Resource access control in a software system
    1.
    发明授权
    Resource access control in a software system 失效
    软件系统中的资源访问控制

    公开(公告)号:US06470339B1

    公开(公告)日:2002-10-22

    申请号:US09281876

    申请日:1999-03-31

    IPC分类号: G06F1700

    摘要: A software system that provides access control to resources and that disassociates access rights to resources from references to resources to prevent the formation of large and unwieldy access control lists and to enable advanced decentralized security controls. The software system includes a repository that holds a resource descriptor for each resource including lock/permission pairs. Access to particular resources or groups of resources is provided by providing users with the appropriate keys. The keys are themselves are resources with resource descriptors in the repository. Access rights for users may be revoked by deleting keys from the repository. The software system also provides visibility fields for compartmentalizing access to resources. In addition, the software system provides authorizers that maintain audit trails when critical resource such as keys are passed among users and that enable advanced security control when passing resources among users.

    摘要翻译: 一种提供对资源的访问控制以及将资源的访问权限从资源引用分解的软件系统,以防止形成大而笨重的访问控制列表并实现高级分散安全控制。 该软件系统包括一个存储库,其中包含包含锁/权限对的每个资源的资源描述符。 通过向用户提供适当的密钥来提供对特定资源或资源组的访问。 密钥本身就是存储库中资源描述符的资源。 可以通过从存储库中删除密钥来撤消对用户的访问权限。 软件系统还提供可视化领域,用于区分对资源的访问。 此外,软件系统提供授权人员,当关键资源(如密钥在用户中传递)之间时,可以维护审计跟踪,并且在用户之间传递资源时可实现高级安全控制。

    Infrastructure for an open digital services marketplace
    2.
    发明授权
    Infrastructure for an open digital services marketplace 失效
    开放数字服务市场的基础设施

    公开(公告)号:US06205466B1

    公开(公告)日:2001-03-20

    申请号:US09118248

    申请日:1998-07-17

    IPC分类号: G06F900

    摘要: A software infrastructure for providing an open digital services marketplace including a naming manager that enables a requesting task to refer to a desired resource using a name which is local to the requesting task and a router that forwards the request to an appropriate handler for the desired resource and that enables at least one additional task to be invoked in response to the request. The infrastructure includes a permission manager that compares a set of access rights of the requesting task to the desired resource to a set of permissions associated with the desired resource such that the access rights are kept separately from the reference to the desired resource. The desired resource, the requesting task, the additional task, and a set of additional components used to handle the request are each modeled as a resource defined by a corresponding set of meta-data which includes a set of attributes and a reference to a grammar for interpreting the attributes.

    摘要翻译: 一种用于提供开放数字服务市场的软件基础设施,包括命名管理器,其允许请求任务使用请求任务本地的名称引用期望的资源,以及将请求转发到所需资源的适当处理程序的路由器 并且这使得能够响应于该请求调用至少一个附加任务。 基础设施包括权限管理器,其将请求任务的一组访问权限与期望的资源进行比较,以与所需资源相关联的一组权限进行比较,使得访问权限与对期望的资源的引用分开地保持。 所需资源,请求任务,附加任务和用于处理请求的一组附加组件各自被建模为由对应的一组元数据定义的资源,该元数据包括一组属性和对语法的引用 用于解释属性。

    System for minimizing the number of control signals and maximizing
channel utilization between an I/O bridge and a data buffer
    3.
    发明授权
    System for minimizing the number of control signals and maximizing channel utilization between an I/O bridge and a data buffer 失效
    用于最小化控制信号数量并最大化I / O桥和数据缓冲器之间的信道利用率的系统

    公开(公告)号:US6115551A

    公开(公告)日:2000-09-05

    申请号:US825184

    申请日:1997-03-27

    申请人: Chia-Chiang Chao

    发明人: Chia-Chiang Chao

    IPC分类号: G06F13/40 G06F13/00

    CPC分类号: G06F13/4059

    摘要: A compound control/data channel connects an I/O bridge (IOB) and a data buffer unit (DBU) in a high performance I/O subsystem. Generally, data movements among an I/O bridge, data buffer unit, system bus and I/O bus are dominated by separate control signal groups issued from the I/O bridge. The compound control/data channel permits integration of these control signal groups onto the data channel connected between I/O bridge and data buffer unit. A data controller can control and transfer data to/from a data buffer using this unique channel, alternately, for control information and data streams.

    摘要翻译: 复合控制/数据通道连接高性能I / O子系统中的I / O桥(IOB)和数据缓冲单元(DBU)。 通常,I / O桥,数据缓冲单元,系统总线和I / O总线之间的数据移动主要由从I / O桥发出的单独的控制信号组。 复合控制/数据通道允许将这些控制信号组集成到连接在I / O桥与数据缓冲单元之间的数据通道上。 数据控制器可以使用这个独特的通道,交替地控制和传输数据到数据缓冲器,用于控制信息和数据流。

    Self-describing attribute vocabularies in a software system
    4.
    发明授权
    Self-describing attribute vocabularies in a software system 失效
    自我描述属性词汇在软件系统中

    公开(公告)号:US06493712B1

    公开(公告)日:2002-12-10

    申请号:US09376149

    申请日:1999-08-17

    IPC分类号: G06F1730

    摘要: A software system with self-describing attribute vocabularies that enhance the capability of service providers to advertise their resources and that facilitate the addition of new types of attributes and resources to the system. Each self-describing attribute vocabulary is characterized by a corresponding set of attribute properties and a corresponding set of:matching rules that are adapted to the corresponding attribute properties. The software system includes a matching engine that enables a service provider of a resource to describe the resource to the software system in terms of any one or more of the self-describing attribute vocabularies.

    摘要翻译: 具有自描述属性词汇的软件系统,其增强服务提供商宣传其资源的能力,并且促进向系统添加新类型的属性和资源。 每个自描述属性词汇表都具有相应的一组属性属性和相应的一组:适应于相应属性属性的匹配规则。 软件系统包括匹配的引擎,使得资源的服务提供者能够根据任何一个或多个自描述属性词汇表将资源描述给软件系统。

    High performance multiple-unit electronic data storage system with
checkpoint logs for rapid failure recovery
    5.
    发明授权
    High performance multiple-unit electronic data storage system with checkpoint logs for rapid failure recovery 失效
    具有检查点日志的高性能多单元电子数据存储系统,用于快速故障恢复

    公开(公告)号:US5481694A

    公开(公告)日:1996-01-02

    申请号:US873928

    申请日:1992-04-24

    摘要: An electronic data storage system including a memory, a plurality of magnetic disk units, and a controller. The memory contains an index cross-referencing logical address with physical addresses, an obsolete list and a free list. In response to a "write " command, the controller selects a physical address according to which segment can be used the most quickly, appends a tag to the data to be written, and writes the data to the selected segment. Appropriate entries are made in the index and the free list. The system recovers from memory loss by using a checkpoint log and a set of checkpoint segments on the disk that together contain backups of the index and other critical information needed to restore the system. Group indices are used for roll-back groups; operations on data in a group are invisible outside the group until after a "commit " command is issued.

    摘要翻译: 一种包括存储器,多个磁盘单元和控制器的电子数据存储系统。 内存包含一个具有物理地址的索引交叉引用逻辑地址,一个过时的列表和一个空闲列表。 响应于“写”命令,控制器根据哪个段可以最快地使用物理地址,将标签附加到要写入的数据上,并将数据写入所选择的段。 在索引和空闲列表中进行适当的输入。 系统通过使用检查点日志和磁盘上的一组检查点段来恢复内存丢失,其中包含索引的备份和恢复系统所需的其他关键信息。 组索引用于回滚组; 在发出“提交”命令之后,组内的数据的操作在组外不可见。

    Task-specific flexible binding in a software system
    6.
    发明授权
    Task-specific flexible binding in a software system 失效
    软件系统中特定于任务的灵活绑定

    公开(公告)号:US07107591B1

    公开(公告)日:2006-09-12

    申请号:US09186450

    申请日:1998-11-05

    IPC分类号: G06F9/00

    摘要: A software system with task-specific flexible bindings that enhance the ability to dynamically add and remove resources from availability to tasks and that eliminates the need for coordination of globally unique names. The software system includes a task-specific name space which corresponds to a task executing in the software system. The task-specific name space holds flexible bindings each of which associates a task-specific name used by the task to refer to a desired resource or a set of one or more resources of the computer system and to information that describes the desired resource. The software system includes a resource mediator that obtains a message from the task. The resource mediator keeps information for each resource that identifies a resource handler task for the desired resource by resolving the task-specific name using the flexible binding.

    摘要翻译: 具有特定任务的灵活绑定的软件系统,可增强动态添加和删除资源从可用性到任务的能力,并消除了对全局唯一名称协调的需求。 软件系统包括对应于在软件系统中执行的任务的任务专用名称空间。 任务特定的名称空间保存灵活的绑定,每个绑定都将任务所使用的特定于任务的名称与指定计算机系统的所需资源或一组一个或多个资源相关联,以及描述所需资源的信息。 软件系统包括从任务获取消息的资源调解器。 资源调解器通过使用灵活的绑定解析特定于任务的名称来保存为所需资源标识资源处理程序任务的每个资源的信息。