-
公开(公告)号:US08291407B2
公开(公告)日:2012-10-16
申请号:US11901327
申请日:2007-09-17
IPC分类号: G06F9/445
摘要: The disclosure is directed to systems and methods for patching computer programs. In one example, a patch is virtually installed to a computing device having a base file system and configuration, a computer program, and a patch layering subsystem. The virtual installation may include storing content of the patch to a patch layer, and generating and storing mapping data defining at least one relationship between the content in the patch layer and content in the base file system and configuration. The virtually installed patch may be enabled, including applying the mapping data to the patch layering subsystem such that the patch layering subsystem is configured for selectively redirecting access requests from the base file system and configuration to the patch layer. In certain embodiments, the enabled patch may be disabled by reversing the application of the mapping data to the patch layering subsystem.
摘要翻译: 本公开涉及用于修补计算机程序的系统和方法。 在一个示例中,补丁虚拟地安装到具有基本文件系统和配置,计算机程序和补丁分层子系统的计算设备。 虚拟安装可以包括将补丁的内容存储到补丁层,以及生成和存储定义补丁层中的内容与基本文件系统和配置中的内容之间的至少一个关系的映射数据。 可以启用虚拟安装的补丁,包括将映射数据应用于补丁分层子系统,使得补丁分层子系统被配置用于将访问请求从基本文件系统和配置重定向到补丁层。 在某些实施例中,可以通过将映射数据的应用反转到补丁分层子系统来禁用启用的补丁。
-
公开(公告)号:US20080295086A1
公开(公告)日:2008-11-27
申请号:US11901327
申请日:2007-09-17
IPC分类号: G06F9/44
摘要: The disclosure is directed to systems and methods for patching computer programs. In one example, a patch is virtually installed to a computing device having a base file system and configuration, a computer program, and a patch layering subsystem. The virtual installation may include storing content of the patch to a patch layer, and generating and storing mapping data defining at least one relationship between the content in the patch layer and content in the base file system and configuration. The virtually installed patch may be enabled, including applying the mapping data to the patch layering subsystem such that the patch layering subsystem is configured for selectively redirecting access requests from the base file system and configuration to the patch layer. In certain embodiments, the enabled patch may be disabled by reversing the application of the mapping data to the patch layering subsystem.
摘要翻译: 本公开涉及用于修补计算机程序的系统和方法。 在一个示例中,补丁虚拟地安装到具有基本文件系统和配置,计算机程序和补丁分层子系统的计算设备。 虚拟安装可以包括将补丁的内容存储到补丁层,以及生成和存储定义补丁层中的内容与基础文件系统和配置中的内容之间的至少一个关系的映射数据。 可以启用虚拟安装的补丁,包括将映射数据应用于补丁分层子系统,使得补丁分层子系统被配置用于将访问请求从基本文件系统和配置重定向到补丁层。 在某些实施例中,可以通过将映射数据的应用反转到补丁分层子系统来禁用启用的补丁。
-
公开(公告)号:US08688641B1
公开(公告)日:2014-04-01
申请号:US12058927
申请日:2008-03-31
CPC分类号: G06F17/30126
摘要: A method is proposed. The method includes receiving a file operation request from a process and performing a census of instances of a file applicable to the file operation request to populate a data structure. The data structure including a listing of the instances of the file applicable to the file operation request. The data structure also includes characteristics for a first instance from among the instances of the file applicable to the file operation request, and characteristics for a second instance of a selected file from among the instances of the file applicable to the file operation request. The method also includes eliminating the first instance from among the instances of the file applicable to the file operation request on the basis of a rule associated with properties from a record for the process, and the characteristics for the first instance.
摘要翻译: 提出了一种方法。 该方法包括从进程接收文件操作请求并执行适用于文件操作请求的文件的实例的普查以填充数据结构。 数据结构包括适用于文件操作请求的文件实例的列表。 数据结构还包括适用于文件操作请求的文件的实例中的第一实例的特性,以及可应用于文件操作请求的文件的实例之间的所选文件的第二实例的特性。 该方法还包括基于与来自用于进程的记录的属性相关联的规则以及第一实例的特征,从适用于文件操作请求的文件的实例中删除第一实例。
-
4.发明授权Filtering I/O communication of guest OS by inserting filter layer between hypervisor and VM and between hypervisor and devices 有权通过在虚拟机管理程序和VM之间以及虚拟机管理程序和设备之间插入过滤器层来过滤访客操作系统的I / O通信公开(公告)号:US08490086B1
公开(公告)日:2013-07-16
申请号:US12495420
申请日:2009-06-30
申请人: Randall R. Cook , Kenneth Berryman
发明人: Randall R. Cook , Kenneth Berryman
CPC分类号: G06F9/45558 , G06F11/301 , G06F11/3051 , G06F11/3072 , G06F11/3089 , G06F21/53 , G06F2009/45587
摘要: A computer-implemented method for filtering input/output communications of guest operating systems may include: 1) identifying a guest operating system running in a virtual machine, 2) creating an input/output filtering layer that resides outside the guest operating system, 3) intercepting, at the input/output filtering layer, an input/output communication involving the guest operating system, and then 4) performing a filtering operation on the input/output communication. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译: 用于过滤客户操作系统的输入/输出通信的计算机实现的方法可以包括:1)识别在虚拟机中运行的客户操作系统,2)创建驻留在客户操作系统之外的输入/输出过滤层,3) 在输入/输出过滤层处拦截涉及客户操作系统的输入/输出通信,然后4)对输入/输出通信进行滤波操作。 还公开了各种其它方法,系统和计算机可读介质。
-
公开(公告)号:US08353044B1
公开(公告)日:2013-01-08
申请号:US12147744
申请日:2008-06-27
申请人: Howard Jones , Kevin Unbedacht , Randall R. Cook
发明人: Howard Jones , Kevin Unbedacht , Randall R. Cook
IPC分类号: H04L29/06
CPC分类号: H04L67/34 , H04L63/102 , H04L67/125
摘要: A computer-implemented method for remediation of a computing device attempting to access a network. The method may include detecting that the computing device is attempting to access the network. The method may also include determining that the computing device does not comply with a network-access-control policy of the network. The method may include using a virtualization layer to bring the computing device into compliance with the network-access-control policy. The method may include permitting the computing device to access the network after the computing device is brought into compliance with the network-access-control policy. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译: 用于修复试图访问网络的计算设备的计算机实现的方法。 该方法可以包括检测计算设备正试图访问网络。 该方法还可以包括确定计算设备不符合网络的网络访问控制策略。 该方法可以包括使用虚拟化层来使计算设备符合网络访问控制策略。 该方法可以包括允许计算设备在计算设备符合网络访问控制策略之后访问网络。 还公开了各种其它方法,系统和计算机可读介质。
-
6.发明授权公开(公告)号:US08112392B1
公开(公告)日:2012-02-07
申请号:US12371116
申请日:2009-02-13
申请人: Karl Bunnell , Randall R. Cook , Jeremy Hurren
发明人: Karl Bunnell , Randall R. Cook , Jeremy Hurren
IPC分类号: G06F7/00
CPC分类号: G06F17/30233 , G06F9/45558
摘要: A method may include identifying a virtualized application that has a read-only virtualization sublayer and a read-write virtualization sublayer. The read-only virtualization sublayer may represent a base state of the virtualized application and the read-write virtualization sublayer may be configured to store changes to the base state of the virtualized application. The method may also include determining a first difference between the read-only virtualization sublayer and the read-write virtualization sublayer at a first point in time and using the first difference between the read-only virtualization sublayer and the read-write virtualization sublayer to create a first snapshot that represents a state of the virtualized application at the first point in time. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译: 一种方法可以包括识别具有只读虚拟化子层和读写虚拟化子层的虚拟化应用。 只读虚拟化子层可以表示虚拟应用的基本状态,并且读写虚拟化子层可以被配置为存储对虚拟应用的基本状态的改变。 该方法还可以包括在第一时间点确定只读虚拟化子层和读写虚拟化子层之间的第一差异,并使用只读虚拟化子层和读写虚拟化子层之间的第一个差异来创建 表示第一时间点的虚拟化应用程序状态的第一个快照。 还公开了各种其它方法,系统和计算机可读介质。
-
公开(公告)号:US20110145806A1
公开(公告)日:2011-06-16
申请号:US12058782
申请日:2008-03-31
申请人: Randall R. Cook
发明人: Randall R. Cook
IPC分类号: G06F9/44
CPC分类号: G06F8/67 , G06F8/61 , G06F8/65 , G06F8/656 , G06F17/30067
摘要: The disclosure is directed to dynamic insertion and removal of virtual software sub-layers. In one example, a virtual layer associated with a software application is virtually installed and activated in a computing device. A virtual sub-layer associated with a component of the software application is dynamically inserted in the virtual layer. The virtual layer remains active during the dynamic insertion of the virtual sub-layer. In certain embodiments, a process is executed from the virtual layer, a determination is made as to whether the process launched before or after the insertion of the virtual sub-layer, and the inserted virtual sub-layer is selectively made visible or invisible to the process based on the determination.
摘要翻译: 本公开旨在动态插入和移除虚拟软件子层。 在一个示例中,与计算设备虚拟地安装并激活与软件应用相关联的虚拟层。 与软件应用的组件相关联的虚拟子层被动态地插入到虚拟层中。 虚拟层在动态插入虚拟子层期间保持活动状态。 在某些实施例中,从虚拟层执行处理,确定在虚拟子层的插入之前或之后启动的进程以及插入的虚拟子层是否被选择性地使其可见或不可见 过程基于确定。
-
公开(公告)号:US6105069A
公开(公告)日:2000-08-15
申请号:US970069
申请日:1997-11-13
申请人: Nicholas Huston Franklin , Bill Guy Bodine , Randall R. Cook , Calvin R. Gaisford , Matthew G. Brooks , Carla M. Heesch , Kelly E. Sonderegger
发明人: Nicholas Huston Franklin , Bill Guy Bodine , Randall R. Cook , Calvin R. Gaisford , Matthew G. Brooks , Carla M. Heesch , Kelly E. Sonderegger
IPC分类号: G06F1/00 , G06F21/00 , G06F15/173 , G06F17/00
CPC分类号: G06F21/6218 , G06F21/10 , G06F21/121 , G06F21/53 , G06F2221/2135 , G06F2221/2141
摘要: A directory services system includes a resource object, such as an application object for accessing a resource associated with the resource object. Attributes of the resource object contain licensing control information. The licensing attributes may be used by executables to control access by a user to properly licensed instances of a resource corresponding to the resource object. Also, a utility may be provided to manage the licensing attributes in the resource object. A licensing function may thus control a resource, via its resource object in the directory services database. Licensing maybe easily implemented by setting a new disabling attribute in the object.
摘要翻译: 目录服务系统包括资源对象,例如用于访问与资源对象相关联的资源的应用对象。 资源对象的属性包含许可控制信息。 可执行文件可以使用许可属性来控制用户对与资源对象相对应的资源的适当许可的实例的访问。 另外,可以提供一个实用程序来管理资源对象中的许可属性。 因此许可功能可以通过目录服务数据库中的资源对象来控制资源。 许可可以通过在对象中设置一个新的禁用属性来轻松实现。
-
公开(公告)号:US09100246B1
公开(公告)日:2015-08-04
申请号:US12142549
申请日:2008-06-19
申请人: Lance TeNgaio , Randall R. Cook
发明人: Lance TeNgaio , Randall R. Cook
CPC分类号: H04L29/08099 , G06F9/45558 , G06F9/48 , G06F9/545 , G06F2009/45562 , G06F2009/45575 , G06F2209/542 , H04L29/06 , H04L29/08009 , H04L29/08081 , H04L29/0809 , H04L29/08117 , H04L29/08135 , H04L29/08144
摘要: Distributed application virtualization provides for the distribution, configuration and control of multiple application components, layered file systems, and configuration settings that may be applied on top of an operating system of each system configured to work in conjunction with other systems within a single distributed virtualization layer. A distributed software virtualization manager or service handles communication between systems within each distributed virtual layer. One distributed virtualization operation activates components, selected based on user-defined parameters, on systems across the network belonging to a selected distributed virtual application layer. Other virtualization operations, whether local and/or distributed, include capturing file system and configuration activity associated with the detected event and storing data representative of the captured file system and configuration activity to a virtual layer, such as a local or distributed application layer.
摘要翻译: 分布式应用程序虚拟化提供了可分配,配置和控制多个应用程序组件,分层文件系统和配置设置,这些配置设置可以应用于配置为与单个分布式虚拟化层内的其他系统配合工作的每个系统的操作系统之上 。 分布式软件虚拟化管理器或服务处理每个分布式虚拟层内的系统之间的通信。 一个分布式虚拟化操作在属于所选分布式虚拟应用层的网络上的系统上激活基于用户定义的参数选择的组件。 本地和/或分发的其他虚拟化操作包括捕获与检测到的事件相关联的文件系统和配置活动,并将表示所捕获的文件系统和配置活动的数据存储到诸如本地或分布式应用层的虚拟层。
-
公开(公告)号:US08639734B1
公开(公告)日:2014-01-28
申请号:US12059973
申请日:2008-03-31
申请人: Randall R. Cook
发明人: Randall R. Cook
IPC分类号: G06F12/10
CPC分类号: G06F17/30115
摘要: An apparatus or method in which information external to a file is used to select a directory within a file system where the file is to be stored. In one embodiment of the method a first request is received to create a first file in a file system, wherein the first request comprises a first file system path. First information is also received that describes data contained in a first data object. A first redirect file system path component is selected from a plurality of redirect file system path components in response to receiving the first information. The first file system path is then modified by adding the first redirect file system path component to the first file system path.
摘要翻译: 使用文件外部的信息来选择要存储文件的文件系统内的目录的装置或方法。 在该方法的一个实施例中,接收到第一请求以在文件系统中创建第一文件,其中第一请求包括第一文件系统路径。 还收到描述包含在第一数据对象中的数据的第一信息。 响应于接收到第一信息,从多个重定向文件系统路径组件中选择第一重定向文件系统路径组件。 然后通过将第一个重定向文件系统路径组件添加到第一个文件系统路径来修改第一个文件系统路径。
-
-
-
-
-
-
-
-
-
搜索结果
34 条记录 (耗时 0.05 秒)
