公开(公告)号：US09459899B2

公开(公告)日：2016-10-04

申请号：US13900736

申请日：2013-05-23

Applicant: Samsung Electronics Co., Ltd.

Inventor： Byung-woan Kim ,  Sang-bum Suh ,  Kyung-ah Chang ,  Seong-yeol Park

IPC: G06F9/455

CPC classification number: G06F9/45537

Abstract: Provided are an apparatus and method for providing services using a virtual operating system (OS). The apparatus classifies virtual resources into a plurality of mutually exclusive regions and manages the virtual resources based on the provides services regions. The plurality of provides services regions include a virtual region whose resources are stored in and used on an external storage, and an overlay region whose resources refer to host resources. The apparatus uses the region information for virtual resources and a list of resources accessed for each application process to manage the virtual resources.

公开(公告)号：US08973093B2

公开(公告)日：2015-03-03

申请号：US13904455

申请日：2013-05-29

Applicant: Samsung Electronics Co., Ltd.

Inventor： Jae-min Park ,  Sang-bum Suh ,  Kyung-ah Chang

IPC: H04L29/06 ,  G06F21/10 ,  G06F21/12

CPC classification number: G06F21/10 ,  G06F21/121

Abstract: A method of executing a virtualized application able to run in a virtualized environment. The virtualized application includes application software and the virtualized environment. The application software includes a license monitor to search for a software license while monitoring an execution policy set by a software provider when software is installed or executed. The virtualized environment includes an environment monitor to monitor an execution environment provided to the application software by the virtualized environment. Therefore, it is possible to prevent software able to run in a virtualized environment from being freely copied without any limitations by the execution policy provided by the software provider.

Abstract translation: 一种执行能够在虚拟环境中运行的虚拟化应用程序的方法。 虚拟化应用程序包括应用软件和虚拟化环境。 应用软件包括许可证监视器，用于在软件安装或执行时监视由软件提供商设置的执行策略，以搜索软件许可证。 虚拟化环境包括环境监视器，用于监视由虚拟化环境提供给应用软件的执行环境。 因此，可以防止在虚拟化环境中运行的软件在由软件提供商提供的执行策略的任何限制下自由复制。

公开(公告)号：US09164919B2

公开(公告)日：2015-10-20

申请号：US14597761

申请日：2015-01-15

Applicant: SAMSUNG ELECTRONICS CO., LTD.

Inventor： Minsung Jang ,  Seong-yeol Park ,  Jae-Min Park ,  Sang-bum Suh ,  Sung-kwan Heo ,  Byung-woan Kim

IPC: G06F15/16 ,  G06F9/00 ,  G06F12/10 ,  G06F13/38 ,  G06F12/14 ,  G06F13/28 ,  G06F9/455

CPC classification number: G06F12/1081 ,  G06F9/45533 ,  G06F9/45537 ,  G06F12/1408 ,  G06F13/28 ,  G06F13/385

Abstract: A method and apparatus for inputting and outputting data by using a virtualization technique are provided. The method includes generating a virtual operating system (OS) for the external device, which is connected to a host, based on OS information stored in the external device, setting a partial area of a storage of the host as virtual storage for the external device, and storing the data in the virtual storage or a memory of the external device in response to a request for inputting and outputting the data from the virtual OS.

Abstract translation: 提供了一种通过使用虚拟化技术来输入和输出数据的方法和装置。 该方法包括基于存储在外部设备中的OS信息，生成连接到主机的外部设备的虚拟操作系统（OS），将主机的存储部分区域设置为外部设备的虚拟存储 并且响应于从虚拟OS输入和输出数据的请求，将数据存储在外部设备的虚拟存储器或存储器中。

公开(公告)号：US09501641B2

公开(公告)日：2016-11-22

申请号：US14199020

申请日：2014-03-06

Applicant: SAMSUNG ELECTRONICS CO., LTD.

Inventor： Sung-Min Lee ,  Bok-Deuk Jeong ,  Sang-bum Suh

IPC: G06F11/00 ,  G06F21/56 ,  G06F21/55

CPC classification number: G06F21/56 ,  G06F21/552

Abstract: A method of intrusion detection in a terminal device that supports driving of a plurality of operating systems, is provided. The method includes collecting at a first operating system of the plurality of operating systems intrusion detection data for analyzing whether there is an intrusion in at least a second operating system of the plurality of operating systems; and performing at the first operating system an intrusion detection with respect to the at least a second operating system using the collected intrusion detection data.

Abstract translation: 提供一种支持多个操作系统的驱动的终端装置中的入侵检测方法。 该方法包括在多个操作系统的第一操作系统处收集用于分析在多个操作系统的至少第二操作系统中是否存在入侵的入侵检测数据; 以及使用所收集的入侵检测数据在所述第一操作系统处执行关于所述至少第二操作系统的入侵检测。

公开(公告)号：US09046931B2

公开(公告)日：2015-06-02

申请号：US13927670

申请日：2013-06-26

Applicant: Samsung Electronics Co., Ltd. ,  Georgia Tech Research Corporation

Inventor： Sang-bum Suh ,  Xiang Song ,  Kishore Ramachandran ,  Joo-young Hwang ,  Jung-hyun Yoo ,  Dushmanta Mohapatra

IPC: G06F3/00 ,  G06F13/00 ,  G06F3/023 ,  G06F9/455 ,  G06F9/50 ,  G06F9/54 ,  G06F13/10

CPC classification number: G06F3/023 ,  G06F9/45558 ,  G06F9/5055 ,  G06F9/541 ,  G06F9/544 ,  G06F13/107 ,  G06F2009/45579

Abstract: Provided are an apparatus and method for adapting an input/output interface. According to the exemplary method, a host system adapts an input/output interface of the guestsystem a to an input/output unit capability of a host system so as to support a service supported by an input/output unit supporting the input/output unit capability of the guest system using the at least one input/output unit of the host system.

Abstract translation: 提供了一种用于调整输入/输出接口的装置和方法。 根据示例性方法，主机系统将客户系统a的输入/输出接口适配于主机系统的输入/输出单元能力，以支持由支持输入/输出单元能力的输入/输出单元支持的服务 使用主机系统的至少一个输入/输出单元。

公开(公告)号：US08943288B2

公开(公告)日：2015-01-27

申请号：US13736531

申请日：2013-01-08

Applicant: Samsung Electronics Co., Ltd.

Inventor： Sung-kwan Heo ,  Chan-ju Park ,  Sang-bum Suh ,  Joo-young Hwang ,  Jae-min Ryu

IPC: G06F12/14

CPC classification number: G06F12/1491 ,  G06F12/145

Abstract: Provided is a method of controlling memory access. In a system including a first layer element executed in a privileged mode having a first priority of permission to access the entire region of a memory and second and third layer elements executed in an unprivileged mode having a second priority of permission to access a partial region of the memory, the method of controlling memory access determines whether the memory is accessible for each page that is an address space unit, based on which mode a layer element currently accessing the memory is executed in between the privileged mode and the unprivileged mode; and determines whether the memory is accessible based on which one of the first, second and third layer elements corresponds to a domain currently being attempted to be accessed from among a plurality of domains of the memory. Accordingly, a memory domain allocated to a guest operating system kernel is effectively protected from an application executed in the unprivileged mode in which the guest operating system kernel is executed.

Abstract translation: 提供了一种控制存储器访问的方法。 在包括以具有访问存储器的整个区域的权限的第一优先权的特权模式执行的第一层元素的系统中，以非权限模式执行的第二和第三层元素，其具有访问第 存储器，控制存储器访问的方法确定对于作为地址空间单元的每个页面，存储器是否可访问，基于哪种模式，当前访问存储器的层元素在特权模式和非特权模式之间执行; 并且基于所述第一，第二和第三层元素中的哪个元素对应于当前正在尝试从所述存储器的多个域中被访问的域来确定所述存储器是否可访问。 因此，分配给客户操作系统内核的存储器域被有效地保护在执行客户操作系统内核的非特权模式下执行的应用程序。

公开(公告)号：US09477499B2

公开(公告)日：2016-10-25

申请号：US13891423

申请日：2013-05-10

Applicant: Samsung Electronics Co., Ltd.

Inventor： Seong-yeol Park ,  Sang-bum Suh ,  Kyung-ah Chang ,  Min-kyung Hwang

IPC: G06F9/455 ,  G06F9/46 ,  G06F12/00

CPC classification number: G06F9/455 ,  G06F9/45533

Abstract: An apparatus and method for managing process migration are provided. When a process of a source virtual machine is to be migrated to a target virtual machine based on a process migration request, and the source virtual machine and the target virtual machine are on the same operating system (OS), logical migration is performed by updating information included in a virtual machine information database and a namespace router table.

公开(公告)号：US09164925B2

公开(公告)日：2015-10-20

申请号：US13914310

申请日：2013-06-10

Applicant: SAMSUNG ELECTRONICS CO., LTD.

Inventor： Sang-dok Mo ,  Sang-bum Suh ,  Sung-min Lee ,  Bok-deuk Jeong ,  Yong-ho Hwang

IPC: G06F12/14 ,  G06F21/57

CPC classification number: G06F12/1408 ,  G06F12/1466 ,  G06F21/572

Abstract: A method and apparatus for authorizing a host to access a portable storage device and a method and apparatus of providing information for authorizing a host to access a portable storage device. The method includes: verifying integrity of host software requesting to transmit data; determining whether the host is authorized to access the portable storage device; and determining whether the host software is authorized to access the portable storage device. Accordingly, user information may be stored on the portable storage device and moved with security.

Abstract translation: 一种用于授权主机访问便携式存储设备的方法和装置以及提供用于授权主机访问便携式存储设备的信息的方法和装置。 该方法包括：验证请求传输数据的主机软件的完整性; 确定所述主机是否被授权访问所述便携式存储设备; 以及确定主机软件是否被授权访问便携式存储设备。 因此，用户信息可以存储在便携式存储设备上并且安全地移动。

公开(公告)号：US20130268996A1

公开(公告)日：2013-10-10

申请号：US13904455

申请日：2013-05-29

Applicant: SAMSUNG ELECTRONICS CO., LTD.

Inventor： Jae-min PARK ,  Sang-bum Suh ,  Kyung-ah Chang

IPC: G06F21/10

CPC classification number: G06F21/10 ,  G06F21/121

Abstract: A method of executing a virtualized application able to run in a virtualized environment. The virtualized application includes application software and the virtualized environment. The application software includes a license monitor to search for a software license while monitoring an execution policy set by a software provider when software is installed or executed. The virtualized environment includes an environment monitor to monitor an execution environment provided to the application software by the virtualized environment. Therefore, it is possible to prevent software able to run in a virtualized environment from being freely copied without any limitations by the execution policy provided by the software provider.

Abstract translation: 一种执行能够在虚拟环境中运行的虚拟化应用程序的方法。 虚拟化应用程序包括应用软件和虚拟化环境。 应用软件包括许可证监视器，用于在软件安装或执行时监视由软件提供商设置的执行策略，以搜索软件许可证。 虚拟化环境包括环境监视器，用于监视由虚拟化环境提供给应用软件的执行环境。 因此，可以防止在虚拟化环境中运行的软件在由软件提供商提供的执行策略的任何限制下自由复制。