-
公开(公告)号:US09996709B2
公开(公告)日:2018-06-12
申请号:US13613708
申请日:2012-09-13
申请人: William E. Hall , Guerney D. H. Hunt , Paul A. Karger , Mark F. Mergen , David R. Safford , David C. Toll
发明人: William E. Hall , Guerney D. H. Hunt , Paul A. Karger , Mark F. Mergen , David R. Safford , David C. Toll
CPC分类号: G06F21/85 , G06F21/606
摘要: A secure computer architecture is provided. With this architecture, data is received, in a component of an integrated circuit chip implementing the secure computer architecture, for transmission across a data communication link. The data is converted, by the component, to one or more first fixed length frames. The one or more first fixed length frames are then transmitted, by the component, on the data communication link in a continuous stream of frames. The continuous stream of frames includes one or more second fixed length frames generated when no data is available for inclusion in the frames of the continuous stream.
-
公开(公告)号:US08286164B2
公开(公告)日:2012-10-09
申请号:US12537808
申请日:2009-08-07
申请人: William E. Hall , Guerney D. H. Hunt , Paul A. Karger , Suzanne K. McIntosh , Mark F. Mergen , David R. Safford , David C. Toll
发明人: William E. Hall , Guerney D. H. Hunt , Paul A. Karger , Suzanne K. McIntosh , Mark F. Mergen , David R. Safford , David C. Toll
CPC分类号: G06F9/45533 , G06F9/5077 , G06F21/57 , G06F2009/4557 , G06F2009/45579
摘要: A mechanism is provided for performing secure recursive virtualization of a computer system. A portion of memory is allocated by a virtual machine monitor (VMM) or an operating system (OS) to a new domain. An initial program for the new domain is loaded into the portion of memory. Secure recursive virtualization firmware (SVF) in the data processing system is called to request that the new domain be generated. A determination is made as to whether the call is from a privileged domain or a non-privileged domain. Responsive to the request being from a privileged domain, all access to the new domain is removed from any other domain in the data processing system. Responsive to receiving an indication that the new domain has been generated, an execution of the initial program is scheduled.
摘要翻译: 提供了一种用于执行计算机系统的安全递归虚拟化的机制。 内存的一部分由虚拟机监视器(VMM)或操作系统(OS)分配给新域。 新域的初始程序被加载到内存部分。 调用数据处理系统中的安全递归虚拟化固件(SVF)来请求生成新的域。 确定呼叫是来自特权域还是非特权域。 响应于来自特权域的请求,对数据处理系统中的任何其他域的所有对新域的访问都将被删除。 响应于接收到新域已被生成的指示,调度初始程序的执行。
-
公开(公告)号:US07461268B2
公开(公告)日:2008-12-02
申请号:US10892431
申请日:2004-07-15
CPC分类号: G06F21/72 , G06F21/75 , G11C17/16 , H04L9/3236
摘要: Methods and devices that may be utilized in systems to dynamically update a security version parameter used to encrypt secure data are provided. The version may be maintained in persistent storage located on a device implementing the encryption, such as a system on a chip (SOC). The persistent storage does not require battery backing and, thus, the cost and complexity associated with conventional systems utilizing battery backed storage may be reduced.
摘要翻译: 提供了可用于系统动态更新用于加密安全数据的安全版本参数的方法和设备。 该版本可以被维护在位于实现加密的设备上的持久存储器中,诸如片上系统(SOC)。 永久存储器不需要电池背衬,因此,与使用电池支持的存储器的常规系统相关联的成本和复杂度可能会降低。
-
公开(公告)号:US20080175381A1
公开(公告)日:2008-07-24
申请号:US12057207
申请日:2008-03-27
CPC分类号: G06F21/72 , G11C17/16 , H04L9/3236
摘要: Methods and devices that may be utilized in systems to dynamically update a security version parameter used to encrypt secure data are provided. The version may be maintained in persistent storage located on a device implementing the encryption, such as a system on a chip (SOC). The persistent storage does not require battery backing and, thus, the cost and complexity associated with conventional systems utilizing battery backed storage may be reduced.
-
5.发明授权Control function implementing selective transparent data authentication within an integrated system 有权集成系统中实现选择性透明数据认证的控制功能公开(公告)号:US07266842B2
公开(公告)日:2007-09-04
申请号:US10125708
申请日:2002-04-18
IPC分类号: G06F7/04 , G06F7/58 , G06F12/00 , G06F12/14 , G06F13/00 , G06F17/30 , G06K19/00 , G11C7/00 , H04L9/32
摘要: A data authentication technique is provided for a data access control function of an integrated system. The technique includes passing a data request from a functional master of the integrated system through the data access control function, and responsive to the data request, selectively authenticating requested data. The selective authentication, which can occur transparent to the functional master initiating the data request, includes employing integrity value generation on the requested data when originally stored and when retrieved, in combination with encryption and decryption thereof to ensure the authenticity of the requested data. As an enhancement, cascading integrity values may be employed to facilitate data authentication.
摘要翻译: 为集成系统的数据访问控制功能提供数据认证技术。 该技术包括通过数据访问控制功能从集成系统的功能主机传递数据请求,并响应于数据请求,选择性地认证所请求的数据。 可以对启动数据请求的功能主机透明的选择性认证包括在原始存储时和当检索时对所请求的数据进行完整性值生成,结合其加密和解密,以确保所请求数据的真实性。 作为增强,可以采用级联完整性值来促进数据认证。
-
6.发明授权Optical wavelength division multiplexer for high speed, protocol-independent serial data sources 失效用于高速,协议无关串行数据源的光波分复用器
公开(公告)号:US5487120A
公开(公告)日:1996-01-23
申请号:US193969
申请日:1994-02-09
申请人: Michael M. Choy , Paul E. Green, Jr. , William E. Hall , Frank J. Janniello , Jeff K. Kravitz , Karen Liu , Rajiv Ramaswami , Franklin F. Tong
发明人: Michael M. Choy , Paul E. Green, Jr. , William E. Hall , Frank J. Janniello , Jeff K. Kravitz , Karen Liu , Rajiv Ramaswami , Franklin F. Tong
CPC分类号: H04J14/02 , H04B10/506 , H04B10/572
摘要: A wavelength division multiplexer (WDM) unit (12) includes a plurality of Input/Output cards (IOCs 14). Each IOC is bidirectionally coupled to I/O specific media (fiber or copper) and to two coaxial cables. Also bidirectionally coupled to the coaxial cables are a plurality of Laser/Receiver Cards (LRC 20). The interface between the IOCs and the LRCs is an Emitter Coupled Logic (ECL) electrical interface that is conveyed over the coaxial cables. Each LRC is bidirectionally coupled by two single mode fibers to an optical multiplexer and demultiplexer, embodied within a grating (24). An input/output port of the grating is coupled to a fiber link (28) that enables bidirectional, full duplex data communications with a second WDM. Each WDM also includes a Diagnostic Processor Card (DPC 28) that receives status signals from the IOCs and LRCs, that forwards the status signals on to an external processor, and which generates control information for the IOCs and LRCs.
摘要翻译: 波分复用器(WDM)单元(12)包括多个输入/输出卡(IOC 14)。 每个IOC双向耦合到I / O特定介质(光纤或铜)和两根同轴电缆。 还双向耦合到同轴电缆的是多个激光/接收卡(LRC 20)。 IOC和LRC之间的接口是通过同轴电缆传送的发射极耦合逻辑(ECL)电接口。 每个LRC通过两个单模光纤双向耦合到光学多路复用器和解复用器中,体现在光栅(24)内。 光栅的输入/输出端口耦合到能够与第二WDM进行双向全双工数据通信的光纤链路(28)。 每个WDM还包括诊断处理器卡(DPC 28),其接收来自IOC和LRC的状态信号,将状态信号转发到外部处理器,并且产生IOC和LRC的控制信息。
-
公开(公告)号:US4685687A
公开(公告)日:1987-08-11
申请号:US773322
申请日:1985-09-06
IPC分类号: B23B31/14 , B23B31/16 , B23B31/175 , B23Q3/12 , B23B31/12
CPC分类号: B23Q3/12 , B23B31/14 , B23B31/16195 , B23B31/39 , Y10T279/19 , Y10T279/1961 , Y10T279/3406 , Y10T279/35
摘要: A workholder for a machine tool or the like having a power assembly and a work gripping assembly that are separable to permit use of a plurality of work gripping assemblies and associated work gripping jaws of a size and shape to accommodate different workpieces. Work gripping assemblies with jaws pre-qualified to different workpieces can be exchanged quickly and automatically, as by use of a robot, when different parts are to be machined, while a single power assembly remains connected to the machine tool.
摘要翻译: 一种具有动力组件和工件夹紧组件的机床等的工作夹具,其可分离以允许使用尺寸和形状的多个工件夹持组件和相关联的作业夹爪以适应不同的工件。 通过使用机器人,当要加工不同的零件时,同时单个动力组件保持连接到机床上,可以快速自动地更换具有预先通过不同工件的夹爪的工件夹紧组件。
-
8.发明授权Processor and data processing method with non-hierarchical computer security enhancements for context states 有权处理器和数据处理方法,用于上下文状态的非分层计算机安全增强公开(公告)号:US08850557B2
公开(公告)日:2014-09-30
申请号:US13408170
申请日:2012-02-29
申请人: Richard H. Boivie , William E. Hall , Guerney D. H. Hunt , Suzanne K. McIntosh , Mark F. Mergen , Marcel C. Rosu , David R. Safford , David C. Toll , Carl Lynn C. Karger
发明人: Richard H. Boivie , William E. Hall , Guerney D. H. Hunt , Paul A. Karger , Suzanne K. McIntosh , Mark F. Mergen , Marcel C. Rosu , David R. Safford , David C. Toll
CPC分类号: G06F21/31 , G06F21/54 , G06F21/6218 , G06F2221/2105
摘要: Disclosed are a processor and processing method that provide non-hierarchical computer security enhancements for context states. The processor can comprise a context control unit that uses context identifier tags associated with corresponding contexts to control access by the contexts to context information (i.e., context states) contained in the processor's non-stackable and/or stackable registers. For example, in response to an access request, the context control unit can grant a specific context access to a register only when that register is tagged with a specific context identifier tag. If the register is tagged with another context identifier tag, the contents of the specific register are saved in a context save area of memory and the previous context states of the specific context are restored to the specific register before access can be granted. The context control unit can also provide such computer security enhancements while still facilitating authorized cross-context and/or cross-level communications.
摘要翻译: 公开了一种为上下文状态提供非分层计算机安全增强的处理器和处理方法。 处理器可以包括上下文控制单元,其使用与相应上下文相关联的上下文标识符标签来控制上下文对包含在处理器的不可堆叠和/或可堆叠寄存器中的上下文信息(即上下文状态)的访问。 例如,响应于访问请求,上下文控制单元可以仅在该寄存器被标记有特定上下文标识符标签时才向该寄存器授予特定上下文访问。 如果寄存器用另一个上下文标识符标记,则将特定寄存器的内容保存在存储器的上下文保存区域中,并且特定上下文的先前上下文状态将被恢复到特定寄存器,然后才能授予访问权限。 上下文控制单元还可以提供这样的计算机安全增强,同时还促进授权的交叉上下文和/或跨级通信。
-
9.发明授权Physically unclonable function implemented through threshold voltage comparison 失效通过阈值电压比较实现物理不可克隆功能公开(公告)号:US08619979B2
公开(公告)日:2013-12-31
申请号:US12823278
申请日:2010-06-25
CPC分类号: G06F21/73 , H04L9/08 , H04L9/0866 , H04L9/3278
摘要: Electronic devices and methods are disclosed to provide and to test a physically unclonable function (PUF) based on relative threshold voltages of one or more pairs of transistors. In a particular embodiment, an electronic device is operable to generate a response to a challenge. The electronic device includes a plurality of transistors, with each of the plurality of transistors having a threshold voltage substantially equal to an intended threshold voltage. The electronic device includes a challenge input configured to receive the challenge. The challenge input includes one or more bits that are used to individually select each of a pair of transistors of the plurality of transistors. The electronic device also includes a comparator to receive an output voltage from each of the pair of transistors and to generate a response indicating which of the pair of transistors has the higher output voltage. The output voltage of each of the pair of transistors varies based on the threshold voltage of each of the pair of transistors.
摘要翻译: 公开了电子装置和方法,以基于一对或多对晶体管的相对阈值电压来提供和测试物理上不可克隆的功能(PUF)。 在特定实施例中,电子设备可操作以产生对挑战的响应。 电子设备包括多个晶体管,多个晶体管中的每一个具有基本上等于预期阈值电压的阈值电压。 电子设备包括被配置为接收挑战的挑战输入。 挑战输入包括用于单独选择多个晶体管中的一对晶体管中的每一个的一个或多个位。 该电子设备还包括一个比较器,用于接收来自该对晶体管中的每一个的输出电压,并产生一个响应,该响应指示该对晶体管中的哪一个具有较高的输出电压。 该对晶体管中的每一个晶体管的输出电压根据该晶体管对的阈值电压而变化。
-
公开(公告)号:US08135937B2
公开(公告)日:2012-03-13
申请号:US12272261
申请日:2008-11-17
申请人: William E. Hall , Guerney D. H. Hunt , Paul A. Karger , Mark F. Mergen , David R. Safford , David C. Toll
发明人: William E. Hall , Guerney D. H. Hunt , Paul A. Karger , Mark F. Mergen , David R. Safford , David C. Toll
CPC分类号: G06F12/1036
摘要: A mechanism is provided, in a data processing system, for accessing memory based on an effective address submitted by a process of a partition. The mechanism may translate the effective address into a virtual address using a segment look-aside buffer. The mechanism may further translate the virtual address into a partition real address using a page table. Moreover, the mechanism may translate the partition real address into a system real address using a logical partition real memory map for the partition. The system real address may then be used to access the memory.
摘要翻译: 在数据处理系统中提供了一种基于由分区的进程提交的有效地址来访问存储器的机制。 该机制可以使用段间隔缓冲区将有效地址转换为虚拟地址。 该机制可以使用页表进一步将虚拟地址转换成分区实际地址。 此外,该机制可以使用分区的逻辑分区实际存储器映射将分区实际地址转换为系统实际地址。 然后可以使用系统实际地址来访问存储器。
-
-
-
-
-
-
-
-
-
搜索结果
51 条记录 (耗时 0.02 秒)
