利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

66 条记录 (耗时 0.02 秒)

    Seamlessly encrypting memory regions to protect against hardware-based attacks
    3.
    发明授权
    Seamlessly encrypting memory regions to protect against hardware-based attacks 有权
    无缝加密内存区域以防止基于硬件的攻击

    公开(公告)号:US08799673B2

    公开(公告)日:2014-08-05

    申请号:US12651432

    申请日:2009-12-31

    申请人: Uday R. Savagaonkar Ravi Sahita David Durham Men Long

    发明人: Uday R. Savagaonkar Ravi Sahita David Durham Men Long

    IPC分类号: H04L29/06

    CPC分类号: G06F12/1408 G06F12/1441 G06F2212/1052

    摘要: Systems, apparatuses, and methods, and for seamlessly protecting memory regions to protect against hardware-based attacks are disclosed. In one embodiment, an apparatus includes a decoder, control logic, and cryptographic logic. The decoder is to decode a transaction between a processor and memory-mapped input/output space. The control logic is to redirect the transaction from the memory-mapped input/output space to a system memory. The cryptographic logic is to operate on data for the transaction.

    摘要翻译: 公开了系统,装置和方法,并且用于无缝地保护存储器区域以防止基于硬件的攻击。 在一个实施例中,一种装置包括解码器,控制逻辑和加密逻辑。 解码器是对处理器和存储器映射的输入/输出空间之间的事务进行解码。 控制逻辑是将事务从内存映射的输入/输出空间重定向到系统内存。 密码逻辑是对数据进行交易操作。

    GENERATING MULTIPLE ADDRESS SPACE IDENTIFIERS PER VIRTUAL MACHINE TO SWITCH BETWEEN PROTECTED MICRO-CONTEXTS
    6.
    发明申请
    GENERATING MULTIPLE ADDRESS SPACE IDENTIFIERS PER VIRTUAL MACHINE TO SWITCH BETWEEN PROTECTED MICRO-CONTEXTS 失效
    每个虚拟机产生多个地址空间识别器,以保护受保护的微控制器

    公开(公告)号:US20090327648A1

    公开(公告)日:2009-12-31

    申请号:US12165640

    申请日:2008-06-30

    申请人: Uday R. Savagaonkar Madhaven Parthasarathy Ravi Sahita David Durham

    发明人: Uday R. Savagaonkar Madhaven Parthasarathy Ravi Sahita David Durham

    IPC分类号: G06F12/10

    CPC分类号: G06F12/1027 G06F12/145

    摘要: Embodiments of an invention for generating multiple address space identifiers per virtual machine to switch between protected micro-contexts are disclosed. In one embodiment, an apparatus includes privileged mode logic, an interface, and memory management logic. The privileged mode logic is to transfer control of the processor among a plurality of virtual machines. The interface is to perform a transaction to fetch information from a memory. The memory management logic is to translate an untranslated address to a memory address. The memory management logic includes a storage location, a series of translation stages, determination logic, and a translation lookaside buffer. The storage location is to store an address of a data structure for the first translation stage. Each of the translation stages includes translation logic to find an entry in a data structure based on a portion of the untranslated address. Each entry is to store an address of a different data structure for the first translation stage, an address of a data structure for a successive translation stage, or the physical address. The determination logic is to determine whether an entry is storing an address of a different data structure for the first translation stage. The translation lookaside buffer is to store translations. Each translation lookaside buffer entry includes an address source identifiers. Each address source identifier is to identify a unique micro-context. Each address source identifier is based on a virtual partition identifier. At least two of the of virtual partition identifiers are associated with one of the virtual machines

    摘要翻译: 公开了用于在每个虚拟机之间生成多个地址空间标识符以在受保护的微上下文之间切换的发明的实施例。 在一个实施例中,装置包括特权模式逻辑,接口和存储器管理逻辑。 特权模式逻辑是在多个虚拟机之间传送处理器的控制。 该接口是执行一个事务来从内存中获取信息。 存储器管理逻辑将非翻译地址转换为存储器地址。 存储器管理逻辑包括存储位置,一系列翻译级,确定逻辑和翻译后备缓冲器。 存储位置是存储用于第一翻译阶段的数据结构的地址。 每个翻译阶段包括翻译逻辑,以基于未翻译地址的一部分在数据结构中找到条目。 每个条目是存储用于第一翻译阶段的不同数据结构的地址,用于连续翻译阶段的数据结构的地址或物理地址。 确定逻辑是确定条目是否存储用于第一翻译阶段的不同数据结构的地址。 翻译后备缓冲区用于存储翻译。 每个翻译后备缓冲器条目包括地址源标识符。 每个地址源标识符是识别唯一的微观上下文。 每个地址源标识符都是基于虚拟分区标识符。 至少两个虚拟分区标识符与一个虚拟机相关联

    End-point based tamper resistant congestion management
    7.
    发明申请
    End-point based tamper resistant congestion management 审中-公开
    基于端点的防篡改拥塞管理

    公开(公告)号:US20080002586A1

    公开(公告)日:2008-01-03

    申请号:US11479789

    申请日:2006-06-30

    申请人: Ravi Sahita Karanvir S. Grewal Manoj K. Wadekar Uday R. Savagaonkar

    发明人: Ravi Sahita Karanvir S. Grewal Manoj K. Wadekar Uday R. Savagaonkar

    IPC分类号: H04J1/16

    CPC分类号: H04L47/10 H04L47/14 H04L47/20 H04L47/31 H04L47/32

    摘要: In an embodiment, a method is provided. The method of this embodiment provides monitoring on a system flow statistics to identify one or more non-compliant traffic flows on the system, each of the one or more non-compliant traffic flows having packets; assigning a tag to each of the one or more non-compliant traffic flows, each of the tags corresponding to one of at least one congestion management policy; and applying one of the tags to each of the packets associated with any of the non-compliant traffic flows.

    摘要翻译: 在一个实施例中,提供了一种方法。 该实施例的方法提供对系统流统计信息的监视,以识别系统上的一个或多个不符合规定的流量流,所述一个或多个不兼容业务流中的每一个具有分组; 将标签分配给所述一个或多个不符合规定的业务流中的每一个,所述标签中的每一个对应于至少一个拥塞管理策略之一; 以及将一个标签应用于与任何不兼容业务流相关联的每个分组。

    Method and apparatus for run-time in-memory patching of code from a service processor
    8.
    发明授权
    Method and apparatus for run-time in-memory patching of code from a service processor 有权
    从服务处理器的代码运行时内存补丁的方法和装置

    公开(公告)号:US08286238B2

    公开(公告)日:2012-10-09

    申请号:US11540373

    申请日:2006-09-29

    申请人: David M. Durham Hormuzd M. Khosravi Travis Schluessler Ravi Sahita Uday R. Savagaonkar

    发明人: David M. Durham Hormuzd M. Khosravi Travis Schluessler Ravi Sahita Uday R. Savagaonkar

    IPC分类号: H04L29/06

    CPC分类号: G06F8/656

    摘要: Methods and apparatuses enable in-memory patching of a program loaded in volatile memory. A service processor identifies a program to be patched and an associated patch for the program. The patch is loaded into memory, including applying relocation fix-ups to the patch. The service processor directs the program to the patch in place of the segment of the program to be patched. The program implements the patch while maintaining program state, and without suspending execution of the program.

    摘要翻译: 方法和装置使得能够在加载在易失性存储器中的程序的内存中修补。 服务处理器识别要修补的程序和程序的相关修补程序。 修补程序加载到内存中,包括将修补程序应用于修补程序。 服务处理器将程序引导到补丁代替要修补的程序的段。 该程序在维护程序状态的同时实现补丁,并且不会暂停程序的执行。

    DYNAMIC GENERATION OF INTEGRITY MANIFEST FOR RUN-TIME VERIFICATION OF SOFTWARE PROGRAM
    10.
    发明申请
    DYNAMIC GENERATION OF INTEGRITY MANIFEST FOR RUN-TIME VERIFICATION OF SOFTWARE PROGRAM 有权
    软件程序运行验证的完整性更新动态生成

    公开(公告)号:US20090172814A1

    公开(公告)日:2009-07-02

    申请号:US11967928

    申请日:2007-12-31

    申请人: Hormuzd Khosravi David Durham Prashant Dewan Ravi Sahita Uday R. Savagaonkar Men Long

    发明人: Hormuzd Khosravi David Durham Prashant Dewan Ravi Sahita Uday R. Savagaonkar Men Long

    IPC分类号: G06F21/22

    CPC分类号: G06F21/64 G06F21/51

    摘要: A measurement engine generates an integrity manifest for a software program and uses it to perform active platform observation. The integrity manifest indicates an integrity check value for a section of the program's code. The measurement engine computes a comparison value on the program's image in memory and determines if the comparison value matches the expected integrity check value. If the values do not match, the program's image is determined to be modified, and appropriate remedial action may be triggered.

    摘要翻译: 测量引擎为软件程序生成完整性清单,并使用它来执行主动平台观察。 完整性清单表示程序代码的一部分的完整性检查值。 测量引擎计算内存中程序映像的比较值,并确定比较值是否与预期的完整性校验值相匹配。 如果值不匹配,则确定程序的图像被修改,并且可能触发适当的补救动作。