-
公开(公告)号:US09071421B2
公开(公告)日:2015-06-30
申请号:US12969414
申请日:2010-12-15
申请人: Adrian J. Oney , Quintin S. Burns , Bryan Born
发明人: Adrian J. Oney , Quintin S. Burns , Bryan Born
IPC分类号: H04L29/06 , H04L9/08 , H04N21/2347 , H04N21/4405 , H04N21/4627 , H04N21/472 , H04N21/6334 , H04N21/8355
CPC分类号: H04L9/0822 , H04L9/0836 , H04L2209/603 , H04N21/2347 , H04N21/4405 , H04N21/4627 , H04N21/47202 , H04N21/63345 , H04N21/8355
摘要: Encrypted content streaming is provided by a method comprising holding an encrypted content stream that is cryptographically encrypted from a content stream with a content key, and holding an encrypted content key that is cryptographically encrypted from the content key with one or more intermediate encryption keys. The method further comprises serving the encrypted content stream to a plurality of content consumption devices, wherein the encrypted content stream is embedded with a leaf license comprising the encrypted content key, and wherein the encrypted content stream is cryptographically decryptable by a content consumption device having a scalable root license providing one or more intermediate root keys from which the content consumption device derives the one or more intermediate decryption keys paired to the one or more intermediate encryption keys.
摘要翻译: 加密内容流是通过一种方法提供的,该方法包括:使用内容密钥保存从内容流加密的加密内容流,以及使用一个或多个中间加密密钥保存从内容密钥加密的加密内容密钥。 所述方法还包括将加密的内容流服务于多个内容消费设备,其中所述加密的内容流被嵌入有包括所述加密的内容密钥的叶子许可证,并且其中所述加密的内容流可由内容消费设备加密地解密,所述内容消费设备具有 提供一个或多个中间根密钥的可扩展根许可证,内容消费装置从该根密钥导出与一个或多个中间加密密钥配对的一个或多个中间解密密钥。
-
公开(公告)号:US07249211B2
公开(公告)日:2007-07-24
申请号:US11558997
申请日:2006-11-13
申请人: Peter W. Wieland , Adrian J. Oney
发明人: Peter W. Wieland , Adrian J. Oney
IPC分类号: G06F13/00
CPC分类号: G06F13/24 , G06F9/468 , G06F9/4812
摘要: A system, methodology and/or computer architecture that facilitates processing device interrupts (including level-triggered interrupts) in a user-mode process is provided. The kernel interrupt handler can cause a dedicated thread in the process to wake and invoke the driver interrupt service routine. This thread can then return control to the kernel interrupt handler. In addition to processing interrupts in an isolated mode, the context switching technique could be used in any isolated environment to process interrupts via dedicated execution context methods.
摘要翻译: 提供了一种便于在用户模式过程中处理设备中断(包括电平触发中断)的系统,方法和/或计算机体系结构。 内核中断处理程序可以使进程中的专用线程唤醒并调用驱动程序中断服务程序。 该线程然后可以将控制权返回给内核中断处理程序。 除了在隔离模式下处理中断之外,上下文切换技术可以在任何隔离的环境中用于通过专用执行上下文方法处理中断。
-
公开(公告)号:US08909946B2
公开(公告)日:2014-12-09
申请号:US11437109
申请日:2006-05-18
申请人: Adrian J. Oney , Bryan Mark Willman , Eric P. Traut , Forrest Curtis Foltz , Matthew D. Hendel , Rene Antonio Vega
发明人: Adrian J. Oney , Bryan Mark Willman , Eric P. Traut , Forrest Curtis Foltz , Matthew D. Hendel , Rene Antonio Vega
CPC分类号: G06F9/442 , G06F1/28 , G06F1/30 , G06F1/3246 , G06F1/3268 , G06F1/3287 , G06F1/329 , G06F9/455 , G06F9/45545 , G06F9/45554 , G06F9/45558 , G06F9/50 , G06F17/00 , G06F17/30144 , G06F17/3015 , G06F21/53 , G06F21/575 , G06F21/6245 , G06F2009/45562 , G06F2009/45579 , G06F2009/45583
摘要: Efficient power management of a system with virtual machines is disclosed. In particular, such efficient power management may enable coordination of system-wide power changes with virtual machines. Additionally, such efficient power management may enable coherent power changes in a system with a virtual machine monitor. Furthermore, such efficient power management may enable dynamic control and communication of power state changes.
摘要翻译: 公开了具有虚拟机的系统的有效功率管理。 特别地,这种有效的功率管理可以实现与虚拟机协调系统范围的功率变化。 此外,这种有效的功率管理可以使得具有虚拟机监视器的系统中的一致的功率改变。 此外,这种有效的功率管理可以实现功率状态变化的动态控制和通信。
-
公开(公告)号:US20140068260A1
公开(公告)日:2014-03-06
申请号:US12969399
申请日:2010-12-15
申请人: Adrian J. Oney , Quintin S. Burns , Bryan Born
发明人: Adrian J. Oney , Quintin S. Burns , Bryan Born
IPC分类号: H04L29/06
CPC分类号: H04L63/0428 , H04L63/045 , H04L63/0457 , H04L2463/061 , H04L2463/062 , H04L2463/101
摘要: Encrypted content streaming is provided by a method comprising holding an encrypted content stream that is cryptographically encrypted from a content stream with a content key, and holding an encrypted content key that is cryptographically encrypted from the content key with one or more blackout encryption keys. Each blackout encryption key is paired to a blackout decryption key corresponding to a specific audience, and each blackout decryption key is obtainable by audiences other than the specific audience corresponding to the blackout decryption key. The method further comprises serving the encrypted content stream to the plurality of different audiences. The encrypted content stream is embedded with a leaf license comprising the encrypted content key, and the encrypted content key is cryptographically decryptable by audiences having the one or more blackout decryption keys paired to the one or more blackout encryption keys.
摘要翻译: 加密内容流是通过一种方法来提供的,该方法包括:通过内容密钥保存从内容流加密的加密内容流,并且使用一个或多个中断加密密钥保存从内容密钥加密加密的加密内容密钥。 每个停电加密密钥与对应于特定观众的中断解密密钥配对,并且每个中断解密密钥可由除了中断解密密钥的特定受众以外的受众获得。 该方法还包括向多个不同的受众服务加密的内容流。 加密的内容流被嵌入具有加密的内容密钥的叶子许可证,并且加密的内容密钥由具有与一个或多个中断加密密钥配对的一个或多个中断解密密钥的受众进行密码解密。
-
公开(公告)号:US07877760B2
公开(公告)日:2011-01-25
申请号:US11540211
申请日:2006-09-29
CPC分类号: G06F9/45558 , G06F2009/45579
摘要: Mechanisms are disclosed herein that manage operations in virtual machine environments. A first partition can have a proxy driver object corresponding to a driver object in a second partition. The driver object can control a physical device, but because of the proxy driver object, the first partition can retain some measure of control over the physical device. The driver object can be surrounded by a first filter object beneath it, and a second filter object above it. The first filter object can provide interfaces to the driver object so that the driver object can perform various bus-related functionalities; and, the second filter object can receive redirected instructions from the first partition and provide them to the driver object, and intercept any instructions originating from within the second partition, such that if these instructions are inconsistent with policies set in the first partition, they can be manipulated.
摘要翻译: 本文公开了管理虚拟机环境中的操作的机制。 第一个分区可以具有与第二个分区中的驱动程序对象相对应的代理驱动程序对象。 驱动程序对象可以控制物理设备,但是由于代理驱动程序对象,第一个分区可以保留对物理设备的一些控制措施。 驱动程序对象可以被它下面的第一个过滤器对象包围,并在其上方有一个第二个过滤器对象。 第一个过滤器对象可以向驱动程序对象提供接口,使得驱动程序对象可以执行各种总线相关的功能; 并且所述第二过滤器对象可以从所述第一分区接收重定向的指令并将其提供给所述驱动对象,并拦截源自所述第二分区内的任何指令,使得如果所述指令与所述第一分区中设置的策略不一致,则它们可以 被操纵。
-
公开(公告)号:US07434003B2
公开(公告)日:2008-10-07
申请号:US11274907
申请日:2005-11-15
申请人: Adrian J. Oney , Bryan Mark Willman , Eric P. Traut , Forrest Curtis Foltz , John Te-Jui Sheu , Matthew D. Hendel , Rene Antonio Vega
发明人: Adrian J. Oney , Bryan Mark Willman , Eric P. Traut , Forrest Curtis Foltz , John Te-Jui Sheu , Matthew D. Hendel , Rene Antonio Vega
IPC分类号: G06F12/10
CPC分类号: G06F21/575 , G06F21/53 , G06F21/6245
摘要: An operating system is described that is capable of ascertaining whether it is executing in a virtual machine environment and is further capable of modifying its behavior to operate more efficiently and provide optimal behavior in a virtual machine environment. An operating system is enlightened so that it is aware of VMMs or hypervisors, taking on behavior that is optimal to that environment. The VMM or hypervisor informs the operating system of the optimal behavior, and vice versa.
摘要翻译: 描述了能够确定其是否在虚拟机环境中执行并且还能够修改其行为以更有效地操作并在虚拟机环境中提供最佳行为的操作系统。 操作系统被启发,以便它知道VMM或虚拟机管理程序,采取对该环境最佳的行为。 VMM或管理程序通知操作系统的最佳行为,反之亦然。
-
公开(公告)号:US20080082975A1
公开(公告)日:2008-04-03
申请号:US11540211
申请日:2006-09-29
IPC分类号: G06F9/455
CPC分类号: G06F9/45558 , G06F2009/45579
摘要: Mechanisms are disclosed herein that manage operations in virtual machine environments. A first partition can have a proxy driver object corresponding to a driver object in a second partition. The driver object can control a physical device, but because of the proxy driver object, the first partition can retain some measure of control over the physical device. The driver object can be surrounded by a first filter object beneath it, and a second filter object above it. The first filter object can provide interfaces to the driver object so that the driver object can perform various bus-related functionalities; and, the second filter object can receive redirected instructions from the first partition and provide them to the driver object, and intercept any instructions originating from within the second partition, such that if these instructions are inconsistent with policies set in the first partition, they can be manipulated.
摘要翻译: 本文公开了管理虚拟机环境中的操作的机制。 第一个分区可以具有与第二个分区中的驱动程序对象相对应的代理驱动程序对象。 驱动程序对象可以控制物理设备,但是由于代理驱动程序对象,第一个分区可以保留对物理设备的一些控制措施。 驱动程序对象可以被它下面的第一个过滤器对象包围,并在其上方有一个第二个过滤器对象。 第一个过滤器对象可以向驱动程序对象提供接口,使得驱动程序对象可以执行各种总线相关的功能; 并且所述第二过滤器对象可以从所述第一分区接收重定向的指令并将其提供给所述驱动对象,并拦截源自所述第二分区内的任何指令,使得如果所述指令与所述第一分区中设置的策略不一致,则它们可以 被操纵。
-
公开(公告)号:US06877018B2
公开(公告)日:2005-04-05
申请号:US09895449
申请日:2001-06-29
CPC分类号: G06F9/4411 , Y10S707/99943 , Y10S707/99953 , Y10S707/99957
摘要: An advanced configuration and power management system is described which supports an unload command by identifying those objects that are to be unloaded and, rather than simply attempting to delete the objects, detaches them from the namespace while keeping them in memory in a location accessible by the system. In this way, the system avoids the problem of trying to synchronize accesses to the objects, yet the objects not longer exist in the tree, so namespace collisions are avoided.
摘要翻译: 描述了一种高级配置和电源管理系统,其通过识别要卸载的对象来支持卸载命令,而不是简单地尝试删除对象,而将它们从命名空间中分离出来,同时将它们保持在存储器中可访问的位置 系统。 以这种方式,系统避免了尝试同步对对象的访问的问题,但是对象不再存在于树中,因此可以避免命名空间冲突。
-
公开(公告)号:US20120155639A1
公开(公告)日:2012-06-21
申请号:US12969414
申请日:2010-12-15
申请人: Adrian J. Oney , Quintin S. Burns , Bryan Born
发明人: Adrian J. Oney , Quintin S. Burns , Bryan Born
CPC分类号: H04L9/0822 , H04L9/0836 , H04L2209/603 , H04N21/2347 , H04N21/4405 , H04N21/4627 , H04N21/47202 , H04N21/63345 , H04N21/8355
摘要: Encrypted content streaming is provided by a method comprising holding an encrypted content stream that is cryptographically encrypted from a content stream with a content key, and holding an encrypted content key that is cryptographically encrypted from the content key with one or more intermediate encryption keys. The method further comprises serving the encrypted content stream to a plurality of content consumption devices, wherein the encrypted content stream is embedded with a leaf license comprising the encrypted content key, and wherein the encrypted content stream is cryptographically decryptable by a content consumption device having a scalable root license providing one or more intermediate root keys from which the content consumption device derives the one or more intermediate decryption keys paired to the one or more intermediate encryption keys.
摘要翻译: 加密内容流是通过一种方法提供的,该方法包括:使用内容密钥保存从内容流加密的加密内容流,以及使用一个或多个中间加密密钥保存从内容密钥加密的加密内容密钥。 所述方法还包括将加密的内容流服务于多个内容消费设备,其中所述加密的内容流被嵌入有包括所述加密的内容密钥的叶子许可证,并且其中所述加密的内容流可由内容消费设备加密地解密,所述内容消费设备具有 提供一个或多个中间根密钥的可扩展根许可证,内容消费装置从该根密钥导出与一个或多个中间加密密钥配对的一个或多个中间解密密钥。
-
公开(公告)号:US08635612B2
公开(公告)日:2014-01-21
申请号:US11119200
申请日:2005-04-29
IPC分类号: G06F9/455
CPC分类号: G06F9/45533
摘要: Systems and methods are provided, whereby partitions may become enlightened and discover the presence of a hypervisor. Several techniques of hypervisor discovery are discussed, such as detecting the presence of virtual processor registers (e.g. model specific registers or special-purpose registers) or the presence of virtual hardware devices. Upon discovery, information (code and/or data) may be injected in a partition by the hypervisor, whereby such injection allows the partition to call the hypervisor. Moreover, the hypervisor may present a versioning mechanism that allows the partition to match up the version of the hypervisor to its virtual devices. Next, once code and/or data is injected, calling conventions are established that allow the partition and the hypervisor to communicate, so that the hypervisor may perform some operations on behalf of the partition. Four exemplary calling conventions are considered: restartable instructions, a looping mechanism, shared memory transport, and synchronous or asynchronous processed packets. Last, cancellation mechanisms are considered, whereby partition requests may be cancelled.
摘要翻译: 提供了系统和方法,由此分区可能变得开明并发现管理程序的存在。 讨论了管理程序发现的几种技术,例如检测虚拟处理器寄存器(例如模型特定寄存器或专用寄存器)的存在或虚拟硬件设备的存在。 一旦发现,信息(代码和/或数据)可以由管理程序注入到分区中,由此这种注入允许分区调用管理程序。 此外,管理程序可以呈现允许分区将虚拟机管理程序的版本与其虚拟设备相匹配的版本控制机制。 接下来,一旦注入了代码和/或数据,就建立了允许分区和管理程序进行通信的调用约定,以便管理程序可以代表分区执行一些操作。 考虑四个示例性的呼叫约定:可重新启动的指令,循环机制,共享存储器传输和同步或异步处理的分组。 最后,考虑取消机制,从而可能会取消分区请求。
-
-
-
-
-
-
-
-
-