COMPUTER SYSTEM ARCHITECTURE AND METHOD HAVING ISOLATED FILE SYSTEM MANAGEMENT FOR SECURE AND RELIABLE DATA PROCESSING
First Claim
Patent Images
1. A method for a computer or information appliance to securely manage file updates, the method comprising the computer-executed steps of:
- a first processing environment retrieving a bootable disk image for a second processing environment from one of a plurality of data storages in the first processing environment;
the first processing environment sending such bootable disk image to the second processing environment through a first interface between the first and second processing environments;
the second processing environment storing the bootable disk image in a temporary data store in the second processing environment;
then following the completion of the booting of the second processing environment, the first processing environment limiting file requests by the second processing environment to the plurality of data storages through the first interface to only those requests required to complete booting; and
then the first processing environment managing non-booting requests by the second processing environment to the plurality of data storages through a second interface between the first and second processing environments.
1 Assignment
0 Petitions
Accused Products
Abstract
System, method, computer, and computer program for secure data processing of potentially malicious code and documents or other data that may contain malicious code. System, method, computer for a secure and reliable computing environment to protect against data loss and/or corruption to provide secure and reliable data processing.
119 Citations
37 Claims
-
1. A method for a computer or information appliance to securely manage file updates, the method comprising the computer-executed steps of:
-
a first processing environment retrieving a bootable disk image for a second processing environment from one of a plurality of data storages in the first processing environment; the first processing environment sending such bootable disk image to the second processing environment through a first interface between the first and second processing environments; the second processing environment storing the bootable disk image in a temporary data store in the second processing environment; then following the completion of the booting of the second processing environment, the first processing environment limiting file requests by the second processing environment to the plurality of data storages through the first interface to only those requests required to complete booting; and then the first processing environment managing non-booting requests by the second processing environment to the plurality of data storages through a second interface between the first and second processing environments. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 29, 30)
-
-
9. A computer or information appliance adapted for securely managing file updates, the computer or information appliance comprising:
-
means for retrieving, in a first processing environment, a bootable image for a second processing environment from one of a plurality of storage devices; a first interface between the first and second processing environments; a second interface between the first and second processing environments; means, in the first processing environment, for sending the bootable image to the second processing environment through the first interface; means, in the second processing environment, for storing the bootable image in a temporary data store; means, in the first processing environment, for limiting file requests by the second processing environment to the plurality of hard disk drives through the first interface to only those requests required to complete booting following the completion of the booting of the second processing environment; and means, in the first processing environment, for managing non-booting requests by the second processing environment to the plurality of hard disk drives through the second interface. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 26, 27, 28, 31)
-
-
21. A method for a computer or information appliance to securely manage file updates, the method comprising the computer-executed steps of:
-
providing an update data storage in a processing environment for storing a file update, such update data storage being different from a data storage for storing operating system and program application files; the processing environment receiving a file update and storing the file update in the update data storage; and upon verifying the file update with stored data on the update data storage, processing the update file on the data storage storing operating system and program application files. - View Dependent Claims (22)
-
-
23. A computer or information appliance for securely managing file updates, the computer or information appliance comprising:
-
a processing environment communicatively coupled to a network; means for providing an update data storage in the processing environment for storing a file update, such update data storage being different from a data storage for storing operating system and program application files; means for the processing environment receiving a file update and storing the file update in the update data storage; means for verifying the file update with stored data on the update data storage; and means for processing the update file on the data storage storing operating system and program application files. - View Dependent Claims (24)
-
-
25. A method for a computer or information appliance to provide secure data processing, the method comprising the computer-executed steps of:
-
providing a first encryption key and a second encryption key in a first data storage; providing a first decryption key and second decryption key for decrypting data encrypted with the first and second encryption keys, respectively, in a second data storage; encrypting a first data using the first encryption key and storing such first data in a third data storage; encrypting a second data using the second encryption key and storing such second data in a fourth data storage; then upon request to decrypt the first data or second data, using the first decryption key to decrypt the first data and using the second decryption key to decrypt the second data.
-
-
32. A method for a computer or information appliance to provide enhanced processing reliability, the method for a computer or information appliance to provide enhanced processing reliability comprising the computer-executed steps of:
-
providing a processing environment being powered by a first power supply; providing a first data storage in the processing environment powered by the first power supply; providing a second data storage in the processing environment powered by a second power supply; storing data to the first data storage and the second data storage; the second power supply supplying power to the first data storage when a loss in power from the first power supply occurs; and upon the restoration of power to the first power supply, supplying power to the processing environment powered by the first power supply and then copying data stored in the second data storage to the first data storage. - View Dependent Claims (33, 34)
-
-
35. A computer or information appliance providing enhanced processing reliability, the computer or information appliance providing enhanced processing reliability comprising:
-
a first and second power supply; a processing environment being powered by a first power supply; a first data storage in the processing environment powered by the first power supply; a second data storage in the processing environment powered by a second power supply; means for storing data to the first data storage and the second data storage; mean for the second power supply supplying power to the first data storage when a loss in power from the first power supply occurs; and means for the first power supplying power to the processing environment and for copying data stored in the second data storage to the first data storage upon the restoration of power of the first power supply. - View Dependent Claims (36, 37)
-
Specification