专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20190095372A1 System, Apparatus And Method For Tunneling Validated Security Information 审中-公开
公开(公告)号：US20190095372A1
公开(公告)日：2019-03-28
申请号：US15718178
申请日：2017-09-28
申请人： Ruirui Huang , Nilanjan Palit , Robert P. Adler , Ioannis T. Schoinas , Avishay Snir , Boris Dolgunov
发明人： Ruirui Huang , Nilanjan Palit , Robert P. Adler , Ioannis T. Schoinas , Avishay Snir , Boris Dolgunov
IPC分类号： G06F13/40 , G06F15/78 , H04L12/741
摘要： In one example, a semiconductor die includes a plurality of agents and a fabric coupled to at least some of the plurality of agents. The fabric may include at least one router to provide communication between two or more of the plurality of agents, the at least one router coupled to a first agent of the plurality of agents, where the first agent is to send a first message to the at least one router, the first message comprising a first header including a first source identifier, and the at least one router is to validate that the first source identifier is associated with the first agent and if so to direct the first message towards a destination agent, and otherwise to prevent the first message from being directed towards the destination agent. Other embodiments are described and claimed.

2. 发明授权

US08996883B2 Securing inputs from malware 有权
标题翻译：保护恶意软件的输入
公开(公告)号：US08996883B2
公开(公告)日：2015-03-31
申请号：US13994722
申请日：2011-11-30
申请人： Steven L. Grobman , Ioannis T. Schoinas
发明人： Steven L. Grobman , Ioannis T. Schoinas
IPC分类号： G06F21/60 , G06F21/83
CPC分类号： G06F21/602 , G06F21/83
摘要： A series of touch panel key entries may be secured by shuffling touch entry coordinates. In one embodiment, the entries may be secured by applying a shuffling algorithm that replaces the true coordinates with other incorrect coordinates. Then the correct data may be reassembled in a secure environment.
摘要翻译：可以通过混洗触摸入口坐标来确保一系列触摸面板键入口。在一个实施例中，可以通过应用用其他不正确坐标代替真实坐标的混洗算法来保护条目。然后可以在安全的环境中重新组合正确的数据。

3. 发明授权

US08990506B2 Replacing cache lines in a cache memory based at least in part on cache coherency state information 有权
标题翻译：至少部分地基于高速缓存一致性状态信息来替换缓存存储器中的高速缓存行
公开(公告)号：US08990506B2
公开(公告)日：2015-03-24
申请号：US12639191
申请日：2009-12-16
申请人： Naveen Cherukuri , Dennis W. Brzezinski , Ioannis T. Schoinas , Anahita Shayesteh , Akhilesh Kumar , Mani Azimi
发明人： Naveen Cherukuri , Dennis W. Brzezinski , Ioannis T. Schoinas , Anahita Shayesteh , Akhilesh Kumar , Mani Azimi
IPC分类号： G06F12/00 , G06F12/12 , G06F12/08
CPC分类号： G06F12/121 , G06F12/084 , G06F12/126
摘要： In one embodiment, the present invention includes a cache memory including cache lines that each have a tag field including a state portion to store a cache coherency state of data stored in the line and a weight portion to store a weight corresponding to a relative importance of the data. In various implementations, the weight can be based on the cache coherency state and a recency of usage of the data. Other embodiments are described and claimed.
摘要翻译：在一个实施例中，本发明包括高速缓存存储器，其包括高速缓存行，每个高速缓存行具有包括状态部分的标签字段，该状态部分存储存储在该行中的数据的高速缓存一致性状态，以及权重部分，用于存储对应于数据。在各种实现中，权重可以基于高速缓存一致性状态和数据的使用的新近。描述和要求保护其他实施例。

4. 发明授权

US07725713B2 Launching a secure kernel in a multiprocessor system 有权
标题翻译：在多处理器系统中启动安全内核
公开(公告)号：US07725713B2
公开(公告)日：2010-05-25
申请号：US12005450
申请日：2007-12-27
申请人： John H. Wilson , Ioannis T. Schoinas , Mazin S. Yousif , Linda J. Rankin , David W. Grawrock , Robert J. Greiner , James A. Sutton , Kushagra Vaid , Willard M. Wiseman
发明人： John H. Wilson , Ioannis T. Schoinas , Mazin S. Yousif , Linda J. Rankin , David W. Grawrock , Robert J. Greiner , James A. Sutton , Kushagra Vaid , Willard M. Wiseman
IPC分类号： G06F9/30 , H04L29/06
CPC分类号： G06F21/575 , G06F21/44 , G06F21/445 , G06F21/50 , G06F21/606 , G06F21/64 , G06F21/71 , G06F2221/034
摘要： In one embodiment of the present invention, a method includes verifying an initiating logical processor of a system; validating a trusted agent with the initiating logical processor if the initiating logical processor is verified; and launching the trust agent on a plurality of processors of the system if the trusted agent is validated. After execution of such a trusted agent, a secure kernel may then be launched, in certain embodiments. The system may be a multiprocessor server system having a partially or fully connected topology with arbitrary point-to-point interconnects, for example.
摘要翻译：在本发明的一个实施例中，一种方法包括验证系统的起始逻辑处理器; 如果启动逻辑处理器被验证，则使用起始逻辑处理器验证可信代理; 以及如果所述可信代理被验证，则在所述系统的多个处理器上启动所述信任代理。在执行这样的可信代理之后，在某些实施例中可以启动安全内核。该系统可以是例如具有任意点到点互连的部分或完全连接的拓扑的多处理器服务器系统。

5. 发明申请

US20090265472A1 Method, System, and Apparatus for System Level Initialization 有权
标题翻译：用于系统级初始化的方法，系统和装置
公开(公告)号：US20090265472A1
公开(公告)日：2009-10-22
申请号：US12348723
申请日：2009-01-05
申请人： Mani Ayyar , Srinivas Chennupaty , Akhilesh Kumar , Doddabaliapur Narasimha-Murthy Jayasimha , Murugasamy Nachimuthu , Phanindra K. Mannava , Ioannis T. Schoinas
发明人： Mani Ayyar , Srinivas Chennupaty , Akhilesh Kumar , Doddabaliapur Narasimha-Murthy Jayasimha , Murugasamy Nachimuthu , Phanindra K. Mannava , Ioannis T. Schoinas
IPC分类号： G06F15/16 , G06F15/177
CPC分类号： H04L67/125 , H04L69/324
摘要： Multiple initialization techniques for system and component in a point-to-point architecture are discussed. Consequently, the techniques allow for flexible system/socket layer parameters to be tailored to the needs of the platform, such as, desktop, mobile, small server, large server, etc., as well as the component types such as IA32/IPF processors, memory controllers, IO Hubs, etc. Furthermore, the techniques facilitate powering up with the correct set of POC values, hence, it avoids multiple warm resets and improves boot time. In one embodiment, registers to hold new values, such as, Configuration Values Driven during Reset (CVDR), and Configuration Values Captured during Reset (CVCR) may be eliminated.For example, the POC values could be from the following: Platform Input Clock to Core Clock Ratio, Enable/disable LT, Configurable Restart, Burn In Initialization Mode, Disable Hyper Threading, System BSP Socket Indication, and Platform Topology Index.
摘要翻译：讨论了用于系统和组件在点对点架构中的多个初始化技术。因此，这些技术允许根据平台（如桌面，移动，小型服务器，大型服务器等）的需求以及诸如IA32 / IPF处理器之类的组件类型来定制灵活的系统/套接字层参数，存储器控制器，IO集线器等。此外，该技术有助于以正确的一组POC值加电，因此避免了多次热复位并提高了启动时间。在一个实施例中，可以消除保存新值的寄存器，例如在复位期间驱动的配置值（CVDR）和在复位期间捕获的配置值（CVCR）。例如，POC值可以来自以下内容：平台输入时钟到核心时钟比率，启用/禁用LT，可配置重新启动，刻录初始化模式，禁用超线程，系统BSP插槽指示和平台拓扑索引。

6. 发明授权

US06662276B2 Storing directory information for non uniform memory architecture systems using processor cache 有权
公开(公告)号：US06662276B2
公开(公告)日：2003-12-09
申请号：US09751579
申请日：2000-12-29
申请人： Ioannis T. Schoinas
发明人： Ioannis T. Schoinas
IPC分类号： G06F1200
CPC分类号： G06F12/082 , G06F2212/2515
摘要： An embodiment of the present invention includes a cache and a controller in a non uniform memory architecture (NUMA) system. The cache stores a plurality of entries, each of which contains an entry type indicating if the entry is one of a normal entry and a directory entry. The controller processes an access request from a processor for a memory block using the plurality of entries.

7. 发明授权

US06347362B1 Flexible event monitoring counters in multi-node processor systems and process of operating the same 有权
标题翻译：多节点处理器系统中的灵活事件监控计数器及其操作过程
公开(公告)号：US06347362B1
公开(公告)日：2002-02-12
申请号：US09221577
申请日：1998-12-29
申请人： Ioannis T. Schoinas , Ali S. Oztaskin
发明人： Ioannis T. Schoinas , Ali S. Oztaskin
IPC分类号： G06F1300
CPC分类号： G06F11/3072 , G06F11/3006 , G06F11/3037 , G06F11/348 , G06F12/08 , G06F12/122 , G06F2201/88
摘要： A flexible event monitoring counter apparatus and process are provided for a processor system including a plurality of nodes, each node having a processor and a portion of a total main memory of the processor system. One example of such a processor system is a Non-Uniform-Memory-Architecture (NUMA) system. In order to reduce the total number of counters necessary, the counter structure will track certain ones of a type of event which occur in the processor system, determined in accordance with a predetermined standard to be most interesting, while discarding other ones of the same type of event determined by the standard to be less interesting. In accordance with one embodiment, the type of event which is tracked or discarded can be page accesses to pages of the total main memory. The standard of most interesting events can be based on the pages which receive the most requests for remote access from a node other than the node where the requested page is located. The information regarding the most interesting events can be used, if desired, to make decisions regarding migration and/or replication of pages between the different nodes.
摘要翻译：为包括多个节点的处理器系统提供灵活的事件监视计数器装置和处理，每个节点具有处理器和处理器系统的总主存储器的一部分。这种处理器系统的一个例子是非均匀存储器架构（NUMA）系统。为了减少所需的计数器总数，计数器结构将跟踪在处理器系统中出现的某种类型的事件，其根据预定标准确定为最有趣，同时丢弃相同类型的其他类型由标准决定的事件不那么有趣。根据一个实施例，被跟踪或丢弃的事件的类型可以是对总主存储器的页面的页面访问。最有趣的事件的标准可以基于从除请求的页面所在的节点之外的节点接收到对远程访问的最多请求的页面。如果需要，可以使用关于最有趣事件的信息来做出关于不同节点之间的页面的迁移和/或复制的决定。

8. 发明申请

US20140298408A1 Method For Enforcing Resource Access Control In Computer Systems 审中-公开
标题翻译：在计算机系统中执行资源访问控制的方法
公开(公告)号：US20140298408A1
公开(公告)日：2014-10-02
申请号：US14304307
申请日：2014-06-13
申请人： Manoj R. Sastry , Ioannis T. Schoinas , Daniel M. Cermak
发明人： Manoj R. Sastry , Ioannis T. Schoinas , Daniel M. Cermak
IPC分类号： H04L29/06
CPC分类号： H04L63/10 , G06F12/1458 , G06F21/6218 , G06F21/78
摘要： A method and system for enforcing access control to system resources and assets. Security attributes associated with devices that initiate transactions in the system are automatically generated and forwarded with transaction messages. The security attributes convey access privileges assigned to each initiator. One or more security enforcement mechanisms are implemented in the system to evaluate the security attributes against access policy requirements to access various system assets and resources, such as memory, registers, address ranges, etc. If the privileges identified by the security attributes indicate the access request is permitted, the transaction is allowed to proceed. The security attributes of the initiator scheme provides a modular, consistent secure access enforcement scheme across system designs.
摘要翻译：一种执行对系统资源和资产的访问控制的方法和系统。与系统中发起事务的设备相关联的安全属性将自动生成并使用事务消息进行转发。安全属性传达分配给每个启动器的访问权限。在系统中实现一个或多个安全执行机制以根据访问策略要求评估安全属性以访问诸如存储器，寄存器，地址范围等的各种系统资产和资源。如果由安全属性标识的特权指示访问允许请求，允许交易进行。启动器方案的安全属性提供跨系统设计的模块化，一致的安全访问实施方案。

9. 发明申请

US20140282819A1 METHOD, APPARATUS, SYSTEM FOR QUALIFYING CPU TRANSACTIONS WITH SECURITY ATTRIBUTES 有权
标题翻译：方法，装置，用于对具有安全属性的CPU交易进行质量评估的系统
公开(公告)号：US20140282819A1
公开(公告)日：2014-09-18
申请号：US13828676
申请日：2013-03-14
申请人： Manoj R. Sastry , Ioannis T. Schoinas , Daniel M. Cermak
发明人： Manoj R. Sastry , Ioannis T. Schoinas , Daniel M. Cermak
IPC分类号： G06F21/62
CPC分类号： G06F21/74 , G06F21/57 , G06F21/78
摘要： Method, apparatus, and system for qualifying CPU transactions with security attributes. Immutable security attributes are generated for transactions initiator by a CPU or processor core that identifying the execution mode of the CPU/core being trusted or untrusted. The transactions may be targeted to an Input/Output (I/O) device or system memory via which a protected asset may be accessed. Policy enforcement logic blocks are implemented at various points in the apparatus or system that allow or deny transactions access to protected assets based on the immutable security attributes generated for the transactions. In one aspect, a multiple-level security scheme is implemented under which a mode register is updated via a first transaction to indicate the CPU/core is operating in a trusted execution mode, and security attributes are generated for a second transaction using execution mode indicia in the mode register to verify the transaction is from a trusted initiator.
摘要翻译：用于对具有安全属性的CPU事务进行限定的方法，设备和系统。由CPU或处理器核心为事务发起者生成不可变的安全属性，用于识别CPU /核心被信任或不可信任的执行模式。这些事务可以被定向到可被访问受保护资产的输入/输出（I / O）设备或系统存储器。策略执行逻辑块在设备或系统中的不同点实现，其允许或拒绝事务基于为事务生成的不可变安全属性而访问被保护资产。在一个方面，实现多级安全方案，在该级别下，通过第一事务来更新模式寄存器以指示CPU /核心以可信执行模式运行，并且使用执行模式标记为第二事务生成安全属性在模式寄存器中验证事务来自可信发起者。

10. 发明申请

US20100262823A1 Launching A Secure Kernel In A Multiprocessor System 有权
标题翻译：在多处理器系统中启动安全内核
公开(公告)号：US20100262823A1
公开(公告)日：2010-10-14
申请号：US12824694
申请日：2010-06-28
申请人： John H. Wilson , Ioannis T. Schoinas , Mazin S. Yousif , Linda J. Rankin , David W. Grawrock , Robert J. Greiner , James A. Sutton , Kushagra Vaid , Willard M. Wiseman
发明人： John H. Wilson , Ioannis T. Schoinas , Mazin S. Yousif , Linda J. Rankin , David W. Grawrock , Robert J. Greiner , James A. Sutton , Kushagra Vaid , Willard M. Wiseman
IPC分类号： G06F9/30 , H04L29/06
CPC分类号： G06F21/575 , G06F21/44 , G06F21/445 , G06F21/50 , G06F21/606 , G06F21/64 , G06F21/71 , G06F2221/034
摘要： In one embodiment of the present invention, a method includes verifying an initiating logical processor of a system; validating a trusted agent with the initiating logical processor if the initiating logical processor is verified; and launching the trusted agent on a plurality of processors of the system if the trusted agent is validated. After execution of such a trusted agent, a secure kernel may then be launched, in certain embodiments. The system may be a multiprocessor server system having a partially or fully connected topology with arbitrary point-to-point interconnects, for example.
摘要翻译：在本发明的一个实施例中，一种方法包括验证系统的起始逻辑处理器; 如果启动逻辑处理器被验证，则使用起始逻辑处理器验证可信代理; 以及如果所述信任代理被验证，则在所述系统的多个处理器上启动所述可信代理。在执行这样的可信代理之后，在某些实施例中可以启动安全内核。该系统可以是例如具有任意点到点互连的部分或完全连接的拓扑的多处理器服务器系统。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式