公开(公告)号：US08949847B2

公开(公告)日：2015-02-03

申请号：US13584028

申请日：2012-08-13

申请人： Young-Ho Kim ,  Gyu-Il Cha ,  Shin-Young Ahn ,  Eun-Ji Lim ,  Jin-Mee Kim ,  Seung-Jo Bae

发明人： Young-Ho Kim ,  Gyu-Il Cha ,  Shin-Young Ahn ,  Eun-Ji Lim ,  Jin-Mee Kim ,  Seung-Jo Bae

IPC分类号： G06F9/46

CPC分类号： G06F9/505 ,  G06F2209/501

摘要： Disclosed herein are a resource manager node and a resource management method. The resource manager node includes a resource management unit, a resource policy management unit, a shared resource capability management unit, a shared resource status monitoring unit, and a shared resource allocation unit. The resource management unit performs an operation necessary for resource allocation when a resource allocation request is received. The resource policy management unit determines a resource allocation policy based on the characteristic of the task, and generates resource allocation information. The shared resource capability management unit manages the topology of nodes, information about the capabilities of resources, and resource association information. The shared resource status monitoring unit monitors and manages information about the status of each node and the use of allocated resources. The shared resource allocation unit sends a resource allocation request to at least one of the plurality of nodes.

摘要翻译： 这里公开了资源管理器节点和资源管理方法。 资源管理器节点包括资源管理单元，资源策略管理单元，共享资源能力管理单元，共享资源状态监视单元和共享资源分配单元。 当接收资源分配请求时，资源管理单元执行资源分配所需的操作。 资源策略管理单元基于该任务的特性确定资源分配策略，生成资源分配信息。 共享资源能力管理单元管理节点拓扑，资源能力信息和资源关联信息。 共享资源状态监视单元监视和管理有关每个节点的状态和所分配资源的使用的信息。 共享资源分配单元向多个节点中的至少一个发送资源分配请求。

公开(公告)号：US20090158385A1

公开(公告)日：2009-06-18

申请号：US12076783

申请日：2008-03-21

申请人： Dong-Wook Kim ,  Gyu-Il Cha ,  Young-ho Kim ,  Eun-Ji Lim ,  Soo-Young Kim ,  Sung-In Jung ,  Myung-Joon Kim ,  Bong-Nam Noh ,  Jung-Soon Kim

发明人： Dong-Wook Kim ,  Gyu-Il Cha ,  Young-ho Kim ,  Eun-Ji Lim ,  Soo-Young Kim ,  Sung-In Jung ,  Myung-Joon Kim ,  Bong-Nam Noh ,  Jung-Soon Kim

IPC分类号： G06F21/00

CPC分类号： G06F21/6218 ,  G06F21/604

摘要： Provided is an apparatus and method for automatically generating a SELinux security policy based on SELT. In the method, process generation is prepared by receiving execution file names of a program destined for policy generation. A system call log, which is traced by generating a process by executing the received execution file of the program, is stored. The traced system call log is purified into data necessary for generation of a security policy. Objects are grouped in consideration of the relationship between the objects based on purified information. A normalized data structure is recorded in an SELT description language format using a security policy file. Duplication and collision between the generated SELT security policy and the previous security policy in a system are detected.

摘要翻译： 提供了一种基于SELT自动生成SELinux安全策略的装置和方法。 在该方法中，通过接收用于策略生成的程序的执行文件名来准备进程生成。 存储通过执行程序的接收到的执行文件生成处理来追踪的系统调用日志。 跟踪的系统调用日志被净化为生成安全策略所需的数据。 考虑到基于纯化信息的对象之间的关系对象进行分组。 使用安全策略文件以SELT描述语言格式记录归一化数据结构。 检测到生成的SELT安全策略与系统中之前的安全策略之间的重复和冲突。

公开(公告)号：US20050152361A1

公开(公告)日：2005-07-14

申请号：US11015477

申请日：2004-12-20

申请人： Chei-Yol Kim ,  Sung-Hoon Son ,  Eun-Ji Lim ,  Sung-In Jung

发明人： Chei-Yol Kim ,  Sung-Hoon Son ,  Eun-Ji Lim ,  Sung-In Jung

IPC分类号： H04L12/28 ,  H04L29/06

CPC分类号： H04L29/06

摘要： The present invention propose a new mechanism, IP check layer which enables to use TOE cards and legacy NICs simultaneously within same protocol family in a Linux or a UNIX computing environment. The IP check layer is inserted between a BSD socket layer and an INET socket layer. IP check layer maintains a routing information and, information of IP addresses of each network interfaces and each socket's bind state. Using this information, IP check layer determines how to process a socket call and which layer (TOE layer, host INET layer) will take over the socket call. By means of the above mechanism, the present invention makes existing socket applications to use TOE cards and legacy NICs at the same time without modification or recompiling.

摘要翻译： 本发明提出了一种新的机制，IP检查层，其能够在Linux或UNIX计算环境中在同一协议族内同时使用TOE卡和传统NIC。 IP检查层插入在BSD套接字层和INET套接字层之间。 IP检查层维护路由信息，每个网络接口的IP地址信息和每个套接字的绑定状态。 使用此信息，IP检查层确定如何处理套接字调用，以及哪个层（TOE层，主机INET层）将接管套接字调用。 通过上述机制，本发明使现有的套接字应用程序同时使用TOE卡和传统NIC，而无需修改或重新编译。

公开(公告)号：US07552441B2

公开(公告)日：2009-06-23

申请号：US11002623

申请日：2004-12-03

申请人： Eun-Ji Lim ,  Chei-Yol Kim ,  Sung Hoon Son ,  Sung-In Jung

发明人： Eun-Ji Lim ,  Chei-Yol Kim ,  Sung Hoon Son ,  Sung-In Jung

IPC分类号： G06F3/00 ,  G06F9/44 ,  G06F15/173

CPC分类号： H04L69/16 ,  H04L69/162

摘要： There is provided a socket compatibility layer for a TOE in a high quality server system. The socket compatibility layer for a TOE provides a standard socket API to an application program and provides binary-level compatibility so that a networking function of a TOE can be used without modifying the conventional socket application program thereby supporting simultaneous use of a TOE and a general Ethernet-based NIC. In a kernel structure of the Linux operation system, the socket compatibility layer for a TOE is located below a BSD socket layer receiving a socket system call from an application program through a standard socket API, is located above an INET socket layer and a TOE driver to control connection between an upper layer and a lower layer, and transmits the socket system call received from the BSD socket layer to the TOE driver or the INET socket layer according to call contents of the socket system call. The socket compatibility layer for a TOE includes a TOE socket generation module, a virtual TOE socket, a TOE STREAM module unit and a TOE DGRAM module unit.

摘要翻译： 在高质量的服务器系统中为TOE提供了一个插座兼容层。 TOE的套接字兼容层为应用程序提供了一个标准套接字API，并提供了二进制级的兼容性，从而可以使用TOE的联网功能而无需修改常规套接字应用程序，从而支持同时使用TOE和一般 基于以太网的NIC。 在Linux操作系统的内核结构中，TOE的套接字兼容层位于通过标准套接字API从应用程序接收套接字系统调用的BSD套接字层之下，位于INET套接字层和TOE驱动器的上方 以控制上层和下层之间的连接，并根据套接字系统呼叫的呼叫内容将从BSD套接字层接收的套接字系统呼叫发送到TOE驱动程序或INET套接字层。 TOE的插座兼容层包括TOE插座生成模块，虚拟TOE插座，TOE STREAM模块单元和TOE DGRAM模块单元。

公开(公告)号：US07382802B2

公开(公告)日：2008-06-03

申请号：US11015477

申请日：2004-12-20

申请人： Chei-Yol Kim ,  Sung-Hoon Son ,  Eun-Ji Lim ,  Sung-In Jung

发明人： Chei-Yol Kim ,  Sung-Hoon Son ,  Eun-Ji Lim ,  Sung-In Jung

IPC分类号： H04J3/16 ,  H04J3/22

CPC分类号： H04L29/06

摘要： The present invention propose a new mechanism, IP check layer which enables to use TOE cards and legacy NICs simultaneously within same protocol family in a Linux or a UNIX computing environment. The IP check layer is inserted between a BSD socket layer and an INET socket layer. IP check layer maintains a routing information and, information of IP addresses of each network interfaces and each socket's bind state. Using this information, IP check layer determines how to process a socket call and which layer (TOE layer, host INET layer) will take over the socket call. By means of the above mechanism, the present invention makes existing socket applications to use TOE cards and legacy NICs at the same time without modification or recompiling.

摘要翻译： 本发明提出了一种新的机制，IP检查层，其能够在Linux或UNIX计算环境中在同一协议族内同时使用TOE卡和传统NIC。 IP检查层插入在BSD套接字层和INET套接字层之间。 IP检查层维护路由信息，每个网络接口的IP地址信息和每个套接字的绑定状态。 使用此信息，IP检查层确定如何处理套接字调用，以及哪个层（TOE层，主机INET层）将接管套接字调用。 通过上述机制，本发明使现有的套接字应用程序同时使用TOE卡和传统NIC，而无需修改或重新编译。

公开(公告)号：US20050135361A1

公开(公告)日：2005-06-23

申请号：US11002623

申请日：2004-12-03

申请人： Eun-Ji Lim ,  Chei-Yol Kim ,  Sung Hoon Son ,  Sung-In Jung

发明人： Eun-Ji Lim ,  Chei-Yol Kim ,  Sung Hoon Son ,  Sung-In Jung

IPC分类号： H04L29/10 ,  H04L12/413 ,  H04L12/28 ,  A63B53/08

CPC分类号： H04L69/16 ,  H04L69/162

摘要： There is provided a socket compatibility layer for a TOE in a high quality server system. The socket compatibility layer for a TOE provides a standard socket API to an application program and provides binary-level compatibility so that a networking function of a TOE can be used without modifying the conventional socket application program thereby supporting simultaneous use of a TOE and a general Ethernet-based NIC. In a kernel structure of the Linux operation system, the socket compatibility layer for a TOE is located below a BSD socket layer receiving a socket system call from an application program through a standard socket API, is located above an INET socket layer and a TOE driver to control connection between an upper layer and a lower layer, and transmits the socket system call received from the BSD socket layer to the TOE driver or the INET socket layer according to call contents of the socket system call. The socket compatibility layer for a TOE includes a TOE socket generation module, a virtual TOE socket, a TOE STREAM module unit and a TOE DGRAM module unit.

摘要翻译： 在高质量的服务器系统中为TOE提供了一个插座兼容层。 TOE的套接字兼容层为应用程序提供了一个标准套接字API，并提供了二进制级的兼容性，从而可以使用TOE的联网功能而无需修改常规套接字应用程序，从而支持同时使用TOE和一般 基于以太网的NIC。 在Linux操作系统的内核结构中，TOE的套接字兼容层位于通过标准套接字API从应用程序接收套接字系统调用的BSD套接字层之下，位于INET套接字层和TOE驱动器的上方 以控制上层和下层之间的连接，并根据套接字系统呼叫的呼叫内容将从BSD套接字层接收的套接字系统呼叫发送到TOE驱动程序或INET套接字层。 TOE的插座兼容层包括TOE插座生成模块，虚拟TOE插座，TOE STREAM模块单元和TOE DGRAM模块单元。