PROVISIONING OF OPERATING SYSTEMS TO USER TERMINALS
    1.
    发明公开
    PROVISIONING OF OPERATING SYSTEMS TO USER TERMINALS 有权
    PROVISION的操作系统能够为用户终端的

    公开(公告)号:EP2761523A4

    公开(公告)日:2015-04-29

    申请号:EP12837063

    申请日:2012-07-04

    Applicant: IBM

    CPC classification number: G06F9/4416 G06F21/575

    Abstract: Methods and apparatus are provided for provisioning an operating system image from a server (2) to an untrusted user terminal (4) via a data communications network (3). A trusted device (5) such as a pocket USB device has tamper-resistant storage (9) containing bootloader logic, for controlling booting of a user terminal, and security data. On connection of the trusted device (5) to an untrusted user terminal (4), the user terminal is booted via the bootloader logic on the trusted device. Under control of the bootloader logic, a connection is established to the server (2) via the network (3) and the server is authenticated using the security data on the trusted device (5). An operating system boot image is received from the server (2) via this connection. The boot image is used to provision an operating system image from the server (2) to the user terminal (4) for execution of the operating system at the user terminal (4).

    Computer mounting method, system and computer program, for verifying correctness of execution history including multiple operations operated in parallel to data structure
    2.
    发明专利
    Computer mounting method, system and computer program, for verifying correctness of execution history including multiple operations operated in parallel to data structure 有权
    计算机安装方法,系统和计算机程序,用于验证执行历史的正确性,包括与数据结构并行运行的多个操作

    公开(公告)号:JP2010186476A

    公开(公告)日:2010-08-26

    申请号:JP2010025026

    申请日:2010-02-08

    CPC classification number: G06F11/3636

    Abstract: PROBLEM TO BE SOLVED: To provide a computer mounting method, system and computer program for verifying correctness of execution history including multiple operations operated in parallel to a data structure. SOLUTION: Since multi-core processors have become the standard architecture for general purpose machines, programmers are required to write software optimized for parallelism. Verification of correctness is an important issue for parallel code because of its complexity. There are still tools missing that provide verification for complex code (for instance, testing the execution of code). Consequently, the system and method for evaluating the correctness of program traces are disclosed. Furthermore, the system and method disclosed in this technology do not demand excessive computational requirements even when the size of the program trace being evaluated increases. COPYRIGHT: (C)2010,JPO&INPIT

    Abstract translation: 要解决的问题:提供一种用于验证包括与数据结构并行操作的多个操作的执行历史的正确性的计算机安装方法,系统和计算机程序。 解决方案:由于多核处理器已成为通用机器的标准架构,因此程序员需要编写针对并行化优化的软件。 验证正确性是并行代码的一个重要问题,因为它的复杂性。 还有一些工具缺少提供复杂代码的验证(例如,测试代码的执行)。 因此,公开了用于评估程序迹线的正确性的系统和方法。 此外,即使当被评估的程序跟踪的大小增加时,该技术中公开的系统和方法也不需要过多的计算需求。 版权所有(C)2010,JPO&INPIT

    Bootloader for booting a computer into a second operating system that is hidden from a first host operating system

    公开(公告)号:GB2508895A

    公开(公告)日:2014-06-18

    申请号:GB201222584

    申请日:2012-12-14

    Applicant: IBM

    Abstract: A bootloader (16, fig. 2) detectable by a firmware 122 of a computer 101 comprises instructions for the firmware to load the bootloader into a memory 121 of the computer for subsequent execution. A storage medium 120 of the computer 101 stores a first host operating system 111-1 and a second host operating system 111-2 respectively on a first portion (120-1, fig. 5) and a second portion (120-2). Upon execution, the instructions interact with the firmware 122 to determine the second portion (120-2) of the storage medium 120. The second portion (120-2) is determined from partition information 111-1p, which acknowledges the first host operating system 111-1 but does not acknowledge the second host operating system 111-2. A part BI of the second host operating system 111-2 is located in the second portion (120-2), and said part is executed, whereby only the second host operating system can boot upon execution of the bootloader (16) at the computer 101. The bootloader (16) may be stored on a portable, secure tamper-proof device 10 with a connection interface (12) enabling connection with a computer 101.

    Sichere Ausführung von Software-Modulen auf einem Computer

    公开(公告)号:DE112014000337T5

    公开(公告)日:2015-09-10

    申请号:DE112014000337

    申请日:2014-03-14

    Applicant: IBM

    Abstract: Die vorliegende Erfindung bezieht sich insbesondere auf ein Verfahren zum Ausführen von Software-Modulen auf einem Computer, wobei das Verfahren aufweist: Ausführen (S4) eines Boot-Ladeprogramms (15, 16) zumindest teilweise (16) auf dem Computer (101); und bei Ausführung des Boot-Ladeprogramms: Zugreifen (S5) auf Anforderungen an einen Anfangssatz (IS) von Software-Modulen SMn; und Hardware-Spezifikationen des Computers; Ermitteln (S6) innerhalb des Anfangssatzes eines oder mehrerer Kandidatensätze (CS1, CS2) von Software-Modulen, die mit den Hardware-Spezifikationen kompatibel sind (S6a) und als RAM-Platte speicherbar sind (S6b); und Speichern (S9) der Software-Module eines Abschlusssatzes (FS) auf einer RAM-Platte (121), wobei es sich bei dem Abschlusssatz (FS) um einen des einen oder der mehreren Kandidatensätze handelt, und Anweisen, die auf der RAM-Platte gespeicherten Software-Module auszuführen, wobei sowohl der Anfangssatz als auch der Abschlusssatz von Software-Modulen Anwendungskomponenten und Betriebssystem-Abbildkomponenten aufweist und des Weiteren bevorzugt Hardware-Komponententreiber aufweist. Die vorliegende Erfindung bezieht sich des Weiteren auf ein Boot-Ladeprogramm, eine für Benutzer vertrauenswürdige Einheit und ein System.

    Secure execution of software modules on a computer

    公开(公告)号:GB2512376A

    公开(公告)日:2014-10-01

    申请号:GB201305727

    申请日:2013-03-28

    Applicant: IBM

    Abstract: Disclosed is a method of executing software modules on a computer. The method start by executing S4 a bootloader in the computer and then accessing S5 requirements as to an initial set of software modules and hardware specifications of the computer. Then determining S6 within the initial set, a candidate set CS1 of software modules that are compatible S6a with the hardware specifications and can S6b be stored as a RAM disk and storing S9 the software modules of a final set on a RAM disk , the final set being a candidate set. Executing the software modules stored on the RAM disk, wherein each of the initial set and the final set of software modules comprises application components and operating system image components and hardware component drivers. A trusted device such as a USB drive may hold the bootloader and the software modules.

Patent Agency Ranking