-
1.发明授权Method and system for checking security of data received by a computer system within a network environment 失效用于检查网络环境中由计算机系统接收的数据的安全性的方法和系统
公开(公告)号:US5991401A
公开(公告)日:1999-11-23
申请号:US761548
申请日:1996-12-06
CPC分类号: H04L63/0464 , G06F21/31 , H04L9/32 , G06F2211/007 , H04L2209/56
摘要: A method for checking security of data received by a computer system within a network environment is disclosed. In accordance with a preferred embodiment of the present invention, an incoming packet from a client is first decrypted within a receiving communications adapter by utilizing a master decryption key. The decrypted incoming packet is then encrypted by utilizing an encryption key identical to an encryption key employed by the client. A determination is made as to whether or not a packet produced from the encryption is identical to the incoming packet. In response to a determination that a packet produced from the encryption is identical to the incoming packet, the decrypted incoming packet is forwarded to a system memory of the computer system. As such, any incoming packet that does not meet this criterion will be rejected as a security threat.
摘要翻译: 公开了一种用于检查由网络环境中的计算机系统接收的数据的安全性的方法。 根据本发明的优选实施例,来自客户端的输入分组首先通过利用主解密密钥在接收通信适配器内被解密。 然后,通过利用与客户端使用的加密密钥相同的加密密钥来对经解密的进入分组进行加密。 确定从加密产生的分组是否与输入分组相同。 响应于从加密产生的分组与输入分组相同的确定,解密的传入分组被转发到计算机系统的系统存储器。 因此,不符合此标准的任何传入数据包将被拒绝作为安全威胁。
-
2.发明授权Security keys for enhanced downstream access security for electronic file systems and drives 有权用于电子文件系统和驱动器增强的下游访问安全性的安全密钥公开(公告)号:US06934852B2
公开(公告)日:2005-08-23
申请号:US09732810
申请日:2000-12-11
CPC分类号: G06F21/6218
摘要: A method and system for protecting electronic files from unauthorized access. The drive on which the file is stored is provided with a hardware identification code, which is unique to the drive. An Operating System (OS) extension allows a user to provide a security code required to access a requested drive. OS device driver, working in conjunction with the extension of the OS checks the requested drive to determine if an access code is required, and the drive responds with the security code or a default code. The default code indicates that the drive is globally accessible to users on the system. When a security code is returned, the OS compares the security code to the access code provided and provides the user with access to the drive only when the access code matches the security code.
摘要翻译: 一种用于保护电子文件免遭未经授权访问的方法和系统。 存储文件的驱动器具有硬盘识别码,该驱动器是驱动器唯一的。 操作系统(OS)扩展允许用户提供访问请求的驱动器所需的安全代码。 OS设备驱动程序与OS的扩展一起工作,检查所请求的驱动器以确定是否需要访问代码,并且驱动器使用安全代码或默认代码进行响应。 默认代码表示驱动器可全面访问系统上的用户。 当返回安全代码时,操作系统将安全代码与提供的访问代码进行比较,只有当访问代码与安全代码相匹配时,才能向用户提供对驱动器的访问权限。
-
3.发明授权Apparatus and a method for security authorization using a security key installed on removable media 失效使用安装在可移动媒体上的安全密钥进行安全授权的装置和方法公开(公告)号:US06944769B1
公开(公告)日:2005-09-13
申请号:US09637320
申请日:2000-08-10
IPC分类号: G06F12/14
CPC分类号: G06F21/51
摘要: An apparatus and a method in a data processing system are provided for insuring the security of data accessed from removable media. Normal virus scanning occurs after data is loaded into the main memory, but infection by a virus may have already occurred by this time. Therefore, it would be beneficial to check for possible virus infection before the data is transferred to main memory. A security key is read from the removable media. As encrypted data is read from the device, it is decrypted using the security key and then re-encrypted using the same security key to produce new data. The original data is accepted and sent to main memory if it is identical to the new data produced by decryption and re-encryption. If the two sets of data are not identical, then the data transmission from the device is aborted and all data on the removable media is rejected. The decryption/re-encryption checking is performed in hardware and so it can occur in real time. This hardware could be on the device controller, a separate security card, the mother board, or anywhere along the data path from the device controller to the main memory.
摘要翻译: 提供数据处理系统中的装置和方法,用于确保从可移动介质访问的数据的安全性。 数据加载到主内存后会发生正常的病毒扫描,但病毒感染可能已经发生了。 因此,在将数据传输到主存储器之前检查可能的病毒感染将是有益的。 从可移动媒体读取安全密钥。 当从设备读取加密数据时,使用安全密钥对其进行解密,然后使用相同的安全密钥重新加密以产生新的数据。 如果原始数据与通过解密和重新加密产生的新数据相同,则原始数据被接受并发送到主存储器。 如果两组数据不完全相同,则从设备的数据传输中止,并且可移动介质上的所有数据都被拒绝。 解密/重新加密检查在硬件中执行,因此可以实时发生。 该硬件可以在设备控制器,单独的安全卡,母板或从设备控制器到主存储器的数据路径的任何地方。
-
4.发明授权公开(公告)号:US06665782B2
公开(公告)日:2003-12-16
申请号:US09931430
申请日:2001-08-16
IPC分类号: G06F1200
摘要: A method and apparatus for preventing unauthorized access to data stored in memory utilizing two programmable logic devices as front end interfaces for the memory device and the data processing device which is to utilize the memory device, respectively. The two programmable logic devices are complementary programmed such that the signal lines between the data processing device and the memory core and/or their timing are scrambled at the interface between the two programmable logic devices, but are properly ordered with the proper timing at the interface between the memory core and the first programmable logic device and the interface between the data processing device and the second programmable logic device.
摘要翻译: 一种方法和装置,用于分别使用两个可编程逻辑器件作为用于存储器件的前端接口和要利用该存储器件的数据处理器件,来存储存储在存储器中的数据。 两个可编程逻辑器件是互补编程的,使得数据处理器件和存储器核心之间的信号线和/或它们的定时在两个可编程逻辑器件之间的接口处被加扰,但是在接口处适当地按正确的时序排序 在存储器核心和第一可编程逻辑器件之间以及数据处理器件和第二可编程逻辑器件之间的接口。
-
公开(公告)号:US07165110B2
公开(公告)日:2007-01-16
申请号:US09903725
申请日:2001-07-12
摘要: A system and method for establishing multiple connections using a private data field of a communication management protocol is provided. With the present invention, a Service ID identifies a specific consumer and the private data field contains a list of connection attributes for each connection that is to be established. An active side requests a connection and the passive side replies to the connection request. The active side sends the passive side a connection establishment request. This connection establishment request includes a Service ID which identifies a passive side process associated with a service. This connection establishment request also includes communication attributes of one or more connected services and datagram services associated with the Service ID. The passive passes the connection request to a process associated with the service. If the passive side process does not wish to carry out the service, a negative reply message is returned to the active side. If the passive side process does wish to carry out the service, a positive reply is returned to the active side and the reply includes the communication attributes for the connection and unreliable services associated with the Service ID used in the connection establishment request.
摘要翻译: 提供了一种使用通信管理协议的私有数据字段建立多个连接的系统和方法。 利用本发明,服务ID标识特定消费者,并且专用数据字段包含要建立的每个连接的连接属性的列表。 主动端请求连接,被动方回复连接请求。 主动端将被动方发送连接建立请求。 该连接建立请求包括识别与服务相关联的被动侧进程的服务ID。 该连接建立请求还包括与服务ID相关联的一个或多个连接的服务和数据报服务的通信属性。 被动将连接请求传递给与服务关联的进程。 如果被动侧进程不希望执行该服务,则将一个否定的回复消息返回到主动端。 如果被动侧进程确实希望执行该服务,则肯定的答复返回到主动侧,并且回复包括用于连接的通信属性和与在连接建立请求中使用的服务ID相关联的不可靠服务。
-
公开(公告)号:US07149220B2
公开(公告)日:2006-12-12
申请号:US10132456
申请日:2002-04-25
IPC分类号: H04L12/56
CPC分类号: H04L29/06 , H04L49/90 , H04L69/326
摘要: A method, system, and product in a data processing system are disclosed for managing data transmitted from a first end node to a second end node included in the data processing system. A logical connection is established between the first end node and the second end node prior to transmitting data between the end nodes. An instance number is associated with this particular logical connection. The instance number is included in each packet transmitted between the end nodes while this logical connection remains established. The instance number remains constant during this logical connection. The instance number is altered, such as by incrementing it, each time a logical connection between these end nodes is reestablished. Thus, each packet is associated with a particular instance of the logical connection. When a packet is received, the instance number included in the packet may be used to determine whether the packet is a stale packet transmitted during a previous logical connection between these end nodes.
-
公开(公告)号:US07116673B2
公开(公告)日:2006-10-03
申请号:US09925583
申请日:2001-08-09
CPC分类号: H04L61/1541 , H04L29/12113 , H04L49/90 , H04L69/16 , H04L69/168 , H04L69/22
摘要: A method for determining parameters needed to communicate with a remote node in a computer network is provided. The invention comprises determining the location of the remote node to which an InfiniBand (IB) node might desire to communicate. This resolution comprises determining the location of the remote node based on a desired application or service, and then determining the IB parameters needed to communicate with the remote node. The resolution might also involve determining the specific queue pairs that associated with the service dynamically. The general solution is applied to IP service resolution.
-
公开(公告)号:US06760793B2
公开(公告)日:2004-07-06
申请号:US10207449
申请日:2002-07-29
IPC分类号: G06F302
CPC分类号: G06F13/385
摘要: A method and implementing computer system are provided which allows for significantly improved input/output (I/O) subsystem designs in all systems which include serialized I/O transactions such as so-called Express specification systems. Transaction control methodology is implemented to improve Express design requirements for Express devices such as an Express switch, Express-PCI bridge, endpoint, and root complex. This is accomplished by utilizing improved transaction ordering and state machine and corresponding buffer design and improved flow control credit methodology which enables improved processing for controlling transactions flowing through Express devices including Express switches and Express-PCI bridges. An Express-PCI/PCIX transition bridge design is also provided, along with the flow control credit methodology and implementation within the Express-PCI/PCIX bridge design to enable efficient interfacing between Express and legacy or existing PCI/PCIX systems.
-
公开(公告)号:US06607125B1
公开(公告)日:2003-08-19
申请号:US09450985
申请日:1999-11-29
IPC分类号: G06K710
CPC分类号: G08B13/2414 , G06K7/10851 , G06K19/07758 , G08B13/2417 , G08B13/246 , G08B13/2482
摘要: An improved handheld merchandise scanning device and method are disclosed. A first and second mode are enabled in the scanning device for scanning a product tag which includes product information and a security tag. The product tag is scanned utilizing the scanning device in the first mode to obtain the product information without deactivating the security tag. The product tag is scanned utilizing the scanning device in the second mode to concurrently obtain the product information and deactivate the security tag.
摘要翻译: 公开了一种改进的手持商品扫描装置和方法。 在扫描装置中启用第一和第二模式以扫描包括产品信息和安全标签的产品标签。 使用第一模式中的扫描装置扫描产品标签,以获得产品信息而不停用安全标签。 使用第二模式的扫描装置扫描产品标签,以同时获取产品信息并停用安全标签。
-
10.发明授权Method and system for interrupt handling using device pipelined packet transfers 失效使用设备流水线分组传输的中断处理方法和系统公开(公告)号:US06493779B1
公开(公告)日:2002-12-10
申请号:US09224111
申请日:1998-12-21
IPC分类号: G06F1324
CPC分类号: G06F13/24
摘要: A method and apparatus is provided in which Pipelined Packet Transfers (PPT) are implemented. The PPT methodology includes a request phase and a response phase. The PPT request phase involves a PPT request master delivering to a PPT request target a source address, a destination address and an information packet for the interrupt being requested. The PPT response phase involves the PPT request target becoming a PPT response master with the PPT response master delivering to a PPT request master a destination address and a data packet which includes the interrupt processing information. Pipelined Packet transfers (PPT) are ordered in accordance with a predetermined processing priority to improve performance and avoid deadlock.
摘要翻译: 提供了一种实现流水线分组传输(PPT)的方法和装置。 PPT方法包括请求阶段和响应阶段。 PPT请求阶段涉及PPT请求主机,向PPT请求目标传送要求的中断的源地址,目的地地址和信息分组。 PPT响应阶段涉及PPT请求目标成为PPT响应主机,PPT响应主机向PPT请求主机传递目的地地址和包括中断处理信息的数据分组。 流水线分组传输(PPT)根据预定的处理优先级进行排序,以提高性能并避免死锁。
-
-
-
-
-
-
-
-
-
搜索结果
83 条记录 (耗时 0.032 秒)
