-
公开(公告)号:US07984304B1
公开(公告)日:2011-07-19
申请号:US10791602
申请日:2004-03-02
CPC分类号: G06F21/565
摘要: Computer-executable instructions in a computer are verified dynamically, after they have been identified for submission for execution, but before they are actually executed. In particular, for at least one current instruction that has been identified for submission to the processor for execution, an identifying value, for example, a hash value, is determined for a current memory block that contains the current instruction. The identifying value of the current memory block is then compared with a set of reference values. If the identifying value satisfies a validation condition, then execution of the current instruction by the processor is allowed. If the validation condition is not satisfied, then a response is generated: In the common case, execution of the current instruction is not allowed, or some other predetermined measure is taken.
摘要翻译: 计算机中的计算机可执行指令在被识别为提交执行之后但在实际执行之前被动态地验证。 特别地,对于已被识别用于提交给处理器以执行的至少一个当前指令,为包含当前指令的当前存储块确定标识值,例如哈希值。 然后将当前存储器块的识别值与一组参考值进行比较。 如果识别值满足验证条件,则允许由处理器执行当前指令。 如果验证条件不满足,则产生响应:在常见情况下,不允许执行当前指令,或者采取其他一些预定措施。
-
公开(公告)号:US08819676B2
公开(公告)日:2014-08-26
申请号:US12261722
申请日:2008-10-30
IPC分类号: G06F9/455
CPC分类号: G06F9/461 , G06F9/4486 , G06F9/45533 , G06F9/45558 , G06F9/4881 , G06F11/1451 , G06F11/1484 , G06F2009/45562 , G06F2009/45583 , G06F2201/815 , G06F2201/84
摘要: A virtual-machine-based system provides a mechanism to implement application file I/O operations of protected data by implementing the I/O operations semantics in a shim layer with memory-mapped regions. The semantics of these I/O operations are emulated in a shim layer with memory-mapped regions by using a mapping between a process' address space and a file or shared memory object. Data that is protected from viewing by a guest OS running in a virtual machine may nonetheless be accessed by the process.
摘要翻译: 基于虚拟机的系统提供了通过在具有存储器映射区域的垫片层中实现I / O操作语义来实现受保护数据的应用文件I / O操作的机制。 这些I / O操作的语义通过使用进程的地址空间和文件或共享内存对象之间的映射在具有内存映射区域的填充层中进行仿真。 受虚拟机运行的客户机操作系统保护的数据可能会被进程访问。
-
公开(公告)号:US08555081B2
公开(公告)日:2013-10-08
申请号:US12261194
申请日:2008-10-30
IPC分类号: G06F12/14
CPC分类号: G06F9/461 , G06F9/4486 , G06F9/45533 , G06F9/45558 , G06F9/4881 , G06F11/1451 , G06F11/1484 , G06F2009/45562 , G06F2009/45583 , G06F2201/815 , G06F2201/84
摘要: A virtual-machine-based system that may protect the privacy and integrity of application data, even in the event of a total operating system compromise. An application is presented with a normal view of its resources, but the operating system is presented with an encrypted view. This allows the operating system to carry out the complex task of managing an application's resources, without allowing it to read or modify them. Different views of “physical” memory are presented, depending on a context performing the access. An additional dimension of protection beyond the hierarchical protection domains implemented by traditional operating systems and processors is provided.
摘要翻译: 一种基于虚拟机的系统,可以保护应用程序数据的隐私和完整性,即使在整个操作系统受损的情况下也是如此。 应用程序呈现其资源的正常视图,但操作系统呈现加密视图。 这允许操作系统执行管理应用程序资源的复杂任务,而不允许它读取或修改它们。 呈现“物理”存储器的不同视图,这取决于执行访问的上下文。 提供了超越由传统操作系统和处理器实现的分级保护域的附加维度。
-
公开(公告)号:US08261265B2
公开(公告)日:2012-09-04
申请号:US12261623
申请日:2008-10-30
IPC分类号: G06F9/455
CPC分类号: G06F9/461 , G06F9/4486 , G06F9/45533 , G06F9/45558 , G06F9/4881 , G06F11/1451 , G06F11/1484 , G06F2009/45562 , G06F2009/45583 , G06F2201/815 , G06F2201/84
摘要: A virtual-machine-based system provides a control-transfer mechanism to invoke a user-mode application handler from existing virtual hardware directly, without going through an operating system kernel running in the virtual machine. A virtual machine monitor calls directly to the guest user-mode handler and the handler transfers control back to the virtual machine monitor, without involving the guest operating system.
摘要翻译: 基于虚拟机的系统提供了一种控制传递机制,可以直接从现有的虚拟硬件调用用户模式应用程序处理程序,而无需通过在虚拟机中运行的操作系统内核。 虚拟机监视器直接调用访客用户模式处理程序,处理程序将控制器传送回虚拟机监视器,而不涉及客户机操作系统。
-
公开(公告)号:US08719823B2
公开(公告)日:2014-05-06
申请号:US12397914
申请日:2009-03-04
CPC分类号: G06F9/4881 , G06F9/45533 , G06F9/4887
摘要: A component manages and minimizes latency introduced by virtualization. The virtualization component determines that a currently scheduled guest process has executed functionality responsive to which the virtualization component is to execute a virtualization based operation, wherein the virtualization based operation is one that is not visible to the guest operating system. The virtualization component causes the guest operating system to de-schedule the currently scheduled guest process and schedule at least one separate guest process. The virtualization component then executes the virtualization based operation concurrently with the execution of the at least one separate guest process. Responsive to completing the execution of the virtualization based operation, the virtualization component causes the guest operating system to re-schedule the de-scheduled guest process.
摘要翻译: 组件管理并最小化由虚拟化引入的延迟。 虚拟化组件确定当前调度的访客进程已经执行响应于虚拟化组件将执行基于虚拟化的操作的功能,其中基于虚拟化的操作是客户操作系统不可见的。 虚拟化组件使客户机操作系统取消调度当前调度的客户机进程并调度至少一个单独的客户机进程。 然后,虚拟化组件与至少一个独立的客户进程的执行同时执行基于虚拟化的操作。 响应于完成基于虚拟化的操作的执行,虚拟化组件使得客户机操作系统重新安排未排程的访客进程。
-
公开(公告)号:US09058420B2
公开(公告)日:2015-06-16
申请号:US12239674
申请日:2008-09-26
申请人: Jim Chow , Tal Garfinkel , Peter M. Chen
发明人: Jim Chow , Tal Garfinkel , Peter M. Chen
CPC分类号: G06F11/3612 , G06F9/45558 , G06F11/3636 , G06F2009/45591
摘要: Dynamic program analysis is decoupled from execution in virtual computer environments and is carried out synchronously with program execution. Decoupled dynamic program analysis is enabled by separating execution and analysis into two tasks: (1) recording, where system execution is recorded with minimal interference, and (2) analysis, where the execution is replayed and analyzed. Synchronous decoupled program analysis is enabled by suspending execution or data outputs of the program until a confirmation is received that the analysis is in sync with the program execution.
摘要翻译: 动态程序分析与虚拟计算机环境中的执行脱钩,并与程序执行同步执行。 通过将执行和分析分为两个任务来实现解耦动态程序分析:(1)录制,其中以最小的干扰记录系统执行,以及(2)分析,执行被重放和分析。 通过暂停程序的执行或数据输出来启用同步解耦程序分析,直到接收到确认,分析与程序执行同步。
-
7.发明授权Decoupling dynamic program analysis from execution across heterogeneous systems 有权将异步系统中的动态程序分析与执行分解公开(公告)号:US08352240B2
公开(公告)日:2013-01-08
申请号:US12239648
申请日:2008-09-26
申请人: James Chow , Tal Garfinkel , Peter M. Chen
发明人: James Chow , Tal Garfinkel , Peter M. Chen
IPC分类号: G06F9/45
CPC分类号: G06F11/3612 , G06F9/45558 , G06F11/3636 , G06F2009/45591
摘要: Dynamic program analysis is decoupled from execution in virtual computer environments so that program analysis can be performed on a running computer program without affecting or perturbing the workload of the system on which the program is executing. Decoupled dynamic program analysis is enabled by separating execution and analysis into two tasks: (1) recording, where system execution is recorded with minimal interference, and (2) analysis, where the execution is replayed and analyzed. Recording and analysis are carried out on heterogeneous systems so that they can be separately optimized.
摘要翻译: 动态程序分析与虚拟计算机环境中的执行脱钩,以便可以在运行的计算机程序上执行程序分析,而不会影响或扰乱程序正在执行的系统的工作负载。 通过将执行和分析分为两个任务来实现解耦动态程序分析:(1)录制,其中以最小的干扰记录系统执行,以及(2)分析,执行被重放和分析。 在异构系统上进行记录和分析,以便可以单独进行优化。
-
公开(公告)号:US09823992B2
公开(公告)日:2017-11-21
申请号:US12239590
申请日:2008-09-26
申请人: James Chow , Tal Garfinkel , Peter M. Chen
发明人: James Chow , Tal Garfinkel , Peter M. Chen
CPC分类号: G06F11/3612 , G06F9/45558 , G06F11/3636 , G06F2009/45591
摘要: Dynamic program analysis is decoupled from execution in virtual computer environments so that program analysis can be performed on a running computer program without affecting or perturbing the workload of the system on which the program is executing. Decoupled dynamic program analysis is enabled by separating execution and analysis into two tasks: (1) recording, where system execution is recorded with minimal interference, and (2) analysis, where the execution is replayed and analyzed.
-
9.发明授权System and method of manipulating virtual machine recordings for high-level execution and replay 有权操作虚拟机记录的系统和方法进行高级执行和重放公开(公告)号:US09063766B2
公开(公告)日:2015-06-23
申请号:US13049637
申请日:2011-03-16
CPC分类号: G06F9/45533 , G06F11/3636 , G06F11/366
摘要: Execution behavior for processes within a virtual machine is recorded for subsequent replay. The execution behavior comprises a detailed, low-level recording of state changes for processes within the virtual machine. The low-level recording is processed via replay to produce a sliced recording that conforms to time, abstraction, and security requirements for a specific replay scenario. Multiple stages of replay may be arbitrarily stacked to generate different crosscut versions of a common low-level recording.
摘要翻译: 记录虚拟机中进程的执行行为,以便后续重播。 执行行为包括虚拟机内进程的状态变化的详细低级记录。 通过重放来处理低级记录,以产生符合特定重播场景的时间,抽象和安全要求的分片记录。 可以任意堆叠多个重放阶段以产生普通低级记录的不同横切版本。
-
10.发明授权Accelerating replayed program execution to support decoupled program analysis 有权加速重播的程序执行,以支持解耦程序分析公开(公告)号:US08719800B2
公开(公告)日:2014-05-06
申请号:US12239691
申请日:2008-09-26
申请人: James Chow , Tal Garfinkel , Peter M. Chen
发明人: James Chow , Tal Garfinkel , Peter M. Chen
IPC分类号: G06F9/44
CPC分类号: G06F11/3612 , G06F9/45558 , G06F11/3636 , G06F2009/45591
摘要: A virtual machine system decouples dynamic program analysis from program execution. Program analysis is decoupled from program execution through the use of a virtual machine to record program execution and an analysis platform to replay and analyze the program execution. Optimization techniques are applied to prevent the analysis platform from falling too far behind the program execution platform during replay.
摘要翻译: 虚拟机系统将动态程序分析与程序执行分离。 程序分析通过使用虚拟机记录程序执行和分析平台来重新分析程序执行与程序执行脱钩。 应用优化技术来防止分析平台在重放期间落后于程序执行平台。
-
-
-
-
-
-
-
-
-
搜索结果
11 条记录 (耗时 0.025 秒)
