Patent application number | Description | Published |
20110145418 | METHODS AND SYSTEMS FOR PROVIDING TO VIRTUAL MACHINES, VIA A DESIGNATED WIRELESS LOCAL AREA NETWORK DRIVER, ACCESS TO DATA ASSOCIATED WITH A CONNECTION TO A WIRELESS LOCAL AREA NETWORK - The methods and systems described herein are directed to providing, to virtual machines, access to data associated with a connection to a wireless local area network, in a computing device executing a hypervisor hosting a first virtual machine and a second virtual machine. A first driver executed by a first virtual machine of the first physical computing device establishes a network connection to a second physical computing device, via a wireless local area network interface of the first physical computing device. The first driver receives from a second driver executed by a second virtual machine of the first physical computing device, a request for a characteristic of the network connection. The first driver provides, responsive to the request, data comprising the requested characteristic to the second driver. | 06-16-2011 |
20110145820 | METHODS AND SYSTEMS FOR MANAGING INJECTION OF INPUT DATA INTO A VIRTUALIZATION ENVIRONMENT - The methods and systems described herein provide functionality for managing injection of input events to one virtual machine of a plurality of guest virtual machines, in a computing device executing a hypervisor hosting a trusted virtual machine and a non-trusted virtual machine. An input manager receives a first item of input data from an input device communicating with the computing device. The input manager identifies whether the first item of input data includes a predetermined string. The input manager forwards, responsive to the identification, the first item of input data to one of (i) a first virtual machine of a plurality of guest virtual machines executed by the processor of the computing device and (ii) an application executed by the control virtual machine, wherein at least one virtual machine of the plurality of guest virtual machines is a trusted virtual machine. | 06-16-2011 |
20110161301 | METHODS AND SYSTEMS FOR OPTIMIZING A PROCESS OF ARCHIVING AT LEAST ONE BLOCK OF A VIRTUAL DISK IMAGE - A system for optimizing a process of archiving at least one block of a virtual disk image includes a file system analysis component and an archiving component. The file system analysis component executes on a first physical computing device and identifies a plurality of blocks storing data comprising a file in a virtual disk image file. The archiving component executes on the first physical computing device, identifies a difference disk file storing an identification of a modification to the identified plurality of blocks storing data comprising the file, determines whether to archive the file, and transmits, to a second physical computing device, the plurality of blocks storing data comprising the file. | 06-30-2011 |
20110296412 | APPROACHES FOR SECURING AN INTERNET ENDPOINT USING FINE-GRAINED OPERATING SYSTEM VIRTUALIZATION - Approaches for executing untrusted software on a client without compromising the client using micro-virtualization to execute untrusted software in isolated contexts. A template for instantiating a virtual machine on a client is identified in response to receiving a request to execute an application. After the template is identified, without human intervention, a virtual machine is instantiated, using the template, in which the application is to be executed. The template may be selected from a plurality of templates based on the nature of the request, as each template describe characteristics of a virtual machine suitable for a different type of activity. Selected resources such as files are displayed to the virtual machines according to user and organization policies and controls. When the client determines that the application has ceased to execute, the client ceases execution of the virtual machine without human intervention. | 12-01-2011 |
20120297383 | METHODS AND SYSTEMS FOR VIRTUALIZING AUDIO HARDWARE FOR ONE OR MORE VIRTUAL MACHINES - The present disclosure is directed towards methods and systems for virtualizing audio hardware for one or more virtual machines. A control virtual machine (VM) may translate a first stream of audio functions calls from a first VM hosted by a hypervisor. The translated first stream of audio function calls may be destined for a sound card of the computing device executing the hypervisor. The control VM may detect a second stream of audio functions calls from a second VM hosted by the hypervisor. The control VM may translate the second stream of audio functions calls from the second VM. The control VM may further merge the translated first stream of audio function calls and the translated second stream of the audio function calls in response to the detected second stream. The control VM may transmit the merged stream of audio function calls to the sound card. | 11-22-2012 |
20130055256 | APPROACHES FOR AUTOMATED MANAGEMENT OF VIRTUAL MACHINES FOR RUNNING UNTRUSTED CODE SAFELY - Approaches for transferring data to a client by safely receiving the data in or more virtual machines. In response to the client determining that digital content, originating from an external source, is to be received or processed by the client, the client identifies, without human intervention, one or more virtual machines, executing or to be executed on the client, into which the digital content is to be stored. In doing so, the client may consult policy data to determine a placement policy, a containment policy, and a persistence policy for any virtual machine to receive the digital content. In this way, digital content, such as executable code or interpreted data, of unknown trustworthiness may be safely received by the client without the possibility of any malicious code therein from affecting any undesirable consequence upon the client. | 02-28-2013 |
20130132691 | APPROACHES FOR EFFICIENT PHYSICAL TO VIRTUAL DISK CONVERSION - Approaches for providing a guest operating system to a virtual machine. A read-only copy of one or more disk volumes, including a boot volume, is created. A copy of a master boot record (MBR) for the one or more disk volumes is also stored. The read-only copy may be, but need not be, made using a Volume Shadow Copy Service (VSS). A virtual disk, for use by the virtual machine, is created based on the read-only copy of the one or more disk volumes and the copy of the master boot record (MBR), wherein the virtual disk comprises the guest operating system used by the virtual machine. In this way, a single installed operating system may provide both the host operating system and the guest operating system. | 05-23-2013 |
20130191924 | Approaches for Protecting Sensitive Data Within a Guest Operating System - Approaches for preventing unauthorized access of sensitive data within an operating system (OS), e.g., a guest OS used by a virtual machine. Dummy data may be written over physical locations on disk where sensitive data is stored, thereby preventing a malicious program from accessing the sensitive data. Alternately, a delete operation may be performed on sensitive data within an OS, and thereafter the OS is converted into a serialized format to expunge the deleted data. The serialized OS is converted into a deserialized form to facilitate its use. Optionally, a data structure may be updated to identify where sensitive data is located within an OS. When a request to access a portion of the OS is received, the data structure is consulted to determine whether the requested portion contains sensitive data, and if so, dummy data is returned to the requestor without consulting the requested portion of the OS. | 07-25-2013 |
20140351810 | Management of Supervisor Mode Execution Protection (SMEP) by a Hypervisor - Approaches for enabling Supervisor Mode Execution Protection (SMEP) for a guest operating system which does not support SMEP. A guest operating system (OS), which does not support SMEP, is executed within a virtual machine. A hypervisor instructs hardware to enable SMEP for the virtual machine executing the guest operating system. When the hypervisor is notified that the hardware has detected the guest operating system instructing a central processing unit (CPU) to execute code stored in virtual memory accessible by user space while the CPU is in supervisor mode, the hypervisor may consult a policy to identify what, if any, responsive action the hypervisor should perform. | 11-27-2014 |
20140380315 | Transferring Files Using A Virtualized Application - Approaches for transferring a file using a virtualized application. A virtualized application executes within a virtual machine residing on a physical machine. When the virtualized application is instructed to download a file stored external to the physical machine, the virtualized application displays an interface which enables at least a portion of a file system, maintained by a host OS, to be browsed while preventing files stored within the virtual machine to be browsed. Upon the virtualized application receiving input identifying a target location within the file system, the virtualized application stores the file at the target location. The virtualized application may also upload a file stored on the physical machine using an interface which enables at least a portion of a file system of a host OS to be browsed while preventing files in the virtual machine to be browsed. | 12-25-2014 |
20150026682 | REDIRECTION OF INFORMATION FROM SECURE VIRTUAL MACHINES TO UNSECURE VIRTUAL MACHINES - The present invention is directed towards methods and systems for redirecting an access request to an unsecure virtual machine. A computing device may execute a hypervisor hosting a secure virtual machine and an unsecure virtual machine. A control virtual machine, hosted by a hypervisor executing on the computing device, may intercept a request to access an unsecure resource. The unsecure resource may include one of: a file, an application and an uniform resource locator (URL). The control virtual machine may further determine that the request originates from a secure virtual machine executing on the computing device. The control virtual machine may redirect, responsive to the determination, the request to an unsecure virtual machine executing on the computing device, whereupon the unsecure virtual machine may provide access to the requested unsecure resource. | 01-22-2015 |