公开(公告)号：US08839245B1

公开(公告)日：2014-09-16

申请号：US13526354

申请日：2012-06-18

申请人： Deepak Khajuria ,  Kiran Bondalapati ,  Vikram Kapoor ,  Gaurav Banga ,  Ian Pratt

发明人： Deepak Khajuria ,  Kiran Bondalapati ,  Vikram Kapoor ,  Gaurav Banga ,  Ian Pratt

IPC分类号： G06F9/455

CPC分类号： G06F9/45558 ,  G06F17/30233 ,  G06F2009/45595

摘要： Approaches for transferring a file using a virtualized application. A virtualized application executes within a virtual machine residing on a physical machine. When the virtualized application is instructed to download a file stored external to the physical machine, the virtualized application displays an interface which enables at least a portion of a file system, maintained by a host OS, to be browsed while preventing files stored within the virtual machine to be browsed. Upon the virtualized application receiving input identifying a target location within the file system, the virtualized application stores the file at the target location. The virtualized application may also upload a file stored on the physical machine using an interface which enables at least a portion of a file system of a host OS to be browsed while preventing files in the virtual machine to be browsed.

摘要翻译： 使用虚拟化应用程序传输文件的方法。 虚拟化应用程序在驻留在物理机器上的虚拟机中执行。 当指示虚拟化应用程序下载存储在物理机外部的文件时，虚拟化应用程序显示一个接口，该接口使得能够浏览由主机OS维护的文件系统的至少一部分，同时防止存储在虚拟机中的文件 机器被浏览。 在虚拟化应用程序接收到识别文件系统中的目标位置的输入时，虚拟应用程序将文件存储在目标位置。 虚拟化应用还可以使用允许在主机OS的文件系统的至少一部分被浏览的同时上传存储在物理机上的文件，同时防止虚拟机中的文件被浏览。

公开(公告)号：US09104837B1

公开(公告)日：2015-08-11

申请号：US13526423

申请日：2012-06-18

申请人： Deepak Khajuria ,  Gaurav Banga ,  Ian Pratt ,  Vikram Kapoor

发明人： Deepak Khajuria ,  Gaurav Banga ,  Ian Pratt ,  Vikram Kapoor

IPC分类号： G06F9/455 ,  G06F21/00 ,  G06F9/50 ,  G06F21/53

CPC分类号： G06F21/00 ,  G06F9/455 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/50 ,  G06F21/53 ,  G06F2009/45579 ,  G06F2009/45587

摘要： Approaches for securing resources of a virtual machine. An application executes on a host operating system. A user instructs the application to display a file. In response, a host module executing on the host operating system instructs a guest module, executing within a virtual machine, to render the file within the virtual machine. The application displays the file using screen data which was created within the virtual machine and defines a rendered representation of the file. The user is prevented from accessing any resource of the virtual machine unrelated to the file. The virtual machine may consult policy data to determine how to perform certain user-initiated actions within the virtual machine. Examples of the file include image, a document, an email, and a web page.

摘要翻译： 保护虚拟机资源的方法。 应用程序在主机操作系统上执行。 用户指示应用程序显示文件。 作为响应，在主机操作系统上执行的主机模块指示在虚拟机内执行的访客模块呈现虚拟机内的文件。 应用程序使用在虚拟机中创建的屏幕数据显示文件，并定义文件的呈现表示。 禁止用户访问与该文件无关的虚拟机的任何资源。 虚拟机可以参考策略数据来确定如何在虚拟机内执行某些用户启动的动作。 该文件的示例包括图像，文档，电子邮件和网页。

公开(公告)号：US08719933B1

公开(公告)日：2014-05-06

申请号：US13526810

申请日：2012-06-19

申请人： Deepak Khajuria ,  Gaurav Banga ,  Vikram Kapoor ,  Ian Pratt

发明人： Deepak Khajuria ,  Gaurav Banga ,  Vikram Kapoor ,  Ian Pratt

IPC分类号： G06F21/00

CPC分类号： G06F21/608

摘要： Approaches for processing a digital file in a manner designed to minimize exposure of any malicious code contained therein. A digital file resides with a virtual machine. When the virtual machine receives an instruction to print, fax, or email the digital file, the virtual machine creates, from the digital file existing in an original format, a copy of the digital file in a different format within the virtual machine. The different format preserves a visual presentation of the digital file without supporting metadata or file format data structures of the original format. The virtual machine instructs the host OS to print the copy of the digital file, send a facsimile of the copy of the digital file, or email the copy of the digital file. The host OS may consult policy data in determining how to carry out the request vis-à-vis the digital file.

摘要翻译： 用于以旨在最小化其中包含的任何恶意代码的暴露的方式处理数字文件的方法。 数字文件驻留有虚拟机。 当虚拟机接收到打印，传真或电子邮件数字文件的指令时，虚拟机将以原始格式存在的数字文件以虚拟机内的不同格式创建数字文件的副本。 不同的格式保留了数字文件的可视化呈现，而不支持原始格式的元数据或文件格式数据结构。 虚拟机指示主机OS打印数字文件的副本，发送数字文件副本的传真，或者发送数字文件的副本。 主机操作系统可以在确定如何对数字文件执行请求时查询策略数据。

公开(公告)号：US08224943B2

公开(公告)日：2012-07-17

申请号：US12058593

申请日：2008-03-28

申请人： Matt Ocko ,  George Tuma ,  Manish Kalia ,  Sandeep Sukhija ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das

发明人： Matt Ocko ,  George Tuma ,  Manish Kalia ,  Sandeep Sukhija ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das

IPC分类号： G06F15/173

CPC分类号： G06F11/2023 ,  H04L67/14 ,  H04L67/2819 ,  H04L67/2861 ,  H04L67/327 ,  H04L69/40

摘要： A service appliance is installed between production servers running service applications and service users. The production servers and their service applications provide services to the service users. In the event that a production server is unable to provide its service to users, the service appliance can transparently intervene to maintain service availability. To maintain transparency to service users and service applications, service users are located on a first network and production servers are located on a second network. The service appliance assumes the addresses of the service users on the second network and the addresses of the production servers on the first network. Thus, the service appliance obtains all network traffic sent between the production server and service users. While the service application is operating correctly, the service appliance forwards network traffic between the two networks using various network layers.

摘要翻译： 服务设备安装在运行服务应用程序的生产服务器和服务用户之间。 生产服务器及其服务应用程序向服务用户提供服务。 如果生产服务器无法向用户提供服务，则服务设备可以透明地介入以维护服务可用性。 为了保持服务用户和服务应用程序的透明度，服务用户位于第一个网络上，生产服务器位于第二个网络上。 服务设备假定第二个网络上的服务用户的地址以及第一个网络上的生产服务器的地址。 因此，服务设备获取在生产服务器和服务用户之间发送的所有网络流量。 当服务应用程序正常运行时，服务设备使用各种网络层在两个网络之间转发网络流量。

公开(公告)号：US20060015645A1

公开(公告)日：2006-01-19

申请号：US11166359

申请日：2005-06-24

申请人： Matt Ocko ,  George Tuma ,  Manish Kalia ,  Sandeep Kalia ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das

发明人： Matt Ocko ,  George Tuma ,  Manish Kalia ,  Sandeep Kalia ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das

IPC分类号： G06F15/173

CPC分类号： G06F11/2023 ,  H04L67/14 ,  H04L67/2819 ,  H04L67/2861 ,  H04L67/327 ,  H04L69/40

摘要： A service appliance is installed between production servers running service applications and service users. The production servers and their service applications provide services to the service users. In the event that a production server is unable to provide its service to users, the service appliance can transparently intervene to maintain service availability. To maintain transparency to service users and service applications, service users are located on a first network and production servers are located on a second network. The service appliance assumes the addresses of the service users on the second network and the addresses of the production servers on the first network. Thus, the service appliance obtains all network traffic sent between the production server and service users. While the service application is operating correctly, the service appliance forwards network traffic between the two networks using various network layers.

公开(公告)号：US20120266234A1

公开(公告)日：2012-10-18

申请号：US13530986

申请日：2012-06-22

申请人： Matt Ocko ,  George Tuma ,  Manish Kalia ,  Sandeep Sukhija ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das

发明人： Matt Ocko ,  George Tuma ,  Manish Kalia ,  Sandeep Sukhija ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das

IPC分类号： G06F15/173 ,  G06F11/20 ,  G06F21/00

CPC分类号： G06F11/2023 ,  H04L67/14 ,  H04L67/2819 ,  H04L67/2861 ,  H04L67/327 ,  H04L69/40

摘要： A service appliance is installed between production servers running service applications and service users. The production servers and their service applications provide services to the service users. In the event that a production server is unable to provide its service to users, the service appliance can transparently intervene to maintain service availability. To maintain transparency to service users and service applications, service users are located on a first network and production servers are located on a second network. The service appliance assumes the addresses of the service users on the second network and the addresses of the production servers on the first network. Thus, the service appliance obtains all network traffic sent between the production server and service users. While the service application is operating correctly, the service appliance forwards network traffic between the two networks using various network layers.

摘要翻译： 服务设备安装在运行服务应用程序的生产服务器和服务用户之间。 生产服务器及其服务应用程序向服务用户提供服务。 如果生产服务器无法向用户提供服务，则服务设备可以透明地介入以维护服务可用性。 为了保持服务用户和服务应用程序的透明度，服务用户位于第一个网络上，生产服务器位于第二个网络上。 服务设备假定第二个网络上的服务用户的地址以及第一个网络上的生产服务器的地址。 因此，服务设备获取在生产服务器和服务用户之间发送的所有网络流量。 当服务应用程序正常运行时，服务设备使用各种网络层在两个网络之间转发网络流量。

公开(公告)号：US08504676B2

公开(公告)日：2013-08-06

申请号：US13530986

申请日：2012-06-22

申请人： Matt Ocko ,  George Tuma ,  Sandeep Sukhija ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das ,  Manish Kalia

发明人： Matt Ocko ,  George Tuma ,  Sandeep Sukhija ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das ,  Manish Kalia

IPC分类号： G06F15/173

CPC分类号： G06F11/2023 ,  H04L67/14 ,  H04L67/2819 ,  H04L67/2861 ,  H04L67/327 ,  H04L69/40

摘要： A service appliance is installed between production servers running service applications and service users. The production servers and their service applications provide services to the service users. In the event that a production server is unable to provide its service to users, the service appliance can transparently intervene to maintain service availability. To maintain transparency to service users and service applications, service users are located on a first network and production servers are located on a second network. The service appliance assumes the addresses of the service users on the second network and the addresses of the production servers on the first network. Thus, the service appliance obtains all network traffic sent between the production server and service users. While the service application is operating correctly, the service appliance forwards network traffic between the two networks using various network layers.

摘要翻译： 服务设备安装在运行服务应用程序的生产服务器和服务用户之间。 生产服务器及其服务应用程序向服务用户提供服务。 如果生产服务器无法向用户提供服务，则服务设备可以透明地介入以维护服务可用性。 为了保持服务用户和服务应用程序的透明度，服务用户位于第一个网络上，生产服务器位于第二个网络上。 服务设备假定第二个网络上的服务用户的地址以及第一个网络上的生产服务器的地址。 因此，服务设备获取在生产服务器和服务用户之间发送的所有网络流量。 当服务应用程序正常运行时，服务设备使用各种网络层在两个网络之间转发网络流量。

公开(公告)号：US20090083399A1

公开(公告)日：2009-03-26

申请号：US12058593

申请日：2008-03-28

申请人： Matt Ocko ,  George Tuma ,  Manish Kalia ,  Sandeep Sukhija ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das

发明人： Matt Ocko ,  George Tuma ,  Manish Kalia ,  Sandeep Sukhija ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das

IPC分类号： G06F15/16 ,  G06F15/173

CPC分类号： G06F11/2023 ,  H04L67/14 ,  H04L67/2819 ,  H04L67/2861 ,  H04L67/327 ,  H04L69/40

摘要： A service appliance is installed between production servers running service applications and service users. The production servers and their service applications provide services to the service users. In the event that a production server is unable to provide its service to users, the service appliance can transparently intervene to maintain service availability. To maintain transparency to service users and service applications, service users are located on a first network and production servers are located on a second network. The service appliance assumes the addresses of the service users on the second network and the addresses of the production servers on the first network. Thus, the service appliance obtains all network traffic sent between the production server and service users. While the service application is operating correctly, the service appliance forwards network traffic between the two networks using various network layers.

摘要翻译： 服务设备安装在运行服务应用程序的生产服务器和服务用户之间。 生产服务器及其服务应用程序向服务用户提供服务。 如果生产服务器无法向用户提供服务，则服务设备可以透明地介入以维护服务可用性。 为了保持服务用户和服务应用程序的透明度，服务用户位于第一个网络上，生产服务器位于第二个网络上。 服务设备假定第二个网络上的服务用户的地址以及第一个网络上的生产服务器的地址。 因此，服务设备获取在生产服务器和服务用户之间发送的所有网络流量。 当服务应用程序正常运行时，服务设备使用各种网络层在两个网络之间转发网络流量。

公开(公告)号：US07363366B2

公开(公告)日：2008-04-22

申请号：US11166359

申请日：2005-06-24

申请人： Matt Ocko ,  George Tuma ,  Manish Kalia ,  Sandeep Sukhija ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das

发明人： Matt Ocko ,  George Tuma ,  Manish Kalia ,  Sandeep Sukhija ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das

IPC分类号： G06F15/173

CPC分类号： G06F11/2023 ,  H04L67/14 ,  H04L67/2819 ,  H04L67/2861 ,  H04L67/327 ,  H04L69/40

摘要： A service appliance is installed between production servers running service applications and service users. The production servers and their service applications provide services to the service users. In the event that a production server is unable to provide its service to users, the service appliance can transparently intervene to maintain service availability. To maintain transparency to service users and service applications, service users are located on a first network and production servers are located on a second network. The service appliance assumes the addresses of the service users on the second network and the addresses of the production servers on the first network. Thus, the service appliance obtains all network traffic sent between the production server and service users. While the service application is operating correctly, the service appliance forwards network traffic between the two networks using various network layers.

摘要翻译： 服务设备安装在运行服务应用程序的生产服务器和服务用户之间。 生产服务器及其服务应用程序向服务用户提供服务。 如果生产服务器无法向用户提供服务，则服务设备可以透明地介入以维护服务可用性。 为了保持服务用户和服务应用程序的透明度，服务用户位于第一个网络上，生产服务器位于第二个网络上。 服务设备假定第二个网络上的服务用户的地址以及第一个网络上的生产服务器的地址。 因此，服务设备获取在生产服务器和服务用户之间发送的所有网络流量。 当服务应用程序正常运行时，服务设备使用各种网络层在两个网络之间转发网络流量。

公开(公告)号：US20060015584A1

公开(公告)日：2006-01-19

申请号：US11165837

申请日：2005-06-24

申请人： Matt Ocko ,  George Tuma ,  Sandeep Sukhija ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das

发明人： Matt Ocko ,  George Tuma ,  Sandeep Sukhija ,  John Purrier ,  Rajesh Gupta ,  Deepak Khajuria ,  Saumitra Das

IPC分类号： G06F15/16

CPC分类号： H04L67/16 ,  H04L69/40

摘要： A service appliance can be installed between one or more production servers running service applications and service users. In the event that a production server is unable to provide its service to users, the service appliance can transparently intervene to maintain service availibility. The service appliance is capable of providing the service using a service application that is differently configured or even a different application than the service applications of the production server. The service appliance may include hardware and/or software to monitor, repair, maintain, and update the service application and other associated software applications and components of service appliance. The service appliance may be configured to have a locked state that prevents local running of additional applications other than those provided for prior to entering the locked state, limiting local and remote user administration of and operational control of the operating system and service application.

摘要翻译： 服务设备可以安装在运行服务应用程序的一个或多个生产服务器和服务用户之间。 如果生产服务器无法向用户提供服务，则服务设备可以透明地介入以维护服务可用性。 服务设备能够使用与生产服务器的服务应用程序不同的配置或甚至不同的应用程序的服务应用程序来提供服务。 服务设备可以包括用于监视，修复，维护和更新服务应用程序和服务设备的其他相关联的软件应用程序和组件的硬件和/或软件。 服务设备可以被配置为具有防止附加应用的本地运行的锁定状态，而不是在进入锁定状态之前提供的应用，限制本地和远程用户对操作系统和服务应用的管理和操作控制。