Patent application number | Description | Published |
20090217085 | SYSTEMS AND METHODS FOR INCREMENTAL RESTORE - An embodiment relates generally to a method of restoring data in storage systems. The method includes providing for a current snapshot of a primary storage system at a secondary storage system and mounting an empty volume in the primary storage system. The method also includes receiving a request for a selected block of data in the primary storage system and retrieving a restore block from the secondary storage system, where the restore block encompasses the selected block of data. The method further includes writing the restore block to the empty volume in the primary storage system as an incremental restore process. | 08-27-2009 |
20100131559 | ISOLATING AN EXECUTION CONTAINER IN A SYSTEM WITH MANDATORY ACCESS CONTROL (MAC) - Preventing a process from traversing back a directory tree through its parent directories is described. In a system with a program executing in a path container, an access permission rule applicable to the instance of the program prevents the program from traversing the tree structure back through its parent directories towards an absolute root directory. The access permission rule may be a rule in an instance of a security policy applicable to the particular path container from which the process is executing. | 05-27-2010 |
20100132012 | MERGING MANDATORY ACCESS CONTROL (MAC) POLICIES IN A SYSTEM WITH MULTIPLE EXECUTION CONTAINERS - Application of a local instance of a general security policy is described. In a system with an instance of a program executing in a path container, a security policy applicable the the instance of the program is managed locally for the path container. The path container provides a confined execution environment for the program instance, and the security policy defines permitted operations for the program an all its instances. The instance of the security policy is associated with the path container, which allows the program instance to “see” management within the path container as though with the security policy, while entities having permissions outside the path container “see” the program instance limited to the path container and its associated security policy instance. | 05-27-2010 |
20100132013 | RELIABLY TERMINATING PROCESSES IN A SYSTEM WITH CONFINED EXECUTION ENVIRONMENTS - Terminating a process executing within a container is described. An access restriction applicable to the process is temporarily modified with a policy change that prevents creating new processes within the container. The policy change prevents operations that would allow processes within the container from performing a fork operation, or otherwise spawning new processes within the container. The policy change may be, for example, applied by means of a rule added or removed from an access restriction policy. While the processes are prevented from creating new processes, one specified process or all processes within the container are terminated. After termination of the process(es), the policy change can be reversed, allowing normal use of the container. | 05-27-2010 |
Patent application number | Description | Published |
20080208869 | DISTRIBUTED ONLINE CONTENT - Embodiments of the present invention provide a way to combing websites that can be edited over the Internet using distributed revision control. This also makes it possible to use writable web sites while not being connected to the Internet. In some embodiments, the present invention is applied to wikis. When a wiki reconnects, differences are automatically sent over and changes from other wikis are merged automatically. Wikis may also be synchronized on a periodic or event driven basis. Embodiments of the present invention may also be used for load balancing between wikis, or to share information with users who can only occasionally connect to the Internet. | 08-28-2008 |
20080208969 | AUTOMATIC SELECTION OF ONLINE CONTENT FOR SHARING - Embodiments of the present invention provide a way to combing websites that can be edited over the Internet using distributed revision control. This also makes it possible to use writable web sites while not being connected to the Internet. In some embodiments, the present invention is applied to wikis. When a wiki reconnects, differences are automatically sent over and changes from other wikis are merged automatically. Wikis may also be synchronized on a periodic or event driven basis. Embodiments of the present invention may also be used for load balancing between wikis, or to share information with users who can only occasionally connect to the Internet. | 08-28-2008 |
20140101095 | SELECTION OF CONTENT FOR SHARING - Selection of content for sharing is described. An indication of desired content to be shared between a first database and a second database is sent from the first database to the second database. The first database receives desired content corresponding to the indication and a relevancy determination corresponding to a threshold fraction of users that tag the desired content to a particular category. A first version of the desired content is identified in the first database. A second version of the desired content is received by the first database from the second database upon an identification, at the second database, of the second version of the desired content. | 04-10-2014 |
20150193249 | IDLE PROCESSOR MANAGEMENT IN VIRTUALIZED SYSTEMS VIA PARAVIRTUALIZATION - A system and method are disclosed for managing idle processors in virtualized systems. In accordance with one embodiment, a hypervisor executing on a host computer receives an anticipated idle time for a processor of the host computer system from a guest operating system of a virtual machine executing on the host computer system. When the anticipated idle time divided by a performance multiplier exceeds an exit time of a first power state of the processor, the processor is caused to be halted. | 07-09-2015 |
20150212956 | UPDATING VIRTUAL MACHINE MEMORY BY INTERRUPT HANDLER - Systems and methods for directly updating the virtual machine memory by interrupt handlers. An example method may comprise: receiving, by a computer system, an interrupt triggered by a physical device; receiving, by an interrupt handling routine, a data frame from the physical device; identifying a virtual machine to receive the interrupt; and responsive to determining that an active memory context on the computer system matches a memory context of the virtual machine, writing, by the interrupt handling routine, the data frame into a memory of the virtual machine. | 07-30-2015 |
20150242229 | IDLE PROCESSOR MANAGEMENT BY GUEST IN VIRTUALIZED SYSTEMS - A system and method for idle processor management in virtualized systems are disclosed. In accordance with one embodiment, a guest operating system (OS) of a virtual machine estimates an idle time for a virtual central processing unit (CPU) of the virtual machine, where the virtual machine is executed by a CPU of a host computer system, and where the virtual CPU is mapped to the CPU. The guest OS also estimates a host latency time for the host computer system, where the host latency time is based on at least one of: a first power state of the CPU, a context switch associated with execution of the virtual machine by the CPU, or an idle state of a hypervisor executed by the CPU. When the idle time for the virtual CPU divided by a performance multiplier exceeds the host latency time, the virtual CPU is caused to halt. | 08-27-2015 |