-
公开(公告)号:US20050246552A1
公开(公告)日:2005-11-03
申请号:US10835330
申请日:2004-04-29
申请人: Steven Bade , Linda Betz , Andrew Kegel , Michael Kelly , William Terrell
发明人: Steven Bade , Linda Betz , Andrew Kegel , Michael Kelly , William Terrell
CPC分类号: G06F21/57 , G06F21/53 , H04L9/0897
摘要: A method, an apparatus, a system, and a computer program product is presented for virtualizing trusted platform modules within a data processing system. A virtual trusted platform module along with a virtual endorsement key is created within a physical trusted platform module within the data processing system using a platform signing key of the physical trusted platform module, thereby providing a transitive trust relationship between the virtual trusted platform module and the core root of trust for the trusted platform. The virtual trusted platform module can be uniquely associated with a partition in a partitionable runtime environment within the data processing system.
摘要翻译: 提出了一种方法,装置,系统和计算机程序产品,用于虚拟化数据处理系统内的可信平台模块。 使用物理可信平台模块的平台签名密钥在数据处理系统内的物理可信平台模块内创建虚拟可信平台模块以及虚拟认证密钥,从而在虚拟可信平台模块和虚拟可信平台模块之间提供传递信任关系 信任平台的核心信任根源。 虚拟可信平台模块可以与数据处理系统内的可分区运行时环境中的分区唯一关联。
-
">
公开(公告)号:US20050010812A1
公开(公告)日:2005-01-13
申请号:US10464886
申请日:2003-06-19
申请人: William Terrell , Steven Bade
发明人: William Terrell , Steven Bade
IPC分类号: H04L9/00
CPC分类号: G06F11/302 , G06F11/3051 , G06F11/3055
摘要: A method and apparatus for automatically collecting, combining, and storing operating system environment information in a trusted location on the data processing system to provide a persistent store record of all operating system events leading up to the detection of a problem. The software for the ‘black box’ device is a combination of existing system software and logging capability with the added ‘black box’ specific software functions required to generate, time-stamp, cryptographically sign and log events to the secure logging device. Operating system environment information is collected, entered into a log, and stored in a trusted location on the system. The information in this log may be used to analyze system crashes caused by security breaches. Determinations can be made from the log if the system was at correct security software ‘patch’ level or if network services were incorrectly configured or enabled.
摘要翻译: 一种用于在数据处理系统的可信位置中自动收集,组合和存储操作系统环境信息以提供导致问题检测的所有操作系统事件的持久存储记录的方法和装置。 “黑盒”设备的软件是现有系统软件和记录功能的组合,以及生成,时间戳,加密签名和将事件记录到安全日志记录设备所需的添加的“黑匣子”特定软件功能。 收集操作系统环境信息,输入到日志中,并将其存储在系统上的信任位置。 此日志中的信息可用于分析由安全漏洞引起的系统崩溃。 如果系统处于正确的安全软件“修补程序”级别或网络服务配置不正确或启用,则可以从日志中进行确定。
-
3.发明申请Method and system for hierarchical platform boot measurements in a trusted computing environment 失效在可信计算环境中分层平台引导测量的方法和系统公开(公告)号:US20050246525A1
公开(公告)日:2005-11-03
申请号:US10835503
申请日:2004-04-29
申请人: Steven Bade , Ryan Catherman , James Hoff , William Terrell
发明人: Steven Bade , Ryan Catherman , James Hoff , William Terrell
CPC分类号: G06F21/57
摘要: An architecture for a distributed data processing system comprises a system-level service processor along with one or more node-level service processors; each are uniquely associated with a node, and each is extended to comprise any components that are necessary for operating the nodes as trusted platforms, such as a TPM and a CRTM in accordance with the security model of the Trusted Computing Group. These node-level service processors then inter-operate with the system-level service processor, which also contains any components that are necessary for operating the system as a whole as a trusted platform. A TPM within the system-level service processor aggregates integrity metrics that are gathered by the node-level service processors, thereafter reporting integrity metrics as requested, e.g., to a hypervisor, thereby allowing a large distributed data processing system to be validated as a trusted computing environment while allowing its highly parallelized initialization process to proceed.
摘要翻译: 用于分布式数据处理系统的架构包括系统级服务处理器以及一个或多个节点级服务处理器; 每个都与节点唯一相关联,并且每个都被扩展以包括根据可信计算组的安全模型将节点操作为可信平台(例如TPM和CRTM)所需的任何组件。 然后,这些节点级服务处理器与系统级服务处理器互操作,系统级服务处理器还包含将系统作为整体操作为可信平台所必需的任何组件。 系统级服务处理器内的TPM聚合由节点级服务处理器收集的完整性度量,此后根据请求报告完整性度量,例如向管理程序报告,从而允许将大型分布式数据处理系统验证为可信任的 同时允许其高度并行化的初始化过程进行。
-
公开(公告)号:US20180091558A1
公开(公告)日:2018-03-29
申请号:US15673122
申请日:2017-08-09
IPC分类号: H04L29/06
CPC分类号: H04L63/20 , G06F21/577 , H04L63/1433
摘要: Various embodiments and related methods are provided that can include or operate a variety of modular systems such as, a group of user interfaces and software modules which receive inputs from the user interfaces to perform Secure Configuration Evaluation, Remediation, and Reporting Tool tasks. Exemplary modules can include a scan or current state module to populate and/or identify a current state configuration as well as collecting available information on available vulnerability patches or system updates, a software, update, and/or patch configuration selection module that generates a “picklist” user interface for all available software, patches or updates or optionally patches or updates that meet one or more search criteria associated with a baseline data, a data store with install files for all selected or available software, patches or updates selected with the picklist user interface, an installer export package system to generate install packages, and an access/use verification system.
-
公开(公告)号:US4102331A
公开(公告)日:1978-07-25
申请号:US725326
申请日:1976-09-21
申请人: Joseph Grayzel , William Terrell
发明人: Joseph Grayzel , William Terrell
IPC分类号: A61B5/0408 , A61B5/04
CPC分类号: A61B5/0408
摘要: A device which is adapted to transmit electrical energy between an electrical instrument and a living body such as a human body. The device includes a support which has an outer face adapted to be placed in engagement with a surface such as a human skin surface, while the support has an outer periheral edge surrounding the latter outer face thereof and the support being formed inwardly of its outer peripheral edge with an opening extending at least partly into the support from its outer face. An electrically-conductive gel is situated in the latter opening and is at least partly exposed at the outer face of the support so as to be capable of engaging and making electrical contact with the surface which is engaged by the outer face of the support. At least one carbon yarn has a portion situated in this gel for making electrical contact therewith, and an insulation covers the yarn at the region of its portion which is situated in the gel. This insulation is carried by the support so as to support the carbon yarn through the insulation. The yarn together with the insulation have a length sufficiently great to extend through a substantial distance beyond the support, and the yarn carries at an end distant from the portion which is in the gel a contact for connection to an electrical instrument or the like.
摘要翻译: 适于在电子仪器和诸如人体的生物体之间传递电能的装置。 该装置包括支撑件,其具有适于被放置成与诸如人体皮肤表面的表面接合的外表面,而支撑件具有围绕其外表面的外围边缘,并且支撑件在其外周边的内侧形成 边缘具有从其外表面至少部分地延伸到支撑件中的开口。 导电凝胶位于后者的开口中,并且至少部分地暴露在支撑体的外表面处,以便能够与由支撑体的外表面接合的表面接合并进行电接触。 至少一根碳纱线具有位于该凝胶中的与其电接触的部分,并且绝缘体在其位于凝胶中的部分的区域处覆盖纱线。 该绝缘体由支撑体承载,以便通过绝缘体支撑碳纱线。 纱线与绝缘体一起具有足够大的长度以延伸超出支撑件的相当长度,并且纱线在远离凝胶中的部分远离用于连接到电气仪器等的触点的端部承载。
-
公开(公告)号:US20070183421A1
公开(公告)日:2007-08-09
申请号:US11694805
申请日:2007-03-30
申请人: William Terrell , Tracy Edmonds , Wayland Jeong , Eric Peterson , Jean Kodama , Harun Muliadi , Norman Chan , Rexford Hill , Michael Nishimura , Stephen How
发明人: William Terrell , Tracy Edmonds , Wayland Jeong , Eric Peterson , Jean Kodama , Harun Muliadi , Norman Chan , Rexford Hill , Michael Nishimura , Stephen How
IPC分类号: H04L12/56
CPC分类号: H04L45/00 , H04L45/30 , H04L45/38 , H04L45/586 , H04L49/90
摘要: A router for use in a network includes a scalable architecture and performs methods for implementing quality of service on a logical unit behind a network port; and for implementing storage virtualization. The architecture includes a managing processor, a supervising processor; and a plurality of routing processors coupled to a fabric. The managing processor has an in-band link to a routing processor. A routing processor receives a frame from the network, determines by parsing the frame, the protocol and logical unit number, and routes the frame to a queue according to a traffic class associated with the logical unit number in routing information prepared for the processors. An arbitration scheme empties the queue in accordance with a deficit round robin technique. If a routing processor detects the frame's destination is a virtual entity, and so is part of a virtual transaction, the router conducts a nonvirtual transaction in concert with the virtual transaction. The nonvirtual transaction accomplishes the intent of the virtual transaction but operates on an actual network port, for example, a storage device.
摘要翻译: 在网络中使用的路由器包括可扩展架构,并且执行用于在网络端口后面的逻辑单元上实现服务质量的方法; 并用于实现存储虚拟化。 该架构包括一个管理处理器,一个监督处理器; 以及耦合到结构的多个路由处理器。 管理处理器具有到路由处理器的带内链路。 路由处理器从网络接收帧,通过解析帧,协议和逻辑单元号来确定,并根据与为处理器准备的路由信息中的逻辑单元号相关联的业务类,将帧路由到队列。 仲裁方案根据赤字循环技术清空队列。 如果路由处理器检测到帧的目的地是虚拟实体,并且也是虚拟事务的一部分,则路由器与虚拟事务一起执行非虚拟事务。 非虚拟事务实现虚拟事务的意图,但是在实际的网络端口(例如存储设备)上运行。
-
公开(公告)号:US20050232285A1
公开(公告)日:2005-10-20
申请号:US11098831
申请日:2005-04-04
申请人: William Terrell , Wayland Jeong , William Chow , Gordon Larimer
发明人: William Terrell , Wayland Jeong , William Chow , Gordon Larimer
CPC分类号: H04L67/1097
摘要: A network node for processing messages transmitted via a network, the node including: a first circuit providing a processor-based node path; a second circuit, coupled to the first circuit, providing a switch-based node path; and a memory storing mapping information accessible by the first and second circuits, wherein the processing of messages received by the network node is allocated between the first and second circuit based on the mapping information.
摘要翻译: 一种用于处理经由网络发送的消息的网络节点,所述节点包括:提供基于处理器的节点路径的第一电路; 耦合到第一电路的第二电路,提供基于开关的节点路径; 以及存储器,存储由第一和第二电路可访问的映射信息,其中,基于映射信息,在第一和第二电路之间分配由网络节点接收的消息的处理。
-
公开(公告)号:US20080008202A1
公开(公告)日:2008-01-10
申请号:US11859956
申请日:2007-09-24
申请人: William Terrell , Tracy Edmonds , Wayland Jeong , Eric Peterson , Jean Kodama , Harun Muliadi , Norman Chan , Rexford Hill , Michael Nishimura , Stephen How
发明人: William Terrell , Tracy Edmonds , Wayland Jeong , Eric Peterson , Jean Kodama , Harun Muliadi , Norman Chan , Rexford Hill , Michael Nishimura , Stephen How
IPC分类号: H04L12/28
CPC分类号: H04L45/00 , H04L45/124 , H04L45/302 , H04L45/586 , H04L47/10 , H04L47/20 , H04L47/50 , H04L47/527 , H04L47/6225 , H04L49/10
摘要: A router for use in a network includes a scalable architecture and performs methods for implementing quality of service on a logical unit behind a network port; and for implementing storage virtualization. The architecture includes a managing processor, a supervising processor; and a plurality of routing processors coupled to a fabric. The managing processor has an in-band link to a routing processor. A routing processor receives a frame from the network, determines by parsing the frame, the protocol and logical unit number, and routes the frame to a queue according to a traffic class associated with the logical unit number in routing information prepared for the processors. An arbitration scheme empties the queue in accordance with a deficit round robin technique. If a routing processor detects the frame's destination is a viral entity, and so is part of a virtual transaction, the router conducts a nonvirtual transaction in concert with the virtual transaction. The nonvirtual transaction accomplishes the intent of the virtual transaction but operates on an actual network port, for example, a storage device.
摘要翻译: 在网络中使用的路由器包括可扩展架构,并且执行用于在网络端口后面的逻辑单元上实现服务质量的方法; 并用于实现存储虚拟化。 该架构包括一个管理处理器,一个监督处理器; 以及耦合到结构的多个路由处理器。 管理处理器具有到路由处理器的带内链路。 路由处理器从网络接收帧,通过解析帧,协议和逻辑单元号来确定,并根据与为处理器准备的路由信息中的逻辑单元号相关联的业务类,将帧路由到队列。 仲裁方案根据赤字循环技术清空队列。 如果路由处理器检测到帧的目的地是病毒实体,并且也是虚拟事务的一部分,则路由器与虚拟事务一起执行非虚拟事务。 非虚拟事务实现虚拟事务的意图,但是在实际的网络端口(例如存储设备)上运行。
-
公开(公告)号:US20070033413A1
公开(公告)日:2007-02-08
申请号:US11070858
申请日:2005-03-01
IPC分类号: H04L9/00
CPC分类号: H04L63/10 , H04L63/083 , H04L69/03
摘要: A network interface for secure virtual interface data communication includes a doorbell circuit, a processor, memory, and a bridge circuit. The doorbell circuit responds to physical I/O addresses of the host that are mapped by a memory management unit by a registration process. An application program seeking to use a channel of a virtual interface must register the virtual address of host memory where data for communication is or will be stored and register the virtual address of a page of I/O addresses. Access to the doorbell functions and to the host memory via the memory management unit are therefore denied when the requesting process identifier does not successfully compare with the process identifier for the process that performed the registrations. A password may be stored in the network interface in association with a virtual interface (VI) channel identifier and stored in association with the virtual to physical map used for VI communication. The network interface may abandon a requested or implied data communication when passwords so not filly compare. Methods for virtual interface (VI) communication performed by an application program may include one or more of the steps of(a) establishing a VI channel where physical I/O addresses of a network controller are secured; (b) registering host memory for use with a VI channel where physical memory addresses are secured; (c) describing blocks of host memory with reference to a memory handle; and (d) accomplishing data communication of a described block of host memory via an established VI channel where the data and controls of the VI channel are secured and the data and controls of other VI channels are secured. Security is provided against both erroneous operations and operations intentionally effected by rouge processes.
摘要翻译: 用于安全虚拟接口数据通信的网络接口包括门铃电路,处理器,存储器和桥接电路。 门铃电路通过注册过程响应由存储器管理单元映射的主机的物理I / O地址。 寻求使用虚拟接口的通道的应用程序必须注册主机存储器的虚拟地址,其中用于通信的数据将被存储或将被存储,并且注册I / O地址页的虚拟地址。 因此,当请求进程标识符没有成功地与执行注册的进程的进程标识符进行比较时,通过存储器管理单元访问门铃功能和主机存储器。 密码可以与虚拟接口(VI)信道标识符相关联地存储在网络接口中,并且与用于VI通信的虚拟到物理映射关联地存储。 网络接口可能会丢弃一个请求或隐含的数据通信功能,当密码没有进行比较时。 由应用程序执行的用于虚拟接口(VI)通信的方法可以包括以下步骤中的一个或多个步骤:(a)建立保证网络控制器的物理I / O地址的VI通道; (b)注册主机存储器以用于物理存储器地址被保护的VI通道; (c)参考存储器句柄来描述主机存储器的块; 以及(d)通过建立的VI通道完成所描述的主机存储器块的数据通信,其中VI通道的数据和控制被保护,并且其它VI通道的数据和控制被保证。 提供安全措施来防止由胭脂过程故意影响的错误操作和操作。
-
公开(公告)号:US20060049672A1
公开(公告)日:2006-03-09
申请号:US10935979
申请日:2004-09-07
申请人: William Terrell
发明人: William Terrell
IPC分类号: A47D1/02
摘要: A collapsible stool is attached to a foldable ground cover mat, providing portable ground cover with elevated seating for outdoor enthusiasts. The mat is of sufficient size to provide ground cover, protecting the user's gear and keeping the user clean and dry while donning the selected gear. A wader bag is adapted with compartments to store the gear and the closed stool with folded mat for convenient transportation. The bag may hold gaiters and changeable soles or other selected gear such as beach clothing, shoes, and toys. The elevated seat eases changing shoes. Attaching the seat to the mat aids in preventing mat movement during gusty winds. Alternatively, the collapsible stool with attached ground cover mat may be stored in a compartment of a golf club bag. Additionally, a wader bag may be reinforced to support a seated user and the foldable mat attached directly to the reinforced bag.
摘要翻译: 可折叠的凳子连接到可折叠的地面覆盖垫,为户外爱好者提供便携式地面盖和高架座椅。 垫子具有足够的尺寸以提供地面覆盖物,保护使用者的装备并在使用选定的装置时保持使用者的清洁和干燥。 拖把袋适用于隔间,用于存放齿轮和带有折叠垫的封闭凳子,方便运输。 该袋子可以保持鞋子和可变的鞋底或其他选定的装置,例如沙滩服装,鞋子和玩具。 高架座椅可以改变鞋子。 将座椅安装在垫子上有助于防止垫子在阵风中运动。 或者,具有附接的地面覆盖垫的可折叠凳可以存储在高尔夫球杆袋的隔室中。 此外,拖鞋可以被加强以支撑就座的使用者,并且可折叠垫直接附接到加强袋。
-
-
-
-
-
-
-
-
-
搜索结果
10 条记录 (耗时 0.032 秒)
