公开(公告)号：US10310696B1

公开(公告)日：2019-06-04

申请号：US14038408

申请日：2013-09-26

申请人： Bromium, Inc.

发明人： Adrian Taylor

IPC分类号： G06F9/46 ,  G06F9/455 ,  G06F3/048

摘要： A consistent user interface is provided in a virtualized environment. A first and second application are executed within first and second operating systems running within separate virtual machines upon the same device. A first application receives, from the second application, a request that identifies a particular type of text to be received from a user. The first application selects an associated text input type and displays a text input interface on the device in a configuration allowing text in the selected text input type to be submitted. Optionally, the first virtual machine may have exclusive permission to display a user interface on the device; however, the user interface may include elements whose appearance was determined within other virtual machines.

公开(公告)号：US20170076092A1

公开(公告)日：2017-03-16

申请号：US15358004

申请日：2016-11-21

申请人： Bromium, Inc.

发明人： Rahul C. Kashyap ,  J. McEnroe Samuel Navaraj ,  Baibhav Singh ,  Arun Passi ,  Rafal Wojtczuk ,  Adrian Taylor

IPC分类号： G06F21/55 ,  G06F9/455

CPC分类号： G06F21/554 ,  G06F9/45558 ,  G06F11/1458 ,  G06F21/316 ,  G06F21/53 ,  G06F21/566 ,  G06F2009/45587 ,  G06F2009/45591 ,  G06F2201/84 ,  G06F2221/034 ,  G06F2221/2133

摘要： An isolated environment is instantiated in response to receiving a request to execute a process. One or more events occurring within the isolated environment in which the process executes are identified. Whether the actual behavior of the process executing within the isolated environment deviates from an expected behavior of the execution of the process is determined. Only when it is determined that the process deviates from the expected behavior is behavior data, which describes the actual behavior of the process during execution, stored. A determination is then made as to whether the process is compromised by analyzing the behavior data that describes the actual behavior of the process.

摘要翻译： 响应于接收到执行进程的请求，实例化隔离的环境。 识别在该过程执行的隔离环境中发生的一个或多个事件。 确定在隔离环境中执行的进程的实际行为是否偏离预期的进程执行行为。 只有当确定过程偏离预期行为时才存储描述执行过程中的实际行为的行为数据。 然后通过分析描述进程的实际行为的行为数据来确定进程是否受到损害。

公开(公告)号：US09558051B1

公开(公告)日：2017-01-31

申请号：US13872994

申请日：2013-04-29

申请人： Bromium, Inc.

发明人： Adrian Taylor

IPC分类号： G06F9/54 ,  G06F9/455

CPC分类号： G06F9/546 ,  G06F9/45545 ,  G06F9/5027 ,  G06F9/5077 ,  G06F2009/45562 ,  G06F2009/45587 ,  G06F2209/5018

摘要： Routing messages in a virtualized environment. A communication that was issued from an application executing on an operating system is intercepted. The communication is intended to be sent to an intended recipient that is executing on, or is a kernel of, the operating system. A determination is made, based upon a policy, whether to forward the communication to the intended recipient or to route the communication to a virtual machine executing upon the same physical device as the application. The policy allows a user to specify what types of information and device resources are available to each application.

摘要翻译： 在虚拟化环境中路由消息。 从操作系统上执行的应用程序发出的通信被截获。 该通信旨在被发送到在操作系统上执行或者是内核的预期接收者。 基于策略确定是否将通信转发到预期接收者，或者将通信路由到与应用相同的物理设备上执行的虚拟机。 该策略允许用户指定哪些类型的信息和设备资源可用于每个应用程序。

公开(公告)号：US10430591B1

公开(公告)日：2019-10-01

申请号：US15714100

申请日：2017-09-25

申请人： Bromium, Inc.

发明人： Ian Pratt ,  Rahul C. Kashyap ,  Adrian Taylor ,  James M. McKenzie

IPC分类号： G06F21/00 ,  G06F21/57 ,  G06F21/55 ,  H04L29/06 ,  G06F9/455 ,  G06F21/56

摘要： Approaches for monitoring a host operating system. A threat model is stored and maintained in an isolated execution environment. The threat model identifies for any process executing on a host operating system how trustworthy the process should be deemed based on a pattern of observed behavior. The execution of the process and those processes in a monitoring circle relationship thereto are monitored. The monitoring circle relationship includes a parent process, any process in communication with a member of monitoring circle relationship, and any process instantiated by a present member of monitoring circle relationship. Observed process behavior is correlated with the threat model. Upon determining that a particular process has behaved in a manner inconsistent with a pattern of allowable behavior identified by the threat model for that process, a responsive action is taken.

公开(公告)号：US09921860B1

公开(公告)日：2018-03-20

申请号：US14038551

申请日：2013-09-26

申请人： Bromium, Inc.

发明人： Gaurav Banga ,  Sergei Vorobiev ,  Deepak Khajuria ,  Vikram Kapoor ,  Ian Pratt ,  Simon Crosby ,  Adrian Taylor

IPC分类号： G06F9/455

CPC分类号： G06F9/45533 ,  G06F9/445 ,  G06F9/45558 ,  G06F9/5027 ,  G06F9/5077 ,  G06F21/6218 ,  G06F2009/45587 ,  G06F2209/5018

摘要： Approaches for launching an application within a virtual machine. In response to receiving a request to launch an application, a device instantiates, without human intervention and based on a policy, a virtual machine in which the application is to be launched. The policy determines which resources of a device, such as a mobile device or computer system, are accessible to the virtual machine. The policy may, but need not, determine whether the virtual machine has access to a type of resource which obligates the user of the device to make a monetary payment for the user of the resource.