-
公开(公告)号:US07669238B2
公开(公告)日:2010-02-23
申请号:US10705756
申请日:2003-11-10
申请人: Gregory D. Fee , Aaron Goldfeder , John M. Hawkins , Jamie L. Cool , Sebastian Lange , Sergey Khorun
发明人: Gregory D. Fee , Aaron Goldfeder , John M. Hawkins , Jamie L. Cool , Sebastian Lange , Sergey Khorun
IPC分类号: H04L9/00
摘要: Evidence-based application security may be implemented at the application and/or application group levels. A manifest may be provided defining at least one trust condition for the application or application group. A policy manager evaluates application evidence (e.g., an XrML license) for an application or group of applications relative to the manifest. The application is only granted permissions on the computer system if the application evidence indicates that the application is trusted. Similarly, a group of applications are only granted permissions on the computer system if the evidence indicates that the group of applications is trusted. If the application evidence satisfies the at least one trust condition defined by the manifest, the policy manager generates a permission grant set for each code assembly that is a member of the at least one application. Evidence may be further evaluated for code assemblies that are members of the trusted application or application group.
摘要翻译: 基于证据的应用程序安全性可以在应用程序和/或应用程序组级别实现。 可以提供清单来为应用或应用组定义至少一个信任条件。 策略管理员针对相对于清单的应用程序或应用程序组来评估应用程序证据(例如,XrML许可证)。 如果应用程序的证据表明应用程序是可信任的,则该应用程序仅被授予计算机系统的权限。 类似地,如果证据表明应用程序组是可信任的,则一组应用程序仅被授予计算机系统的权限。 如果应用证据满足由清单定义的至少一个信任条件,则策略管理器为作为至少一个应用的成员的每个代码集合生成许可授权集合。 可以对作为可信应用程序或应用程序组成员的代码程序集进一步评估证据。
-
公开(公告)号:US08966198B1
公开(公告)日:2015-02-24
申请号:US13602974
申请日:2012-09-04
CPC分类号: G06F3/0619 , G06F3/065 , G06F3/0664 , G06F3/0673 , G06F11/1451 , G06F11/1469 , G06F17/30312 , G06F17/30575 , G06F2201/815 , G06F2201/84
摘要: In general, one aspect of the subject matter described in this specification can be embodied in methods that include receiving, at a computer system, a request to create a snapshot of a virtual storage device, wherein the virtual storage device virtually stores data at virtual addresses, the data being physically stored at a plurality of physical storage locations that are managed by an underlying storage system associated with virtual storage device; the methods can further include identifying, by the computer system, one or more regions of the virtual storage device that have been written to since a previous snapshot of the virtual storage device was created; the methods can additionally include generating a unique identifier for the requested snapshot; and creating the requested snapshot using the identified one more regions and the unique identifier.
摘要翻译: 通常,本说明书中描述的主题的一个方面可以包括在计算机系统中接收创建虚拟存储设备的快照的请求的方法中,其中虚拟存储设备虚拟地将数据存储在虚拟地址 所述数据被物理存储在由与虚拟存储设备相关联的底层存储系统管理的多个物理存储位置; 所述方法还可以包括由计算机系统识别由虚拟存储设备的先前快照创建以来已被写入的虚拟存储设备的一个或多个区域; 所述方法还可以包括为所请求的快照生成唯一的标识符; 并使用所标识的多个区域和唯一标识符来创建所请求的快照。
-
公开(公告)号:US20130262405A1
公开(公告)日:2013-10-03
申请号:US13831219
申请日:2013-03-14
申请人: Andrew Kadatch , Sergey Khorun
发明人: Andrew Kadatch , Sergey Khorun
IPC分类号: G06F17/30
CPC分类号: G06F17/30371 , G06F9/45558 , G06F9/5072 , G06F17/30091 , G06F17/30138 , G06F17/30233 , G06F17/30303 , G06F2009/4557
摘要: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for virtual block storage. In one aspect, a method includes receiving a request to initialize a virtual machine, the virtual machine having an associated virtual block device; accessing a file map comprising a plurality of file map entries; determining file map entries corresponding to blocks of data allocated to the virtual block device and one or more files in which the blocks of data allocated to the virtual block device are stored; determining that a particular one of the blocks allocated to the virtual block device has been written to a new position not associated with the particular block in the file map; and updating the position associated with the particular block to the new position.
摘要翻译: 方法,系统和装置,包括在计算机存储介质上编码的用于虚拟块存储的计算机程序。 一方面,一种方法包括接收初始化虚拟机的请求,所述虚拟机具有相关联的虚拟块设备; 访问包括多个文件映射条目的文件映射; 确定对应于分配给所述虚拟块装置的数据块的文件映射条目以及分配给所述虚拟块装置的数据块的一个或多个文件; 确定分配给所述虚拟块设备的块中的特定一个已被写入到与所述文件映射中的所述特定块不相关联的新位置; 以及将与特定块相关联的位置更新到新位置。
-
公开(公告)号:US09069616B2
公开(公告)日:2015-06-30
申请号:US13243752
申请日:2011-09-23
申请人: Andrew Kadatch , Sergey Khorun
发明人: Andrew Kadatch , Sergey Khorun
CPC分类号: G06F9/5027 , G06F3/0611 , G06F3/0659 , G06F3/067
摘要: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for managing resources in a computing system. For virtual hard disk drives supported by multiple physic hard disk drives over a network, artificial throttling of the disk access bandwidth is implemented, such that the resulting latency behavior of each virtual hard disk drive resembles the latency behavior of a corresponding physical hard disk drive emulated by the virtual hard disk drive. In various implementations, the artificial throttling simulates both characteristics of sequential access latencies and random access latencies on a physical hard drive.
摘要翻译: 方法,系统和装置,包括在计算机存储介质上编码的用于管理计算系统中的资源的计算机程序。 对于通过网络的多个物理硬盘驱动器支持的虚拟硬盘驱动器,实现了磁盘访问带宽的人为限制,从而每个虚拟硬盘驱动器的结果延迟行为类似于仿真的相应物理硬盘驱动器的延迟行为 由虚拟硬盘驱动器。 在各种实现中,人造节流模拟物理硬盘驱动器上的顺序访问延迟和随机访问延迟的特征。
-
公开(公告)号:US20130081014A1
公开(公告)日:2013-03-28
申请号:US13243752
申请日:2011-09-23
申请人: Andrew Kadatch , Sergey Khorun
发明人: Andrew Kadatch , Sergey Khorun
IPC分类号: G06F9/455
CPC分类号: G06F9/5027 , G06F3/0611 , G06F3/0659 , G06F3/067
摘要: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for managing resources in a computing system. For virtual hard disk drives supported by multiple physic hard disk drives over a network, artificial throttling of the disk access bandwidth is implemented, such that the resulting latency behavior of each virtual hard disk drive resembles the latency behavior of a corresponding physical hard disk drive emulated by the virtual hard disk drive. In various implementations, the artificial throttling simulates both characteristics of sequential access latencies and random access latencies on a physical hard drive.
摘要翻译: 方法,系统和装置,包括在计算机存储介质上编码的用于管理计算系统中的资源的计算机程序。 对于通过网络的多个物理硬盘驱动器支持的虚拟硬盘驱动器,实现了磁盘访问带宽的人为限制,从而每个虚拟硬盘驱动器的结果延迟行为类似于仿真的相应物理硬盘驱动器的延迟行为 由虚拟硬盘驱动器。 在各种实现中,人造节流模拟物理硬盘驱动器上的顺序访问延迟和随机访问延迟的特征。
-
-
-
-
搜索结果
5 条记录 (耗时 0.028 秒)
