Patent application number | Description | Published |
20080244292 | Method and Apparatus to Re-create trust model after sleep state - A processing system features random access memory (RAM), a processor, and a trusted platform module (TPM). When the processing system enters a sleep mode during which the RAM is to stay powered, the processing system may measuring a VMM and one or more secure VMs in the processing system. However, the processing system may not measure or encrypt all of system memory. Upon resuming from sleep, the processing system may verify the measurements, to ensure that the VMM and secure VMs have not been tampered with. Other steps may include sealing encryption keys to the TPM, while preserving the blobs in memory. Other embodiments are described and claimed. | 10-02-2008 |
20090044187 | Methods And Apparatus For Creating An Isolated Partition For A Virtual Trusted Platform Module - A data processing system isolates a virtual trusted platform module (vTPM) manager in the processing system from other management software in the processing system. In one example process, the processing system launches a virtual machine monitor (VMM) that includes a memory-mapped input/output (MMIO) trap. The processing system also launches a vTPM manager in a first virtual machine (VM). In addition, the processing system launches a second VM to contain virtual machine management programs other than the vTPM manager and the MMIO trap. Other embodiments are described and claimed. | 02-12-2009 |
20090086979 | VIRTUAL TPM KEYS ROOTED IN A HARDWARE TPM - The present subject matter related to trusted computing, and more particularly, to virtual trusted platform module keys rooted in a hardware trusted platform module. Some embodiments include a trusted platform virtualization module operable to capture virtual machine trusted platform module calls and operates to generate, maintain, and utilize hardware trusted platform module keys on behalf of the one or more virtual machines. Some embodiments include virtual trusted platform module keys having a public portion on top of an private portion including an encrypted hardware trusted platform module key. | 04-02-2009 |
20090089582 | METHODS AND APPARATUS FOR PROVIDING UPGRADEABLE KEY BINDINGS FOR TRUSTED PLATFORM MODULES - A processing system with a trusted platform module (TPM) supports migration of digital keys. For instance, an application in the processing system may create a first configuration key as a child of a TPM storage root key (SRK) when the processing system has a first configuration. The application may also create an upgradable root user key associated with an upgrade authority as a child of the first configuration key. The application may also create a user key as a child of the upgradable root user key. When the processing system has a second configuration, the application may create a second configuration key as a child of the SRK. The application may request migration approval from the upgrade authority. In response to receiving the approval from the upgrade authority, the application may migrate the root user key to be a child of the second configuration key. Other embodiments are described and claimed. | 04-02-2009 |
20090133097 | Device, system, and method for provisioning trusted platform module policies to a virtual machine monitor - A method, apparatus and system for a trusted platform module accepting a customized integrity policy provisioned to a virtual machine monitor, verifying the security of a first policy object, for example, including the customized integrity policy, by comparing a counter associated with the first policy object with a counter associated with a second policy object, and customizing a virtual trusted platform module of the virtual machine monitor according to the first policy object, for example, when the first policy object is verified. The customized integrity policy may include user specified configurations for implementing a customized virtual environment. Other embodiments are described and claimed. | 05-21-2009 |
20090165117 | Methods And Apparatus Supporting Access To Physical And Virtual Trusted Platform Modules - A data processing system features a hardware trusted platform module (TPM), and a virtual TPM (vTPM) manager. When executed, the vTPM manager detects a first request from a service virtual machine (VM) in the processing system, the first request to involve access to the hardware TPM (hTPM). In response, the vTPM manager automatically determines whether the first request should be allowed, based on filter rules identifying allowed or disallowed operations for the hTPM. The vTPM manager may also detect a second request to involve access to a software TPM (sTPM) in the processing system. In response, the vTPM manager may automatically determine whether the second request should be allowed, based on a second filter list identifying allowed or disallowed operations for the sTPM. Other embodiments are described and claimed. | 06-25-2009 |
20090169017 | CONFIGURATION OF VIRTUAL TRUSTED PLATFORM MODULE - Systems, methods and machine readable media for configuring virtual platform modules are disclosed. One method includes launching a virtual machine monitor, and determining, with the virtual machine monitor, whether a configuration policy that defines a configuration for a virtual trusted platform module is trusted. The method further includes configuring the virtual trusted platform module per the configuration policy in response to the virtual machine monitor determining that the configuration policy is trusted. The method also includes launching, via the virtual machine monitor, a virtual machine associated with the virtual trusted platform module. | 07-02-2009 |
20120030676 | Methods And Apparatus For Creating An Isolated Partition For A Virtual Trusted Platform Module - A data processing system isolates a virtual trusted platform module (vTPM) manager in the processing system from other management software in the processing system. In one example process, the processing system launches a virtual machine monitor (VMM) that includes a memory-mapped input/output (MMIO) trap. The processing system also launches a vTPM manager in a first virtual machine (VM). In addition, the processing system launches a second VM to contain virtual machine management programs other than the vTPM manager and the MMIO trap. Other embodiments are described and claimed. | 02-02-2012 |
Patent application number | Description | Published |
20090252044 | Reliable ISP Access Cloud state detection method and apparatus - A Multi-Homing System is equipped with an Adaptive ISP Access Cloud State Detection apparatus (ACSD) that improves the reliability of the availability of digital connections (links) between computer sites, such as a Computer Premises Network and the Internet, in which such connections are made by connecting through a multiplicity of ISP Access Clouds (links). Reliability is improved over prior art methods by using data elements of Internet Protocol datagrams, e.g. record fields or bits of fields, that are regularly and normally exchanged between the ISP Access Clouds and the CPN without creating additional data traffic. Data Elements from each ISP Access Cloud are used by processing functions of the by the ACSD to test for conditions that indicate that it may be in a DOWN status, when a DOWN status is suspected, other functions in the ACSD initiate transmission of a set of PROBE packets that can reliably determine if the suspect link is actually DOWN or merely giving a response that would be interpreted as DOWN by prior art methods. | 10-08-2009 |
20120099447 | Reliable ISP Access Cloud State Detection Method and Apparatus - A Multi-Homing System is equipped with an Adaptive ISP Access Cloud State Detection apparatus (ACSD) that improves the reliability of the availability of digital connections (links) between computer sites, such as a Computer Premises Network and the Internet, in which such connections are made by connecting through a multiplicity of ISP Access Clouds (links). Reliability is improved over prior art methods by using data elements of Internet Protocol data-grams, e.g. record fields or bits of fields, that are regularly and normally exchanged between the ISP Access Clouds and the CPN without creating additional data traffic. Data Elements from each ISP Access Cloud are used by processing functions of the by the ACSD to test for conditions that indicate that it may be in a DOWN status. when a DOWN status is suspected, other functions in the ACSD initiate transmission of a set of PROBE packets that can reliably determine if the suspect link is actually DOWN or merely giving a response that would be interpreted as DOWN by prior art methods. | 04-26-2012 |
20140050109 | RELIABLE ISP ACCESS CLOUD STATE DETECTION METHOD AND APPARATUS - A Multi-Homing System is equipped with an Adaptive JSP Access Cloud State Detection apparatus (ACSD) that improves the reliability of the availability of digital connections (links) between computer sites, such as a Computer Premises Network and the Internet, in which such connections are made by connecting through a multiplicity of ISP Access Clouds (links). Reliability is improved over prior art methods by using data elements of Internet Protocol datagrams, e.g. record fields or bits of fields, that are regularly and normally exchanged between the ISP Access Clouds and the CPN without creating additional data traffic. Data Elements from each ISP Access Cloud are used by processing functions of the by the ACSD to test for conditions that indicate that it may be in a DOWN status. when a DOWN status is suspected, other functions in the ACSD initiate transmission of a set of PROBE packets that can reliably determine if the suspect link is actually DOWN or merely giving a response that would be interpreted as DOWN by prior art methods. | 02-20-2014 |
20160056998 | RELIABLE ISP ACCESS CLOUD STATE DETECTION METHOD AND APPARATUS - A Multi-Homing System is equipped with an Adaptive JSP Access Cloud State Detection apparatus (ACSD) that improves the reliability of the availability of digital connections (links) between computer sites, such as a Computer Premises Network and the Internet, in which such connections are made by connecting through a multiplicity of ISP Access Clouds (links). Reliability is improved over prior art methods by using data elements of Internet Protocol datagrams, e.g. record fields or bits of fields, that are regularly and normally exchanged between the ISP Access Clouds and the CPN without creating additional data traffic. Data Elements from each ISP Access Cloud are used by processing functions of the by the ACSD to test for conditions that indicate that it may be in a DOWN status. when a DOWN status is suspected, other functions in the ACSD initiate transmission of a set of PROBE packets that can reliably determine if the suspect link is actually DOWN or merely giving a response that would be interpreted as DOWN by prior art methods. | 02-25-2016 |
Patent application number | Description | Published |
20090037763 | Systems and Methods for Providing IIP Address Stickiness in an SSL VPN Session Failover Environment - The SSL VPN session failover solution of the appliance and/or client agent described herein provides an environment for handling IP address assignment and end point re-authorization upon failover. The appliances may be deployed to provide a session failover environment in which a second appliance is a backup to a first appliance when a failover condition is detected, such as failure in operation of the first appliance. The backup appliance takes over responsibility for SSL VPN sessions provided by the first appliance. In the failover environment, the first appliance propagates SSL VPN session information including user IP address assignment and end point authorization information to the backup appliance. The backup appliance maintains this information. Upon detection of failover of the first appliance, the backup appliance activates the transferred SSL VPN session and maintains the user assigned IP addresses. The backup appliance may also re-authorize the client for the transferred SSL VPN session. | 02-05-2009 |
20090037998 | Systems and Methods for Authorizing a Client in an SSL VPN Session Failover Environment - The SSL VPN session failover solution of the appliance and/or client agent described herein provides an environment for handling IP address assignment and end point re-authorization upon failover. The appliances may be deployed to provide a session failover environment in which a second appliance is a backup to a first appliance when a failover condition is detected, such as failure in operation of the first appliance. The backup appliance takes over responsibility for SSL VPN sessions provided by the first appliance. In the failover environment, the first appliance propagates SSL VPN session information including user IP address assignment and end point authorization information to the backup appliance. The backup appliance maintains this information. Upon detection of failover of the first appliance, the backup appliance activates the transferred SSL VPN session and maintains the user assigned IP addresses. The backup appliance may also re-authorize the client for the transferred SSL VPN session. | 02-05-2009 |
20100241846 | SYSTEM AND METHOD FOR ESTABLISHING A VIRTUAL PRIVATE NETWORK - A system and method for establishing a virtual private network (VPN) between a client and a private data communication network. An encrypted data communication session, such as a—Secure Sockets Layer (SSL) data communication session, is established between a gateway and the client over a public data communication network. The gateway then sends a programming component to the client for automatic installation and execution thereon. The programming component operates to intercept communications from client applications destined for resources on the private data communication network and to send the intercepted communications to the gateway via the encrypted data communication session instead of to the resources on the private data communication network. | 09-23-2010 |
20100242092 | SYSTEMS AND METHODS FOR SELECTING AN AUTHENTICATION VIRTUAL SERVER FROM A PLURALITY OF VIRTUAL SERVERS - The present invention provides a system and method for dynamically selecting an authentication virtual server from a plurality of authentication virtual servers. A traffic management virtual server may determine from a request received from a client to access content of a server that the client has not been authenticated. The traffic management virtual server can identify a policy for selecting an authentication virtual server to provide authentication of the client. Responsive to the identification, the traffic management virtual server can select, via the policy, an authentication virtual server of the plurality of authentication virtual servers to authenticate the client. Responsive to the request, the traffic management virtual server may transmit a response to the client The response includes an instruction to redirect to the selected authentication virtual server. | 09-23-2010 |
20100242105 | SYSTEMS AND METHODS FOR SELECTIVE AUTHENTICATION, AUTHORIZATION, AND AUDITING IN CONNECTION WITH TRAFFIC MANAGEMENT - The present invention provides a system and method for authentication of network traffic managed by a traffic management virtual server. A traffic management virtual server may determine that a client has not been authenticated from a request of the client to access a server. Responsive to the request, the traffic management virtual server may transmit a response to the client with instructions to redirect to an authentication virtual server. The authentication virtual server may receive a second request from the client. The authentication virtual server may then authenticate credentials received from the client and establish an authentication session for the client. Further, the authentication virtual server may transmit a second response to redirect the client to the traffic management virtual server. The second response identifies the authentication session. The traffic management virtual server then receives a request from the client with an identifier to the authentication session. | 09-23-2010 |
20100281162 | SYSTEMS AND METHODS OF PROVIDING SERVER INITIATED CONNECTIONS ON A VIRTUAL PRIVATE NETWORK - The present invention is related to a method for establishing via an appliance a transport layer protocol connection initiated by a server on a first network to a client connected from a second network to the first network via a secure socket layer virtual private network (SSL VPN) connection. The method includes the step of receiving, by an appliance, a transport layer connection request from a server on a first network to connect to a client connected to the first network via a SSL VPN connection from a second network. The transport layer connection request identifies a client destination internet protocol address and a client destination port on the first network. The method includes establishing, by the appliance, a first transport layer connection to the server on the first network, determining, by the appliance, the client on the second network associated with the client destination internet protocol address on the first network, and transmitting, by the appliance, connection information identifying the client destination port to an agent on the client. The agent establishes a second transport layer connection to the client destination port using a local internet protocol address of the client on the second network and establishes a third transport layer connection to the appliance, which it associates with the second transport layer connection. | 11-04-2010 |
20110162062 | SYSTEMS AND METHODS FOR A VPN ICA PROXY ON A MULTI-CORE SYSTEM - The present invention is directed towards systems and methods for sharing licenses across resources via a multi-core intermediary device. A device intermediary to a plurality of clients and a server may grant a license for a virtual private network (VPN) session established by a first core of a plurality of cores of the device with a client. A second core of the plurality of cores may receive a first request from the client to establish an application connection between an application and a server via the VPN session. The second core may send a second request to the first core to share the license of the VPN session responsive to determining that the first core owns the VPN session. The second core may establish the application connection responsive to receiving from the first core a response accepting the second request to share the license of the VPN session. | 06-30-2011 |
20110277026 | Systems and Methods for Providing Single Sign On Access to Enterprise SAAS and Cloud Hosted Applications - The solution of the present application addresses the problem of authentication across disparately hosted systems by providing a single authentication domain across SaaS and cloud hosted applications as well as traditional enterprise hosted applications. An application delivery controller intermediary to a plurality of clients and the disparately hosted applications providing single sign on management, integration and control. A user may log in via an interface provided, controlled or managed by the ADC, which in turns, authenticates the user to the application in accordance with policy and the host of the application. As such, the user may login once to gain access to a plurality of disparately hosted applications. From the user's perspective, the user seamlessly and transparently gains access to different hosted systems with different passwords and authentication via the remote access provided by the system of the present solution | 11-10-2011 |
20120036231 | SYSTEMS AND METHODS FOR SERVER INITIATED CONNECTION MANAGEMENT IN A MULTI-CORE SYSTEM - The present application is directed towards systems and methods for managing server initiated connections via a multi-core system that provides VPN access between clients and servers. The solution described herein provides a mechanism by which server and client communications via the multi-core system for a server initiated connection may be received on different cores and for the system to manage these communications across different cores to provide an end-to-end connectivity between the client and the server. | 02-09-2012 |
20120036244 | SYSTEMS AND METHODS FOR IIP ADDRESS SHARING ACROSS CORES IN A MULTI-CORE SYSTEM - In a multi-core system, multiple packet engines across corresponding cores may be working concurrently processing data packets from data flows of SSL VPN sessions. For example, a first core may establish a SSL VPN session with a client. Any one of the other cores, such as a second core, may received packets related to the session owned by the first core. Embodiments of the systems and method described below provide management of IIP addresses for the multi-core/multi-packet engine approach to providing SSL VPN service. In some embodiments, the approach to managing IIP addresses is to have one packet engine on a core act as a master or controller of the IIPs for the remaining packet engines and cores. The packet engines/cores use a protocol for communications regarding IIP management. | 02-09-2012 |
20120131208 | SYSTEMS AND METHODS FOR MANAGING A PLURALITY OF USER SESSIONS IN A VIRTUAL PRIVATE NETWORK ENVIRONMENT - Methods for establishing an SSL/VPN session on behalf of a user of a client where the user has a previously existing session are described. Methods include receiving, by an appliance, a request from a first client operated by a user to establish a virtual private network session; creating, by the appliance, a temporary virtual private network session with the client; identifying, by the appliance, an existing virtual private network session previously established on behalf of the user; terminating the previous session; and creating a new virtual private network session with the client using the temporary session. Other methods may further include transmitting a request to a user corresponding to whether to terminate one or more previous sessions, and transferring session data from a previously existing session to a current session. Corresponding systems are also described. | 05-24-2012 |
20120281706 | SYSTEMS AND METHODS FOR CLOUD BRIDGING BETWEEN INTRANET RESOURCES AND CLOUD RESOURCES - Embodiments of the present solution provide a cloud bridge to bring network transparency between the otherwise disparate networks of the datacenter and cloud service provider. For example, appliances may be deployed in the datacenter and on the edge of the cloud. These appliances may be configured or designed and constructed to communicate with each other and recognize and understand the local IP and/or public IP network information of the on-premise datacenter of the enterprise and the cloud datacenter. These appliances may manage the flow of network traffic between the on-premise and cloud datacenters in a manner to appear and act seamlessly and transparently as a single network spanning both the on-premise and cloud data centers. | 11-08-2012 |
20120290732 | METHODS FOR ASSOCIATING AN IP ADDRESS TO A USER VIA AN APPLIANCE - The present disclosure describes methods and systems for efficiently assigning, managing and querying virtual private network (VPN) addresses intranet IP (IIP) addresses of users, such as SSL VPN users on an enterprise network. The disclosure describes techniques and policies for assigning previously-assigned VPN addresses of a user to subsequent sessions of the user as the user logs in multiple times or roams between access points. The disclosure also describes a configurable user domain naming policy so that one can query the VPN address of a user by an easily referable host name identifying the user. The appliance and/or client agent provides techniques for applications to seamlessly and transparently communicate on the VPN using the VPN address of the user or client on the private network. | 11-15-2012 |
20120317411 | SYSTEM AND METHOD FOR ESTABLISHING A VIRTUAL PRIVATE NETWORK - A system and method for establishing a virtual private network (VPN) between a client and a private data communication network. An encrypted data communication session, such as a-Secure Sockets Layer (SSL) data communication session, is established between a gateway and the client over a public data communication network. The gateway then sends a programming component to the client for automatic installation and execution thereon. The programming component operates to intercept communications from client applications destined for resources on the private data communication network and to send the intercepted communications to the gateway via the encrypted data communication session instead of to the resources on the private data communication network. | 12-13-2012 |
20140041014 | METHODS AND SYSTEMS FOR ROUTING PACKETS IN A VPN-CLIENT-TO-VPN-CLIENT CONNECTION VIA AN SSL/VPN NETWORK APPLIANCE - In a method and system for routing packets between clients, a packet is received from a first client connected to a secure sockets layer virtual private network (an SSL/VPN) network appliance. An identification is made, responsive to an inspection of the received packet, of i) a type of connection required for transmission of the received packet to a destination address identified by the received packet and ii) a second client connected via an SSL/VPN connection to the SSL/VPN network appliance and associated with the identified destination address. A request is made for establishment by the second client of a connection of the identified type within the SSL/VPN connection. The received packet is transmitted to the second client via the established connection of the identified type. | 02-06-2014 |
20140095725 | SYSTEMS AND METHODS FOR SERVER INITIATED CONNECTION MANAGEMENT IN A MULTI-CORE SYSTEM - The present application is directed towards systems and methods for managing server initiated connections via a multi-core system that provides VPN access between clients and servers. The solution described herein provides a mechanism by which server and client communications via the multi-core system for a server initiated connection may be received on different cores and for the system to manage these communications across different cores to provide an end-to-end connectivity between the client and the server. | 04-03-2014 |
20140143394 | SYSTEMS AND METHODS FOR IIP ADDRESS SHARING ACROSS CORES IN A MULTI-CORE SYSTEM - In a multi-core system, multiple packet engines across corresponding cores may be working concurrently processing data packets from data flows of SSL VPN sessions. For example, a first core may establish a SSL VPN session with a client. Any one of the other cores, such as a second core, may received packets related to the session owned by the first core. Embodiments of the systems and method described below provide management of IIP addresses for the multi-core/multi-packet engine approach to providing SSL VPN service. In some embodiments, the approach to managing IIP addresses is to have one packet engine on a core act as a master or controller of the IIPs for the remaining packet engines and cores. The packet engines/cores use a protocol for communications regarding IIP management. | 05-22-2014 |
20150271141 | SYSTEMS AND METHODS FOR A VPN ICA PROXY ON A MULTI-CORE SYSTEM - The present invention is directed towards systems and methods for sharing licenses across resources via a multi-core intermediary device. A device intermediary to a plurality of clients and a server may grant a license for a virtual private network (VPN) session established by a first core of a plurality of cores of the device with a client. A second core of the plurality of cores may receive a first request from the client to establish an application connection between an application and a server via the VPN session. The second core may send a second request to the first core to share the license of the VPN session responsive to determining that the first core owns the VPN session. The second core may establish the application connection responsive to receiving from the first core a response accepting the second request to share the license of the VPN session. | 09-24-2015 |
Patent application number | Description | Published |
20100051098 | HIGH QUALITY TCO-SILICON INTERFACE CONTACT STRUCTURE FOR HIGH EFFICIENCY THIN FILM SILICON SOLAR CELLS - A method and apparatus for forming solar cells is provided. In one embodiment, a photovoltaic device includes a first TCO layer disposed on a substrate, a second TCO layer disposed on the first TCO layer, and a p-type silicon containing layer formed on the second TCO layer. In another embodiment, a method of forming a photovoltaic device includes forming a first TCO layer on a substrate, forming a second TCO layer on the first TCO layer, and forming a first p-i-n junction on the second TCO layer. | 03-04-2010 |
20110263074 | APPARATUS AND METHODS FOR REDUCING LIGHT INDUCED DAMAGE IN THIN FILM SOLAR CELLS - Apparatus and methods for forming a silicon-containing i-layer on a substrate for a thin film photovoltaic cell are disclosed. The apparatus includes a chamber body defining a processing region containing the substrate, a hydrogen source and a silane source coupled to a plasma generation region, an RF power source that applies power at a power level in the plasma generation region to generate a plasma and deposit the silicon-containing i-layer at a selected deposition rate to a selected thickness and a controller. The controller controls the power level and the deposition rate of the i-layer on the substrate such that the thin film solar cell exhibits light induced damage that conforms to a linear fit of the product of the RF power, the deposition rate and the selected thickness of the i-layer. In accordance with further aspects of the present invention, the controller controls the RF power and the deposition rate so that a product (x) of the RF power in watts, the deposition rate of the i-layer in nm per min and the thickness of the i-layer in nm is less than a predetermined number y and satisfies the equation y=5E11*x+3.3749 plus or minus a margin. | 10-27-2011 |
20120080092 | HIGH EFFICIENCY SOLAR CELL DEVICE WITH GALLIUM ARSENIDE ABSORBER LAYER - Embodiments of the invention provide a method of forming a doped gallium arsenide based (GaAs) layer from a solution based precursor. The doped gallium arsenide based (GaAs) layer formed from the solution based precursor may assist solar cell devices to improve light absorption and conversion efficiency. In one embodiment, a method of forming a solar cell device includes forming a first layer with a first type of dopants doped therein over a surface of a substrate, forming a GaAs based layer on the first layer, and forming a second layer with a second type of dopants doped therein on the GaAs based layer. | 04-05-2012 |
20120080753 | GALLIUM ARSENIDE BASED MATERIALS USED IN THIN FILM TRANSISTOR APPLICATIONS - Embodiments of the invention provide a method of forming a group III-V material utilized in thin film transistor devices. In one embodiment, a gallium arsenide based (GaAs) layer with or without dopants formed from a solution based precursor may be utilized in thin film transistor devices. The gallium arsenide based (GaAs) layer formed from the solution based precursor may be incorporated in thin film transistor devices to improve device performance and device speed. In one embodiment, a thin film transistor structure includes a gate insulator layer disposed on a substrate, a GaAs based layer disposed over the gate insulator layer, and a source-drain metal electrode layer disposed adjacent to the GaAs based layer. | 04-05-2012 |
20140264297 | THIN FILM ENCAPSULATION-THIN ULTRA HIGH BARRIER LAYER FOR OLED APPLICATION - A method and apparatus for depositing a multilayer barrier structure is disclosed herein. In one embodiment, a thin barrier layer formed over an organic semiconductor includes a non-conformal organic layer, an inorganic layer formed over the non-conformal organic layer, a metallic layer formed over the inorganic layer and a second organic layer formed over the metallic layer. In another embodiment, a method of depositing a barrier layer includes forming an organic semiconductor device over the exposed surface of a substrate, depositing an inorganic layer using CVD, depositing a metallic layer comprising one or more metal oxide or metal nitride layers over the inorganic layer by ALD, each of the metal oxide or metal nitride layers comprising a metal, wherein the metal is selected from the group consisting of aluminum, hafnium, titanium, zirconium, silicon or combinations thereof and depositing an organic layer over the metallic layer. | 09-18-2014 |
Patent application number | Description | Published |
20140025647 | Normalization Engine to Manage Configuration Management Database Integrity - Data is often populated into Configuration Management Databases (CMDBs) from different sources. Because the data can come from a variety of sources, it may have inconsistencies—and may even be incomplete. A Normalization Engine (NE) may be able to automatically clean up the incoming data based on certain rules and knowledge. In one embodiment, the NE takes each Configuration Item (CI) or group of CIs that are to be normalized and applies a rule or a set of rules to see if the data may be cleaned up, and, if so, updates the CI or group of CIs accordingly. In particular, one embodiment may allow for the CI's data to be normalized by doing a look up against a Product Catalog and/or an Alias Catalog. In another embodiment, the NE architecture could be fully extensible, allowing for the creation of custom, rules-based plug-ins by users and/or third parties. | 01-23-2014 |
20150186445 | MECHANISM FOR DEPRECATING OBJECT ORIENTED DATA - Techniques are described to allow the deprecation of classes in an object-oriented data model, such as a CDM for a CMDB. When a class is deprecated and replaced by another existing or new class, data associated with instances of the deprecated class and its replacement class may be provided to allow existing applications to continue to access data using the deprecated class without change until the deprecated class is finally deleted or the application is updated to use the replacement class. New applications written to use the object-oriented model after the deprecation may use the replacement class to access data instances created using the original data model. | 07-02-2015 |
20150381419 | RESOURCE RECONCILIATION - A method to reconcile multiple instances of a single computer resource identified by resource discovery operations includes: (1) accessing information describing one or more resources; (2) identifying, via the accessed information, at least one resource that has been detected or discovered by at least two of the discovery operations; and (3) merging attributes associated with the identified resource from each of the at least two discovery operations into a single, reconciled resource object. Illustrative “resources” include, but are not limited to, computer systems, components of computer systems, data storage systems, switches, routers, memory, software applications (e.g., accounting and database applications), operating systems and business services (e.g., order entry or change management and tracking services). | 12-31-2015 |
Patent application number | Description | Published |
20140317425 | MULTI-CORE PROCESSOR INSTRUCTION THROTTLING - An apparatus for performing instruction throttling for a multi-processor system is disclosed. The apparatus may include a power estimation circuit, a table, a comparator, and a finite state machine. The power estimation circuit may be configured to receive information on high power instructions issued to a first processor and a second processor, and generate a power estimate dependent upon the received information. The table may be configured to store one or more pre-determined power threshold values, and the comparator may be configured to compare the power estimate with at least one of the pre-determined power threshold values. The finite state machine may be configured to adjust the throttle level of the first and second processors dependent upon the result of the comparison. | 10-23-2014 |
20150033045 | Power Supply Droop Reduction Using Feed Forward Current Control - An apparatus for performing instruction throttling for a computing system is disclosed. The apparatus may include a first counter, a second counter, and a control circuit. The second counter may be configured to increment in response to a determination that a processing cycle of a processor has completed. The control circuit may be configured to initialize the first and second counters, detect the processor has issued and instruction, decrement the first counter in response to the detection of the issued instruction, block the processor from issuing instructions dependent upon the a value of the first counter, reset the first counter dependent upon a value of the second counter, and reset the second counter in response to a determination that the value of the second counter is greater than a pre-determined value. | 01-29-2015 |
20150048873 | Power Source for Clock Distribution Network - A clock distribution network having a separate power supply for top levels thereof is disclosed. In one embodiment, an integrated circuit includes a clock distribution network configured to distribute a clock signal to each of a number of clock consumers. The clock distribution network is arranged in a hierarchy of levels, with each of the levels including at least one buffer, and with the upper levels being closer to a source of the clock signal and the lower levels being closer to the clock consumers. The buffers of the upper levels are coupled to receive power from a first power source, via a first power grid. The buffers of the lower levels are coupled to receive power from a second power source, separate from the first, via a second power grid. | 02-19-2015 |
20150253836 | Dynamic Voltage Margin Recovery - In an embodiment, an integrated circuit includes multiple instances of a component (e.g. a processor) and a control circuit. The instances may be configured to operate in various modes. Some of the modes are incapable of presenting a worst-case load on the power supply. The control circuit may be configured to monitor the instances and detect the modes in which the instances are operating. Based on the monitoring, the control circuit may request to recover a portion of the voltage margin established for worst-case conditions in the instances. If the instances are to change modes, they may be configured to request mode change from the control circuit. If the mode change causes an increase in the current supply voltage magnitude (e.g. to restore some of the recovered voltage margin), the control circuit may cause the restore and permit it to complete prior to granting the mode change. | 09-10-2015 |
Patent application number | Description | Published |
20100005025 | Interactive Bill Payment Center - A software suite for enabling viewing and manipulation of multiple categories of aggregated data compiled from a plurality of data sources and accessible through a single interfacing node operated on a data-packet-network is provided. A bill-payment module is provided within the software suite and comprises, an interactive main interface accessible from the module for listing the bills due and payment accounts, an interactive history link embedded in the main interface for providing access to a secondary interface for viewing bill history, an interactive set-up link embedded in the main interface for providing access to a secondary interface for configuring recurring payments, an interactive transfer-funds link embedded in the main interface for providing access to a secondary interface for enabling automated transfer of funds between registered accounts, an interactive calendar link embedded in the main interface for providing access to a secondary interface for viewing calendar data, a plurality of interactive drop-down menus, each menu associated with a listed bill, the menus providing upon invocation a plurality of selectable, interactive options for treating the listed bill and an interactive refresh-all link embedded in the main interface for enabling selective or complete data refreshing of data displayed in the interface. A user operating the main interface from a remote node having access to the data-packet-network may view all aggregated bills and initiate treatment of such bills according to selected interactive options. The treatment is ordered by the operating user and performed by proxy by a service entity hosting the interface. | 01-07-2010 |
20100185556 | Portfolio Synchronizing Between Different Interfaces - A system for updating parameters of financial transactions associated with financial services initiated and completed on behalf of or directly by a user through access to a data-packet-network into more than one electronic interface accessible to the user is provided. The system comprises, a main electronic interface supported by back-end software, the main interface for registering all user accounts into at least one portfolio group, the accounts accessible in detail through the main interface, at least one cobranded electronic interface supported by back-end software, the cobranded interface mirroring the accounts registered in the main electronic interface and a plurality of institution-specific electronic interfaces for providing direct account registration, reporting, and maintenance specific to accounts provided by the associated institutions. Through direct linking between the main, cobranded, and institution-specific interfaces, any parameters associated with any action initiated to a specific account through any of the interfaces is immediately propagated to the other interfaces. | 07-22-2010 |
20110173119 | Interactive Bill Payment Center - A software suite for enabling viewing and manipulation of multiple categories of aggregated data compiled from a plurality of data sources and accessible through a single interfacing node operated on a data-packet-network is provided. A bill-payment module is provided within the software suite and comprises, an interactive main interface accessible from the module for listing the bills due and payment accounts, an interactive history link embedded in the main interface for providing access to a secondary interface for viewing bill history, an interactive set-up link embedded in the main interface for providing access to a secondary interface for configuring recurring payments, an interactive transfer-funds link embedded in the main interface for providing access to a secondary interface for enabling automated transfer of funds between registered accounts, an interactive calendar link embedded in the main interface for providing access to a secondary interface for viewing calendar data, a plurality of interactive drop-down menus, each menu associated with a listed bill, the menus providing upon invocation a plurality of selectable, interactive options for treating the listed bill and an interactive refresh-all link embedded in the main interface for enabling selective or complete data refreshing of data displayed in the interface. A user operating the main interface from a remote node having access to the data-packet-network may view all aggregated bills and initiate treatment of such bills according to selected interactive options. The treatment is ordered by the operating user and performed by proxy by a service entity hosting the interface. | 07-14-2011 |
20110282782 | Portfolio Synchronizing Between Different Interfaces - An account coordination system includes an Internet-connected server executing software from a non-transitory, machine-readable medium. The software provides direct linking between the server and two or more financial enterprises hosting each at least one financial account for a specific user and having an interactive interface through which the user may interact with his/her account, direct linking between the server and one or more third-party enterprises providing interactive interfaces through which the user may access and interact with one or more of the financial accounts at the financial enterprises, and tracking functionality whereby the server tracks activity by the user at any of the interactive interfaces through which the user may interact with one of the financial accounts. The server propagates any change made in an account by the user at any one of the interactive interfaces to the sites hosting the other interactive interfaces. | 11-17-2011 |
20120116969 | Interactive Bill Payment Center - A software suite that provides a bill-payment module and comprises an interactive main interface listing bills due and payment accounts, an interactive history link, an interactive set-up link embedded in the main interface, an interactive transfer-funds link, an interactive calendar link, a plurality of interactive drop-down menus providing upon invocation a plurality of selectable, interactive options for treating the listed bill and an interactive refresh-all link embedded in the main interface. | 05-10-2012 |
Patent application number | Description | Published |
20140320166 | FIELD PROGRAMMABLE GATE ARRAY UTILIZING TWO-TERMINAL NON-VOLATILE MEMORY - Providing for a field programmable gate array (FPGA) utilizing resistive random access memory (RRAM) technology is described herein. By way of example, the FPGA can comprise a switching block interconnect having parallel signal input lines crossed by perpendicular signal output lines. RRAM memory cells can be formed at respective intersections of the signal input lines and signal output lines. The RRAM memory cell can include a voltage divider comprising multiple programmable resistive elements arranged electrically in series across a V | 10-30-2014 |
20140327470 | FIELD PROGRAMMABLE GATE ARRAY UTILIZING TWO-TERMINAL NON-VOLATILE MEMORY - A method for an FPGA includes coupling a first electrode of a first resistive element to a first input voltage, coupling a second electrode of a second resistive element to a second input voltage, applying a first programming voltage to a shared node of a second electrode of the first resistive element, a first electrode of the second resistive element, and to a gate of a transistor element, and changing a resistance state of the first resistive element to a low resistance state while maintaining a resistance state of the second resistive element, when a voltage difference between the first programming voltage at the second terminal and the first input voltage at the first terminal exceeds a programming voltage associated with the first resistive element. | 11-06-2014 |
20150129829 | ONE TIME PROGRAMMABLE AND MULTI-LEVEL, TWO-TERMINAL MEMORY CELL - Providing for one time programmable, multi-level cell two-terminal memory is described herein. In some embodiments, the one time programmable, multi-level cell memory can have a 1 diode 1 resistor configuration, per memory cell. A memory cell according to one or more disclosed embodiments can be programmed to one of a set of multiple logical bits, and can be configured to mitigate or avoid erasure. Accordingly, the memory cell can be employed as a single program, non-erasable memory. Expressed differently, the memory cell can be referred to as a write once read many (WORM) category of memory. | 05-14-2015 |
Patent application number | Description | Published |
20140119459 | ENHANCED VIDEO DECODING WITH APPLICATION LAYER FORWARD ERROR CORRECTION - Embodiments of a method for video decoding with application layer forward error correction in a wireless device are generally described herein. In some embodiments, the method receives a partial source symbol block that includes at least one encoded source symbol representing an original video frame. If the at least one encoded source symbol is systematic, the source symbol is decoded to recover a video frame. The video frame is provided to a video decoder that generates a portion of an original video signal from the recovered video frame. | 05-01-2014 |
20150117332 | SYSTEMS, METHODS, AND DEVICES FOR EFFICIENT DEVICE-TO-DEVICE CHANNEL CONTENTION - A user equipment (UE) includes a request receipt component, an interference component, and a grant/deny component. The request receipt component is configured to receive a first signal indicating a request to transmit to the UE from a first transmitting UE and to receive one or more additional signals indicating that one or more additional transmitting UEs are requesting to transmit to corresponding target UEs. The interference component identifies, based on a received power of the first signal and the one or more additional signals, one or more potentially incompatible UEs. The incompatible UEs may include at least one of the one or more additional transmitting UEs. The grant/deny component is configured to send a signal indicating a block on transmission by the one or more incompatible UEs. | 04-30-2015 |
20150195820 | SYSTEMS, METHODS, AND DEVICES FOR ENHANCING SPECTRAL EFFICIENCY WITH NETWORK-ASSISTED ADVANCED RECEIVERS - Systems and methods for enhancing spectral efficiency are disclosed herein. User equipment (UE) may be configured to communicatively couple to an Evolved Universal Terrestrial Radio Access Network (E-UTRAN) Node B (eNB). The UE may be configured to cancel interference from an interfering eNB. The interfering eNB may provide transmission parameters to the UE. The interfering eNB may transmit a compact message indicative of the transmission parameters to the UE. The compact message may be a broadcast message. Some transmission parameters may be sent to the UE using higher layer signaling. The UE may be able to use the transmission parameters to cancel interference from the interfering eNB. In some embodiments, the interfering and/or serving eNB may indicate to the UE whether the transmission parameters are being broadcast so the UE does not search for them unnecessarily. | 07-09-2015 |
20150215088 | EFFICIENT RECEIVER YIELDING FOR DISTRIBUTED D2D COMMUNICATIONS - A distributed scheduling scheme for D2D communications is described in which D2D transmitter terminals send transmit requests and D2D receiver terminals respond with bandwidth grant messages if certain interference criteria are met. The described scheme may include a technique for more efficiently scheduling D2D links by having D2D receivers base their decisions as to whether to send a bandwidth grant message on whether or not a higher priority D2D receiver has transmitted a bandwidth grant message. | 07-30-2015 |
20150312074 | Non-Orthogonal Multiple Access (NOMA) Wireless Systems and Methods - Apparatuses and methods for Non-Orthogonal Multiple Access (NOMA) communication are discussed. An example Evolved NodeB (eNB) includes a memory, a processor, and a transmitter circuit. The processor evaluates an orthogonal multiple access (OMA) metric and a NOMA metric, generates a protocol instruction that indicates an OMA transmission or a NOMA transmission based on the metrics, and determines a first modulation and coding scheme (MCS) for a first UE and a second MCS for a second UE. The transmitter circuit receives the protocol instruction and transmits a first data signal and a first downlink control information (DCI) message associated with the first UE, and a second data signal and a second DCI message associated with the second UE. When the protocol instruction indicates NOMA transmission, the data signals are power multiplexed, the DCI messages indicate the data signals are transmitted via NOMA, and the first DCI message indicates the second MCS. | 10-29-2015 |
20150327296 | TENTATIVE GRANT FOR EFFICIENT DEVICE-TO- DEVICE COMMUNICATIONS - Technology for efficient distributed scheduling is provided using tentative grants. A UE can receive a transmission request from a Tx UE, and from additional Tx UEs. Each Tx request can include a priority level of the transmitter UE sending the transmission request, to form a priority list. An incompatible list can be formed based on a signal to interference ratio of each transmitter with the UE. A grant message and the incompatible list can be transmitted for n−1 iterations from selected UEs based on the priority list and incompatible list. A tentative bandwidth grant can then be transmitted at an n | 11-12-2015 |