouped according to their output destinations or their path through the network. Congestion feedback for one VC is applied to other VCs within the group. The traffic management startup procedure is streamlined by using a preliminary profile and modifying this preliminary profile in accordance with feedback congestion data received. TM can be disabled for destination end stations not implementing TM. To further streamline the traffic management processes, memory based rate lookup tables containing pre-calculated profile sets are utilized. Each VC uses one of these tables thus obviating the need for time and hardware intensive multiplications and additions. In addition, the traffic management unit implements multicast domain shaping by mapping destination data multicast addresses and protocol types, found in input frames or packets, into destination VCs, thus eliminating the wasteful listen and discard processes associated with broadcast characteristic of Ethernet.
摘要翻译: 描述了用于在异步传输模式(ATM)网络上实现可用比特率(ABR)流量的流量管理(TM)的流量管理单元。 交通管理单元包括耦合到交通管理存储器的交通管理处理器。 交通管理处理器耦合在数据处理器和ATM接口之间。 以太网工作站通过以太网接口耦合到数据处理器。 ATM交换机通过ATM接口耦合到流量管理处理器。 流量管理单元被实现为与小区调度数据处理器分离的单元。 此外,为了更有效地利用网络拥塞信息,VC根据其输出目的地或其通过网络的路径进行分组。 一个VC的拥塞反馈应用于组内的其他VC。 通过使用初步配置文件简化流量管理启动过程,并根据收到的反馈拥塞数据修改此初步配置文件。 不能实现TM的目的地终端站可以禁用TM。 为了进一步简化流量管理过程,利用包含预先计算的配置文件集的基于内存的速率查找表。 每个VC使用这些表之一,从而避免了对时间和硬件密集乘法和添加的需要。 此外,流量管理单元通过将目的地数据组播地址和输入帧或数据包中的协议类型映射到目标VC中实现组播域整形,从而消除了与以太网广播特性相关的浪费的监听和丢弃过程。
-
-
-
-
-
-
-
-
-
搜索结果
48 条记录 (耗时 0.033 秒)
