Search Images Maps Play YouTube News Gmail Drive More »
Advanced Patent Search | Web History | Sign in

Patents

Protecting computers against cache poisoning, including a cache-entity table configured to maintain a plurality of associations between a plurality of data caches and a plurality of entities, where each of the caches is associated with a different one of the entities, and a cache manager configured to receive data that is associated with any of the entities and store the received data in any of the caches that the cache-entity table indicates is associated with the entity, and receive a data request that is associated with any of the entities and retrieve the requested data from any of the caches that the cache-entity table indicates is associated with the requesting entity, where any of the cache-entity table and cache manager are implemented in either of computer hardware and computer software embodied in a computer-readable medium.

InventorsRoee Hay, Adi Sharabani
Original AssigneeINTERNATIONAL BUSINESS MACHINES CORPORATION
Current U.S. Classification711/118; 711/E12.001; 711/E12.017

View patent at USPTO
Search USPTO Assignment Database

Claims

1. A system for protecting computers against cache poisoning, the system comprising:

a cache-entity table configured to maintain a plurality of associations between a plurality of data caches and a plurality of entities, wherein each of said caches is associated with a different one of said entities; and

a cache manager configured to
receive data that is associated with any of said entities and store said received data in any of said caches that said cache-entity table indicates is associated with said entity, and
receive a data request that is associated with any of said entities and retrieve said requested data from any of said caches that said cache-entity table indicates is associated with said requesting entity,
wherein any of said cache-entity table and cache manager are implemented in either of computer hardware and computer software embodied in a computer-readable medium.

2. A system according to claim 1 and further comprising a data request processor configured to provide to said cache manager with any of said data.

3. A system according to claim 2 wherein said data request processor is configured to receive said data request from any of said entities and query said cache manager to determine if said requested data is available from any of said caches.

4. A system according to claim 1 wherein said cache manager is configured to identify any entry that appears in at least a predefined number of said caches, move said entry from said caches to a global cache, and retrieve said requested data from said global cache.

5. A method for protecting computers against cache poisoning, the method comprising:

maintaining a plurality of associations between a plurality of data caches and a plurality of entities, wherein each of said caches is associated with a different one of said entities;

receiving data that is associated with any of said entities;

storing said received data in any of said caches that said cache-entity table indicates is associated with said entity;

receiving a data request that is associated with any of said entities; and
retrieving said requested data from any of said caches that said cache-entity table indicates is associated with said requesting entity.

6. A method for protecting computers against cache poisoning, the method comprising:

maintaining a plurality of associations between a plurality of data caches and a plurality of entities, wherein each of said caches is associated with a different one of said entities;

receiving data that is associated with any of said entities;

storing said received data in any of said caches that said cache-entity table indicates is associated with said entity;

identifying any entry that appears in at least a predefined number of said caches;
moving said entry from said caches to a global cache;
receiving a data request that is associated with any of said entities;
retrieving said requested data from said global cache if said requested data is in said global cache; and
retrieving said requested data from any of said caches that said cache-entity table indicates is associated with said requesting entity if said requested data is not in said global cache.

7. A computer program product for protecting computers against cache poisoning, the computer program product comprising:

a computer readable medium; and

computer program instructions operative to
maintain a plurality of associations between a plurality of data caches and a plurality of entities, wherein each of said caches is associated with a different one of said entities;
receive data that is associated with any of said entities;
store said received data in any of said caches that said cache-entity table indicates is associated with said entity;
identify any entry that appears in at least a predefined number of said caches;
move said entry from said caches to a global cache;
receive a data request that is associated with any of said entities;
retrieve said requested data from said global cache if said requested data is in said global cache; and
retrieve said requested data from any of said caches that said cache-entity table indicates is associated with said requesting entity if said requested data is not in said global cache,
wherein said program instructions are stored on said computer readable medium.

Drawings