Patent application number | Description | Published |
20120185671 | COMPUTATIONAL RESOURCE PIPELINING IN GENERAL PURPOSE GRAPHICS PROCESSING UNIT - This disclosure describes techniques for extending the architecture of a general purpose graphics processing unit (GPGPU) with parallel processing units to allow efficient processing of pipeline-based applications. The techniques include configuring local memory buffers connected to parallel processing units operating as stages of a processing pipeline to hold data for transfer between the parallel processing units. The local memory buffers allow on-chip, low-power, direct data transfer between the parallel processing units. The local memory buffers may include hardware-based data flow control mechanisms to enable transfer of data between the parallel processing units. In this way, data may be passed directly from one parallel processing unit to the next parallel processing unit in the processing pipeline via the local memory buffers, in effect transforming the parallel processing units into a series of pipeline stages. | 07-19-2012 |
20120232988 | METHOD AND SYSTEM FOR GENERATING DYNAMIC ADS WITHIN A VIDEO GAME OF A PORTABLE COMPUTING DEVICE - A method and system for generating and tracking dynamic advertisements within a program, such as a video game, running on a portable computing device (PCD) are described. The method and system include receiving a call from the program for a texture and reviewing an identifier associated with the texture. A graphics driver determines if the identifier associated with the texture matches an identifier in a texture database. The graphics driver then selects a dynamic advertisement from a texture database if the identifier associated with the texture matches the identifier in the texture database. The graphics driver issues commands to the graphics processor so that dynamic advertisement is presented on a screen display. The graphics driver then determines if a video object produced by the program blocks a portion of the dynamic advertisement present on the screen display. | 09-13-2012 |
20130278734 | METHOD AND SYSTEM FOR GENERATING DYNAMIC ADS WITHIN A VIDEO GAME OF A PORTABLE COMPUTING DEVICE - A method and system for generating and tracking dynamic advertisements within a program, such as a video game, running on a portable computing device (PCD) are described. The method and system include receiving a call from the program for a texture and reviewing an identifier associated with the texture. A graphics driver determines if the identifier associated with the texture matches an identifier in a texture database. The graphics driver then selects a dynamic advertisement from a texture database if the identifier associated with the texture matches the identifier in the texture database. The graphics driver issues commands to the graphics processor so that dynamic advertisement is presented on a screen display. The graphics driver then determines if a video object produced by the program blocks a portion of the dynamic advertisement present on the screen display. | 10-24-2013 |
Patent application number | Description | Published |
20130185764 | FILE SYSTEM ACCESS FOR ONE OR MORE SANDBOXED APPLICATIONS - Methods, systems, and machine-readable storage medium are described wherein, in one embodiment, identifiers, such as bookmarks, are used to allow access to files or folders in a sandboxed environment. One or more applications are restricted by an access control system, which can be, for example, a trusted software component of an operating system. In one embodiment, the bookmarks or other identifiers allow an application to have access to a file even if the file is renamed or moved by a user while the application has been terminated. In one embodiment, a resource manager, or other trusted access control system, can interact with an application to allow for the use of bookmarks in an environment in which a sandbox application controls access to the files such that each application must make a request to the sandbox application in order to obtain access to a particular file or folder. | 07-18-2013 |
20150156210 | PREVENTING URL CONFUSION ATTACKS - Methods and apparatus are disclosed for detecting illegitimate or spoofed links on a web page. Illegitimate links can be detected by receiving a web link that includes link text and a link address, generating normalized link text based upon the link text, wherein characters in the link text that are visually similar are represented by a single normalized character identifier in the normalized text, determining whether the normalized link text is in the format of a link address, and determining that the text is safe when the normalized link text is not in the format of a link address. The techniques disclosed herein further involve determining whether the normalized link text matches the link address, determining that the text is safe when the normalized link text matches the link address, and determining that the text is unsafe when the normalized link text does not match the link address. | 06-04-2015 |
20150199510 | FILE SYSTEM ACCESS FOR ONE OR MORE SANDBOXED APPLICATIONS - Methods, systems, and machine-readable storage medium are described wherein, in one embodiment, identifiers, such as bookmarks, are used to allow access to files or folders in a sandboxed environment. One or more applications are restricted by an access control system, which can be, for example, a trusted software component of an operating system. In one embodiment, the bookmarks or other identifiers allow an application to have access to a file even if the file is renamed or moved by a user while the application has been terminated. In one embodiment, a resource manager, or other trusted access control system, can interact with an application to allow for the use of bookmarks in an environment in which a sandbox application controls access to the files such that each application must make a request to the sandbox application in order to obtain access to a particular file or folder. | 07-16-2015 |
20150347748 | METHOD AND APPARATUS FOR HANDLING SECURITY OF AN APPLICATION AND ITS EXTENSION - Techniques for handling security of an application and its extension are described. In one embodiment, an application manager of an operating system running within a data processing system launches an application in a first sandboxed environment based on a first security profile associated with the application. In response to receiving a request from the application for accessing a function of an application extension that is associated with the application, the application manager launches the application extension in a second sandboxed environment based on a second security profile associated with the application extension. The application manager is to individually enforce security and manage resources of the application and the application extension in the first and second sandboxed environments based on the first and second security profiles, respectively. The second security profile specifies resources fewer than the first security profile. | 12-03-2015 |
20150347749 | CONSISTENT EXTENSION POINTS TO ALLOW AN EXTENSION TO EXTEND FUNCTIONALITY OF AN APPLICATION TO ANOTHER APPLICATION - According to one embodiment, in response to an inquiry received from a first application for an extension service associated with a first of a plurality of extension points of an operating system, a list of one or more extensions is identified that have been registered for the first extension point with the operating system, where the first application is executed within a first sandboxed environment. The identified list of extensions is displayed to prompt a user to select one of the extensions to be associated with the first application. In response to a selection of one of the extensions, the selected extension is launched in a second sandboxed environment. The selected extension and the second application were packaged in an application bundle, and when the application bundle was installed, the selected extension and the second application appeared in a registry of the operating system as separate applications. | 12-03-2015 |
Patent application number | Description | Published |
20110296515 | METHOD FOR MANAGING COMPUTER RESOURCES ACCESSED BY A PROGRAM OPERATING IN A RESTRICTED ENVIRONMENT - A resource manager of an operating system of a data processing system receives a first request from a first program for a ticket for accessing at least one of resources of the data processing system. In response to the first request, the resource manager determines whether the first program is entitled to access the resource. The ticket for accessing the resource is issued to the first program if the first program is entitled to access the resource. The ticket can be used by a second program to obtain rights to access the resource by acquiring the ticket from the first program, where the second program would not otherwise be entitled to access the resource based on a security profile associated with the second program. | 12-01-2011 |
20120185683 | SYSTEM AND METHOD FOR TAMPER-RESISTANT BOOTING - Disclosed herein are systems, methods, and non-transitory computer-readable storage media for booting a computing device having an encrypted storage medium using full disk encryption, referred to as tamper-resistant boot. The system retrieves a kernel cache and a kernel cache digest from an unencrypted storage medium and verifies the authenticity of the kernel cache based on the credentials and the kernel cache digest. Initiation and execution of the operating system is performed if the kernel cache is authentic. In one embodiment, the system verifies the authenticity of a request to disable tamper-resistant booting by utilizing a password verifier and a password proof. | 07-19-2012 |
20120185863 | METHODS FOR RESTRICTING RESOURCES USED BY A PROGRAM BASED ON ENTITLEMENTS - In response to a request for launching a program, a list of one or more application frameworks to be accessed by the program during execution of the program is determined. Zero or more entitlements representing one or more resources entitled by the program during the execution are determined. A set of one or more rules based on the entitlements of the program is obtained from at least one of the application frameworks. The set of one or more rules specifies one or more constraints of resources associated with the at least one application framework. A security profile is dynamically compiled for the program based on the set of one or more rules associated with the at least one application framework. The compiled security profile is used to restrict the program from accessing at least one resource of the at least one application frameworks during the execution of the program. | 07-19-2012 |
20120185872 | METHODS FOR MANAGING AUTHORITY DESIGNATION OF GRAPHICAL USER INTERFACES - According to one aspect, a graphics management system receives a first message from a first process for granting one or more rights to a second process for accessing a GUI element owned by the first process. In response, the graphics management system transmits a second message to the second process, the second message offering the one or more rights to the second process. The graphics management system receives a third message from the second process indicating an acceptance of the offer. Thereafter, the graphics management system restricts access of the GUI element by the second process based on the one or more rights accepted by the second process. | 07-19-2012 |
20120185879 | DYNAMIC SERVICE DISCOVERY - When an application is launched, a framework scanning module scans a plurality of frameworks linked against by the application to generate a list of available services. When the application makes a request of a particular service, a service verification module compares the requested service to the list of available services and if the requested service is found in the list of available services, sends a signal to the application, the signal allowing access to the requested service for the application. Otherwise, access to the requested service is denied. | 07-19-2012 |
20120311702 | SYSTEM AND METHOD FOR PRESERVING REFERENCES IN SANDBOXES - Disclosed herein are systems, methods, and non-transitory computer-readable storage media for preserving references in sandboxes. A system implementing the method receives a document for use in a sandbox environment and passes the document to a parser, via a coordinator. The parser finds references in the document to other resources and outputs a list of references. The system passes the list of references to a verifier that verifies each reference and outputs a list of verified references. The system passes the list of verified references to the sandboxed application which extends the sandbox to include the resources on the list of verified references. In one embodiment, the system preserves references in sandboxes without the use a coordinator. | 12-06-2012 |
20130139064 | METHODS FOR MANAGING AUTHORITY DESIGNATION OF GRAPHICAL USER INTERFACES - According to one aspect, a graphics management system receives a first message from a first process for granting one or more rights to a second process for accessing a GUI element owned by the first process. In response, the graphics management system transmits a second message to the second process, the second message offering the one or more rights to the second process. The graphics management system receives a third message from the second process indicating an acceptance of the offer. Thereafter, the graphics management system restricts access of the GUI element by the second process based on the one or more rights accepted by the second process. | 05-30-2013 |
20130283344 | METHODS FOR RESTRICTING RESOURCES USED BY A PROGRAM BASED ON ENTITLEMENTS - In response to a request for launching a program, a list of one or more application frameworks to be accessed by the program during execution of the program is determined. Zero or more entitlements representing one or more resources entitled by the program during the execution are determined. A set of one or more rules based on the entitlements of the program is obtained from at least one of the application frameworks. The set of one or more rules specifies one or more constraints of resources associated with the at least one application framework. A security profile is dynamically compiled for the program based on the set of one or more rules associated with the at least one application framework. The compiled security profile is used to restrict the program from accessing at least one resource of the at least one application frameworks during the execution of the program. | 10-24-2013 |
20130326492 | APPARATUS AND METHOD FOR MANAGING ENTITLEMENTS TO PROGRAM CODE - A method, apparatus and machine readable medium are described for managing entitlements on a computing device. For example, one embodiment of a method comprises: loading a first application into a system memory of a computing device; for each library value/symbol pair referenced by the first application, determining whether the first application has a correct entitlement to be linked with the library value/symbol pair; wherein if the application does not have the correct entitlement associated with the library value/symbol pair, then denying linking to the library value/symbol pair and/or linking the application to an alternate library value/symbol pair which does not have the entitlement associated therewith; and if the application has the correct entitlement associated with the library value/symbol pair, then linking the application to the library value/symbol pair with the entitlement in the system memory. | 12-05-2013 |
20140310781 | METHODS FOR MANAGING AUTHORITY DESIGNATION OF GRAPHICAL USER INTERFACES - According to one aspect, a graphics management system receives a first message from a first process for granting one or more rights to a second process for accessing a GUI element owned by the first process. In response, the graphics management system transmits a second message to the second process, the second message offering the one or more rights to the second process. The graphics management system receives a third message from the second process indicating an acceptance of the offer. Thereafter, the graphics management system restricts access of the GUI element by the second process based on the one or more rights accepted by the second process. | 10-16-2014 |
20150347741 | METHOD FOR MANAGING SECURITY OF A DATA PROCESSING SYSTEM WITH CONFIGURABLE SECURITY RESTRICTIONS - Techniques for managing security of a data processing system are described herein. According to one embodiment, in response to a request for modifying a security settings of a data processing system, a message is displayed on a display of the data processing system to request a user who operates the data processing system to perform a physical action to prove that the user was physically present to issue the request for modifying the security settings. It is verified whether a user action physically performed by the user conforms to the requested physical action. The security settings of the data processing system is modified, in response to determining that the user action conforms to the requested physical action. | 12-03-2015 |
20150347774 | RESTRICTED RESOURCE CLASSES OF AN OPERATING SYSTEM - Techniques for access control of a data processing system are described. In one embodiment, in response to a request from an application for accessing a resource of a data processing system, it is determined a first class of resources the requested resource belongs. A second class of resources the application is entitled to access is determined based on a resource entitlement encoded within the application and authorized by a predetermined authority. The application is allowed to access the resource if the first class and the second class of resources are matched. The application is denied from accessing the resource if the first class and the second class are not matched, regardless an operating privilege level of the application. | 12-03-2015 |
Patent application number | Description | Published |
20100193992 | LAMINATE AND METHOD FOR MAKING LAMINATE - A method of insert molding comprises placing in a first mold a curable rubber composition comprising a reactive species; placing on a surface of the rubber composition a first thermoplastic material in a film or layer comprising a group reactive with the reactive species of the rubber composition; curing the rubber composition in the mold to form a first molded article of cured rubber having a first thermoplastic material layer covalently bonded through reactive of the reactive species and the group; placing the first molded article as an insert into a second mold, the cured rubber contacting an inside surface of the second mold and the thermoplastic layer facing into the second mold cavity; closing the second mold and injecting into the second mold a second thermoplastic material that to form a second molded article comprising the first molded article thermally welded and/or covalently bonded to the second thermoplastic material. | 08-05-2010 |
20140017458 | Temporarily Positionable Meltable Adhesives For Shoe And Apparel Assembly - Layers of an item may be temporarily assembled using a tacky surface on an adhesive layer. The adhesive layer may be activated by the application of energy to cause it to partially or entirely melt to bond layers together. The tacky layer may permit layers to be moved after initial positioning if the positioning is not acceptable. A tacky layer may cover all or part of the surface of an adhesive layer to permit the adhesive to flow without hindrance when activated. | 01-16-2014 |
20140017459 | Temporarily Positionable Meltable Adhesives For Shoe And Apparel Assembly - Layers of an item may be temporarily assembled using a tacky surface on an adhesive layer. The adhesive layer may be activated by the application of energy to cause it to partially or entirely melt to bond layers together. The tacky layer may permit layers to be moved after initial positioning if the positioning is not acceptable. A tacky layer may cover all or part of the surface of an adhesive layer to permit the adhesive to flow without hindrance when activated. | 01-16-2014 |
20140026446 | LAMINATE AND METHOD FOR MAKING LAMINATE - A method of insert molding comprises placing in a first mold a curable rubber composition comprising a reactive species; placing on a surface of the rubber composition a first thermoplastic material in a film or layer comprising a group reactive with the reactive species of the rubber composition; curing the rubber composition in the mold to form a first molded article of cured rubber having a first thermoplastic material layer covalently bonded through reactive of the reactive species and the group; placing the first molded article as an insert into a second mold, the cured rubber contacting an inside surface of the second mold and the thermoplastic layer facing into the second mold cavity; closing the second mold and injecting into the second mold a second thermoplastic material that to form a second molded article comprising the first molded article thermally welded and/or covalently bonded to the second thermoplastic material. | 01-30-2014 |
20140026447 | LAMINATE AND METHOD FOR MAKING LAMINATE - A method of insert molding comprises placing in a first mold a curable rubber composition comprising a reactive species; placing on a surface of the rubber composition a first thermoplastic material in a film or layer comprising a group reactive with the reactive species of the rubber composition; curing the rubber composition in the mold to form a first molded article of cured rubber having a first thermoplastic material layer covalently bonded through reactive of the reactive species and the group; placing the first molded article as an insert into a second mold, the cured rubber contacting an inside surface of the second mold and the thermoplastic layer facing into the second mold cavity; closing the second mold and injecting into the second mold a second thermoplastic material that to form a second molded article comprising the first molded article thermally welded and/or covalently bonded to the second thermoplastic material. | 01-30-2014 |
Patent application number | Description | Published |
20100165688 | CASCADED FLYING CAPACITOR MODULAR HIGH VOLTAGE INVERTERS - A high voltage inverter is provided which includes a plurality of k-level flying capacitor H bridge modules, k being greater than 2, each having a positive dc terminal, a negative dc terminal, and two ac terminals, a connecting unit for connecting said ac terminals of said plurality of k-level flying capacitor H bridge modules in series to form a cascading set of modules, and a dc source connected to an ac source and having a transformer, a rectifier rectifying an output voltage of said transformer, and a capacitor connected between the positive and negative dc terminals. | 07-01-2010 |
20130051094 | CASCADED FLYING CAPACITOR MODULAR HIGH VOLTAGE INVERTERS - A high voltage inverter is provided which includes a plurality of k-level flying capacitor H bridge modules, k being greater than 2, each having a positive dc terminal, a negative dc terminal, and two ac terminals, a connecting unit for connecting said ac terminals of said plurality of k-level flying capacitor H bridge modules in series to form a cascading set of modules, and a dc source connected to an ac source and having a transformer, a rectifier rectifying an output voltage of said transformer, and a capacitor connected between the positive and negative dc terminals. | 02-28-2013 |
20140185346 | HYBRID POWER DEVICES AND SWITCHING CIRCUITS FOR HIGH POWER LOAD SOURCING APPLICATIONS - A hybrid switching circuit includes first and second switching devices containing first and second unequal bandgap semiconductor materials. These switching devices, which support parallel conduction in response to first and second control signals, are three or more terminal switching devices of different type. For example, the first switching device may be a three or more terminal wide bandgap switching device selected from a group consisting of JFETs, IGFETs and high electron mobility transistors HEMTs, and the second switching device may be a Si-IGBT. A control circuit is also provided, which is configured to drive the first and second switching devices with first and second periodic control signals having first and second unequal duty cycles. The first duty cycle may be greater than the second duty cycle and the active phases of the second periodic control signal may occur exclusively within the active phases of the first periodic control signal. | 07-03-2014 |