公开(公告)号：US20190165944A1

公开(公告)日：2019-05-30

申请号：US15822428

申请日：2017-11-27

Applicant: International Business Machines Corporation

Inventor： Lin Sun ,  Liam S. Harpur ,  Aaron James Quirk

IPC: H04L9/32 ,  H04W12/06 ,  G06F21/31

Abstract: Providing authentication of a device includes determining whether a received passcode entry matches an authorized passcode stored in device memory and when it does not match, executing a notification to indicate that the received passcode is an incorrect passcode and requesting entry of another passcode. In response to determining that a consecutive threshold number of received passcodes do not match an authorized passcode entry stored in the device memory, the device determines whether the threshold number of received passcodes meets a predetermined quality threshold. In response to determining that the threshold number of received passcodes meets the predetermined quality threshold, an alert is transmitted to an authentication service. The device then receives a partial authentication response from the authentication service, and based on the partial authentication response, the device uses an alternate data protection rule for passcode authentication.

公开(公告)号：US09477683B2

公开(公告)日：2016-10-25

申请号：US14291694

申请日：2014-05-30

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Rahul Ghosh ,  Aaron James Quirk ,  James Patrick Robbins ,  Drew Hoover Sternesky

IPC: G06F17/30 ,  G06F11/14

CPC classification number: G06F17/30233 ,  G06F11/00 ,  G06F11/14 ,  G06F17/30088

Abstract: A technique of backing up a workload in a virtual environment includes identifying one or more files that are associated with the workload. One or more source volumes that include the one or more files are identified. A respective target volume is provisioned for each of the one or more source volumes identified. Only dirty blocks are copied (in a snapshot mode that prevents an update to the one or more source volumes during the snapshot mode) from each of the one or more source volumes to its respective target volume. The one or more dirty blocks are then copied from each target volume to a backup medium.

Abstract translation: 在虚拟环境中备份工作负载的技术包括识别与工作负载相关联的一个或多个文件。 识别包含一个或多个文件的一个或多个源卷。 为所识别的一个或多个源卷中的每一个提供相应的目标卷。 只有脏块被复制（在快照模式下，防止在快照模式下更新一个或多个源卷）从一个或多个源卷到其各自的目标卷。 然后将一个或多个脏块从每个目标卷复制到备份介质。

公开(公告)号：US10749773B2

公开(公告)日：2020-08-18

申请号：US16029197

申请日：2018-07-06

Applicant: International Business Machines Corporation

Inventor： Hugh Edward Hockett ,  Lin Sun ,  Aaron James Quirk

IPC: H04L12/26 ,  H04L29/08

Abstract: Embodiments provide optimized deployment of workloads. A first workload to be deployed in at least one data center of a plurality of data centers is received. A first plurality of candidate data centers is selected from the plurality of data centers, and the first workload is deployed to each of the first plurality of candidate data centers. A first performance metric is collected from each respective data center of the first plurality of candidate data centers based on execution of the first workload deployed at the respective data centers, and a first optimal data center from the first plurality of candidate data centers is identified based on the first performance metrics. The first workload is removed from each of the first plurality of candidate data centers, other than the identified first optimal data center.

公开(公告)号：US09690669B2

公开(公告)日：2017-06-27

申请号：US14305100

申请日：2014-06-16

Applicant: International Business Machines Corporation

Inventor： Edward Raymond Bernal ,  Rahul Ghosh ,  Ivan M. Heninger ,  Douglas Alan Larson ,  Aaron James Quirk

IPC: G06F17/30 ,  G06F11/14 ,  H04L29/08 ,  H04L29/06

CPC classification number: G06F11/1461 ,  G06F2201/815 ,  H04L67/10 ,  H04L67/1095 ,  H04L67/16 ,  H04L67/42

Abstract: A technique for cloud infrastructure backup in a virtualized environment utilizing shared storage includes obtaining a workload input/output (I/O) profile to the shared storage over a time period. An attempt to locate one or more time windows in the workload I/O profile for which a cloud infrastructure backup can be staged is initiated. In response to determining the cloud infrastructure backup can be staged during at least one of the time windows, staging of the cloud infrastructure backup is scheduled during a selected one of the time windows. In response to determining the cloud infrastructure backup cannot be staged during at least one of the time windows, an interference tolerance approach is employed for accessing the shared storage for active workloads and the cloud infrastructure backup during the staging of the cloud infrastructure backup.

公开(公告)号：US20160226666A1

公开(公告)日：2016-08-04

申请号：US14104690

申请日：2013-12-12

Applicant: International Business Machines Corporation

Inventor： Aaron James Quirk ,  Ching-Yun Chao ,  Dennis DeLanoy Lingerfelt ,  William Daniel Whitt

IPC: H04L9/32 ,  G06F3/0488 ,  G06K9/00

CPC classification number: H04L9/3231 ,  G06F3/0488 ,  G06F21/32 ,  G06F2203/04104 ,  G06K9/00 ,  G06K9/00013 ,  G06K9/00067 ,  G06K9/00087 ,  G06K9/00355

Abstract: A mobile device implements a state machine with full authentication, continuous authentication, and invalidation states. To access the device, the full authentication state requires the user to confirm his or her identity using some robust authentication technique. Upon success, the state machine transitions to the continuous authentication state wherein data samples are captured as the user interacts with the device and compared with stored exemplary fingerprints. Preferably, the state machine enforces a negative identification technique to determine whether the individual currently interacting with the touchscreen is not the user from which the exemplary fingerprints were generated. Upon such negative authentication, the state machine transitions to the invalidation state. In this state, operations (e.g., screen lock) are performed to secure the device against an unauthenticated use. On a next interaction, the state machine transitions to full authentication requiring robust authentication to continue operating in a normal mode.

公开(公告)号：US20150356286A1

公开(公告)日：2015-12-10

申请号：US14829359

申请日：2015-08-18

Applicant: International Business Machines Corporation

Inventor： Aaron James Quirk ,  Ching-Yun Chao ,  Dennis DeLanoy Lingerfelt ,  William Daniel Whitt

IPC: G06F21/32 ,  G06K9/00

CPC classification number: H04L9/3231 ,  G06F3/0488 ,  G06F21/32 ,  G06F2203/04104 ,  G06K9/00 ,  G06K9/00013 ,  G06K9/00067 ,  G06K9/00087 ,  G06K9/00355

Abstract: A mobile device implements a state machine with full authentication, continuous authentication, and invalidation states. To access the device, the full authentication state requires the user to confirm his or her identity using some robust authentication technique. Upon success, the state machine transitions to the continuous authentication state wherein data samples are captured as the user interacts with the device and compared with stored exemplary fingerprints. Preferably, the state machine enforces a negative identification technique to determine whether the individual currently interacting with the touchscreen is not the user from which the exemplary fingerprints were generated. Upon such negative authentication, the state machine transitions to the invalidation state. In this state, operations (e.g., screen lock) are performed to secure the device against an unauthenticated use. On a next interaction, the state machine transitions to full authentication requiring robust authentication to continue operating in a normal mode.

Abstract translation: 移动设备实现具有完全认证，连续认证和无效状态的状态机。 为了访问设备，完全认证状态需要用户使用一些鲁棒的认证技术来确认他或她的身份。 成功之后，状态机转变为连续认证状态，其中当用户与设备交互并与存储的示例指纹进行比较时捕获数据样本。 优选地，状态机执行负识别技术以确定当前与触摸屏交互的个体是否不是从其生成示例性指纹的用户。 在这种负面认证时，状态机转换到无效状态。 在这种状态下，执行操作（例如，屏幕锁定）以保护设备免受未认证的使用。 在下一个交互中，状态机转换为需要强大身份验证的完全身份验证，以继续在正常模式下运行。

公开(公告)号：US10739153B2

公开(公告)日：2020-08-11

申请号：US15835719

申请日：2017-12-08

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Lisa Seacat DeLuca ,  Shelbee Eigenbrode ,  Dana Price ,  Aaron James Quirk

IPC: G01C21/34 ,  G05D1/02 ,  G01C21/36

Abstract: Auxiliary navigational assistance is provided by determining, by one or more processors, that a user traveling along a specified travel route with the assistance of a navigation system can use additional navigational assistance at a particular region of the specified travel route. Based on the determining, the one or more processors assign an unmanned vehicle to assist the user in traveling through the particular region along the specified travel route. Further, the one or more processors provide one or more auxiliary instructions to the user's navigation system directing the user to reference the unmanned vehicle within the particular region to assist the user in traveling through the particular region along the specified travel route. In operation, the particular region overlaps only a portion of the specified travel route.

公开(公告)号：US09720784B2

公开(公告)日：2017-08-01

申请号：US14835852

申请日：2015-08-26

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Edward Raymond Bernal ,  Rahul Ghosh ,  Ivan M. Heninger ,  Douglas Alan Larson ,  Aaron James Quirk

IPC: G06F17/30 ,  G06F11/14 ,  H04L29/08 ,  H04L29/06

CPC classification number: G06F11/1461 ,  G06F2201/815 ,  H04L67/10 ,  H04L67/1095 ,  H04L67/16 ,  H04L67/42

Abstract: A technique for cloud infrastructure backup in a virtualized environment utilizing shared storage includes obtaining a workload input/output (I/O) profile to the shared storage over a time period. An attempt to locate one or more time windows in the workload I/O profile for which a cloud infrastructure backup can be staged is initiated. In response to determining the cloud infrastructure backup can be staged during at least one of the time windows, staging of the cloud infrastructure backup is scheduled during a selected one of the time windows. In response to determining the cloud infrastructure backup cannot be staged during at least one of the time windows, an interference tolerance approach is employed for accessing the shared storage for active workloads and the cloud infrastructure backup during the staging of the cloud infrastructure backup.

公开(公告)号：US09705676B2

公开(公告)日：2017-07-11

申请号：US14104690

申请日：2013-12-12

Applicant: International Business Machines Corporation

Inventor： Aaron James Quirk ,  Ching-Yun Chao ,  Dennis DeLanoy Lingerfelt ,  William Daniel Whitt

IPC: G06K9/00 ,  H04L9/32 ,  G06F21/32 ,  G06F3/0488

CPC classification number: H04L9/3231 ,  G06F3/0488 ,  G06F21/32 ,  G06F2203/04104 ,  G06K9/00 ,  G06K9/00013 ,  G06K9/00067 ,  G06K9/00087 ,  G06K9/00355

Abstract: A mobile device implements a state machine with full authentication, continuous authentication, and invalidation states. To access the device, the full authentication state requires the user to confirm his or her identity using some robust authentication technique. Upon success, the state machine transitions to the continuous authentication state wherein data samples are captured as the user interacts with the device and compared with stored exemplary fingerprints. Preferably, the state machine enforces a negative identification technique to determine whether the individual currently interacting with the touchscreen is not the user from which the exemplary fingerprints were generated. Upon such negative authentication, the state machine transitions to the invalidation state. In this state, operations (e.g., screen lock) are performed to secure the device against an unauthenticated use. On a next interaction, the state machine transitions to full authentication requiring robust authentication to continue operating in a normal mode.

公开(公告)号：US09575991B2

公开(公告)日：2017-02-21

申请号：US14835961

申请日：2015-08-26

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Rahul Ghosh ,  Aaron James Quirk ,  James Patrick Robbins ,  Drew Hoover Sternesky

IPC: G06F17/30 ,  G06F11/14

CPC classification number: G06F17/30233 ,  G06F11/00 ,  G06F11/14 ,  G06F17/30088

Abstract: A technique of backing up a workload in a virtual environment includes identifying one or more files that are associated with the workload. One or more source volumes that include the one or more files are identified. A respective target volume is provisioned for each of the one or more source volumes identified. Only dirty blocks are copied (in a snapshot mode that prevents an update to the one or more source volumes during the snapshot mode) from each of the one or more source volumes to its respective target volume. The one or more dirty blocks are then copied from each target volume to a backup medium.

Abstract translation: 在虚拟环境中备份工作负载的技术包括识别与工作负载相关联的一个或多个文件。 识别包含一个或多个文件的一个或多个源卷。 为所识别的一个或多个源卷中的每一个提供相应的目标卷。 只有脏块被复制（在快照模式下，防止在快照模式下更新一个或多个源卷）从一个或多个源卷到其各自的目标卷。 然后将一个或多个脏块从每个目标卷复制到备份介质。