专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09135029B2 Securely reconfiguring a multi-node system to prevent firmware rollback 有权
标题翻译：安全地重新配置多节点系统以防止固件回滚
公开(公告)号：US09135029B2
公开(公告)日：2015-09-15
申请号：US14146068
申请日：2014-01-02
申请人： International Business Machines Corporation
发明人： Shiva R. Dasari , Raghuswamyreddy Gundam
IPC分类号： G06F9/445 , G06F9/44
CPC分类号： G06F9/44505 , G06F9/4405 , G06F9/4416 , G06F21/572 , G06F21/60 , H04L41/082
摘要： A computer program product includes computer readable program code for initiating boot of a multi-node system including a first compute node scaled together with a second compute node, wherein the multi-node system boots from a basic input output system of the first compute node that is identified as a primary node by a trusted platform module of the first compute node. The computer program product further comprises computer readable program code for receiving a request to reconfigure the multi-node system so that the second compute node would become the primary node, and computer readable program code for reconfiguring the multi-node system so that the second node is the primary mode only in response to a user manually asserting physical presence to a trusted platform module of the first compute node.
摘要翻译：计算机程序产品包括用于启动包括与第二计算节点一起缩放的第一计算节点的多节点系统的引导的计算机可读程序代码，其中所述多节点系统从所述第一计算节点的基本输入输出系统引导，由第一计算节点的可信平台模块识别为主节点。所述计算机程序产品还包括用于接收重新配置所述多节点系统的请求以使得所述第二计算节点将成为所述主节点的计算机可读程序代码，以及用于重新配置所述多节点系统的计算机可读程序代码，使得所述第二节点是仅在响应于用户手动断言到第一计算节点的可信平台模块的物理存在时的主要模式。

2. 发明申请

US20150067309A1 MANAGING PHYSICAL PRESENCE ACROSS MULTIPLE BLADES 有权
标题翻译：管理多个叶片的物理存在
公开(公告)号：US20150067309A1
公开(公告)日：2015-03-05
申请号：US14016382
申请日：2013-09-03
申请人： International Business Machines Corporation
发明人： Shiva R. Dasari , Raghuswamyreddy Gundam , Karthik Kolavasi , Newton P. Liu , Douglas W. Oliver , Nicholas A. Ramirez , Mehul M. Shah , Wingcheung Tam
IPC分类号： G06F9/44
CPC分类号： G06F9/4401 , G06F9/445 , G06F21/57 , G06F2221/2133
摘要： A method uses a firmware interface setup program for a selected compute node (“node”) to cause a firmware interface to enable a trusted platform module (TPM) on the selected node to receive a physical presence (PP) signal. The selected node is selected from a plurality of nodes within a multi-node chassis, wherein each node includes a firmware interface and a TPM. A device within the multi-node chassis is manually actuated to transmit a PP signal to each of the plurality of nodes, such that each node receives the PP signal. The PP signal is asserted to the TPM of the selected node in response to both enabling the TPM of the selected node to be able to receive the PP signal and receiving the PP signal. Still further, the method allows modification of a security setting of the selected node in response to the TPM receiving the PP signal.
摘要翻译：一种方法使用用于所选择的计算节点（“节点”）的固件接口设置程序来使固件接口使所选节点上的可信平台模块（TPM）能够接收物理存在（PP）信号。从多节点机架中的多个节点选择所选择的节点，其中每个节点包括固件接口和TPM。手动启动多节点机架内的设备以将PP信号发送到多个节点中的每一个节点，使得每个节点接收PP信号。响应于使所选节点的TPM能够接收PP信号并接收PP信号的两者，PP信号被断言到所选节点的TPM。此外，该方法允许响应于接收PP信号的TPM修改所选节点的安全设置。

3. 发明授权

US09280355B2 System with manual actuator for asserting physical presence across multiple compute nodes 有权
标题翻译：具有用于断言跨多个计算节点的物理存在的手动执行器的系统
公开(公告)号：US09280355B2
公开(公告)日：2016-03-08
申请号：US14013848
申请日：2013-08-29
申请人： International Business Machines Corporation
发明人： Shiva R. Dasari , Raghuswamyreddy Gundam , Karthik Kolavasi , Newton P. Liu , Douglas W. Oliver , Nicholas A. Ramirez , Mehul M. Shah , Wingcheung Tam
IPC分类号： G06F9/00 , G06F9/24 , G06F15/177 , G06F9/44 , G06F9/445 , G06F21/57
CPC分类号： G06F9/4401 , G06F9/445 , G06F21/57 , G06F2221/2133
摘要： A system includes a multi-node chassis including a chassis management module, a plurality of compute nodes, and a physical presence manual actuator for transmitting a physical presence signal to each compute node in response to manual actuation. Each server has a firmware interface, a trusted platform module, and an AND gate. The firmware interface has a general purpose input output pin for providing an enabling signal in response to a user instruction to a firmware interface setup program that communicates with the firmware interface. The AND gate has a first input receiving the enabling signal, a second input receiving the physical presence signal, and an output coupled to the trusted platform module, wherein the AND gate for a selected compute node asserts physical presence to the trusted platform module of the selected compute node in response to receiving both the enabling signal and the physical presence signal.
摘要翻译：系统包括多节点机箱，包括机箱管理模块，多个计算节点以及用于响应于手动致动将物理存在信号发送到每个计算节点的物理存在手动致动器。每个服务器都有固件接口，可信平台模块和AND门。固件接口具有通用输入输出引脚，用于响应于与固件接口通信的固件接口设置程序的用户指令来提供使能信号。与门具有接收使能信号的第一输入，接收物理存在信号的第二输入和耦合到可信平台模块的输出，其中所选择的计算节点的与门断言可信平台模块的物理存在响应于接收到使能信号和物理存在信号两者而选择的计算节点。

4. 发明授权

US09122893B1 Trusted platform module switching 有权
标题翻译：可信平台模块切换
公开(公告)号：US09122893B1
公开(公告)日：2015-09-01
申请号：US14188111
申请日：2014-02-24
申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION
发明人： Shiva R. Dasari , Raghuswamyreddy Gundam
IPC分类号： H04L9/00 , G06F21/71 , G06F21/57
CPC分类号： G06F21/71 , G06F21/57 , G06F21/72
摘要： A computer system comprises a Trusted Platform Module System (TPMS). The TPMS comprises a first Trusted Platform Module (TPM) and a second TPM, which comports with a different TPM specification than that followed by the first TPM. A physical presence input device receives a local physical change signal that proves a local physical presence of a user at the computer system. A toggle input device, which requires the local physical change signal, causes the state being output from the GPIO pin on the first TPM to switch from a first state to a second state. This change of state causes a TPM switch to selectively decouple the first TPM from a central processing unit and to couple the second TPM to the central processing unit.
摘要翻译：计算机系统包括可信平台模块系统（TPMS）。 TPMS包括第一个可信平台模块（TPM）和第二个TPM，其与不同于TPM规范的TPM规范相比较。物理存在输入装置接收证明计算机系统上的用户的本地物理存在的本地物理变化信号。需要本地物理变化信号的触发输入装置使得从第一TPM上的GPIO引脚输出的状态从第一状态切换到第二状态。这种状态改变使得TPM开关选择性地将第一TPM与中央处理单元分离并将第二TPM耦合到中央处理单元。

5. 发明申请

US20150186159A1 SECURELY RECONFIGURING A MULTI-NODE SYSTEM TO PREVENT FIRMWARE ROLLBACK 有权
标题翻译：安全重建多节点系统以防止固件回滚
公开(公告)号：US20150186159A1
公开(公告)日：2015-07-02
申请号：US14146068
申请日：2014-01-02
申请人： International Business Machines Corporation
发明人： Shiva R. Dasari , Raghuswamyreddy Gundam
IPC分类号： G06F9/445 , G06F9/44
CPC分类号： G06F9/44505 , G06F9/4405 , G06F9/4416 , G06F21/572 , G06F21/60 , H04L41/082
摘要： A computer program product includes computer readable program code for initiating boot of a multi-node system including a first compute node scaled together with a second compute node, wherein the multi-node system boots from a basic input output system of the first compute node that is identified as a primary node by a trusted platform module of the first compute node. The computer program product further comprises computer readable program code for receiving a request to reconfigure the multi-node system so that the second compute node would become the primary node, and computer readable program code for reconfiguring the multi-node system so that the second node is the primary mode only in response to a user manually asserting physical presence to a trusted platform module of the first compute node.
摘要翻译：计算机程序产品包括用于启动包括与第二计算节点一起缩放的第一计算节点的多节点系统的引导的计算机可读程序代码，其中所述多节点系统从所述第一计算节点的基本输入输出系统引导，由第一计算节点的可信平台模块识别为主节点。所述计算机程序产品还包括用于接收重新配置所述多节点系统的请求以使得所述第二计算节点将成为所述主节点的计算机可读程序代码，以及用于重新配置所述多节点系统的计算机可读程序代码，使得所述第二节点是仅在响应于用户手动断言到第一计算节点的可信平台模块的物理存在时的主要模式。

6. 发明申请

US20140245445A1 Preventing Propagation Of Hardware Viruses In A Computing System 有权
标题翻译：防止计算系统中硬件病毒的传播
公开(公告)号：US20140245445A1
公开(公告)日：2014-08-28
申请号：US13778372
申请日：2013-02-27
申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION
发明人： Shiva R. Dasari , Sudhir Dhawan , Raghuswamyreddy Gundam , Joshua H. Israel , Karthik Kolavasi , Newton P. Liu , Douglas W. Oliver , Mehul M. Shah , Wingcheung Tam
IPC分类号： G06F21/56
CPC分类号： G06F21/561 , G06F11/3065 , G06F21/55 , G06F21/86
摘要： Preventing propagation of hardware viruses in a computing system, including: determining, by a hardware virus detection module, whether an empty connector in the computing system is damaged, wherein the empty connector is blocked from receiving an attachable computing device by a bumper; determining, by the hardware virus detection module, whether a connector for the attachable computing device is damaged; and responsive to determining that the empty connector is not damaged and that the connector for the attachable computing device is not damaged, moving the bumper such that the empty connector is not blocked from receiving the attachable computing device.
摘要翻译：防止硬件病毒在计算系统中的传播，包括：硬件病毒检测模块确定计算系统中的空连接器是否被损坏，其中空连接器被阻挡件从缓冲器接收可连接的计算设备; 通过硬件病毒检测模块确定用于可附接计算设备的连接器是否损坏; 并且响应于确定空连接器不被损坏并且用于可附接计算设备的连接器没有被损坏，移动保险杠使得空连接器不被阻挡以接收可附接计算设备。

7. 发明申请

US20150294116A1 BOOTING A MULTI-NODE COMPUTER SYSTEM FROM A PRIMARY NODE DYNAMICALLY SELECTED BASED ON SECURITY SETTING CRITERIA 有权
标题翻译：从基于安全设置标准动态选择的主节点启动多节点计算机系统
公开(公告)号：US20150294116A1
公开(公告)日：2015-10-15
申请号：US14251811
申请日：2014-04-14
申请人： International Business Machines Corporation
发明人： Raghuswamyreddy Gundam , Shiva R. Dasari
IPC分类号： G06F21/60 , G06F9/44
CPC分类号： G06F9/441 , G06F9/4405 , G06F21/575 , G06F21/6218 , G06F21/629 , G06F21/72 , H04L41/0803
摘要： A method includes identifying, from among nodes within a multi-node system, a node that has a security setting satisfying a security setting criteria, booting the multi-node system with the identified node as the primary node, and operating the multi-node system using the security setting of the identified node. Accordingly, the method may provide dynamic selection of a primary node based upon the security setting criteria and the security settings of the nodes within the multi-node system. Optionally, the security setting of each node is stored in a trusted platform module. In non-limiting examples, the security setting criteria may be the highest security setting among all nodes within the multi-node system or a predetermined minimum security setting, such as a trusted execution technology setting.
摘要翻译：一种方法包括从多节点系统内的节点中识别出具有满足安全设置标准的安全设置的节点，以所识别的节点为主节点引导多节点系统，以及操作多节点系统使用所识别节点的安全设置。因此，该方法可以基于安全设置标准和多节点系统内的节点的安全设置来提供主节点的动态选择。可选地，每个节点的安全设置存储在可信平台模块中。在非限制性示例中，安全设置标准可以是多节点系统内的所有节点中的最高安全设置或预定的最小安全设置，例如可信执行技术设置。

8. 发明申请

US20150067308A1 MANAGING PHYSICAL PRESENCE ACROSS MULTIPLE BLADES 有权
标题翻译：管理多个叶片的物理存在
公开(公告)号：US20150067308A1
公开(公告)日：2015-03-05
申请号：US14013848
申请日：2013-08-29
申请人： International Business Machines Corporation
发明人： Shiva R. Dasari , Raghuswamyreddy Gundam , Karthik Kolavasi , Newton P. Liu , Douglas W. Oliver , Nicholas A. Ramirez , Mehul M. Shah , Wingcheung Tam
IPC分类号： G06F9/445
CPC分类号： G06F9/4401 , G06F9/445 , G06F21/57 , G06F2221/2133
摘要： A system includes a multi-node chassis including a chassis management module, a plurality of compute nodes, and a physical presence manual actuator for transmitting a physical presence signal to each compute node in response to manual actuation. Each server has a firmware interface, a trusted platform module, and an AND gate. The firmware interface has a general purpose input output pin for providing an enabling signal in response to a user instruction to a firmware interface setup program that communicates with the firmware interface. The AND gate has a first input receiving the enabling signal, a second input receiving the physical presence signal, and an output coupled to the trusted platform module, wherein the AND gate for a selected compute node asserts physical presence to the trusted platform module of the selected compute node in response to receiving both the enabling signal and the physical presence signal.
摘要翻译：系统包括多节点机箱，包括机箱管理模块，多个计算节点以及用于响应于手动致动将物理存在信号发送到每个计算节点的物理存在手动致动器。每个服务器都有固件接口，可信平台模块和AND门。固件接口具有通用输入输出引脚，用于响应于与固件接口通信的固件接口设置程序的用户指令来提供使能信号。与门具有接收使能信号的第一输入，接收物理存在信号的第二输入和耦合到可信平台模块的输出，其中所选择的计算节点的与门断言可信平台模块的物理存在响应于接收到使能信号和物理存在信号两者而选择的计算节点。

9. 发明申请

US20150012597A1 RETROACTIVE MANAGEMENT OF MESSAGES 审中-公开
标题翻译：信息回溯管理
公开(公告)号：US20150012597A1
公开(公告)日：2015-01-08
申请号：US13935454
申请日：2013-07-03
申请人： International Business Machines Corporation
发明人： Shiva R. Dasari , Joshua H. Israel , Karthik Kolavasi
IPC分类号： H04L12/58
CPC分类号： H04L51/18
摘要： Embodiments of the present invention provide a method, system and computer program product for retroactive message management. In an embodiment of the invention, a method for retroactive message management is provided. The method includes receiving a message in a messaging client executing in memory of a computer and characterizing the received message. The method also includes identifying an already received message in the messaging client that matches the characterization of the received message. Finally, the method includes processing the identified already received message in response to the receipt of the characterized message, for example by deleting the identified already received message or by moving the identified already received message to a folder in a messaging data store of the messaging client.
摘要翻译：本发明的实施例提供了一种用于追溯消息管理的方法，系统和计算机程序产品。在本发明的实施例中，提供了一种用于追溯消息管理的方法。该方法包括在消息传送客户机中接收在计算机的存储器中执行并表征所接收的消息的消息。该方法还包括识别消息接发客户端中已经接收到的与接收到的消息的表征相匹配的消息。最后，该方法包括响应于接收到表征的消息来处理所标识的已经接收到的消息，例如通过删除所标识的已经接收到的消息，或者通过将已识别的已经接收到的消息移动到消息收发客户端的消息收发数据存储器中的文件夹。

10. 发明申请

US20150294119A1 BOOTING A MULTI-NODE COMPUTER SYSTEM FROM A PRIMARY NODE DYNAMICALLY SELECTED BASED ON SECURITY SETTING CRITERIA 审中-公开
标题翻译：从基于安全设置标准动态选择的主节点启动多节点计算机系统
公开(公告)号：US20150294119A1
公开(公告)日：2015-10-15
申请号：US14249653
申请日：2014-04-10
申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION
发明人： Raghuswamyreddy Gundam , Shiva R. Dasari
IPC分类号： G06F21/62 , G06F9/44
CPC分类号： G06F9/441 , G06F9/4405 , G06F21/575 , G06F21/6218 , G06F21/629 , G06F21/72 , H04L41/0803
摘要： A computer program product including a computer readable storage medium having program instructions embodied therewith. The program instructions are executable by a processor to cause the processor to perform a method including identifying, from among nodes within a multi-node system, a node that has a security setting satisfying a security setting criteria, booting the multi-node system with the identified node as the primary node; and operating the multi-node system using the security setting of the identified node. Accordingly, the method may provide dynamic selection of a primary node based upon the security setting criteria and the security settings of the nodes within the multi-node system. In non-limiting examples, the security setting criteria may be the highest security setting among all nodes within the multi-node system or a predetermined minimum security setting, such as a trusted execution technology setting.
摘要翻译：一种包括计算机可读存储介质的计算机程序产品，其具有实施的程序指令。程序指令可由处理器执行以使处理器执行一种方法，该方法包括从多节点系统内的节点之中识别出具有满足安全设置标准的安全设置的节点，引导具有所述多节点系统的多节点系统识别节点为主节点; 并使用所识别的节点的安全设置来操作多节点系统。因此，该方法可以基于安全设置标准和多节点系统内的节点的安全设置来提供主节点的动态选择。在非限制性示例中，安全设置标准可以是多节点系统内的所有节点中的最高安全设置或预定的最小安全设置，例如可信执行技术设置。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式