知搜-全球专利检索

  1. Login
  2. Sign Up

Search Results

246 records (took 0.023 seconds)

    Security-aware admission control of requests in a distributed system
    81.
    发明授权
    Security-aware admission control of requests in a distributed system 有权
    在分布式系统中的安全感知允许控制请求

    公开(公告)号:US09231970B2

    公开(公告)日:2016-01-05

    申请号:US13790040

    申请日:2013-03-08

    Applicant: International Business Machines Corporation

    Inventor: Ashish Kundu Ajay Mohindra Sambit Sahu

    IPC: G06F21/55 H04L29/06 G06F21/62 G06F21/60

    CPC classification number: H04L63/1441 G06F21/604 G06F21/6218 H04L63/10

    Abstract: Techniques for security-aware admission control of requests in a distributed system. A method includes identifying a request dropped by a first application component in a distributed system, determining one or more actions to take with respect to the dropped request, said determining comprises identifying one or more policies of the first application component responsible for the dropped request and identifying one or more additional application components in the distributed system to be affected based on the identified one or more policies, and executing said one or more actions to control admission of one or more requests associated with the dropped request at the one or more additional application components.

    Abstract translation: 分布式系统中请求的安全感知准入控制技术。 一种方法包括识别由分布式系统中的第一应用组件丢弃的请求,确定关于丢弃的请求采取的一个或多个动作,所述确定包括识别负责丢弃的请求的第一应用组件的一个或多个策略,以及 基于所识别的一个或多个策略来识别所述分布式系统中的一个或多个附加应用组件,并执行所述一个或多个动作以控制在所述一个或多个附加应用程序上接收与所述丢弃的请求相关联的一个或多个请求 组件。

    Provisioning a virtual machine from one or more VM images
    82.
    发明授权
    Provisioning a virtual machine from one or more VM images 有权
    从一个或多个VM映像配置虚拟机

    公开(公告)号:US09063815B2

    公开(公告)日:2015-06-23

    申请号:US13621596

    申请日:2012-09-17

    Applicant: International Business Machines Corporation

    Inventor: Ashish Kundu Ajay Mohindra Zhe Zhang

    IPC: G06F9/455 G06F9/445

    CPC classification number: G06F8/63 G06F9/45533

    Abstract: An embodiment of the invention directed to a method for provisioning a specified virtual machine from one or more selected images, sent over the network, includes the step of decomposing each of the selected VM images to provide a group of components, each component having specified information associated with it. The method further includes using a predetermined selection criterion to select components from the group for assembly into a specified VM image, and using the selected components of the specified VM image to provision the specified virtual machine at one or more locations.

    Abstract translation: 本发明的实施例涉及一种通过网络发送的从一个或多个所选图像供应指定虚拟机的方法,包括分解所选择的每个VM映像以提供一组组件的步骤,每个组件具有指定的信息 与之相关联。 该方法还包括使用预定的选择标准来从组中选择组件以便组装成指定的VM映像,并且使用所指定的VM映像的所选组件在一个或多个位置处配置指定的虚拟机。

    Privacy aware authenticated map-reduce
    83.
    发明授权
    Privacy aware authenticated map-reduce 有权
    隐私感知认证地图缩小

    公开(公告)号:US08875227B2

    公开(公告)日:2014-10-28

    申请号:US13646010

    申请日:2012-10-05

    Applicant: International Business Machines Corporation

    Inventor: Ashish Kundu Ajay Mohindra Sambit Sahu

    IPC: G06F17/00

    CPC classification number: G06F21/6245

    Abstract: A computer-implemented process for privacy aware authenticated map-reduce processing receives data for a MapReduce operation to form received data, identifies a control point in a set of control points of the MapReduce operation to form an identified control point and identifies an applicable set of policies for the identified control point to form a selected set of policies. The selected set of policies is applied at the identified control point and responsive to a determination that application of the selected set of policies at the identified control point returned a positive result, the computer-implemented process continues operation to a next stage in the MapReduce operation.

    Abstract translation: 用于隐私感知认证的地图缩小处理的计算机实现的过程接收用于MapReduce操作的数据以形成接收的数据,识别MapReduce操作的一组控制点中的控制点以形成所识别的控制点,并且识别适用的 确定的控制点的策略形成一组选定的策略。 所选择的一组策略被应用于所识别的控制点,并且响应于在所识别的控制点上所选择的一组策略的应用返回肯定结果的确定,所述计算机实现的过程继续操作到MapReduce操作中的下一阶段 。

    Security-Aware Admission Control of Requests in a Distributed System
    84.
    发明申请
    Security-Aware Admission Control of Requests in a Distributed System 有权
    分布式系统中安全意识的请求控制

    公开(公告)号:US20140259089A1

    公开(公告)日:2014-09-11

    申请号:US13790040

    申请日:2013-03-08

    Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

    Inventor: Ashish Kundu Ajay Mohindra Sambit Sahu

    IPC: H04L29/06

    CPC classification number: H04L63/1441 G06F21/604 G06F21/6218 H04L63/10

    Abstract: Techniques, systems and articles of manufacture for security-aware admission control of requests in a distributed system. A method includes identifying a request dropped by a first application component in a distributed system, determining one or more actions to take with respect to the dropped request, said determining comprises identifying one or more policies of the first application component responsible for the dropped request and identifying one or more additional application components in the distributed system to be affected based on the identified one or more policies, and executing said one or more actions to control admission of one or more requests associated with the dropped request at the one or more additional application components.

    Abstract translation: 用于分布式系统中请求的安全感知准入控制的技术,系统和制造。 一种方法包括识别由分布式系统中的第一应用组件丢弃的请求,确定关于丢弃的请求采取的一个或多个动作,所述确定包括识别负责丢弃的请求的第一应用组件的一个或多个策略,以及 基于所识别的一个或多个策略来识别所述分布式系统中的一个或多个附加应用组件,并执行所述一个或多个动作以控制在所述一个或多个附加应用程序上接收与所述丢弃的请求相关联的一个或多个请求 组件。

    METHOD AND APPARATUS FOR AUTHENTICATION OF SOLUTION TOPOLOGY
    85.
    发明申请
    METHOD AND APPARATUS FOR AUTHENTICATION OF SOLUTION TOPOLOGY 审中-公开
    用于认证解决方案拓扑学的方法和装置

    公开(公告)号:US20140181984A1

    公开(公告)日:2014-06-26

    申请号:US13723913

    申请日:2012-12-21

    Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

    Inventor: Ashish Kundu Ajay Mohindra

    IPC: G06F21/64

    CPC classification number: G06F21/64 G06F9/45504 G06F9/45558 G06F16/17 G06F21/53 G06F2009/45587 G06F2221/2149 H04L63/123 H04L63/126 H04L67/10 H04W4/60

    Abstract: A computer implemented method is provided to verify an integrity of a solution. The computer implemented method comprises hashing, by a computer, a set of virtual machine instances in a solution topology of the solution. The computer hashes a set of connections in the solution topology. The set of connections comprising a connection between ones of the set of virtual machine instances, a connection between a first component of a first one of the set of virtual machine instances and a second component of a second one of the set of virtual machine instances, and combinations thereof. The computer hashes a set of solution-specific information, and then signs the hashes to create a first signed topology.

    Abstract translation: 提供了一种计算机实现的方法来验证解决方案的完整性。 计算机实现的方法包括由计算机在解决方案的解决方案拓扑中散列一组虚拟机实例。 计算机在解决方案拓扑中散列一组连接。 所述一组连接包括所述一组虚拟机实例中的一个虚拟机实例之间的连接,所述一组虚拟机实例中的第一组虚拟机实例的第一组件与所述一组虚拟机实例中的第二组的第二组件之间的连接, 及其组合。 计算机散列一组特定于解决方案的信息,然后签名哈希值以创建第一个签名拓扑。

    Limiting Information Leakage and Piracy due to Virtual Machine Cloning
    86.
    发明申请
    Limiting Information Leakage and Piracy due to Virtual Machine Cloning 审中-公开
    限制由虚拟机克隆导致的信息泄露和盗版

    公开(公告)号:US20140137247A1

    公开(公告)日:2014-05-15

    申请号:US13673540

    申请日:2012-11-09

    Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

    Inventor: Salman A. Baset Ashish Kundu Sambit Sahu

    IPC: G06F21/00

    CPC classification number: G06F21/566 G06F21/554

    Abstract: Techniques for detecting a cloned virtual machine instance. A method includes transmitting an identifier associated a virtual machine from an agent embedded in the virtual machine akin to a malware to a detection entity in a network, determining whether the identifier is a unique identifier or whether the identifier is a clone of an identifier associated with a separate virtual machine in the network, and initiating at least one remedial action with the agent embedded in the virtual machine if the identifier is determined to be a clone of an identifier associated with a separate virtual machine in the network.

    Abstract translation: 用于检测克隆的虚拟机实例的技术。 一种方法包括将与虚拟机中嵌入的代理相关联的虚拟机相关联的识别符与恶意软件相关联的标识符发送到网络中的检测实体,确定该标识符是唯一标识符还是该标识符是否与与 网络中的单独的虚拟机,并且如果所述标识符被确定为与所述网络中的单独的虚拟机相关联的标识符的克隆,则发起与所述代理嵌入在所述虚拟机中的至少一个补救动作。

    Verification of geolocation of devices in a cloud data center
    89.
    发明授权
    Verification of geolocation of devices in a cloud data center 有权

    公开(公告)号:US11025640B2

    公开(公告)日:2021-06-01

    申请号:US16667860

    申请日:2019-10-29

    Applicant: International Business Machines Corporation

    Inventor: Ashish Kundu Dimitrios Pendarakis David R. Safford

    IPC: H04L29/06 G06F9/50

    Abstract: A method alters a computer resource in response to the computer resource moving from a first geolocation to a second geolocation. One or more processors receive a message indicating that a computer resource has moved from a first geolocation to a new geolocation. In response to receiving the message that the computer resource has moved from the first geolocation to the new geolocation, the processor(s) encrypt data that is stored on the computer resource, and apply decryption information to the encrypted data from the new geolocation, where the decryption information is specifically for decrypting encrypted data at the new geolocation. In response to the decryption information failing to decrypt the encrypted data at the new geolocation, the processor(s) and/or a user alter the computer resource.

Patent Agency Ranking