公开(公告)号：JP2000056982A

公开(公告)日：2000-02-25

申请号：JP12081299

申请日：1999-04-28

Applicant: IBM

Inventor： BAENTSCH MICHAEL ,  BULER PETER ,  EIRICH THOMAS ,  HOERING FRANK ,  OESTREICHER MARCUS

IPC: G06F9/45 ,  G06F9/44 ,  G06F9/445 ,  G06F12/06

Abstract: PROBLEM TO BE SOLVED: To improve the flexibility of selecting an object type by obtaining a simple programming model for allocation to both a temporary object and a sustaining object and supporting the holding of the temporary object without using a sustaining memory. SOLUTION: In order to generate an object in the nonsustaining memory, a 1st instruction code 31 which executes a 1st function 41 is read out of an instruction code sequence 18 and a 2nd instruction code 32 which generates objects 56, 57, and 58 in the memory is read out. The 1st function 41 selects the discontinuous memory 51 as a memory. The 1st function 41 includes a bracket open type function. At least some of the objects 56, 57, and 58 in the nonsustaining memory are linked in the form of a chain starting at the 1st object 56 in the object 56, 57 and 58.

公开(公告)号：WO0008557A8

公开(公告)日：2000-05-04

申请号：PCT/IB9901347

申请日：1999-07-29

Applicant: IBM ,  BISCHOF JOERG ,  HILD STEFAN G ,  OESTREICHER MARCUS

Inventor： BISCHOF JOERG ,  HILD STEFAN G ,  OESTREICHER MARCUS

IPC: G06F12/00 ,  G06F9/46 ,  G06F9/50

CPC classification number: G06F9/4868

Abstract: A computerized method and a system for implementing in a network distributed applications, comprising instructions for a computer process which are executable on different locations in the network, is proposed. The instructions include an assert-command and/or a release-command.

Abstract translation: 提出了用于在网络分布式应用中实现的计算机化方法和系统，其包括用于可在网络中的不同位置上执行的计算机过程的指令。 这些指令包括断言命令和/或释放命令。

公开(公告)号：WO03042799A2

公开(公告)日：2003-05-22

申请号：PCT/IB0204620

申请日：2002-11-05

Applicant: IBM ,  BAENTSCH MICHAEL ,  BUHLER PETER ,  EIRICH THOMAS ,  HOERING FRANK ,  OESTREICHER MARCUS ,  WEIGOLD THOMAS D

Inventor： BAENTSCH MICHAEL ,  BUHLER PETER ,  EIRICH THOMAS ,  HOERING FRANK ,  OESTREICHER MARCUS ,  WEIGOLD THOMAS D

IPC: G06F1/00 ,  G06F21/76 ,  G06K19/073 ,  H04L9/10 ,  H04L9/32 ,  H04L29/06

CPC classification number: H04L63/04 ,  G06F21/76 ,  H04L9/003 ,  H04L9/0625 ,  H04L2209/12

Abstract: The invention is directed to a data-processing system comprising a processor and first encrypted information in a first persistent memory whose level of information leakage is higher than that of a second persistent memory. In the second persistent memory is stored a first cryptographic key for decrypting the first encrypted information, thereby generating therefrom first unencrypted information that is usable by the processor for executing an operation. The same cryptographic key may also be used for encrypting the first unencrypted information, thereby generating the first encrypted information. It is also directed to a method of processing such a data-processing system with an operating system, comprising a writing step for writing first unencrypted information into the first persistent memory, an encryption step for encrypting the first unencrypted information under use of the first cryptographic key, creating therefrom first encrypted information in the first persistent memory, and an access-limitation step for setting the data-processing system to a state in which writing into the first persistent memory is controlled by the operating system. It also relates to a method of executing an operation on such a data-processing system comprising a decryption step for decrypting the first encrypted information under use of the first cryptographic key, thereby generating therefrom first unencrypted information and an execution step for executing an operation by the processor, using the first unencrypted information.

Abstract translation: 本发明涉及一种数据处理系统，包括处理器和第一持久存储器中的第一加密信息，其信息泄漏级别高于第二持久存储器。 在第二持久存储器中存储用于解密第一加密信息的第一密码密钥，由此产生处理器可用于执行操作的第一未加密信息。 相同的加密密钥也可以用于加密第一未加密信息，从而生成第一加密信息。 还涉及一种使用操作系统处理这种数据处理系统的方法，包括用于将第一未加密信息写入第一持久存储器的写入步骤，用于在使用第一密码的情况下加密第一未加密信息的加密步骤 密钥，从第一永久存储器中创建第一加密信息，以及访问限制步骤，用于将数据处理系统设置为由操作系统控制对第一永久存储器的写入的状态。 它还涉及对这种数据处理系统执行操作的方法，包括解密步骤，用于在使用第一加密密钥的情况下对第一加密信息进行解密，由此产生第一未加密信息，以及执行步骤，用于执行操作， 处理器，使用第一个未加密的信息。

公开(公告)号：DE60141892D1

公开(公告)日：2010-06-02

申请号：DE60141892

申请日：2001-03-09

Applicant: IBM

Inventor： BAENTSCH MICHAEL ,  BUHLER PETER ,  EIRICH THOMAS ,  HOERING FRANK ,  OESTREICHER MARCUS

IPC: G06F12/02

Abstract: The invention is directed to a method for distinguishing reachable objects and non-reachable objects in an object-based application in a system with a volatile memory and a non-volatile memory. The object-based application operates in the non-volatile memory on the objects, whereof at least one is a root object. Each root object is processed by writing for each object that is reachable from the root object, a positive reachability information into the volatile memory and marking those objects in the non-volatile memory as reusable memory, for which no positive reachability information is present in the volatile memory.

公开(公告)号：DE60307498D1

公开(公告)日：2006-09-21

申请号：DE60307498

申请日：2003-10-24

Applicant: IBM

Inventor： BAENTSCH MICHAEL ,  BUHLER PETER ,  EIRICH THOMAS ,  HOERING FRANK ,  KRAMP THORSTEN ,  OESTREICHER MARCUS ,  OSBORNE MICHAEL ,  WEIGOLD D

IPC: H04L29/06

Abstract: A method for providing a user device with a set of access codes comprises, in the user device, storing an encryption key a an identification code, and sending a message containing the identification code to a server via a communications network. In the server, an encryption key is stored corresponding to the key stored in the user device, allocating the set of access codes on receipt of the identification code from the user device. A look up function is performed based on the identification code received in the message to retrieve the key from storage. The set of access codes is encrypted using the retrieved key to produce an encrypted set. A message containing the encrypted set is sent to the user device via the network. In the user device, the encrypted set received from the server is decrypted using the key in storage, and storing the decrypted set of access codes for use by a user of the user device.

公开(公告)号：AU2003269415A1

公开(公告)日：2004-06-07

申请号：AU2003269415

申请日：2003-10-24

Applicant: IBM

Inventor： BAENTSCH MICHAEL ,  BUHLER PETER ,  EIRICH THOMAS ,  HORING FRANK ,  KRAMP THORSTEN ,  OESTREICHER MARCUS ,  OSBORNE MICHAEL ,  WEIGOLD THOMAS D

IPC: H04L29/06

Abstract: A method for providing a user device with a set of access codes comprises, in the user device, storing an encryption key a an identification code, and sending a message containing the identification code to a server via a communications network. In the server, an encryption key is stored corresponding to the key stored in the user device, allocating the set of access codes on receipt of the identification code from the user device. A look up function is performed based on the identification code received in the message to retrieve the key from storage. The set of access codes is encrypted using the retrieved key to produce an encrypted set. A message containing the encrypted set is sent to the user device via the network. In the user device, the encrypted set received from the server is decrypted using the key in storage, and storing the decrypted set of access codes for use by a user of the user device.

公开(公告)号：DE112018000779T5

公开(公告)日：2019-10-24

申请号：DE112018000779

申请日：2018-04-10

Applicant: IBM

Inventor： LEHMANN ANJA ,  OSBORNE MICHAEL CHARLES ,  OESTREICHER MARCUS

IPC: G06F21/00

Abstract: Ein Datenquellencomputer stellt Nachrichtendaten mit zugehörigen ID-Daten bereit, die an einen Datensammlungscomputer gesendet werden sollen; erzeugt eine kaschierte ID, indem die ID-Daten unter Verwendung einer Zufallszahl kaschiert werden; sendet die kaschierte ID an einen Tokenbereitstellungscomputer; und sendet die Zufallszahl und die Nachrichtendaten über ein Netzwerk für einen Empfang durch den Datensammlungscomputer. In Reaktion darauf erzeugt der Tokenbereitstellungscomputer ein kaschiertes Token, das eine mit der Zufallszahl kaschierte Funktion der ID-Daten und einen geheimen Schlüssel des Tokenbereitstellungscomputers aufweist, und sendet das kaschierte Token an den Datensammlungscomputer. Der Datensammlungscomputer verwendet in Reaktion darauf die Zufallszahl, um die Kaschierung des kaschierten Tokens aufzuheben, um ein ID-Token zu erhalten, das eine deterministische Funktion der ID-Daten und den geheimen Schlüssel aufweist. Der Datensammlungscomputer speichert dann das ID-Token und die Nachrichtendaten in dem Speicher, der betriebsfähig mit dem Datensammlungscomputer verbunden ist.

公开(公告)号：AT450003T

公开(公告)日：2009-12-15

申请号：AT99931405

申请日：1999-07-29

Applicant: IBM

Inventor： BISCHOF JOERG ,  HILD STEFAN ,  OESTREICHER MARCUS

IPC: G06F9/46 ,  G06F12/00 ,  G06F9/50

Abstract: A computerized method and a system for implementing in a network distributed applications, comprising instructions for a computer process which are executable on different locations in the network, is proposed. The instructions include an assert-command and/or a release-command.

公开(公告)号：DE60307498T2

公开(公告)日：2007-09-13

申请号：DE60307498

申请日：2003-10-24

Applicant: IBM

Inventor： BAENTSCH MICHAEL ,  BUHLER PETER ,  EIRICH THOMAS ,  HOERING FRANK ,  KRAMP THORSTEN ,  OESTREICHER MARCUS ,  OSBORNE MICHAEL ,  WEIGOLD D

IPC: H04L29/06

Abstract: A method for providing a user device with a set of access codes comprises, in the user device, storing an encryption key a an identification code, and sending a message containing the identification code to a server via a communications network. In the server, an encryption key is stored corresponding to the key stored in the user device, allocating the set of access codes on receipt of the identification code from the user device. A look up function is performed based on the identification code received in the message to retrieve the key from storage. The set of access codes is encrypted using the retrieved key to produce an encrypted set. A message containing the encrypted set is sent to the user device via the network. In the user device, the encrypted set received from the server is decrypted using the key in storage, and storing the decrypted set of access codes for use by a user of the user device.

公开(公告)号：AU3591501A

公开(公告)日：2001-10-03

申请号：AU3591501

申请日：2001-03-09

Applicant: IBM

Inventor： BAENTSCH MICHAEL ,  BUHLER PETER ,  EIRICH THOMAS ,  HOERING FRANK ,  OESTREICHER MARCUS

IPC: G06F12/02

Abstract: The invention is directed to a method for distinguishing reachable objects and non-reachable objects in an object-based application in a system with a volatile memory and a non-volatile memory. The object-based application operates in the non-volatile memory on the objects, whereof at least one is a root object. Each root object is processed by writing for each object that is reachable from the root object, a positive reachability information into the volatile memory and marking those objects in the non-volatile memory as reusable memory, for which no positive reachability information is present in the volatile memory.