WO2022159107A1 - Application security and mobility - Google Patents

Application security and mobility Download PDF

Info

Publication number
WO2022159107A1
WO2022159107A1 PCT/US2021/014779 US2021014779W WO2022159107A1 WO 2022159107 A1 WO2022159107 A1 WO 2022159107A1 US 2021014779 W US2021014779 W US 2021014779W WO 2022159107 A1 WO2022159107 A1 WO 2022159107A1
Authority
WO
WIPO (PCT)
Prior art keywords
nvmm
computing device
application
cci
settings
Prior art date
Application number
PCT/US2021/014779
Other languages
French (fr)
Inventor
Filipe RIBEIRO
Shane Ward
Pedro Henrique GARCEZ MONTEIRO
Original Assignee
Hewlett-Packard Development Company, L.P.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hewlett-Packard Development Company, L.P. filed Critical Hewlett-Packard Development Company, L.P.
Priority to PCT/US2021/014779 priority Critical patent/WO2022159107A1/en
Publication of WO2022159107A1 publication Critical patent/WO2022159107A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Definitions

  • Computing devices may be found in homes and workplaces. Examples of computing devices include computer workstations, videogame consoles, notebook or laptop computers, and the like. Many computing devices include a random-access memory which provides a working addressable memory for temporarily storing applications currently being executed, including the settings for such applications and the data generated from such applications.
  • Figure 1 is a block diagram schematically illustrating portions of an example application security and mobility computing device.
  • Figure 2 is a flow diagram illustrating portions of an example application security and mobility method.
  • Figure 3 is a block diagram schematically illustrating portions of an example application security mobility system during hot swapping of a NVMM between two computing devices.
  • Figure 4 is a flow diagram illustrating portions of an example application security and mobility method.
  • Figure 5 is a block diagram schematically illustrate portions of an example application security and mobility computing system during hot swapping of a NVMM between two computing devices.
  • Figure 6 is a flow diagram illustrating portions of an example application security and mobility method.
  • Figure 7 is a flow diagram illustrating portions of an example application security and mobility method.
  • Using the same computer application (also referred to as a computer program) on different computing devices (machines) often involves the use of virtual machines or cloud computing.
  • the use of such cloud computing may also involve latency, load times and configuration issues.
  • the example computing devices, methods and mediums facilitate the transfer of an entire computer application, its settings and generated data using a hot-swappable nonvolatile memory module (NVMM).
  • NVMM hot-swappable nonvolatile memory module
  • a user using an application on a first computing device may withdraw the NVMM from the first computing device, while the first computing device is running, and simply plug the same NVMM into a second different computing device, wherein entire working environment of the application is immediately transferred over to the second computing device, ready for use on the second computing device by the user.
  • NVMM hot-swappable nonvolatile memory module
  • NVMM hot-swappable nonvolatile memory module
  • security operations may be further enhanced.
  • a user may withdraw the hot-swappable NVMM, wherein the entire working environment of an application is contained on the NVMM.
  • This entire working environment may be solely contained in the NVMM, reducing any risk of confidential information being retained on the original workstation or in the memory of the original workstation.
  • the NVMM may be stored in a secure location until a resumption of use of the application and the existing working environment at a later time.
  • the example computing device, methods and mediums utilize a memory controller of a first computing device that expands the addressable memory of the first computing device using a NVMM removably connected to a cache coherent bus or interface of the computing device.
  • the memory controller loads or stores the application and its settings directly into those portions of the expanded addressable memory residing on the NVMM.
  • the memory controller also stores the data generated from the application in the NVMM.
  • the first computing device works from the expanded memory of the NVMM.
  • the NVMM may be unplugged or disconnected from the cache coherent interface (CCI) of the first computing device while the first computing device is operating.
  • CCI cache coherent interface
  • the NVMM may then be hot swapped and connected to a second CCI of a second computing device.
  • a second memory controller of the second computing device expands its addressable memory using the memory of the NVMM.
  • the second computing device may restore the entire working ambient addressable memory of the application on the second computing device and allow its user to immediately resume use of the application at a point corresponding to the point at which the NVMM was disconnected from the first computing device.
  • the memory controller of the example computing device may comprise software and/or firmware which works in conjunction with the operational system running on the computing device or hose hardware.
  • the memory controller of an example computing device may store multiple applications and their associated settings and generated data on the expanded addressable memory of the NVMM.
  • the NVMM may be partitioned into a first portion for expanding the addressable memory of the computing device to which it is connected and a second portion for storage such as log files and nonexpanded saved data.
  • the memory controller of the example computing device may additionally provide security in the form of password protection and data encryption with respect to each NVMM that is removably connected to the computing device.
  • the memory controller may further store hardware profiles of the computing device in the NVMM upon successful connection of the NVMM to the computing device for the first time to enhance and speed up future connections between the computing device and the NVMM.
  • the memory controller of an example computing device may utilize a disconnection consistence module or disconnection consistence instructions.
  • the disconnection consistence module keeps track of the last consistence data of the system (hardware configuration, DRAM cache data in cycling, state of the addressable nonvolatile memory and the like).
  • the consistence module may record the state from the CPU instructions and save the state, wherein the state is committed into the NVMM upon a determination that the operation was successful.
  • a user may simply unplug the NVMM with reduced concern about data integrity.
  • a user may create or initiate a safe state by prompting a safe removal using either a physical button or a software call on the system. For example, prior to withdrawing the NVMM, the user may actuate a physical button on the computing device or trigger a software call on the system. Actuation of the physical button or triggering of the software call may result in the consistence module recording a current state of the application from the CPU instructions in the DRAM of the computing device, wherein the state is committed into the NVMM upon a determination that the saving of the current state in the DRAM has been executed. Upon storing the state in the NVMM, the computing device may automatically remove the state from the DRAM of the computing device.
  • the computing device upon initial releasable connection of the NVMM to the CCI of a computing device, determines presence of any existing application or existing settings on the NVMM. In response to determining the presence of an existing application or existing settings on the NVMM, the computing device further verifies the compatibility of the existing application or existing settings stored on the NVMM with the software architecture and hardware drivers of the computing device. In one implementation or one mode of operation, in response to determining any incompatibility, the computing device will auto modify any incompatible settings of the computing device and/or settings contained in the NVMM to facilitate resumption of use of the application on the computing device.
  • the computing device in response to determining any incompatibility, may cease interaction with the NVMM. For example, the computing device may output a notice on a display informing the user that the application or the existing settings contained on the NVMM are not compatible with the software architecture and such are hardware drivers of the computing device.
  • the computing device may proceed by expanding the addressable memory of the computing device using the NVMM.
  • the commuting device may execute the application stored on the NVMM, using the settings and data stored in the NVMM.
  • the method may include removably connecting a non-volatile memory module (NVMM) to a cache coherent interface (CCI) of a computing device, expanding addressable memory of the computing device using the NVMM, storing an application on the NVMM, storing settings for the application in the NVMM, and storing data generated by the application in the NVMM.
  • NVMM non-volatile memory module
  • CCI cache coherent interface
  • the computing device may include a cache coherent interface (CCI) to be releasably connected to a non-volatile memory module (NVMM) and a memory controller.
  • the memory controller is to (1) store an application on the NVMM, (2) expand addressable memory of the computing device using the NVMM, (3) store settings for the application in the NVMM, and (4) store data generated by the application in the NVMM.
  • the instructions may include addressable memory instructions and memory control instructions.
  • the addressable memory instructions are to direct the processor to expand addressable memory of a computing device into a non-volatile memory module (NVMM) that is releasably connected to a cache coherent interface of the computing device.
  • the memory control instructions are to direct the processor to store an application in the NVMM and to store settings for the application and data generated by execution of the application in addressable memory of the computing device contained in the NVMM.
  • FIG. 1 is a block diagram illustrating an example application security and mobility computing device 20.
  • Computing device 20 facilitates the transfer of an entire computer application, its settings and generated data using a hot-swappable NVMM.
  • a user using an application on a first computing device may withdraw the NVMM from the first computing device, while the first computing device is running, and simply plug the same NVMM into a second different computing device, wherein entire working environment of the application is immediately transferred over to the second computing device, ready for use on the second computing device by the user.
  • Such a transfer may be carried out without any installation or configuring tasks, providing more efficient user mobility and productivity.
  • computing device 20 facilitates the transfer of an entire computer application, its settings and generated data using a hot-swappable nonvolatile memory module (NVMM), security operations may be further enhanced.
  • NVMM nonvolatile memory module
  • a user may withdraw the hot-swappable NVMM, wherein the entire working environment of an application is contained on the NVMM.
  • This entire working environment may be solely contained in the NVMM, reducing any risk of confidential information being retained on the original workstation or in the memory of the original workstation.
  • the NVMM may be stored in a secure location until a resumption of use of the application and the existing working environment at a later time.
  • Computing device 20 comprises a computing device that includes processors and associated caches for carrying out operations.
  • Computing device 20 comprises cache coherent interface (CCI) 24 and memory controller 28.
  • CCI 24 propagates the values of shared operands in the caches of processors of computing device 20.
  • Each of such processors of the computing device share an addressable memory 32.
  • the addressable memory 32 may comprise a working memory, such as a DRAM memory, of the computing device 20. Copies of an instruction operand may be stored in each cache memory as well as in the shared addressable memory. When one copy of an operand is changed, the other copies of the operand are also changed.
  • CCI 24 is to removably or releasably connect to a NVMM 40.
  • the term “releasably” or “removably” with respect to an attachment or coupling of two structures means that the two structures may be repeatedly connected and disconnected to and from one another without material damage to either of the two structures or their functioning.
  • CCI 24 comprises an external or internally housed slot having electrically conductive pads, pins, or sockets to removably or releasably receive a NVMM in the form of a nonvolatile memory card having corresponding electrically conductive pads, sockets or pins that communicate with nonvolatile memory elements on the card.
  • the nonvolatile memory elements or persistent storage elements may comprise flash or solid-state memory elements.
  • CCI 24 may have other constructions.
  • Memory controller 28 comprises a processing unit and associated non-transitory computer-readable medium that contains instructions for directing the processor of memory controller 28.
  • Memory controller 28 manages the flow of data going to and from addressable memory 32 of computing device 20.
  • Memory controller 28 contains logic to facilitate reading from and writing to addressable memory 32.
  • Memory controller 28 may be in the form a digital circuit. In some implementations, memory controller 28 may comprise an integrated memory controller.
  • memory controller 28 following the instructions contained in its non-transitory computer-readable medium, expands addressable memory 32 using NVMM 40. In some implementations, this may result in the working memory or addressable memory 32 of computing device 20 including both the volatile memory of computing device 20 (such as a DRAM) and the memory are memory space provided by the releasably connected NVMM 40. Following the expansion of the addressable memory 32 to include NVMM 40, memory controller 28 further utilizes the expanded addressable memory of NVMM 40 to (1 ) store an application 50 in the NVMM portion of the expanded addressable memory 32, and (2) store any settings 52 for the application 50 in the NVMM portion of the expanded addressable memory.
  • Such settings may exist at the time that application 50 is stored in the NVMM portion of addressable memory 32 or may be established during execution of the application 50 by computing device 20. As further shown by Figure 1 , during execution or use of application 50 by computing device 20, data 54 may be generated. Memory controller 28 further stores the application generated data 54 in the expanded addressable memory. In some implementations, each of the application 50, its settings 52 and the application generate data 54 are not concurrently or later stored in the volatile memory (such as a randomaccess memory in the form of a dynamic random-access memory (DRAM)) of computing device 20.
  • DRAM dynamic random-access memory
  • NVMM 40 As a result, application 50 and its entire working environment are contained in the memory or memory storage space of NVMM 40 while NVMM 40 is releasably connected to CCI 24 and following the release or disconnection of NVMM 40 from CCI 24.
  • FIG. 2 is a flow diagram of an example application security and mobility method 100.
  • method 100 facilitates the transfer of an entire computer application, its settings and generated data using a hot-swappable NVMM to enhance both application mobility and security.
  • method 100 is described in the context of being carried out using computing device 20, it should be appreciated that method 100 may be carried out using other similar computing devices.
  • a NVMM 40 is releasably or removably connected to a CCI 24 of computing device 20. Such a connection may occur through the electrical mating between contact pads, pins and/or sockets of the CCI 24 and NVMM 40.
  • memory controller 28 expands the working or addressable memory 32 of the computing device 20 using NVMM 40.
  • memory controller 28 further stores and application, or multiple applications, on the NVMM 40.
  • memory controller 28 stores the settings for the application, or multiple applications, on the NVMM 40.
  • memory controller 28 stores data, generated during execution of the application, or multiple applications, on NVMM 40.
  • the storing of the application, the storing of the settings and the storing of the application generated data are on those portions of the NVMM 40 that serve as part of the working or addressable memory of computing device 20 while NVMM 40 is releasably connected to CCI 24.
  • Figure 3 is a block diagram schematically illustrating the disconnection of NVMM 40 from computing device 20 and the releasable connection of the same NVMM 40 to a second different computing device 120.
  • Figure 3 illustrates the hot swapping of NVMM 40 between computing devices 20 and 120.
  • Figure 3 illustrates an example of how the second different competing device 120 may automatically facilitate resumption of application 50 without installation or configuring tasks, providing more efficient user mobility and productivity.
  • computing device 120 is similar to computing device 20 in that computing device 120 comprises CCI 24 and memory controller 28.
  • CCI 24 and memory controller 28 of computing device 120 function as described above with respect to computing device 20 when receiving a NVMM 42 receive an application and to run a new application.
  • memory controller 28 of computing device 120 (and of computing device 20) is to determine whether a newly connected NVMM 40 already contains an existing application. Upon identifying the existence of an application already on a newly connected NVMM 40, memory controller 28 automatically expands the addressable memory 32 of computing device 120 using the newly connected NVMM 40 as indicated by broken line arrow 133.
  • memory controller 28 resumes execution of the application 50, stored in the NVMM portion of the addressable memory 32, from where the application left off following its disconnection from computing device 20.
  • Memory controller 20 resumes execution the application 50 employing the same application 52 and possibly utilizing the same application generated data 54 as stored on the NVMM 40 at the time that NVMM 40 was disconnected from computing device 20.
  • NVMM 40 may store multiple applications, including the different application settings and the different application generated data for the different multiple applications.
  • memory controller 28 may carry out one of two possible actions: (A) storing a new application comments application settings and generated application data on a newly connected NVMM 40 or (B) executing an existing application using existing settings and existing generated application data on a newly connected NVMM 40.
  • memory controller 28 may prompt a user, on a display, to choose which of the two possible actions are to be taken.
  • memory controller 28 may identify each of the identified applications to the user, such as on a display. Memory controller 28 may further prompt the user to select which of the multiple existing application should be executed or whether a new application should be stored on NVMM 40 as part of the addressable memory 32.
  • Figure 4 is a flow diagram of an example application security and mobility method 200.
  • Figure 4 and method 200 illustrate an example of how ongoing execution of application currently residing on a NVMM 40 may be quickly and easily resumed after being hot swapped green first and second computing devices.
  • Method 200 may follow or be a continuation of method 100 described above.
  • NVMM 40 is disconnected from the CCI 24 of computing device 20 and is removably connected to the CCI 24 of the second computing device 120.
  • memory controller 28 of computing device 120 expands its working or addressable memory 32 using the NVMM 40.
  • the expanded addressable memory 32 comprises the volatile memory (such as DRAM) of computing vice 120 and the nonvolatile memory or storage space provided by NVMM 40.
  • memory controller 28 carries out various read and write operations to execute the application 50, stored in the NVMM portion of address memory 32, using the settings 52 and the data 54 stored in NVMM 40 and serving as part of addressable memory 32.
  • Figure 5 is a block diagram schematically illustrating the hot swapping of an example NVMM 40 between two running computing devices 320 and 420.
  • Figure 5 illustrates an example of how disconnection consistence and compatibility may be implemented during such a hot swap of NVMM 40.
  • those components of computing devices 320 and 420 which correspond to components of computing devices 20 and 120 are numbered similarly.
  • computing devices 320 and 420 are each similar to one another.
  • Each of computing devices 320 and 420 comprises CCI 24, microprocessors 56-1 ... 56-n (collectively referred to as microprocessors 56), software architecture and hardware drivers 58, nonvolatile memory 60, volatile memory in the form of DRAM 62, input 64, display 66, and memory controller 328.
  • Microprocessors 56 carry out the execution of application 50 as well as the execution of any other applications being run by computing devices 320 and 420.
  • Each of microprocessors 56 may include an associated cache 57.
  • computing device 420 may comprise a single microprocessor 56 with an associated cache 57.
  • CCI 24 is connected to each of the caches 57 and DRAM 62 to facilitate cache coherency between the caches 57 and DRAM 62.
  • CCI 24 further connects a received NVMM 42 memory controller 328 to further facilitate cache coherency between caches 57 and those portions of NVMM 40 used to extend the addressable memory 32.
  • Software architecture and hardware drivers 58 are associated with each of computing devices 320 and 420. Each of such architectures and drivers may have associated settings. In some implementations, the software architecture and hardware drivers 58 of computing device 320 may be different than the software architecture and hardware drivers 58 of computing device 420. Differences in the software architecture and hardware drivers 58 of computing devices 320 and 420 may result in incompatibilities that inhibit or prevent the proper execution of application 50 on both of computing devices 320 and 420.
  • Nonvolatile memory 60 comprise a persistent storage residing on each of computing devices 320 and 420.
  • Nonvolatile memory 60 may be in the form of a hard disk drive or a solid-state storage device.
  • Nonvolatile memory 60 may store applications, application settings and application generated data. Execution of such applications is generally carried out using a temporary copy of the application in DRAM 62 of the working or addressable memory 32.
  • DRAM 62 comprises a volatile memory that resides on each of computing devices 320 and 420. DRAM 62 forms part of the working or addressable memory 32 for each of computing device 320 and 420. DRAM 62 may be used to temporarily store applications, application settings and application generated data until storage and nonvolatile memory 60. Any applications, settings or data stored in DRAM 62 may be lost upon powering down of the associated computing device 320, 420.
  • Input 64 comprises a user interface by which selections, commands or other input may be provided to the associated computing device 320, 420.
  • Input 64 may have many forms. Examples of input 64, include, but are not limited to, a keyboard, a mouse, a touchpad, a touch screen (provided by display 66), a microphone which associated speech recognition software and the like.
  • input 64 may facilitate the input of a request for operation in a “safe state” to preserve data integrity prior to withdrawal or disconnection of NVMM 40.
  • input 64 may further facilitate the input of a request by user or the computing device to modify various settings to achieve compatibility between the application stored on NVMM 40 and the computing device to which NVMM 40 is releasably connected.
  • Display 66 comprises a screen providing visual data to a user.
  • display 66 may be fixed to the remaining components of computing device 320, 420, being a permanent part of the computing device 320, 420.
  • display 66 may be releasably connected (by a cord) to the associated computing device 320, 420.
  • display 66 may be a touchscreen so as to also serve as input 64.
  • Display 66 facilitates the presentation of prompts requesting input from a user regarding entry into the “safe state” prior to withdrawal or disconnection of NVMM 40 and/or authorization for compatibility modifications when compatibilities are identified with respect to an application to be run from a newly connected NVMM 40.
  • Memory controller 328 is similar to memory controller 28 described above except that memory controller 328 further carries out disconnection consistence and compatibility checking functions.
  • Memory controller 328 comprises processor 370, addressable memory instructions 372, memory control instructions 374, disconnection consistence instructions 378 and compatibility instructions 380. Instructions 372, 374, 378 and 380 are each contained on a non-transitory computer-readable medium and direct the operation of processor 370. Such instructions may be in the form of an integrated circuit with logic elements or may be provided as software or code stored on nonvolatile memory such as a nonvolatile memory of memory controller 328 or memory 60. [00046] Addressable memory instructions 372 and memory control instructions 374 direct processor 370 to carry out methods 100 and 200 described above.
  • Addressable memory instructions 372 372 expand the addressable memory 32 of computing device 320, 420 using a NVMM, such as NVMM 40, that is releasably connected to CCI 24.
  • Memory control instructions direct processor 370 to either: (1 ) store an application 50, it settings 52 and any data 54 generated by execution of the application in the NVMM portion (the portion provided by NVMM 40) of addressable memory 32, or (2) execute an existing application directly from the NVMM portion of addressable memory 32, using the settings 52 and data 54 existing in the NVMM portion 40 of the addressable memory 32 without copying the application 50, settings 52 or data 54 from the NVMM portion of addressable memory 32 to nonvolatile memory 60 or other portions of addressable memory 32, such as DRAM 62.
  • memory controller 328 runs or executes an application 50 (along with its settings 52 and existing generated data 54) directly from the NVMM 40 just as if the application had been temporarily stored in the volatile memory of the computing device, such as the DRAM 62. Any newly generated data resulting from the execution of the application 50 is also directly stored on NVMM 40.
  • memory controller 328 may determine whether a newly connected NVMM 40 already contains an existing application. Upon identifying the existence of an application already on a newly connected NVMM 40, memory controller 28 automatically expands the addressable memory 32 of computing device 120 using the newly connected NVMM 40 as indicated by broken line arrow 133. Thereafter, memory controller 28 resumes execution of the application 50, stored in the NVMM portion of the addressable memory 32, from where the application left off following its disconnection from computing device 20. Memory controller 328 resumes execution the application 50 employing the same application settings 52 and possibly utilizing the same application generated data 54 as stored on the NVMM 40 at the time that NVMM 40 was disconnected from computing device 20.
  • NVMM 40 may store multiple applications, including the different application settings and the different application generated data for the different multiple applications.
  • memory controller 328 may carry out one of two possible actions: (A) storing a new application comments application settings and generated application data on a newly connected NVMM 40 or (B) executing an existing application using existing settings and existing generated application data on a newly connected NVMM 40.
  • memory controller 28 may prompt a user, on a display, to choose which of the two possible actions are to be taken.
  • memory controller 328 may identify each of the identified applications to the user, such as on display 66.
  • Memory controller 28 may further prompt the user, using display 66, to select, using input 64, which of the multiple existing application should be executed or whether a new application should be stored on NVMM 40 as part of the addressable memory 32.
  • Disconnection consistence instructions 378 provide a “safe state” to reduce the likelihood of settings or data being lost upon disconnection of NVMM 40 from a computing device, such as from computing device 320 or from computing device 420.
  • the disconnection consistence instructions 378 direct processor 370 to keep track of the last consistence data of the system (hardware configuration, DRAM cache data in cycling, state of the addressable nonvolatile memory and the like).
  • the consistence instructions 378 direct processor 370 to record the state from the CPU instructions and save the state in DRAM, wherein the state is committed into the NVMM 40 upon a determination that the operation was successful.
  • disconnection consistence instructions 378 may further automatically direct processor 370 to clear or clean the temporarily stored state in the DRAM and clean any caches containing the temporarily stored state that was committed to the NVMM.
  • the automatic removal of the temporarily stored state in DRAM, prior to shut down of the computing device 320, 420, may be omitted, where the temporarily stored data on the DRAM may instead be automatically removed by the act of shutting down the computing device (discontinuing the supply of power to DRAM) following the storing of the state in the NVMM 40.
  • a user may simply unplug the NVMM 40 with reduced concern about data integrity.
  • a user may create or initiate a safe state by indicating a forthcoming removal or disconnection of NVMM 40 using either a physical button or a software call on the system using input 64. For example, prior to withdrawing the NVMM 40, the user may actuate a physical button (forming part of input 64) on the computing device or trigger a software call (using input 64) on the computing device 320, 420.
  • Actuation of the physical button or triggering of the software call may result in the consistence instructions 378 directing processor 370 to record a current state of the application 50 from the CPU instructions in the DRAM 62 of the computing device 320, 420, wherein the state is committed into the NVMM 40 upon a determination that the saving of the current state in the DRAM 62 has been executed.
  • the computing device may indicate to the user, on display 66, that NVMM 40 is ready for removal or disconnection.
  • disconnection consistence instructions 378 may automatically direct processor 370 to remove the previously stored state from the DRAM 62 of the computing device 320, 420.
  • the automatic removal of the temporarily stored state in DRAM 62, prior to shut down of the computing device 320, 420, may be omitted, where the temporarily stored data on the DRAM may instead be automatically removed by the act of shutting down the computing device (discontinuing the supply of power to DRAM 62) following the storing of the state in the NVMM 40.
  • Compatibility instructions 380 direct the processor 370 to, upon connection of the NVMM 40 to the CCI 24, determine presence of an existing application 50 or existing settings 52 on the NVMM 40 releasably connected to the CCI 24; and verify compatibility of the existing application 50 or the existing settings 52 stored in the NVMM 40 with software architecture and hardware drivers 58 of the computing device 320, 420. In some implementations, upon identifying an incompatibility, compatibility instructions 380 direct processor 370 to cease interaction with NVMM 40 or with the particular application on NVMM 40 selected for execution.
  • compatibility instructions 380 direct processor 370 to auto-modify those settings on either or both of NVMM 40 or the computing device 320, 420 that are incompatible to facilitate execution of the application directly from NVMM 40 forming part of the addressable memory 32.
  • addressable memory instructions 372 and memory control instructions 374 proceed with carrying out method 100 described above.
  • Addressable memory instructions 372 the addressable memory 32 using the newly connected NVMM 40.
  • Memory control instructions 374 execute the application 50 stored on NVMM 40 and use the settings 52 and data 54 directly from the NVMM portion of the expanded addressable memory 32 just as if the application, its settings, and data had been copied to DRAM 62 indirectly run from DRAM 62.
  • compatibility instructions 380 provide two modes for addressing an identified incompatibility: (1 ) seizing interaction with NVMM 40 or with the particular application 50 on NVMM 40 and (2) modifying settings to achieve compatibility.
  • compatibility instructions 380 may direct processor 370 to assess the correct ability of the identified incompatibility and may automatically select one of the two modes depending upon the extent of the incompatibility, whether the incompatibility may be fixed.
  • the user of computing device 320, 420 may be provided with a prompt on display 66 requesting selection of one of two modes.
  • Figure 6 is a flow diagram of an example application security and mobility method 500.
  • Method 500 is similar to method 100 described above except that method 500 additionally involves the provision of a “safe state” wherein the state of NVMM stored on the computing device prior to the disconnection of the NVMM from the computing device.
  • a “safe state” wherein the state of NVMM stored on the computing device prior to the disconnection of the NVMM from the computing device.
  • method 500 is described in the context of being carried out by computing device 320, following disconnection consistence instructions 378, it should be appreciated that method 500 may be carried out in other manners in accordance with other instructions on other computing devices.
  • a NVMM 40 is removably connected to a CCI 24 of computing device 320.
  • addressable memory instructions 372 direct processor 370 to expand the addressable memory 32 using the newly attached NVMM 40.
  • compatibility instructions 380 may direct processor 370 to additionally carry out a compatibility check for the newly connected NVMM 40.
  • memory control instructions 374 direct processor 370 to store and application 50 on NVMM 40. As indicated by block 510, memory control instructions 374 direct processor 370 to store any settings 52 for application 50 on NVMM 40. As indicated by block 512, memory control structure 374 direct processor 370 to store any data 54 generated during the execution of application 50 on NVMM 40.
  • disconnection consistence instructions 378 direct processor 370 to store a state of NVMM 40 on computing device 320.
  • Examples of the data pertaining to the state of NVMM 40 that may be stored prior to removal of NVMM 40 or disconnection of NVMM 40 include, but are not limited to, operations being executed, the stack of operations for undo/redo commands, application state and the like.
  • the storing of the state of NVMM 40 on computing device 320 may be triggered by a “safe state” input or request.
  • the user may actuate a physical button (forming part of input 64) on the computing device or trigger a software call (using input 64) on the computing device 320, 420.
  • Actuation of the physical button or triggering of the software call may result in the consistence instructions 378 directing processor 370 to record a current state of the application 50 from the CPU instructions in the DRAM 62 of the computing device 320, 420, wherein the state is committed into the NVMM 40 upon a determination that the saving of the current state in the DRAM 62 has been executed.
  • the computing device may indicate to the user, on display 66, that NVMM 40 is ready for removal or disconnection.
  • NVMM 40 is disconnected from CCI 24 of computing device 320.
  • disconnection consistence instructions 378 may automatically direct processor 370 to remove the previously stored state from the DRAM 62 of the computing device 320, 420.
  • Figure 7 is a flow diagram illustrating an example application security and mobility method 600.
  • Method 600 is similar to method 200 described above except that method 600 carries out a compatibility check prior to execution of the application on a newly connected NVMM 40.
  • method 600 is described in the context of being carried out by computing system 420, following compatibility instructions 380, it should be appreciated that method 600 may be carried out in other manners in accordance with other instructions on other computing devices.
  • NVMM 40 is disconnected from CCI 24 of computing device 320 and is removably connected to CCI 24 of a second computing device, computing device 420.
  • compatibility instructions 380 direct processor 370 to verify the compatibility of the application 50 and the settings 52 stored in NVMM 40, which are to be executed by computing device 420, with the software architecture and hardware drivers 58 of computing device for 20. In some implementations, the verification of compatibility is automatically carried out in response to computing device for 20 sensing our detecting the connection of NVMM 42 CCI 24 of computing device 420.
  • compatibility instructions 380 may direct processor 370 to compare drivers and dependent software versions as well as hardware firmware versions, dependencies and configurations.
  • method 600 provides two different options for addressing and identified incompatibility.
  • method 600 may operate in a first mode wherein compatibility instructions 380 direct processor 370 to auto-modify those settings on either or both of NVMM 40 or the computing device 420 that are incompatible to facilitate execution of the application directly from NVMM 40 forming part of the addressable memory 32.
  • settings such as available cache size and information related to the new computing device, such as display options and components available, such as the type of input devices and the type of display and the video resolution may be modified on NVMM 40 or settings, such as driver versions by an update or removal and installation of a previous update, may be modified on computing device 420 to provide compatibility so as to facilitate execution of the application 50 on competing device 420.
  • compatibility instructions 380 further direct processor 370 to evaluate the nature of the incompatibility or whether the incompatibility may be addressed by modifying the aforementioned settings.
  • compatibility instructions 380 may direct processor 370 to automatically auto-modify the incompatible settings pursuant to block 624 in response to determining that such settings are modifiable so as to properly fix the incompatibility and permit execution of application 50 on computing device 420.
  • compatibility instructions 380 may automatically direct processor 370 to carry out the second mode in which interaction with NVMM 40 is automatically ceased pursuant to block 626.
  • compatibility instructions 380 may direct processor 370 to prompt a selection of either mode 1 or mode 2 pursuant to block 624 and 626, respectively, from a user using input 64 and display 66.
  • addressable memory instructions 374 may direct processor 370 to proceed with expanding the addressable memory 32 of computing device for 20 using NVMM 40.
  • Memory control instructions 374 may further direct processor 370 to execute the application 50 stored on NVMM 40 using the settings 52 and the data 54 start on NVMM 40.
  • the execution of application 50 is directly from the NVMM portion of the expanded addressable memory 32 without application 50, its settings or any associated generated data 54 being copied to DRAM 62 or other portions of the working or addressable memory 32.
  • the example computing devices 320, 420 and methods 500, 600 facilitate the transfer of an entire computer application 50, its settings 52 and generated data 54 using a hot-swappable NVMM 40.
  • a user using an application on a first computing device 320 may withdraw the NVMM 40 from the first computing device 320, while the first computing device 320 is running, and simply plug the same NVMM 40 into a second different computing device for 20, wherein entire working environment of the application 50 is immediately transferred over to the working or addressable memory 32 of the second computing device for 20, ready for use on the second computing device for 20 by the user.
  • the example computing devices 320, 420 and methods 500, 600 facilitate the transfer of an entire computer application 50, its settings 52 and generated data 54 using a hot-swappable NVMM 40, security operations may be further enhanced.
  • a user may withdraw the hot-swappable NVMM 40, wherein the entire working environment of an application 50 is contained on the NVMM 40.
  • This entire working environment may be solely contained in the NVMM 40, reducing any risk of confidential information being retained on the original computing device 320 or in the memory of the original computing device 320.
  • the NVMM may be stored in a secure location until a resumption of use of the application 50 and the existing working environment at a later time.

Abstract

An example application security and mobility method may include removably connecting a non-volatile memory module (NVMM) to a cache coherent interface (CCI) of a computing device, expanding addressable memory of the computing device using the NVMM, storing an application on the NVMM, storing settings for the application in the NVMM, and storing data generated by the application in the NVMM.

Description

APPLICATION SECURITY AND MOBILITY
BACKGROUND
[0001] Computing devices may be found in homes and workplaces. Examples of computing devices include computer workstations, videogame consoles, notebook or laptop computers, and the like. Many computing devices include a random-access memory which provides a working addressable memory for temporarily storing applications currently being executed, including the settings for such applications and the data generated from such applications.
BRIEF DESCRIPTION OF THE DRAWINGS
[0002] Figure 1 is a block diagram schematically illustrating portions of an example application security and mobility computing device.
[0003] Figure 2 is a flow diagram illustrating portions of an example application security and mobility method.
[0004] Figure 3 is a block diagram schematically illustrating portions of an example application security mobility system during hot swapping of a NVMM between two computing devices.
[0005] Figure 4 is a flow diagram illustrating portions of an example application security and mobility method.
[0006] Figure 5 is a block diagram schematically illustrate portions of an example application security and mobility computing system during hot swapping of a NVMM between two computing devices. [0007] Figure 6 is a flow diagram illustrating portions of an example application security and mobility method.
[0008] Figure 7 is a flow diagram illustrating portions of an example application security and mobility method.
[0009] Throughout the drawings, identical reference numbers designate similar, but not necessarily identical, elements. The figures are not necessarily to scale, and the size of some parts may be exaggerated to more clearly illustrate the example shown. Moreover, the drawings provide examples and/or implementations consistent with the description; however, the description is not limited to the examples and/or implementations provided in the drawings.
DETAILED DESCRIPTION OF EXAMPLES
[00010] Disclosed are example computing devices, methods and non- transitory computer-readable mediums that facilitate more efficient user mobility and productivity when working on different computing devices. Using the same computer application (also referred to as a computer program) on different computing devices (machines) often involves the use of virtual machines or cloud computing. However, the use of such cloud computing may also involve latency, load times and configuration issues.
[00011] In contrast, the example computing devices, methods and mediums facilitate the transfer of an entire computer application, its settings and generated data using a hot-swappable nonvolatile memory module (NVMM). A user using an application on a first computing device may withdraw the NVMM from the first computing device, while the first computing device is running, and simply plug the same NVMM into a second different computing device, wherein entire working environment of the application is immediately transferred over to the second computing device, ready for use on the second computing device by the user. Because the application is run directly from the NVMM, just as if the application and its working environment had been copied to and directly run from the DRAM of the second computing device, such a transfer may be carried out without copying of the application or its working environment (settings and data) to the existing volatile working/addressable memory of the second computing device or the existing nonvolatile memory of the second computing device. Such a transfer may be carried out without any installation or configuring tasks, providing more efficient user mobility and productivity.
[00012] Because the example computing devices, methods and mediums facilitate the transfer of an entire computer application, its settings and generated data using a hot-swappable nonvolatile memory module (NVMM), security operations may be further enhanced. For example, a user may withdraw the hot-swappable NVMM, wherein the entire working environment of an application is contained on the NVMM. This entire working environment may be solely contained in the NVMM, reducing any risk of confidential information being retained on the original workstation or in the memory of the original workstation. The NVMM may be stored in a secure location until a resumption of use of the application and the existing working environment at a later time.
[00013] The example computing device, methods and mediums utilize a memory controller of a first computing device that expands the addressable memory of the first computing device using a NVMM removably connected to a cache coherent bus or interface of the computing device. Rather than an application and its settings being loaded into the DRAM of the first computing device, the memory controller loads or stores the application and its settings directly into those portions of the expanded addressable memory residing on the NVMM. Rather than the data generated from the application also being stored in the DRAM or a fixed nonvolatile memory associated with the first computing device, the memory controller also stores the data generated from the application in the NVMM. During execution of the application, the first computing device works from the expanded memory of the NVMM. As result, the NVMM may be unplugged or disconnected from the cache coherent interface (CCI) of the first computing device while the first computing device is operating.
[00014] The NVMM may then be hot swapped and connected to a second CCI of a second computing device. Upon connection, a second memory controller of the second computing device expands its addressable memory using the memory of the NVMM. Using the application, its settings and most recent data stored in the NVMM, the second computing device may restore the entire working ambient addressable memory of the application on the second computing device and allow its user to immediately resume use of the application at a point corresponding to the point at which the NVMM was disconnected from the first computing device.
[00015] The memory controller of the example computing device may comprise software and/or firmware which works in conjunction with the operational system running on the computing device or hose hardware. In some implementations, the memory controller of an example computing device may store multiple applications and their associated settings and generated data on the expanded addressable memory of the NVMM. In some implementations, the NVMM may be partitioned into a first portion for expanding the addressable memory of the computing device to which it is connected and a second portion for storage such as log files and nonexpanded saved data. In some implementations, the memory controller of the example computing device may additionally provide security in the form of password protection and data encryption with respect to each NVMM that is removably connected to the computing device. In some implementations, the memory controller may further store hardware profiles of the computing device in the NVMM upon successful connection of the NVMM to the computing device for the first time to enhance and speed up future connections between the computing device and the NVMM.
[00016] To facilitate hot swapping of the NVMM, the memory controller of an example computing device may utilize a disconnection consistence module or disconnection consistence instructions. The disconnection consistence module keeps track of the last consistence data of the system (hardware configuration, DRAM cache data in cycling, state of the addressable nonvolatile memory and the like). Each time an application is loaded into the NVMM or a modification operation occurs, the consistence module may record the state from the CPU instructions and save the state, wherein the state is committed into the NVMM upon a determination that the operation was successful. As a result, a user may simply unplug the NVMM with reduced concern about data integrity.
[00017] A user may create or initiate a safe state by prompting a safe removal using either a physical button or a software call on the system. For example, prior to withdrawing the NVMM, the user may actuate a physical button on the computing device or trigger a software call on the system. Actuation of the physical button or triggering of the software call may result in the consistence module recording a current state of the application from the CPU instructions in the DRAM of the computing device, wherein the state is committed into the NVMM upon a determination that the saving of the current state in the DRAM has been executed. Upon storing the state in the NVMM, the computing device may automatically remove the state from the DRAM of the computing device.
[00018] To maintain hardware and software compatibility, upon initial releasable connection of the NVMM to the CCI of a computing device, the computing device, following compatibility instructions contained on the computing device, determines presence of any existing application or existing settings on the NVMM. In response to determining the presence of an existing application or existing settings on the NVMM, the computing device further verifies the compatibility of the existing application or existing settings stored on the NVMM with the software architecture and hardware drivers of the computing device. In one implementation or one mode of operation, in response to determining any incompatibility, the computing device will auto modify any incompatible settings of the computing device and/or settings contained in the NVMM to facilitate resumption of use of the application on the computing device. In one implementation or one mode of operation, in response to determining any incompatibility, the computing device may cease interaction with the NVMM. For example, the computing device may output a notice on a display informing the user that the application or the existing settings contained on the NVMM are not compatible with the software architecture and such are hardware drivers of the computing device.
[00019] In response to determining compatibility of the application and its settings on the NVMM with the software architecture and/are hardware drivers of the commuting device, the computing device may proceed by expanding the addressable memory of the computing device using the NVMM. Upon the addressable memory of the computing device being expanded using the NVMM, the commuting device may execute the application stored on the NVMM, using the settings and data stored in the NVMM.
[00020] Disclosed is an example application security and mobility method. The method may include removably connecting a non-volatile memory module (NVMM) to a cache coherent interface (CCI) of a computing device, expanding addressable memory of the computing device using the NVMM, storing an application on the NVMM, storing settings for the application in the NVMM, and storing data generated by the application in the NVMM. [00021] Disclosed is an example application security and mobility computing device. The computing device may include a cache coherent interface (CCI) to be releasably connected to a non-volatile memory module (NVMM) and a memory controller. The memory controller is to (1) store an application on the NVMM, (2) expand addressable memory of the computing device using the NVMM, (3) store settings for the application in the NVMM, and (4) store data generated by the application in the NVMM.
[00022] Disclosed is an example non-transitory computer-readable medium containing application security and mobility instructions for directing a processor. The instructions may include addressable memory instructions and memory control instructions. The addressable memory instructions are to direct the processor to expand addressable memory of a computing device into a non-volatile memory module (NVMM) that is releasably connected to a cache coherent interface of the computing device. The memory control instructions are to direct the processor to store an application in the NVMM and to store settings for the application and data generated by execution of the application in addressable memory of the computing device contained in the NVMM.
[00023] Figure 1 is a block diagram illustrating an example application security and mobility computing device 20. Computing device 20 facilitates the transfer of an entire computer application, its settings and generated data using a hot-swappable NVMM. A user using an application on a first computing device may withdraw the NVMM from the first computing device, while the first computing device is running, and simply plug the same NVMM into a second different computing device, wherein entire working environment of the application is immediately transferred over to the second computing device, ready for use on the second computing device by the user. Such a transfer may be carried out without any installation or configuring tasks, providing more efficient user mobility and productivity. [00024] Because computing device 20 facilitates the transfer of an entire computer application, its settings and generated data using a hot-swappable nonvolatile memory module (NVMM), security operations may be further enhanced. For example, a user may withdraw the hot-swappable NVMM, wherein the entire working environment of an application is contained on the NVMM. This entire working environment may be solely contained in the NVMM, reducing any risk of confidential information being retained on the original workstation or in the memory of the original workstation. The NVMM may be stored in a secure location until a resumption of use of the application and the existing working environment at a later time.
[00025] Computing device 20 comprises a computing device that includes processors and associated caches for carrying out operations. Computing device 20 comprises cache coherent interface (CCI) 24 and memory controller 28. CCI 24 propagates the values of shared operands in the caches of processors of computing device 20. Each of such processors of the computing device share an addressable memory 32. The addressable memory 32 may comprise a working memory, such as a DRAM memory, of the computing device 20. Copies of an instruction operand may be stored in each cache memory as well as in the shared addressable memory. When one copy of an operand is changed, the other copies of the operand are also changed.
[00026] As schematically represented by arrow 25, CCI 24 is to removably or releasably connect to a NVMM 40. For purposes of this disclosure, the term “releasably” or “removably” with respect to an attachment or coupling of two structures means that the two structures may be repeatedly connected and disconnected to and from one another without material damage to either of the two structures or their functioning. In some implementations, CCI 24 comprises an external or internally housed slot having electrically conductive pads, pins, or sockets to removably or releasably receive a NVMM in the form of a nonvolatile memory card having corresponding electrically conductive pads, sockets or pins that communicate with nonvolatile memory elements on the card. In some implementations, the nonvolatile memory elements or persistent storage elements may comprise flash or solid-state memory elements. In other implementations, CCI 24 may have other constructions.
[00027] Memory controller 28 comprises a processing unit and associated non-transitory computer-readable medium that contains instructions for directing the processor of memory controller 28. Memory controller 28 manages the flow of data going to and from addressable memory 32 of computing device 20. Memory controller 28 contains logic to facilitate reading from and writing to addressable memory 32. Memory controller 28 may be in the form a digital circuit. In some implementations, memory controller 28 may comprise an integrated memory controller.
[00028] As schematically represented by broken line arrow 33, memory controller 28, following the instructions contained in its non-transitory computer-readable medium, expands addressable memory 32 using NVMM 40. In some implementations, this may result in the working memory or addressable memory 32 of computing device 20 including both the volatile memory of computing device 20 (such as a DRAM) and the memory are memory space provided by the releasably connected NVMM 40. Following the expansion of the addressable memory 32 to include NVMM 40, memory controller 28 further utilizes the expanded addressable memory of NVMM 40 to (1 ) store an application 50 in the NVMM portion of the expanded addressable memory 32, and (2) store any settings 52 for the application 50 in the NVMM portion of the expanded addressable memory. Such settings may exist at the time that application 50 is stored in the NVMM portion of addressable memory 32 or may be established during execution of the application 50 by computing device 20. As further shown by Figure 1 , during execution or use of application 50 by computing device 20, data 54 may be generated. Memory controller 28 further stores the application generated data 54 in the expanded addressable memory. In some implementations, each of the application 50, its settings 52 and the application generate data 54 are not concurrently or later stored in the volatile memory (such as a randomaccess memory in the form of a dynamic random-access memory (DRAM)) of computing device 20. As a result, application 50 and its entire working environment are contained in the memory or memory storage space of NVMM 40 while NVMM 40 is releasably connected to CCI 24 and following the release or disconnection of NVMM 40 from CCI 24. This has two implications: (1 ) the application and its entire working environment (comprising both settings and data) contained on NVMM 40 may be easily transferred to a different computing device for resumption of use of the application on the different computing device; and (2) the application and its working environment contained on NVMM 40 may be easily withdrawn, in their entirety, from the computing device for enhanced security.
[00029] Figure 2 is a flow diagram of an example application security and mobility method 100. Like computing device 20, method 100 facilitates the transfer of an entire computer application, its settings and generated data using a hot-swappable NVMM to enhance both application mobility and security. Although method 100 is described in the context of being carried out using computing device 20, it should be appreciated that method 100 may be carried out using other similar computing devices.
[00030] As indicated by block 104, a NVMM 40 is releasably or removably connected to a CCI 24 of computing device 20. Such a connection may occur through the electrical mating between contact pads, pins and/or sockets of the CCI 24 and NVMM 40.
[00031] As indicated by block 106, memory controller 28 expands the working or addressable memory 32 of the computing device 20 using NVMM 40. As indicated by block 108, memory controller 28 further stores and application, or multiple applications, on the NVMM 40. As indicated by block 1 10, memory controller 28 stores the settings for the application, or multiple applications, on the NVMM 40. As indicated by block 1 12, memory controller 28 stores data, generated during execution of the application, or multiple applications, on NVMM 40. The storing of the application, the storing of the settings and the storing of the application generated data are on those portions of the NVMM 40 that serve as part of the working or addressable memory of computing device 20 while NVMM 40 is releasably connected to CCI 24.
[00032] Figure 3 is a block diagram schematically illustrating the disconnection of NVMM 40 from computing device 20 and the releasable connection of the same NVMM 40 to a second different computing device 120. Figure 3 illustrates the hot swapping of NVMM 40 between computing devices 20 and 120. Figure 3 illustrates an example of how the second different competing device 120 may automatically facilitate resumption of application 50 without installation or configuring tasks, providing more efficient user mobility and productivity.
[00033] As shown by Figure 3, computing device 120 is similar to computing device 20 in that computing device 120 comprises CCI 24 and memory controller 28. In the example illustrated, CCI 24 and memory controller 28 of computing device 120 function as described above with respect to computing device 20 when receiving a NVMM 42 receive an application and to run a new application. As described with respect to Figure 3, memory controller 28 of computing device 120 (and of computing device 20) is to determine whether a newly connected NVMM 40 already contains an existing application. Upon identifying the existence of an application already on a newly connected NVMM 40, memory controller 28 automatically expands the addressable memory 32 of computing device 120 using the newly connected NVMM 40 as indicated by broken line arrow 133. Thereafter, memory controller 28 resumes execution of the application 50, stored in the NVMM portion of the addressable memory 32, from where the application left off following its disconnection from computing device 20. Memory controller 20 resumes execution the application 50 employing the same application 52 and possibly utilizing the same application generated data 54 as stored on the NVMM 40 at the time that NVMM 40 was disconnected from computing device 20.
[00034] In some implementations, NVMM 40 may store multiple applications, including the different application settings and the different application generated data for the different multiple applications. In some implementations, memory controller 28 may carry out one of two possible actions: (A) storing a new application comments application settings and generated application data on a newly connected NVMM 40 or (B) executing an existing application using existing settings and existing generated application data on a newly connected NVMM 40. In such implementations, memory controller 28 may prompt a user, on a display, to choose which of the two possible actions are to be taken. In instances where memory controller 28 identifies multiple existing applications along with their respective different application settings and respective sets of application generated data on a newly connected NVMM 40, memory controller 28 may identify each of the identified applications to the user, such as on a display. Memory controller 28 may further prompt the user to select which of the multiple existing application should be executed or whether a new application should be stored on NVMM 40 as part of the addressable memory 32.
[00035] Figure 4 is a flow diagram of an example application security and mobility method 200. Figure 4 and method 200 illustrate an example of how ongoing execution of application currently residing on a NVMM 40 may be quickly and easily resumed after being hot swapped green first and second computing devices. Method 200 may follow or be a continuation of method 100 described above.
[00036] As indicated by block 214, NVMM 40 is disconnected from the CCI 24 of computing device 20 and is removably connected to the CCI 24 of the second computing device 120. As indicated by block 216, memory controller 28 of computing device 120 expands its working or addressable memory 32 using the NVMM 40. In one implementation, the expanded addressable memory 32 comprises the volatile memory (such as DRAM) of computing vice 120 and the nonvolatile memory or storage space provided by NVMM 40. As indicated by block 218, memory controller 28 carries out various read and write operations to execute the application 50, stored in the NVMM portion of address memory 32, using the settings 52 and the data 54 stored in NVMM 40 and serving as part of addressable memory 32.
[00037] Figure 5 is a block diagram schematically illustrating the hot swapping of an example NVMM 40 between two running computing devices 320 and 420. Figure 5 illustrates an example of how disconnection consistence and compatibility may be implemented during such a hot swap of NVMM 40. In the example illustrated, those components of computing devices 320 and 420 which correspond to components of computing devices 20 and 120 are numbered similarly.
[00038] In the example illustrated, computing devices 320 and 420 are each similar to one another. Each of computing devices 320 and 420 comprises CCI 24, microprocessors 56-1 ... 56-n (collectively referred to as microprocessors 56), software architecture and hardware drivers 58, nonvolatile memory 60, volatile memory in the form of DRAM 62, input 64, display 66, and memory controller 328.
[00039] Microprocessors 56 carry out the execution of application 50 as well as the execution of any other applications being run by computing devices 320 and 420. Each of microprocessors 56 may include an associated cache 57. In some implementations, computing device 420 may comprise a single microprocessor 56 with an associated cache 57. As discussed above, CCI 24 is connected to each of the caches 57 and DRAM 62 to facilitate cache coherency between the caches 57 and DRAM 62. CCI 24 further connects a received NVMM 42 memory controller 328 to further facilitate cache coherency between caches 57 and those portions of NVMM 40 used to extend the addressable memory 32.
[00040] Software architecture and hardware drivers 58 are associated with each of computing devices 320 and 420. Each of such architectures and drivers may have associated settings. In some implementations, the software architecture and hardware drivers 58 of computing device 320 may be different than the software architecture and hardware drivers 58 of computing device 420. Differences in the software architecture and hardware drivers 58 of computing devices 320 and 420 may result in incompatibilities that inhibit or prevent the proper execution of application 50 on both of computing devices 320 and 420.
[00041] Nonvolatile memory 60 comprise a persistent storage residing on each of computing devices 320 and 420. Nonvolatile memory 60 may be in the form of a hard disk drive or a solid-state storage device. Nonvolatile memory 60 may store applications, application settings and application generated data. Execution of such applications is generally carried out using a temporary copy of the application in DRAM 62 of the working or addressable memory 32.
[00042] DRAM 62 comprises a volatile memory that resides on each of computing devices 320 and 420. DRAM 62 forms part of the working or addressable memory 32 for each of computing device 320 and 420. DRAM 62 may be used to temporarily store applications, application settings and application generated data until storage and nonvolatile memory 60. Any applications, settings or data stored in DRAM 62 may be lost upon powering down of the associated computing device 320, 420.
[00043] Input 64 comprises a user interface by which selections, commands or other input may be provided to the associated computing device 320, 420. Input 64 may have many forms. Examples of input 64, include, but are not limited to, a keyboard, a mouse, a touchpad, a touch screen (provided by display 66), a microphone which associated speech recognition software and the like. As will be described hereafter, input 64 may facilitate the input of a request for operation in a “safe state” to preserve data integrity prior to withdrawal or disconnection of NVMM 40. As we described hereafter, input 64 may further facilitate the input of a request by user or the computing device to modify various settings to achieve compatibility between the application stored on NVMM 40 and the computing device to which NVMM 40 is releasably connected.
[00044] Display 66 comprises a screen providing visual data to a user. In some implementations, display 66 may be fixed to the remaining components of computing device 320, 420, being a permanent part of the computing device 320, 420. In some implementations, display 66 may be releasably connected (by a cord) to the associated computing device 320, 420. As discussed above, some implementations, display 66 may be a touchscreen so as to also serve as input 64. Display 66 facilitates the presentation of prompts requesting input from a user regarding entry into the “safe state” prior to withdrawal or disconnection of NVMM 40 and/or authorization for compatibility modifications when compatibilities are identified with respect to an application to be run from a newly connected NVMM 40.
[00045] Memory controller 328 is similar to memory controller 28 described above except that memory controller 328 further carries out disconnection consistence and compatibility checking functions. Memory controller 328 comprises processor 370, addressable memory instructions 372, memory control instructions 374, disconnection consistence instructions 378 and compatibility instructions 380. Instructions 372, 374, 378 and 380 are each contained on a non-transitory computer-readable medium and direct the operation of processor 370. Such instructions may be in the form of an integrated circuit with logic elements or may be provided as software or code stored on nonvolatile memory such as a nonvolatile memory of memory controller 328 or memory 60. [00046] Addressable memory instructions 372 and memory control instructions 374 direct processor 370 to carry out methods 100 and 200 described above. Addressable memory instructions 372 372 expand the addressable memory 32 of computing device 320, 420 using a NVMM, such as NVMM 40, that is releasably connected to CCI 24. Memory control instructions direct processor 370 to either: (1 ) store an application 50, it settings 52 and any data 54 generated by execution of the application in the NVMM portion (the portion provided by NVMM 40) of addressable memory 32, or (2) execute an existing application directly from the NVMM portion of addressable memory 32, using the settings 52 and data 54 existing in the NVMM portion 40 of the addressable memory 32 without copying the application 50, settings 52 or data 54 from the NVMM portion of addressable memory 32 to nonvolatile memory 60 or other portions of addressable memory 32, such as DRAM 62. In other words, memory controller 328 runs or executes an application 50 (along with its settings 52 and existing generated data 54) directly from the NVMM 40 just as if the application had been temporarily stored in the volatile memory of the computing device, such as the DRAM 62. Any newly generated data resulting from the execution of the application 50 is also directly stored on NVMM 40.
[00047] As discussed above with respect to memory controller 28, in some implementations, memory controller 328 may determine whether a newly connected NVMM 40 already contains an existing application. Upon identifying the existence of an application already on a newly connected NVMM 40, memory controller 28 automatically expands the addressable memory 32 of computing device 120 using the newly connected NVMM 40 as indicated by broken line arrow 133. Thereafter, memory controller 28 resumes execution of the application 50, stored in the NVMM portion of the addressable memory 32, from where the application left off following its disconnection from computing device 20. Memory controller 328 resumes execution the application 50 employing the same application settings 52 and possibly utilizing the same application generated data 54 as stored on the NVMM 40 at the time that NVMM 40 was disconnected from computing device 20.
[00048] In some implementations, NVMM 40 may store multiple applications, including the different application settings and the different application generated data for the different multiple applications. In some implementations, memory controller 328 may carry out one of two possible actions: (A) storing a new application comments application settings and generated application data on a newly connected NVMM 40 or (B) executing an existing application using existing settings and existing generated application data on a newly connected NVMM 40. In such implementations, memory controller 28 may prompt a user, on a display, to choose which of the two possible actions are to be taken. In instances where memory controller 328 identifies multiple existing applications along with their respective different application settings and respective sets of application generated data on a newly connected NVMM 40, memory controller 328 may identify each of the identified applications to the user, such as on display 66. Memory controller 28 may further prompt the user, using display 66, to select, using input 64, which of the multiple existing application should be executed or whether a new application should be stored on NVMM 40 as part of the addressable memory 32.
[00049] Disconnection consistence instructions 378 provide a “safe state” to reduce the likelihood of settings or data being lost upon disconnection of NVMM 40 from a computing device, such as from computing device 320 or from computing device 420. The disconnection consistence instructions 378 direct processor 370 to keep track of the last consistence data of the system (hardware configuration, DRAM cache data in cycling, state of the addressable nonvolatile memory and the like). Each time an application is to be loaded into the NVMM or a modification operation is to occur, the consistence instructions 378 direct processor 370 to record the state from the CPU instructions and save the state in DRAM, wherein the state is committed into the NVMM 40 upon a determination that the operation was successful. Immediately upon commitment of the state to the NVMM, and prior to a shutdown of the computing device, disconnection consistence instructions 378 may further automatically direct processor 370 to clear or clean the temporarily stored state in the DRAM and clean any caches containing the temporarily stored state that was committed to the NVMM. In some implementations, the automatic removal of the temporarily stored state in DRAM, prior to shut down of the computing device 320, 420, may be omitted, where the temporarily stored data on the DRAM may instead be automatically removed by the act of shutting down the computing device (discontinuing the supply of power to DRAM) following the storing of the state in the NVMM 40. As a result, a user may simply unplug the NVMM 40 with reduced concern about data integrity.
[00050] A user may create or initiate a safe state by indicating a forthcoming removal or disconnection of NVMM 40 using either a physical button or a software call on the system using input 64. For example, prior to withdrawing the NVMM 40, the user may actuate a physical button (forming part of input 64) on the computing device or trigger a software call (using input 64) on the computing device 320, 420. Actuation of the physical button or triggering of the software call may result in the consistence instructions 378 directing processor 370 to record a current state of the application 50 from the CPU instructions in the DRAM 62 of the computing device 320, 420, wherein the state is committed into the NVMM 40 upon a determination that the saving of the current state in the DRAM 62 has been executed. Upon storing the state in the NVMM 40, the computing device may indicate to the user, on display 66, that NVMM 40 is ready for removal or disconnection. In addition, upon the sensed or detected removal or disconnection of NVMM 40 from CCI 24, disconnection consistence instructions 378 may automatically direct processor 370 to remove the previously stored state from the DRAM 62 of the computing device 320, 420. In some implementations, the automatic removal of the temporarily stored state in DRAM 62, prior to shut down of the computing device 320, 420, may be omitted, where the temporarily stored data on the DRAM may instead be automatically removed by the act of shutting down the computing device (discontinuing the supply of power to DRAM 62) following the storing of the state in the NVMM 40.
[00051] Compatibility instructions 380 direct the processor 370 to, upon connection of the NVMM 40 to the CCI 24, determine presence of an existing application 50 or existing settings 52 on the NVMM 40 releasably connected to the CCI 24; and verify compatibility of the existing application 50 or the existing settings 52 stored in the NVMM 40 with software architecture and hardware drivers 58 of the computing device 320, 420. In some implementations, upon identifying an incompatibility, compatibility instructions 380 direct processor 370 to cease interaction with NVMM 40 or with the particular application on NVMM 40 selected for execution. In some implementations, upon identifying an incompatibility, compatibility instructions 380 direct processor 370 to auto-modify those settings on either or both of NVMM 40 or the computing device 320, 420 that are incompatible to facilitate execution of the application directly from NVMM 40 forming part of the addressable memory 32.
[00052] Once the incompatible settings have been adjusted or modified to achieve compatibility, addressable memory instructions 372 and memory control instructions 374 proceed with carrying out method 100 described above. Addressable memory instructions 372 the addressable memory 32 using the newly connected NVMM 40. Memory control instructions 374 execute the application 50 stored on NVMM 40 and use the settings 52 and data 54 directly from the NVMM portion of the expanded addressable memory 32 just as if the application, its settings, and data had been copied to DRAM 62 indirectly run from DRAM 62.
[00053] In some implementations, compatibility instructions 380 provide two modes for addressing an identified incompatibility: (1 ) seizing interaction with NVMM 40 or with the particular application 50 on NVMM 40 and (2) modifying settings to achieve compatibility. In some implementations, compatibility instructions 380 may direct processor 370 to assess the correct ability of the identified incompatibility and may automatically select one of the two modes depending upon the extent of the incompatibility, whether the incompatibility may be fixed. In some implementations, the user of computing device 320, 420 may be provided with a prompt on display 66 requesting selection of one of two modes.
[00054] Figure 6 is a flow diagram of an example application security and mobility method 500. Method 500 is similar to method 100 described above except that method 500 additionally involves the provision of a “safe state” wherein the state of NVMM stored on the computing device prior to the disconnection of the NVMM from the computing device. Although method 500 is described in the context of being carried out by computing device 320, following disconnection consistence instructions 378, it should be appreciated that method 500 may be carried out in other manners in accordance with other instructions on other computing devices.
[00055] As indicated by block 504, a NVMM 40 is removably connected to a CCI 24 of computing device 320. As indicated by block 506, addressable memory instructions 372 direct processor 370 to expand the addressable memory 32 using the newly attached NVMM 40. As described above, in some implementations, compatibility instructions 380 may direct processor 370 to additionally carry out a compatibility check for the newly connected NVMM 40.
[00056] As indicated by block 508, memory control instructions 374 direct processor 370 to store and application 50 on NVMM 40. As indicated by block 510, memory control instructions 374 direct processor 370 to store any settings 52 for application 50 on NVMM 40. As indicated by block 512, memory control structure 374 direct processor 370 to store any data 54 generated during the execution of application 50 on NVMM 40.
[00057] As indicated by block 520, disconnection consistence instructions 378 direct processor 370 to store a state of NVMM 40 on computing device 320. Examples of the data pertaining to the state of NVMM 40 that may be stored prior to removal of NVMM 40 or disconnection of NVMM 40 include, but are not limited to, operations being executed, the stack of operations for undo/redo commands, application state and the like.
[00058] As described above, in some implementations, the storing of the state of NVMM 40 on computing device 320 may be triggered by a “safe state” input or request. For example, prior to withdrawing the NVMM 40, the user may actuate a physical button (forming part of input 64) on the computing device or trigger a software call (using input 64) on the computing device 320, 420. Actuation of the physical button or triggering of the software call may result in the consistence instructions 378 directing processor 370 to record a current state of the application 50 from the CPU instructions in the DRAM 62 of the computing device 320, 420, wherein the state is committed into the NVMM 40 upon a determination that the saving of the current state in the DRAM 62 has been executed. Upon storing the state in the NVMM 40, the computing device may indicate to the user, on display 66, that NVMM 40 is ready for removal or disconnection.
[00059] As indicated by block 522, NVMM 40 is disconnected from CCI 24 of computing device 320. Upon computing device 320 sensing our detecting the removal or disconnection of NVMM 40 from CCI 24, disconnection consistence instructions 378 may automatically direct processor 370 to remove the previously stored state from the DRAM 62 of the computing device 320, 420.
[00060] Figure 7 is a flow diagram illustrating an example application security and mobility method 600. Method 600 is similar to method 200 described above except that method 600 carries out a compatibility check prior to execution of the application on a newly connected NVMM 40. Although method 600 is described in the context of being carried out by computing system 420, following compatibility instructions 380, it should be appreciated that method 600 may be carried out in other manners in accordance with other instructions on other computing devices.
[00061] As indicated by block 614, NVMM 40 is disconnected from CCI 24 of computing device 320 and is removably connected to CCI 24 of a second computing device, computing device 420. As indicated by blocks 620 and 622, compatibility instructions 380 direct processor 370 to verify the compatibility of the application 50 and the settings 52 stored in NVMM 40, which are to be executed by computing device 420, with the software architecture and hardware drivers 58 of computing device for 20. In some implementations, the verification of compatibility is automatically carried out in response to computing device for 20 sensing our detecting the connection of NVMM 42 CCI 24 of computing device 420. For example, in some implementations, compatibility instructions 380 may direct processor 370 to compare drivers and dependent software versions as well as hardware firmware versions, dependencies and configurations.
[00062] As indicated by blocks 624 and 626, method 600 provides two different options for addressing and identified incompatibility. Pursuant to block 624, method 600 may operate in a first mode wherein compatibility instructions 380 direct processor 370 to auto-modify those settings on either or both of NVMM 40 or the computing device 420 that are incompatible to facilitate execution of the application directly from NVMM 40 forming part of the addressable memory 32. For example, settings such as available cache size and information related to the new computing device, such as display options and components available, such as the type of input devices and the type of display and the video resolution may be modified on NVMM 40 or settings, such as driver versions by an update or removal and installation of a previous update, may be modified on computing device 420 to provide compatibility so as to facilitate execution of the application 50 on competing device 420.
[00063] In some implementations, compatibility instructions 380 further direct processor 370 to evaluate the nature of the incompatibility or whether the incompatibility may be addressed by modifying the aforementioned settings. In some implementations, compatibility instructions 380 may direct processor 370 to automatically auto-modify the incompatible settings pursuant to block 624 in response to determining that such settings are modifiable so as to properly fix the incompatibility and permit execution of application 50 on computing device 420. Alternatively, in response to determining that such settings are not modifiable, compatibility instructions 380 may automatically direct processor 370 to carry out the second mode in which interaction with NVMM 40 is automatically ceased pursuant to block 626. In yet other implementations, where computing device 420 determines that the incompatibility is correctable through the modification of settings, compatibility instructions 380 may direct processor 370 to prompt a selection of either mode 1 or mode 2 pursuant to block 624 and 626, respectively, from a user using input 64 and display 66.
[00064] As indicated by block 628, in response to a determination that the application 50 and its settings 52 stored on NVMM 40 are compatible with the software architecture and hardware drivers 58 (or their settings) of computing device 420, addressable memory instructions 374 may direct processor 370 to proceed with expanding the addressable memory 32 of computing device for 20 using NVMM 40. Memory control instructions 374 may further direct processor 370 to execute the application 50 stored on NVMM 40 using the settings 52 and the data 54 start on NVMM 40. As discussed above, the execution of application 50 is directly from the NVMM portion of the expanded addressable memory 32 without application 50, its settings or any associated generated data 54 being copied to DRAM 62 or other portions of the working or addressable memory 32. [00065] Overall, the example computing devices 320, 420 and methods 500, 600 facilitate the transfer of an entire computer application 50, its settings 52 and generated data 54 using a hot-swappable NVMM 40. A user using an application on a first computing device 320 may withdraw the NVMM 40 from the first computing device 320, while the first computing device 320 is running, and simply plug the same NVMM 40 into a second different computing device for 20, wherein entire working environment of the application 50 is immediately transferred over to the working or addressable memory 32 of the second computing device for 20, ready for use on the second computing device for 20 by the user. Because the application 50 is run directly from the NVMM Ford, just as if the application 50 and its working environment had been copied to and directly run from the DRAM 62 of the second computing device for 20, such a transfer may be carried out without copying of the application 50 or its working environment (settings 52 and data 54) to the existing volatile working/addressable memory (DRAM 62) of the second computing device for 20 or the existing nonvolatile memory 60 of the second computing device for 20. Such a transfer may be carried out without any installation or configuring tasks, providing more efficient user mobility and productivity.
[00066] Because the example computing devices 320, 420 and methods 500, 600 facilitate the transfer of an entire computer application 50, its settings 52 and generated data 54 using a hot-swappable NVMM 40, security operations may be further enhanced. For example, a user may withdraw the hot-swappable NVMM 40, wherein the entire working environment of an application 50 is contained on the NVMM 40. This entire working environment may be solely contained in the NVMM 40, reducing any risk of confidential information being retained on the original computing device 320 or in the memory of the original computing device 320. The NVMM may be stored in a secure location until a resumption of use of the application 50 and the existing working environment at a later time. [00067] Although the present disclosure has been described with reference to example implementations, workers skilled in the art will recognize that changes may be made in form and detail without departing from the disclosure. For example, although different example implementations may have been described as including features providing various benefits, it is contemplated that the described features may be interchanged with one another or alternatively be combined with one another in the described example implementations or in other alternative implementations. Because the technology of the present disclosure is relatively complex, not all changes in the technology are foreseeable. The present disclosure described with reference to the example implementations and set forth in the following claims is manifestly intended to be as broad as possible. For example, unless specifically otherwise noted, the claims reciting a single particular element also encompass a plurality of such particular elements. The terms “first”, “second”, “third” and so on in the claims merely distinguish different elements and, unless otherwise stated, are not to be specifically associated with a particular order or particular numbering of elements in the disclosure.

Claims

26 WHAT IS CLAIMED IS:
1 . An application security and mobility method comprising: removably connecting a non-volatile memory module (NVMM) to a cache coherent interface (CCI) of a computing device; expanding addressable memory of the computing device using the NVMM; storing an application on the NVMM; storing settings for the application in the NVMM; and storing data generated by the application in the NVMM.
2. The method of claim 1 further comprising: disconnecting the NVMM from the CCI of the computing device and removably connecting the NVMM to a second CCI of a second computing device; expanding addressable memory of the second computing device into the NVMM; and executing the application stored on the NVMM with the second computing device using the settings and the data stored in the NVMM.
3. The method of claim 2 further comprising: verifying compatibility of the application and settings stored in the NVMM with software architecture and hardware drivers of the second computing device upon connection of the NVMM to the CCI of the second computing device.
4. The method of claim 3 further comprising: in response to determining an incompatibility of the application or settings stored in the NVMM with software architecture and hardware drivers of the second computing device, ceasing further interaction with the NVMM until the compatibility is verified.
5. The method of claim 4 further comprising: automatically modifying a setting of the second computing device based on the incompatibility to achieve compatibility.
6. The method of claim 2 further comprising: storing a state of the NVMM on the computing device prior to the disconnecting of the NVMM from the CCI of the computing device.
7. The method of claim 6, wherein the storing of the state of the NVMM on the computing device prior to the disconnecting of the NVMM from the CCI of the computing device is in response to a disconnection request input.
8. The method of claim 6, wherein the state of the NVMM stored on the computing device prior to the disconnecting of the NVMM from the CCI of the computing device is selected from a group of states consisting of: a hardware configuration of the computing device; dynamic random access memory (DRAM) cached data and cycling; and a state of addressable memory of the NVMM.
9. The method of claim 1 , wherein the data generated by the application and stored in the NVMM is not stored in the computing device.
10. An application security and mobility computing device comprising: a cache coherent interface (CCI) to be releasably connected to a non-volatile memory module (NVMM); a memory controller to: store an application on the NVMM; expand addressable memory of the computing device using the NVMM; store settings for the application in the NVMM; and store data generated by the application in the NVMM.
1 1 . The computing device of claim 10, wherein the memory controller is to further: upon connection of the NVMM to the CCI, determine presence of an existing application or existing settings on the NVMM releasably connected to the CCI; and verify compatibility of the existing application or the existing settings stored in the NVMM with software architecture and hardware drivers of the computing device.
12. The computing device of claim 10, wherein the memory controller is to store a state of the NVMM on the computing device prior to disconnecting of the NVMM from the CCI of the computing device.
13. The computing device of claim 12, wherein the memory controller is to store the state of the NVMM on the computing device prior to the 29 disconnecting of the NVMM from the CCI of the computing device in response to a disconnection request input.
14. A non-transitory computer-readable medium comprising application security and mobility instructions for directing a processor, the instructions comprising: addressable memory instructions to direct the processor to expand addressable memory of a computing device into a nonvolatile memory module (NVMM) that is releasably connected to a cache coherent interface (CCI) of the computing device; and memory control instructions to direct the processor to store an application in the NVMM and to store settings for the application and data generated by execution of the application in addressable memory of the computing device contained in the NVMM.
15. The non-transitory computer-readable medium of claim 14, wherein the instructions further comprise: compatibility instructions to direct the processor to, upon connection of the NVMM to the CCI, determine presence of an existing application or existing settings on the NVMM releasably connected to the CCI; and verify compatibility of the existing application or the existing settings stored in the NVMM with software architecture and hardware drivers of the computing device; and disconnection consistence instructions to direct the processor to store a state of the NVMM on the computing device 30 prior to disconnection of the NVMM from the CCI of the computing device.
PCT/US2021/014779 2021-01-22 2021-01-22 Application security and mobility WO2022159107A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/US2021/014779 WO2022159107A1 (en) 2021-01-22 2021-01-22 Application security and mobility

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2021/014779 WO2022159107A1 (en) 2021-01-22 2021-01-22 Application security and mobility

Publications (1)

Publication Number Publication Date
WO2022159107A1 true WO2022159107A1 (en) 2022-07-28

Family

ID=82549153

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2021/014779 WO2022159107A1 (en) 2021-01-22 2021-01-22 Application security and mobility

Country Status (1)

Country Link
WO (1) WO2022159107A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1995019608A1 (en) * 1994-01-14 1995-07-20 Cp8 Transac A secure application card for sharing application data and procedures among a plurality of microprocessors
WO2008125479A1 (en) * 2007-04-12 2008-10-23 Gemalto Sa Method of secure execution of an application
US20130318577A1 (en) * 2011-12-30 2013-11-28 Mallik Bulusu Trusted application migration across computer nodes
US9432298B1 (en) * 2011-12-09 2016-08-30 P4tents1, LLC System, method, and computer program product for improving memory systems

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1995019608A1 (en) * 1994-01-14 1995-07-20 Cp8 Transac A secure application card for sharing application data and procedures among a plurality of microprocessors
WO2008125479A1 (en) * 2007-04-12 2008-10-23 Gemalto Sa Method of secure execution of an application
US9432298B1 (en) * 2011-12-09 2016-08-30 P4tents1, LLC System, method, and computer program product for improving memory systems
US20130318577A1 (en) * 2011-12-30 2013-11-28 Mallik Bulusu Trusted application migration across computer nodes

Similar Documents

Publication Publication Date Title
US8464257B2 (en) Method and system for reducing power loss to backup IO start time of a storage device in a storage virtualization environment
US8266398B2 (en) Method and apparatus for preserving memory contents during a power outage
CN103207975B (en) The method of protection password and computing machine
TWI471726B (en) Managing cache data and metadata
CN104850435B (en) Power source management controller and method
US10754558B2 (en) Vehicular device
US8984316B2 (en) Fast platform hibernation and resumption of computing systems providing secure storage of context data
JP6399916B2 (en) Information processing apparatus and control method thereof
TW201239759A (en) BIOS update method and computer system for using the same
TW201520895A (en) System and method for automatically recovering BIOS of a computer
CN114879828A (en) Firmware interface with persistent memory storage
KR101673299B1 (en) Operating system recovery method and apparatus, and terminal device
KR20140121233A (en) Electronic device having a booting function of operating system by bootloader, method of performing the same function and storage medium
JP2008287505A (en) Information processor and legacy emulation processing stop control method
US20190004818A1 (en) Method of UEFI Shell for Supporting Power Saving Mode and Computer System thereof
JP2010277194A (en) Storage device, data processing method and data processing program
TW201533569A (en) Computer system and control method
CN112020843A (en) Temporary area in non-volatile memory device
KR20080057688A (en) Method for booting operating system using of non volatile memory
JP2003085041A (en) Disc cache system
JP2002099390A (en) Disk controller
US20130166852A1 (en) Method for hibernation mechanism and computer system therefor
WO2022159107A1 (en) Application security and mobility
JP2003122644A (en) Computer and its storage device
JPH1091296A (en) Information processing device and method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21921566

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21921566

Country of ref document: EP

Kind code of ref document: A1