Flexible byzantine fault tolerance
Granted: November 7, 2023
Patent Number:
11809288
A method and system for performing a flexible Byzantine fault tolerant (BFT) protocol. The method includes sending, from a client device, a proposed value to a plurality of replica devices and receiving, from at least one of the plurality of replica devices, a safe vote on the proposed value. The replica device sends the safe vote, based on a first quorum being reached, to the client device and each of the other replica devices of the plurality of replica devices. The method further…
Generative adversarial network based predictive model for collaborative intrusion detection systems
Granted: November 7, 2023
Patent Number:
11811791
Described herein are embodiments for transferring knowledge of intrusion signatures derived from a number of software-defined data centers (SDDCs), each of which has an intrusion detection system (IDS) with a convolutional neural network (CNN) to a centralized neural network. The centralized neural network is implemented as a generative adversarial neural network (GANN) having a multi-feed discriminator and a generator, which is trained from the discriminator. Knowledge in the GANN is…
Authentication of plugins in a virtualized computing environment
Granted: November 7, 2023
Patent Number:
11811749
Plugins are authenticated for purposes of accessing and using application program interfaces (APIs) of a management service of a virtualized computing environment. In an authentication process, each plugin is associated with a session ticket that is unique to the plugin. The session ticket may be in the form of a single-use token that has a finite duration, and which may be used by the plugin to establish a session with the APIs of the management service. Because of the single-use and…
Direct communication between endpoints across remote sites
Granted: November 7, 2023
Patent Number:
11811656
A method for direct communication between a source endpoint executing in a first datacenter and a destination endpoint executing in a second datacenter. The method receives, at a gateway of the second datacenter, a packet sent by the source endpoint, the packet having a header that includes a source IP address corresponding to a public IP address of the first datacenter, a destination IP address corresponding to a public IP address of the second datacenter, and source and destination…
Logical network packet handling on physical network interface controller (PNIC)
Granted: November 7, 2023
Patent Number:
11811559
Example methods and systems for logical network packet handling are described. In one example, a physical network interface controller (PNIC) may receive an egress packet associated with a packet flow via a first virtual function supported by the PNIC. The PNIC may steer the egress packet towards a processing pipeline by applying a filter associated with the first virtual function or content of the egress packet, or both. The egress packet may be processed using the processing pipeline…
Load balancing of cloned virtual machines
Granted: November 7, 2023
Patent Number:
11809913
Disclosed herein are embodiments for managing the placement of virtual machines in a virtual machine network. In an embodiment, a method involves determining whether to separate at least one virtual machine in a set of virtual machines supporting a process and running on a first host computer from other virtual machines in the set. If at least one virtual machine is to be separated, then at least one virtual machine is selected based on a number of memory pages changed. The selected…
Virtual disk blueprints for a virtualized storage area network utilizing physical storage devices located in host computers
Granted: November 7, 2023
Patent Number:
11809753
Techniques are described for storing a virtual disk in an object store comprising a plurality of physical storage devices housed in a plurality of host computers. A profile is received for creation of the virtual disk wherein the profile specifies storage properties desired for an intended use of the virtual disk. A virtual disk blueprint is generated based on the profile such that that the virtual disk blueprint describes a storage organization for the virtual disk that addresses…
Image file optimizations by opportunistic sharing
Granted: November 7, 2023
Patent Number:
11809751
Container images are fetched in a clustered container host system with a shared storage device. Fetching a first container image in a first virtual machine includes creating a first virtual disk in the shared storage device, storing an image of the first container in the first virtual disk, mounting the first virtual disk to the first virtual machine, and updating a metadata cache to associate the image of the first container to the first virtual disk. Fetching a second container image…
Systems and methods for improved authentication
Granted: November 7, 2023
Patent Number:
11809529
When a user attempts to access a first application installed on a user device, it can send an authentication request to an authentication server. The authentication server can assign a unique request token to the request and load a script to a component of the operating system executing on the user device that displays content within the first application. The script can cause a portal application to launch on the user device. The portal application can send a request to the…
Two-round byzantine fault tolerant (BFT) state machine replication (SMR) protocol with linear authenticator complexity and optimistic responsiveness
Granted: November 7, 2023
Patent Number:
11809453
The present disclosure is directed to a leader-based partially synchronous BFT SMR protocol that improves upon existing protocols by exhibiting two rounds of communication latency, linear authenticator complexity, and optimistic responsiveness. This is achieved through the novel use of an aggregate signature scheme as part of the protocol's view-change procedure.
Methods and apparatus to manage resources when performing an account health check
Granted: November 7, 2023
Patent Number:
11809265
Methods, apparatus, systems, and articles of manufacture to manage resources when performing an account health check are disclosed. An example apparatus includes memory; computer readable instructions; and processor circuitry to execute the computer readable instructions to: perform health checks on a cloud account at a first polling frequency; after a failure count at the first polling frequency meets a first threshold, perform the health checks on the cloud account at a second polling…
Efficient bit compression for direct mapping of physical memory addresses
Granted: October 31, 2023
Patent Number:
11803304
Disclosed are various examples of providing efficient bit compression for direct mapping of physical memory addresses. In some examples, a hypervisor operating system component generates a mask of used address space bits indicated by memory map entries for a computing device. A longest range of unused address space bits is identified using the mask. The memory map entries are transformed to omit the longest range of unused address space bits.
Establishing trust between two devices for secure peer-to-peer communication
Granted: October 31, 2023
Patent Number:
11804969
Systems and methods are described for establishing trust between two devices for secure peer-to-peer communication. In an example, a first and a second device can each possess a digital signature issued by the same certificate authority and a hash function issued by the same trusted entity. The devices can exchange public keys that include their respective digital signatures. The second device can verify the first device's digital signature, encrypt an encryption key with the second…
Workflow service email integration
Granted: October 31, 2023
Patent Number:
11803816
Disclosed are various approaches for workflow service email integration. In some examples, an email application executed on a client device receives an email message that includes a workflow micro application. The workflow micro application has a workflow information component, and evaluation component, and a workflow actions component. The evaluation component identifies a presence or an absence of a management software development kit (SDK) on the client device. The email application…
Storing data in a log-structured format in a two-tier storage system
Granted: October 31, 2023
Patent Number:
11803469
The disclosure herein describes storing data using a capacity data storage tier and a smaller performance data storage tier. The capacity data storage tier includes capacity data storage hardware configured to store log-structured leaf pages (LLPs), and the performance data storage tier includes performance data storage hardware. A virtual address table (VAT) includes a set of virtual address entries referencing the LLPs. A tree-structured index includes index nodes referencing the set…
Boot failure protection on smartNICs and other computing devices
Granted: October 31, 2023
Patent Number:
11803445
Boot failure protection on smartNICs and other computing devices is described. During a power-on stage of a booting process for a computing device, a boot loading environment is directed to install an application programming interface (API) able to be invoked to control operation of a hardware-implemented watchdog. During an operating system loading stage of the booting process, the application programming interface is invoked to enable the hardware-implemented watchdog. During an…
Automated methods and systems for troubleshooting and optimizing performance of applications running in a distributed computing system
Granted: October 31, 2023
Patent Number:
11803440
Automated processes and systems troubleshoot and optimize performance of applications running in distributed computing systems. An automated computer-implemented processes train an inference model for an application based on metrics associated with the application and a key performance indicator (“KPI”) of the application. When a run-time performance problem is detected in run-time KPI values of KPI, the trained inference model is applied to run-time metrics and run-time KPI values…
Brokerless reliable totally ordered many-to-many interprocess communication on a single node that uses shared memory and multicast
Granted: October 31, 2023
Patent Number:
11803431
Examples described herein include systems and methods for brokerless reliable totally ordered many-to-many inter-process communication on a single node. A messaging protocol is provided that utilizes shared memory for one of the control plane and data plane, and multicast for the other plane. Readers and writers can store either control messages or message data in the shared memory, including in a ring buffer. Write access to portions of the shared memory can be controlled by a robust…
Distributed network plugin agents for container networking
Granted: October 31, 2023
Patent Number:
11803408
Some embodiments of the invention provide a method for connecting deployed machines in a set of one or more software-defined datacenters (SDDCs) to a virtual private cloud (VPC) in an availability zone (AZ). The method deploys network plugin agents (e.g. listening agents) on multiple host computers and configures the network plugin agents to receive notifications of events related to the deployment of network elements from a set of compute deployment agents executing on the particular…
Print content auditing during printer redirection in virtual desktop environments
Granted: October 31, 2023
Patent Number:
11803341
Techniques are described for auditing print content during printer redirection in a virtual desktop. The ability to audit redirected print content allows an organization to pre-define certain sensitive data and to track whether print redirection requests in the virtual desktop environment contain any such sensitive data. If such sensitive data is contained in a printer redirection request, a file is generated containing information about the sensitive data, as well as a watermark that…
