-
21.发明授权公开(公告)号:US07111086B1
公开(公告)日:2006-09-19
申请号:US10080782
申请日:2002-02-22
申请人: Matthew Ecoleston , Bich Cau Le
发明人: Matthew Ecoleston , Bich Cau Le
CPC分类号: G06F13/4278 , G06F13/362
摘要: An initiating subsystem transfers a data set either in or out in subsets such as packets. Packet transfer is sequential, and transfer of a packet is contingent upon successful transfer of a previous packet. Actual data transfer to or from a destination, over a channel, is handled by a host interface. When an intermediate subsystem, included as an interface between the initiating subsystem and host interface, senses that the initiating subsystem wants to transfer data, it receives a first packet from the initiating system. While continuing to indicate to the initiating system that transfer of the first packet is still pending, thereby causing the initiating system to suspend further packet submission, the intermediate subsystem sends to the host interface information concerning the entire data set to be transferred. When the entire data set is transferred, the intermediate subsystem emulates successful packet-wise transfer to the initiating subsystem. In the preferred embodiment of the invention, the initiating subsystem is a virtual machine, the intermediate subsystem is a virtual machine monitor, and the packets are created according to the USB protocol. Mechanisms are included to detect and correct potential data incoherency that might arise while packet transfer from the initiating subsystem is suspended.
摘要翻译: 启动子系统在诸如数据包的子集中传输或输出数据集。 分组传输是连续的,并且分组的传送取决于先前分组的成功传送。 通过信道传输到目的地的目的地的实际数据由主机接口处理。 当作为发起子系统和主机接口之间的接口包括的中间子系统感测到发起子系统想要传送数据时,它从发起系统接收第一个分组。 在继续向发起系统指示第一个分组的传输仍然未决的情况下,由此导致发起系统暂停进一步的分组提交,中间子系统向主机接口发送关于要传送的整个数据集的信息。 当整个数据集传输时,中间子系统模拟成功的分组传输到启动子系统。 在本发明的优选实施例中,启动子系统是虚拟机,中间子系统是虚拟机监视器,并且根据USB协议创建分组。 包括机制来检测和纠正潜在的数据不一致性,可能会在发起子系统的数据包传输被暂停时产生。
-
公开(公告)号:US07082598B1
公开(公告)日:2006-07-25
申请号:US10197979
申请日:2002-07-17
申请人: Bich Cau Le , Matthew Eccleston
发明人: Bich Cau Le , Matthew Eccleston
CPC分类号: G06F9/4413 , G06F9/4411
摘要: An agent loaded in a computer's operating system (OS) simulates disconnection and reconnection of a device, with no need to actually disconnect the device logically from a computer. During simulated reconnection, when the OS requests the hardware ID of the device, the agent returns a substitute ID, which causes the OS to load a substitute driver. Substitution of the ID also allows driver substitution for a not yet logically connected device; in this cases, no simulated disconnection or reconnection is needed. Driver substitution is dynamic and reversible, with no need to restart the system or reboot the OS and substitution of a driver for one device of a type does not disturb other devices of the same type. The invention may be implemented entirely in software, with no need for hardware modifications or device customization.
摘要翻译: 加载在计算机操作系统(OS)中的代理模拟设备的断开连接和重新连接,而不需要从计算机上实际断开设备的连接。 在模拟重新连接期间,当OS请求设备的硬件ID时,代理返回一个替代ID,这将导致OS加载替代驱动程序。 ID的替换还允许驱动器替换尚未逻辑连接的设备; 在这种情况下,不需要模拟断开或重新连接。 驱动程序替换是动态和可逆的,无需重新启动系统或重新启动操作系统,替换一个类型的一个设备的驱动程序不会干扰同一类型的其他设备。 本发明可以完全以软件实现,而不需要硬件修改或设备定制。
-
公开(公告)号:US08010667B2
公开(公告)日:2011-08-30
申请号:US12855498
申请日:2010-08-12
IPC分类号: G06F15/16
CPC分类号: G06F21/564 , G06F21/53 , G06F21/562 , G06F21/566
摘要: A tangible medium embodying instructions usable by a computer system to protect a plurality of guest virtual machines (VMs), which execute via virtualization software on a common host platform, from malicious code is described. A scan engine is configured to scan data for malicious code and determine a result of the scanning, wherein the result indicates whether malicious code is present in the data. A driver portion is configured for installation in an operating system of a target VM, which is one of the guest VMs. The driver portion intercepts an access request to a file, that originates within the target VM. The driver portion communicates information identifying a location of the data to be scanned by the scan engine without sending a copy of the data to the scan engine. The scan engine executes within the virtualization layer outside a context of the target VM.
摘要翻译: 描述了体现可由计算机系统用来保护通过公用主机平台上的虚拟化软件执行的多个访客虚拟机(VM)免受恶意代码的指示的有形介质。 扫描引擎被配置为扫描恶意代码的数据并确定扫描的结果,其中结果指示恶意代码是否存在于数据中。 驱动器部分被配置为安装在作为其中一个访客VM的目标VM的操作系统中。 驱动器部分拦截对目标VM中的文件的访问请求。 驱动器部分传送识别扫描引擎要扫描的数据的位置的信息,而不将数据的副本发送到扫描引擎。 扫描引擎在目标VM的上下文之外的虚拟化层内执行。
-
公开(公告)号:US07577722B1
公开(公告)日:2009-08-18
申请号:US10117143
申请日:2002-04-05
IPC分类号: G06F15/177 , G06F15/173 , G06F9/00 , G06F9/455
CPC分类号: G06F9/45558 , G06F2009/45562 , G06F2009/4557
摘要: A provisioning server automatically configures a virtual machine (VM) according to user specifications and then deploys the VM on a physical host. The user may either choose from a list of pre-configured, ready-to-deploy VMs, or he may select which hardware, operating system and application(s) he would like the VM to have. The provisioning server then configures the VM accordingly, if the desired configuration is available, or it applies heuristics to configure a VM that best matches the user's request if it isn't. The invention also includes mechanisms for monitoring the status of VMs and hosts, for migrating VMs between hosts, and for creating a network of VMs.
摘要翻译: 配置服务器根据用户规格自动配置虚拟机(VM),然后在物理主机上部署虚拟机。 用户可以从预配置的即将部署的VM列表中进行选择,或者他可以选择他希望VM拥有的硬件,操作系统和应用程序。 然后,配置服务器相应地配置VM,如果所需的配置可用,或者应用启发式配置来配置与用户的请求最匹配的VM。 本发明还包括用于监视VM和主机的状态,用于在主机之间迁移VM以及用于创建VM网络的机制。
-
-
-
搜索结果
24 条记录 (耗时 0.029 秒)
