公开(公告)号：WO2004079482A2

公开(公告)日：2004-09-16

申请号：PCT/GB2004000919

申请日：2004-03-04

Applicant: IBM ,  IBM UK ,  KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA KELLEY ,  SHIEH JOHNNY MENG-HAN

Inventor： KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA KELLEY ,  SHIEH JOHNNY MENG-HAN

IPC: H04L12/18 ,  H04L29/06 ,  H04L29/08 ,  G06F

CPC classification number: H04L67/1008 ,  H04L67/1002 ,  H04L67/101

Abstract: A method, apparatus, and computer instructions for obtaining a logical unit. A request is sent for the logical unit. In the depicted examples, the request is sent to a multicast IP address. Responses to the request for the logical unit are received from a number of responders. A responder is identified from the set of responders to form a selected responder. The selected responder is identified based on at least one connection metric between the data processing system and the set of responders. The logical unit is retrieved from the selected responder.

Abstract translation: 一种用于获得逻辑单元的方法，装置和计算机指令。 发送逻辑单元的请求。 在所示的示例中，请求被发送到多播IP地址。 从多个响应者接收到对逻辑单元的请求的响应。 从响应者集合中识别响应者以形成选择的响应者。 基于数据处理系统和响应者集合之间的至少一个连接度量来识别所选择的响应者。 从所选择的响应者检索逻辑单元。

公开(公告)号：WO2004079483A3

公开(公告)日：2004-12-09

申请号：PCT/GB2004000926

申请日：2004-03-04

Applicant: IBM ,  IBM UK ,  KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA KELLEY ,  SHIEH JOHNNY MENG-HAN

Inventor： KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA KELLEY ,  SHIEH JOHNNY MENG-HAN

IPC: G06F21/00 ,  G06F1/00

CPC classification number: G06F21/51 ,  G06F21/33

Abstract: A method, apparatus, and computer instructions for authorizing execution of an application on the data processing system. A request is received to execute the application, wherein the request originates from a remote data processing system and wherein the request includes a digital certificate and the application. The digital certificate is verified in response to receiving the request. Responsive to verifying the digital certificate, a digital digest is calculated for the application to form a calculated digital digest. The calculated digital digest is compared with a set of digital digests from a trusted source. The application is executed if a match between the calculated digital digest and set of digital digests occurs.

Abstract translation: 一种用于授权在数据处理系统上执行应用程序的方法，装置和计算机指令。 接收到执行应用程序的请求，其中该请求源自远程数据处理系统，并且其中该请求包括数字证书和应用程序。 数字证书在接收到请求后进行验证。 响应于验证数字证书，为应用计算数字摘要以形成计算的数字摘要。 将计算出的数字摘要与来自可信来源的一组数字摘要进行比较。 如果计算出的数字摘要和一组数字摘要发生匹配，则执行该应用程序。

公开(公告)号：JP2004355624A

公开(公告)日：2004-12-16

申请号：JP2004156293

申请日：2004-05-26

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： KEOHANE SUSANN ,  MCBREARTY GERALD F ,  MULLEN SHAWN P ,  MURILLO JESSICA KELLEY ,  SHIEH JOHNNY M

IPC: G06F13/10 ,  G06F3/06 ,  G06F9/445 ,  G06F12/00 ,  G06F15/16 ,  G06F15/177 ,  H04L12/24 ,  H04L29/08

CPC classification number: H04L41/0806 ,  G06F9/4416 ,  H04L41/0893 ,  H04L67/1097

Abstract: PROBLEM TO BE SOLVED: To provide a method for configuring a set of devices relating to a prescribed machine connected to a storage area network.
SOLUTION: Initial program load firmware and network adapter firmware of each machine on the storage area network are modified to query a storage area network appliance for lists of devices. The storage area network appliance can be identified by a world wide name and can store lists of boot devices, root volume group devices, primary devices, and secondary devices for each machine on the storage area network. The storage area network appliance waits for reception of a query and returns the appropriate list of devices on the basis of the query type and/or boot type. The boot type for a machine can be set to normal boot, maintenance boot, or installation boot.
COPYRIGHT: (C)2005,JPO&NCIPI

公开(公告)号：JP2004295887A

公开(公告)日：2004-10-21

申请号：JP2004085572

申请日：2004-03-23

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： KEOHANE SUSANN MARIE ,  GERALD FRANCIS MAKUBURIATEI ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA KELLEY ,  SHIEH JOHNNY MENG-HAN

IPC: G06F11/30 ,  G06F9/44 ,  G06F9/46 ,  G06F9/48 ,  G06F15/16 ,  G06Q10/06

CPC classification number: G06Q10/06

Abstract: PROBLEM TO BE SOLVED: To provide a method and device for obtaining status information about an active process in a grid and to provide a computer instruction. SOLUTION: A job identifier is received from a remote node in response to the submission of a job to the remote node on the grid from a data processing system. The job identifier is stored in a set of job identifiers. The set of job identifiers is used to form a set of job status request in response to a request of obtaining the status of the job submitted from the data processing system, and a job status request is submitted for each job identifier in one job identifier about the active process. A response to one set of job status requests is received, and the response is then presented. COPYRIGHT: (C)2005,JPO&NCIPI

Abstract translation: 要解决的问题：提供一种用于获得关于网格中的活动过程的状态信息并提供计算机指令的方法和装置。 解决方案：响应于从数据处理系统向网格上的远程节点提交作业，从远程节点接收作业标识符。 作业标识符存储在一组作业标识符中。 该组作业标识符用于响应于获得从数据处理系统提交的作业的状态的请求而形成一组作业状态请求，并且为每个作业标识符提交作业状态请求，其中一个作业标识符关于 活跃的过程。 接收对一组作业状态请求的响应，然后呈现响应。 版权所有（C）2005，JPO＆NCIPI

公开(公告)号：BRPI0410569B1

公开(公告)日：2016-08-23

申请号：BRPI0410569

申请日：2004-04-15

Applicant: IBM

Inventor： MCBREARTY GERALD FRANCIS ,  MURILLO JESSICA KELLEY ,  SHIEH JOHNNY MENG-HAN ,  MULLEN SHAWN PATRICK ,  KEOHANE SUSANN MARIE

IPC: G06F17/30 ,  G06F1/00 ,  G06F21/00 ,  H04L29/06 ,  H04L29/08

Abstract: "extensão de segurança de rede de sistemas de arquivos distribuídos". um protocolo de segurança que dinamicamente implementa segurança de montagem aumentada de um sistema de arquivos, quando o acesso a arquivos sensíveis em uma rede de sistema de arquivos é solicitado. quando o usuário de um sistema cliente tenta acessar um arquivo sensível especificamente etiquetado, o servidor que hospeda o sistema de arquivos executa um código de software que termina a montagem corrente e reconfigura as portas do servidor para aceitar uma remontagem a partir do cliente através de uma porta mais segura. a porta do servidor reconfigurada é fornecido o endereço de ip do cliente e a correspondência do endereço de ip durante a operação de remontagem. a comutação para uma montagem segura é completada de uma maneira perfeitamente consistente de modo que os usuários autorizados são permitidos acessar arquivos sensíveis sem derrubar o servidor com as a criptografação custosa e outras características de segurança de intensivo recurso. nenhum retardo significante é experimentado pelo usuário, enquanto o arquivo sensível é protegido de captura não autorizada durante a transmissão do sistema cliente.

公开(公告)号：AT339733T

公开(公告)日：2006-10-15

申请号：AT04727590

申请日：2004-04-15

Applicant: IBM

Inventor： KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA KELLEY ,  SHIEH JOHNNY MENG-HAN

IPC: G06F17/30 ,  H04L29/06 ,  H04L29/08 ,  G06F21/00 ,  G06F1/00

Abstract: A security protocol that dynamically implements enhanced mount security of a filesystem when access to sensitive files on a networked filesystem is requested. When the user of a client system attempts to access a specially-tagged sensitive file, the server hosting the filesystem executes a software code that terminates the current mount and re-configures the server ports to accept a re-mount from the client via a more secure port. The server re-configured server port is provided the IP address of the client and matches the IP address during the re-mount operation. The switch to a secure mount is completed in a seamless manner so that authorized users are allowed to access sensitive files without bogging down the server with costly encryption and other resource-intensive security features. No significant delay is experienced by the user, while the sensitive file is shielded from un-authorized capture during transmission to the client system.

公开(公告)号：CA2525249C

公开(公告)日：2011-03-29

申请号：CA2525249

申请日：2004-04-15

Applicant: IBM

Inventor： KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA KELLEY ,  SHIEH JOHNNY MENG-HAN

IPC: H04L29/06 ,  G06F1/00 ,  G06F17/30 ,  H04L29/08

Abstract: A security protocol that dynamically implements enhanced mount security of a filesystem when access to sensitive files on a networked filesystem is requested. When the user of a client system attempts to access a specially-tagged sensitive file, the server hosting the filesystem executes a software code that terminates the current mount and reconfigures the server ports to accept a re-mount from the client via a more secure port. The server reconfigured server port is provided the IP address of the client and matches the IP address during the re-mount operation. The switch to a secure mount is completed in a seamless manner so that authorized users are allowed to access sensitive files without bogging down the server with costly encryption and other resource-intensive security features. No significant delay is experienced by the user, while the sensitive file is shielded from unauthorized capture during transmission to the client system.

公开(公告)号：SG143953A1

公开(公告)日：2008-07-29

申请号：SG2004025359

申请日：2004-05-03

Applicant: IBM

Inventor： KEOHANE SUSANN ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA KELLEY ,  SHIEH JOHNNY MENG-HAN

IPC: G06F3/06 ,  G06F13/10 ,  G06F9/445 ,  G06F12/00 ,  G06F15/16 ,  G06F15/177 ,  H04L12/24 ,  H04L29/08

Abstract: METHOD, APPARATUS, AND PROGRAM FOR PERFORMING BOOT, MAINTENANCE, OR INSTALL OPERATIONS ON A STORAGE AREA NETWORK A mechanism is provided for configuring a set of devices for a given machine attached to a storage area network (102). The initial program load firmware and network adapter firmware for each machine (104-108) on the storage area network (102) are modified to query a storage area network appliance (120) for lists of devices. The storage area network appliance (120) may be identified by a world wide name and may store lists of boot devices, root volume group devices, primary devices, and secondary devices for each machine on the storage area network. The storage area network appliance (120) then listens for queries and returns the appropriate list of devices based on query type and/or boot type. The boot type for a machine may be set to normal boot, maintenance boot, or install boot.

公开(公告)号：BRPI0410569A

公开(公告)日：2006-06-20

申请号：BRPI0410569

申请日：2004-04-15

Applicant: IBM

Inventor： KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA KELLEY ,  SHIEH JOHNNY MENG-HAN

IPC: G06F17/30 ,  H04L29/06 ,  H04L29/08 ,  G06F21/00 ,  G06F1/00

Abstract: A security protocol that dynamically implements enhanced mount security of a filesystem when access to sensitive files on a networked filesystem is requested. When the user of a client system attempts to access a specially-tagged sensitive file, the server hosting the filesystem executes a software code that terminates the current mount and re-configures the server ports to accept a re-mount from the client via a more secure port. The server re-configured server port is provided the IP address of the client and matches the IP address during the re-mount operation. The switch to a secure mount is completed in a seamless manner so that authorized users are allowed to access sensitive files without bogging down the server with costly encryption and other resource-intensive security features. No significant delay is experienced by the user, while the sensitive file is shielded from un-authorized capture during transmission to the client system.

公开(公告)号：CA2525249A1

公开(公告)日：2004-12-02

申请号：CA2525249

申请日：2004-04-15

Applicant: IBM

Inventor： SHIEH JOHNNY MENG-HAN ,  MULLEN SHAWN PATRICK ,  MCBREARTY GERALD FRANCIS ,  KEOHANE SUSANN MARIE ,  MURILLO JESSICA KELLEY

IPC: H04L29/06 ,  G06F1/00 ,  G06F17/30 ,  H04L29/08

Abstract: A security protocol that dynamically implements enhanced mount security of a filesystem when access to sensitive files on a networked filesystem is requested. When the user of a client system attempts to access a specially- tagged sensitive file, the server hosting the filesystem executes a software code that terminates the current mount and reconfigures the server ports to accept a re-mount from the client via a more secure port. The server reconfigured server port is provided the IP address of the client and matche s the IP address during the re-mount operation. The switch to a secure mount i s completed in a seamless manner so that authorized users are allowed to acces s sensitive files without bogging down the server with costly encryption and other resource-intensive security features. No significant delay is experienced by the user, while the sensitive file is shielded from unauthorized capture during transmission to the client system.