公开(公告)号：US08024556B1

公开(公告)日：2011-09-20

申请号：US12058785

申请日：2008-03-31

申请人： Randall R. Cook

发明人： Randall R. Cook

IPC分类号： G06F9/44

CPC分类号： G06F8/656

摘要： The disclosure is directed to systems, apparatus, and methods for layered execution pre-boot configuration. In one example, a system includes a local computer, a base operating system, a layered execution environment, and a layered environment manager. The system may further include an environment update service and one or more layered environment data store(s). The system may, before booting the base operating system and layered execution environment, perform such modification operations as applying an operating system patch, applying a program patch, changing a layer activation property, disabling a program, replacing a program, changing a configuration file, and installing a driver.

摘要翻译： 本公开涉及用于分层执行预引导配置的系统，装置和方法。 在一个示例中，系统包括本地计算机，基本操作系统，分层执行环境和分层环境管理器。 系统还可以包括环境更新服务和一个或多个分层环境数据存储。 在引导基本操作系统和分层执行环境之前，系统可以执行诸如应用操作系统补丁，应用程序补丁，改变层激活属性，禁用程序，替换程序，改变配置文件等修改操作， 并安装驱动程序。

公开(公告)号：US07945897B1

公开(公告)日：2011-05-17

申请号：US11528858

申请日：2006-09-28

申请人： Randall R. Cook

发明人： Randall R. Cook

IPC分类号： G06F9/44 ,  G06F9/445 ,  G06F3/00 ,  G06F15/173

CPC分类号： G06F9/445

摘要： The disclosure is directed to computing systems that provide access to the content of layers. Layers may include, for example, application layers, baseline layers, data layers, patch layers, application patch layers, and sublayers. Prioritization schemes, including prioritization by layer type, by assigned priority weights, by access type, by sub-layers and by read-write indicators are provided. Layers may contain file reference information including exclusion or inclusion entries indicating what files may be written. Paths recorded in layers may also embed variables to true paths on a layered system. Detailed information on various example embodiments are provided in the Detailed Description, and the invention is defined by the appended claims.

摘要翻译： 本公开涉及提供对层内容的访问的计算系统。 层可以包括例如应用层，基线层，数据层，补丁层，应用补丁层和子层。 提供了优先级方案，包括层次类型优先级，分配优先级权重，接入类型，子层和读写指示符。 图层可以包含文件参考信息，包括排除或包含条目，指示可以写入什么文件。 记录在层中的路径也可以将变量嵌入到分层系统上的真实路径上。 各个示例性实施例的详细信息在详细描述中提供，并且本发明由所附权利要求限定。

公开(公告)号：US07512977B2

公开(公告)日：2009-03-31

申请号：US11081856

申请日：2005-03-16

申请人： Randall R. Cook ,  Dwain A. Kinghorn ,  Michael E. Sainsbury

发明人： Randall R. Cook ,  Dwain A. Kinghorn ,  Michael E. Sainsbury

IPC分类号： G06F11/30

CPC分类号： H04L63/1441 ,  G06F21/53 ,  G06F21/566 ,  H04L63/16

摘要： The inventions relate generally to protection of computing systems by isolating intrusive attacks into layers, those layers containing at least file objects and being accessible to applications, those layers further maintaining potentially intrusive file objects separately from regular file system objects such that the regular objects are protected and undisturbed. Also disclosed herein are computing systems which use layers and/or isolation layers, and various systems and methods for using those systems. Detailed information on various example embodiments of the inventions are provided in the Detailed Description below, and the inventions are defined by the appended claims.

摘要翻译： 本发明一般涉及通过将入侵攻击隔离成层，这些层至少包含文件对象并且可被应用程序访问的那些层，这些层进一步将常规文件系统对象分开保留潜在的侵入性文件对象，使得常规对象被保护 并不受干扰。 本文还公开了使用层和/或隔离层的计算系统以及用于使用这些系统的各种系统和方法。 在下面的详细描述中提供了关于本发明的各种示例性实施例的详细信息，并且本发明由所附权利要求限定。

公开(公告)号：US6061726A

公开(公告)日：2000-05-09

申请号：US970173

申请日：1997-11-13

申请人： Randall R. Cook ,  Nicholas Huston Franklin ,  Bill Guy Bodine ,  Calvin R. Gaisford ,  Matthew G. Brooks

发明人： Randall R. Cook ,  Nicholas Huston Franklin ,  Bill Guy Bodine ,  Calvin R. Gaisford ,  Matthew G. Brooks

IPC分类号： G06F1/00 ,  G06F9/46 ,  G06F21/00 ,  G06F15/173

CPC分类号： G06F21/604 ,  G06F9/468

摘要： A directory services system includes a resource object, such as an application object for accessing an actual resource associated with the resource object. Rights attributes of the resource object reflects information for controlling rights of a user (or entity) to access the actual resource. The rights attributes may include criteria for distribution. The rights attributes may be used to rapidly, dynamically, remotely, and easily define and control access to available instances of a resource object based on certain criteria, such as organization, membership, etc. A utility (snap-in) module may be relied upon to manage the values of the attribute. Application programming interfaces (executables) in a dynamically linked library may be provided to "consume" (use) the attributes in the resource objects stored in directory services database.

摘要翻译： 目录服务系统包括资源对象，诸如用于访问与资源对象相关联的实际资源的应用对象。 资源对象的权限属性反映用于控制用户（或实体）访问实际资源的权限的信息。 权限属性可能包括分发标准。 可以使用权限属性来快速，动态地，远程地并且容易地基于某些标准（例如组织，成员资格等）来定义和控制对资源对象的可用实例的访问。可以依赖于实用程序（管理单元）模块 管理属性的值。 可以提供动态链接库中的应用程序编程接口（可执行程序）来“存储”（使用）存储在目录服务数据库中的资源对象中的属性。

公开(公告)号：US08775716B1

公开(公告)日：2014-07-08

申请号：US13671788

申请日：2012-11-08

申请人： Randall R. Cook ,  Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

发明人： Randall R. Cook ,  Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

IPC分类号： G06F3/06 ,  G06F9/455

CPC分类号： G06F3/0613 ,  G06F3/0646 ,  G06F3/0676 ,  G06F9/45558 ,  G06F2009/45579 ,  G06F2206/1004

摘要： A computer-implemented method for defragmenting virtual machine prefetch data. The method may include obtaining prefetch information associated with prefetch data of a virtual machine. The method may also include defragmenting, based on the prefetch information, the prefetch data on physical storage. The prefetch information may include a starting location and length of the prefetch data on a virtual disk. The prefetch information may include a geometry specification of the virtual disk. Defragmenting on physical storage may include placing the prefetch data contiguously on physical storage, placing the prefetch data in a fast-access segment of physical storage, and/or ordering the prefetch data according to the order in which it is accessed at system or application startup.

摘要翻译： 用于对虚拟机预取数据进行碎片整理的计算机实现的方法。 该方法可以包括获得与虚拟机的预取数据相关联的预取信息。 该方法还可以包括基于预取信息对物理存储器上的预取数据进行碎片整理。 预取信息可以包括虚拟磁盘上的预取数据的起始位置和长度。 预取信息可以包括虚拟磁盘的几何规格。 物理存储上的碎片整理可能包括将预取数据连续地放置在物理存储上，将预取数据放置在物理存储的快速访问段中，和/或根据系统或应用程序启动时访问顺序对预取数据进行排序 。

公开(公告)号：US08341648B1

公开(公告)日：2012-12-25

申请号：US12024079

申请日：2008-01-31

申请人： Randall R. Cook

发明人： Randall R. Cook

IPC分类号： G06F3/00 ,  G06F9/44 ,  G06F9/46 ,  G06F13/00

CPC分类号： G06F9/45504 ,  G06F9/44568

摘要： The disclosure is directed to automatic virtualization based on user-defined criteria. In one example, data representative of user-defined criteria is received, a virtualization heuristic is generated based on the user-defined criteria, the virtualization heuristic is activated, an occurrence of an event defined by the user-defined criteria is detected, and at least one virtualization operation is automatically performed in response to the detected event. In certain embodiments, the virtualization operation is selected based on the user-defined criteria. In certain embodiments, the virtualization operation includes capturing file system and configuration activity associated with the detected event and storing data representative of the captured file system and configuration activity to a virtual layer.

摘要翻译： 本公开涉及基于用户定义的标准的自动虚拟化。 在一个示例中，接收表示用户定义的标准的数据，基于用户定义的标准生成虚拟化启发式，激活虚拟化启发式，检测由用户定义的标准定义的事件的发生，并且在 响应于检测到的事件自动执行至少一个虚拟化操作。 在某些实施例中，基于用户定义的标准来选择虚拟化操作。 在某些实施例中，虚拟化操作包括捕获与检测到的事件相关联的文件系统和配置活动，并将表示所捕获的文件系统和配置活动的数据存储到虚拟层。

公开(公告)号：US07620956B2

公开(公告)日：2009-11-17

申请号：US11026520

申请日：2004-12-30

申请人： Randall R. Cook ,  Jared R. Blaser

发明人： Randall R. Cook ,  Jared R. Blaser

IPC分类号： G06F3/00 ,  G06F9/44 ,  G06F9/46 ,  G06F13/00

CPC分类号： G06F8/61 ,  G06F9/44552 ,  G06F9/44584 ,  Y10S707/99938

摘要： The inventions relate generally to portable media storage devices that contain layers permitting applications to be used at a connected computing device, those systems optionally including drivers for operating a layered computing environment or a driver installation program. Also disclosed herein are computer systems for using other systems for creating those portable storage devices. Detailed information on various example embodiments of the inventions are provided in the Detailed Description below, and the inventions are defined by the appended claims.

摘要翻译： 本发明一般涉及允许在连接的计算设备上使用应用的层的便携式媒体存储设备，这些系统可选地包括用于操作分层计算环境的驱动器或驱动程序安装程序。 本文还公开了用于使用其他系统来创建那些便携式存储设备的计算机系统。 在下面的详细描述中提供了关于本发明的各种示例性实施例的详细信息，并且本发明由所附权利要求限定。

公开(公告)号：US5987471A

公开(公告)日：1999-11-16

申请号：US969894

申请日：1997-11-13

申请人： Bill Guy Bodine ,  Nicholas Huston Franklin ,  Randall R. Cook

发明人： Bill Guy Bodine ,  Nicholas Huston Franklin ,  Randall R. Cook

IPC分类号： H04L29/12 ,  G06F15/173

CPC分类号： H04L29/12047 ,  H04L29/12009 ,  H04L61/15 ,  Y10S707/99943 ,  Y10S707/99944

摘要： A directory services system includes resource objects, such as an application object for accessing a resource associated with the resource object. Foldering attributes may be provided or added to an existing or new, specialized resource object. Foldering attributes reflect correspondence of the actual resources to an organizational scheme. The foldering attributes may include not only linking and backlink information, but management data for multiple levels of linking and organization, all stored in a Network Directory Services resource object. A resource, via its resource object in the directory services database, may be easily assigned to an organizational position for an individual user, a group, container, or the like. A snap-in module may be created, having executables as one or more Application Programming Interfaces (API's) in a Dynamic Link Library (DLL) for consuming (using) the foldering attributes. A utility may be provided in the Directory Services Systems' Administration module, or as on of such modules, to create and manage the foldering attributes. In certain embodiments attributes may be in objects requiring no methods embedded therein. In other embodiments methods in resource objects may contain additional executables or even obviate API's in the DLL.

摘要翻译： 目录服务系统包括资源对象，例如用于访问与资源对象相关联的资源的应用对象。 文件夹属性可以被提供或添加到现有的或新的专门的资源对象。 文件夹属性反映实际资源与组织方案的对应关系。 文件夹属性不仅可以包括链接和反向链接信息，而且可以包括多个级别的链接和组织的管理数据，所有这些都存储在网络目录服务资源对象中。 通过其目录服务数据库中的资源对象，可以容易地将资源分配给单个用户，组，容器等的组织位置。 可以创建管理单元模块，将可执行文件作为用于消耗（使用）文件夹属性的动态链接库（DLL）中的一个或多个应用程序编程接口（API）。 目录服务系统的管理模块或这些模块中可以提供一个实用程序来创建和管理文件夹属性。 在某些实施例中，属性可以是不需要嵌入其中的方法的对象。 在其他实施例中，资源对象中的方法可能包含额外的可执行文件，甚至可以避免DLL中的API。

公开(公告)号：US08438196B1

公开(公告)日：2013-05-07

申请号：US12059785

申请日：2008-03-31

申请人： Randall R. Cook

发明人： Randall R. Cook

IPC分类号： G06F7/00 ,  G06F17/00 ,  G06F17/30

CPC分类号： G06F17/30091 ,  G06F17/30073

摘要： A file system includes first, second, third, and fourth directories where the first and second directories are sub-directories of the third directory, the third directory is a sub-directory of the fourth directory, the first directory stores only files identified by a first file extension, the second directory stores only files identified by a second file extension, and the first and second file extensions are distinct. A method involves receiving first and second requests to open first and second files, respectively, that are contained in the file system. The first and second requests include first and second file system paths, respectively. The first file system path is modified by adding identities of the first, third, and fourth directories to the first file system path. The second file system path is modified by adding identities of the second, third, and fourth directories to the second file system path.

摘要翻译： 文件系统包括第一，第二，第三和第四目录，其中第一和第二目录是第三目录的子目录，第三目录是第四目录的子目录，第一目录仅存储由 第一个文件扩展名，第二个目录仅存储由第二个文件扩展名标识的文件，第一个和第二个文件扩展名是不同的。 一种方法包括分别接收第一和第二请求以打开文件系统中包含的第一和第二文件。 第一和第二请求分别包括第一和第二文件系统路径。 通过将第一，第三和第四目录的身份添加到第一个文件系统路径来修改第一个文件系统路径。 通过将第二，第三和第四目录的标识添加到第二文件系统路径来修改第二文件系统路径。

公开(公告)号：US20120297374A1

公开(公告)日：2012-11-22

申请号：US13551576

申请日：2012-07-17

申请人： Randall R. Cook

发明人： Randall R. Cook

IPC分类号： G06F9/445

CPC分类号： G06F8/67 ,  G06F8/61 ,  G06F8/65 ,  G06F8/656 ,  G06F17/30067

摘要： The disclosure is directed to dynamic insertion and removal of virtual software sub-layers. In one example, a virtual layer associated with a software application is virtually installed and activated in a computing device. A virtual sub-layer associated with a component of the software application is dynamically inserted in the virtual layer. The virtual layer remains active during the dynamic insertion of the virtual sub-layer. In certain embodiments, a process is executed from the virtual layer, a determination is made as to whether the process launched before or after the insertion of the virtual sub-layer, and the inserted virtual sub-layer is selectively made visible or invisible to the process based on the determination.

摘要翻译： 本公开旨在动态插入和移除虚拟软件子层。 在一个示例中，与计算设备虚拟地安装并激活与软件应用相关联的虚拟层。 与软件应用的组件相关联的虚拟子层被动态地插入到虚拟层中。 虚拟层在动态插入虚拟子层期间保持活动状态。 在某些实施例中，从虚拟层执行处理，确定在虚拟子层的插入之前或之后启动的进程以及插入的虚拟子层是否被选择性地使其可见或不可见 过程基于确定。