-
1.发明专利
公开(公告)号:GB2442497B
公开(公告)日:2010-03-31
申请号:GB0619402
申请日:2006-10-02
Applicant: TRANSITIVE LTD , IBM UK , IBM
Inventor: WALKER JAMES WILLIAM , COCKS RYAN JASON
Abstract: A technique is provided for administering references to a subject process filesystem during translation of subject code into target code in a dynamic binary translator. The subject code for execution on a subject processor is received by a translator, and corresponding target code for execution on the target processor is generated. The translator is arranged to establish, populate and maintain a process data structure, so that code can be generated by the translator in which subject references to the subject process filesystem are handled effectively.
-
公开(公告)号:GB2501433A
公开(公告)日:2013-10-23
申请号:GB201313795
申请日:2012-01-10
Applicant: IBM
Inventor: WALKER JAMES WILLIAM , HAIKNEY DAVID , GILBERT DAVID ALAN
IPC: G06F9/445
Abstract: This invention relates to a method and apparatus for updating software. In particular this invention relates to a method, system and computer program for updating an operating system in a hypervisor comprising: determining a new version of a component of the operating system; installing the new component version; measuring an identifying characteristic of the component and making it available to an attestation system; notifying the attestation system that a component has been updated to a new version whereby, when the attestation system finds that the identifying characteristic of the new component does not match a pre-stored attestation value it is aware that a legitimate mis-match could have occurred. The installing of the new version of the component comprises: identifying an updater associated with new version of the component; measuring an identifying characteristic of the identified updater; loading and installing the new version of the component; and making both the identifying measurement of the updater and the new version of the component available to the attestation system.
-
公开(公告)号:DE112011104496T5
公开(公告)日:2013-10-17
申请号:DE112011104496
申请日:2011-12-19
Applicant: IBM
Abstract: System, Verfahren und Computerprogrammprodukt zum Bereitstellen von Validierung der Compliance einer vertrauenswürdigen Host-Umgebung mit einer Anforderung einer virtuellen Maschine (VM), wobei das System aufweist: eine Speicherkomponente zum kryptografischen Speichern von zu der vertrauenswürdigen Host-Umgebung gehörenden Konfigurationsdaten, in wenigstens einer kryptografischen Datenstruktur; eine Sendekomponente zum Senden der wenigstens einen kryptografischen Datenstruktur an eine Steuerkomponente in Reaktion auf die die Konfigurationsdaten speichernde Speicherkomponente; eine Analysekomponente zum Analysieren, in Reaktion auf die die wenigstens eine kryptografische Datenstruktur empfangende Steuerkomponente, der wenigstens einen kryptografischen Datenstruktur; eine Vergleichskomponente zum Vergleichen, in Reaktion auf die die Konfigurationsdaten ermittelnde Analysekomponente, der Konfigurationsdaten mit der Anforderung; und eine Verifizierungskomponente zum Zulassen des Verifizierens der VM in Reaktion auf die Vergleichskomponente, die ermittelt, dass die Konfigurationsdaten der Anforderung entsprechen.
-
公开(公告)号:GB2501588B
公开(公告)日:2014-06-18
申请号:GB201302922
申请日:2013-02-20
Applicant: IBM
Inventor: WALKER JAMES WILLIAM , WALTON TRAVIS , SHERWOOD DAVID
Abstract: A method and apparatus is disclosed for managing encryption keys in a computer system in which in response to the change of a system key the old key and new key are both maintained for subsequent use.
-
5.发明专利
公开(公告)号:GB2502541A
公开(公告)日:2013-12-04
申请号:GB201209550
申请日:2012-05-30
Applicant: IBM
Inventor: WALKER JAMES WILLIAM , SHERWOOD DAVID , WALTON TRAVIS
IPC: G06F7/58
Abstract: When a request for random data is received, the level of randomness or entropy required is determined. If the request is associated with an event requiring a high level of entropy, the random data is obtained from a source with high entropy. Such an event may be the initialization of a secure operation. Otherwise the data may be obtained from a source with low entropy. Once a source with high entropy has been selected, the data continues to be supplied from a high entropy source. There may be more than two levels of entropy, which are associated with different events. The request may be sent by a virtual machine 110 to an entropy manager 145 controlled by a hypervisor 140 as the result of the start of a virtual trusted platform module 115.
-
Patent Agency Ranking
公开(公告)号:GB2501588A
公开(公告)日:2013-10-30
申请号:GB201302922
申请日:2013-02-20
Applicant: IBM
Inventor: WALKER JAMES WILLIAM , WALTON TRAVIS , SHERWOOD DAVID
Abstract: Managing encryption keys comprising the steps of storing a first key for encrypting data for a selected domain, storing a second key for the domain in addition to the first key in response to a key change and providing the first key or the second key in response to a request for an encryption key. One of the keys may be provided in response to a first request and the other key is provided in response to a subsequent associated request. Keys may be maintained up to a predetermined maximum number after which the oldest key is discarded in response to storing a new key. The keys may be maintained in a key history comprising a list of the keys ranked in order in which the keys were created. The domain may be a virtual machine, migration of which to a target domain may only be performed if the selected key is available in the target domain. Enables key changes and migration of data to be performed simultaneously in virtual machines so if a key change occurs during migration the old key will be maintained to enable the decryption of the migrated data.
-
公开(公告)号:GB2514833A
公开(公告)日:2014-12-10
申请号:GB201310142
申请日:2013-06-07
Applicant: IBM
Inventor: WALKER JAMES WILLIAM , MALARKY CHRIS , NATTRASS ADAM MATTHEW
IPC: G06F11/30
Abstract: Disclosed is a method 100 of predicting by a computer system the condition of a portable computer having a motion sensor. The method starts by collecting 120 motion data from the motion sensor and then periodically sending 140 the collected motion data from the portable computer to the computer system. The computer system then evaluates the motion data and predicts the condition of the portable computer from the motion data. The motion sensor may be the knock sensor of the hard drive. The method may also schedule the portable computer for repair or replacement. The method may also collect other operating parameters, such as battery health, temperature and fan speeds using additional sensors in the portable computer.
-
公开(公告)号:GB2501433B
公开(公告)日:2014-06-04
申请号:GB201313795
申请日:2012-01-10
Applicant: IBM
Inventor: WALKER JAMES WILLIAM , HAIKNEY DAVID , GILBERT DAVID ALAN
Abstract: Updating boot components in compliance with a chain of trust by loading a boot component update forming part of the chain of trust during a boot process in an execution environment. Boot component measurements are detected and stored as a revised set of attestation values for retrieval by an attestation system. Performing the boot component update upon determining a pass indication for the chain of trust including the boot component update.
-
公开(公告)号:DE112012000512T5
公开(公告)日:2013-10-24
申请号:DE112012000512
申请日:2012-01-10
Applicant: IBM
Inventor: WALKER JAMES WILLIAM , HAIKNEY DAVID , GILBERT DAVID ALAN
IPC: G06F9/06
Abstract: Die vorliegende Erfindung bezieht sich auf ein Verfahren und eine Vorrichtung zum Aktualisieren von Software. Diese Erfindung bezieht sich insbesondere auf ein Verfahren, ein System und ein Computerprogrammprodukt zum Aktualisieren eines Betriebssystems in einem Hypervisor, aufweisend: Feststellen einer neuen Version einer Komponente des Betriebssystems; Installieren der neuen Komponentenversion; Messen eines kennzeichnenden Merkmals der Komponente und Bereitstellen dieser für ein Attestierungssystem; Benachrichtigen des Attestierungssystems, dass eine Komponente auf eine neue Version aktualisiert wurde, wobei, wenn das Attestierungssystem feststellt, dass das kennzeichnenden Merkmal der neuen Komponente nicht mit einem zuvor gespeicherten Attestierungswert übereinstimmt, das System weiß, dass eine zulässige Nichtübereinstimmung aufgetreten sein könnte. Das Installieren der neuen Version der Komponente weist auf: Identifizieren einer Aktualisierungsvorrichtung, die der neuen Version der Komponente zugeordnet ist; Messen eines kennzeichnenden Merkmals der identifizierten Aktualisierungseinrichtung; Laden und Installieren der neuen Version der Komponente; und Bereitstellen sowohl des kennzeichnenden Messwerts der Aktualisierungseinrichtung als auch der neuen Version der Komponente für das Attestierungssystem.
-
公开(公告)号:GB2517195A
公开(公告)日:2015-02-18
申请号:GB201314619
申请日:2013-08-15
Applicant: IBM
Inventor: WALLIS ROBERT , WALKER JAMES WILLIAM
Abstract: A method and system for computer system productivity monitoring comprises; gathering data from multiple sensors in the computer system; using the data to generate profiles relating to both performance and usage of the computer system; and determining if productivity of the user is inhibited by the computers performance. This method may be carried out a predetermined time before a scheduled replacement, and the results may show that use of the computer can be continued, or whether the computer should be upgraded or decommissioned. It may be determined if the computer system is more suitable for another use by analysing usage profiles of other computer systems. The sensors may include internal and external temperature sensors, disk access sensors, peak resource usage sensors, battery life sensors, power source sensor and a sensor that monitors use of applications/programs or other software.
-
-
-
-
-
-
-
-
-
Search Results
12
records
(took 0.018 seconds)
