CONTEXTUAL VIRTUAL MACHINES FOR APPLICATION QUARANTINE AND ASSESSMENT METHOD AND SYSTEM

US 20130086684A1
Filed: 09/30/2011
Published: 04/04/2013
Est. Priority Date: 09/30/2011
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a computer readable medium operable to store computer executable instructions;

a processor in communication with the computer readable medium, the processor operable to execute the computer executable instructions to perform operations comprising;

installing downloaded content in at least one of a first quarantine partition and a multi-partition space of a plurality of quarantine partitions and/or multi-partition spaces stored in the computer readable medium, wherein the at least one of a first quarantine partition and multi-partition space comprises a first set of capabilities that is more restrictive than a second set of capabilities of at least one of a second quarantine partition and multi-partition space of the plurality of quarantine partitions and/or multi-partition spaces;

executing the downloaded content in the at least one of a first quarantine partition and multi-partition space;

monitoring execution of the downloaded content in the at least one of a first quarantine partition and multi-partition space to generate monitored information; and

storing monitored information of the downloaded content in the computer readable medium.

View all claims

18 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Described are embodiments that provide for the use of multiple quarantine partitions and/or multi-partition spaces (e.g., virtual machines) for initially installing and running downloaded content. The downloaded content can be run securely in the quarantine partitions and/or multi-partition spaces. Each quarantine partition and/or multi-partition space can be configured differently with different capabilities. Based on the configuration and capabilities of the quarantine partitions and/or multi-partition spaces, the downloaded content may have limited capabilities to access secure data, applications, or other code limiting the damage that the content can potentially cause.

434 Citations

20 Claims

1. A system, comprising:
- a computer readable medium operable to store computer executable instructions;
  
  a processor in communication with the computer readable medium, the processor operable to execute the computer executable instructions to perform operations comprising;
  
  installing downloaded content in at least one of a first quarantine partition and a multi-partition space of a plurality of quarantine partitions and/or multi-partition spaces stored in the computer readable medium, wherein the at least one of a first quarantine partition and multi-partition space comprises a first set of capabilities that is more restrictive than a second set of capabilities of at least one of a second quarantine partition and multi-partition space of the plurality of quarantine partitions and/or multi-partition spaces;
  
  executing the downloaded content in the at least one of a first quarantine partition and multi-partition space;
  
  monitoring execution of the downloaded content in the at least one of a first quarantine partition and multi-partition space to generate monitored information; and
  
  storing monitored information of the downloaded content in the computer readable medium.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system as defined in claim 1, wherein the at least one of a first quarantine partition and a multi-partition space is a first virtual machine, wherein the first virtual machine is associated with a first user context, wherein the plurality of quarantine partitions and/or multi-partition spaces comprise a plurality of virtual machines including the first virtual machine, and wherein each of the plurality of virtual machines is associated with a different user context.
  - 3. The system as defined in claim 2, wherein the method further comprises determining the first user context before the installing.
  - 4. The system as defined in claim 1, wherein the at least one of a first quarantine partition and a multi-partition space is a first virtual machine, wherein the first virtual machine is associated with a first user context, wherein the plurality of quarantine partitions and/or multi-partition spaces comprise a plurality of virtual machines including the first virtual machine, wherein each of the plurality of virtual machines is associated with a different set of boundary conditions, and wherein the method further comprises:
    - determining from the stored monitoring information whether the downloaded content has requested access beyond the first set of capabilities.
  - 5. The system as defined in claim 4, wherein, in response to determining that the stored information indicates that application has requested access beyond the first set of capabilities, preventing the downloaded content from being installed in a host operating system.
  - 6. The system as defined in claim 4, wherein in response to determining that the stored information indicates that the downloaded content has requested access beyond the first set of capabilities, prompting a user for approval to install the application in a host operating system.
  - 7. The system as defined in claim 4, wherein the first virtual machine does not allow the downloaded content to access some information.
  - 8. The system as defined in claim 4, wherein the first virtual machine provides limited responses to the downloaded content in response to requests by the downloaded content to access information that requires access beyond the first set of capabilities.
  - 9. The system as defined in claim 1, wherein during execution, in response to a request to access information that requires access beyond the first set of capabilities, displaying an approval prompt to receive input regarding allowance of access to the information that requires access beyond the first set of capabilities.

10. A method for executing an application on a mobile device, the method comprising:
- determining a first user context of a user of the mobile device;
  
  installing downloaded content in a first at least one of a quarantine partition and a multi-partition space of a plurality of quarantine partitions and/or a multi-partition spaces stored in a computer readable medium of the mobile device, wherein the first at least one of a quarantine partition and a multi-partition space is associated with the first user context and each of the plurality of quarantine partitions and a multi-partition spaces is associated with a different user context of the user;
  
  executing the downloaded content in the first at least one of a quarantine partition and multiple-partition space;
  
  monitoring execution of the downloaded content in the first at least one of a quarantine partition and multiple-partition space to generate monitored information; and
  
  storing monitored information of the downloaded content in a computer readable medium.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The method as defined in claim 10, wherein the determining comprises receiving input identifying the first user context.
  - 12. The method as defined in claim 10, wherein the determining comprises evaluating one or more of:
    - a current time, a current location, and a current activity.
  - 13. The method as defined in claim 10, wherein the monitoring occurs for a predetermined period of time.
  - 14. The method as defined in claim 13, further comprising:
    - receiving an indication of the predetermined period of time prior to the monitoring step.
  - 15. The method as defined in claim 10, wherein the first at least one of a quarantine partition and a multi-partition space provides limited responses to the downloaded content in response to requests by the downloaded content to access information that requires access beyond capabilities of the first at least one of a quarantine partition and a multi-partition space.
  - 16. The method as defined in claim 14, wherein the first at least one of a quarantine partition and multi-partition space is a first virtual machine and comprises a first set of capabilities that is more restrictive than a second set of capabilities of a second at least one of a quarantine partition and multi-partition space.

17. A computer readable medium including computer executable instructions stored onto the computer readable medium which, when executed by one or more processors of a computer, causes the computer to perform operations comprising:
- determining a first user context;
  
  installing an downloaded content in a first at least one of a quarantine partition and multi-partition space of a plurality of quarantine partitions and/or multi-partition spaces stored in a computer readable medium of the computer, wherein the first at least one of a quarantine partition and multi-partition space is associated with the first context;
  
  executing the first downloaded content in the first at least one of a quarantine partition and multi-partition space;
  
  monitoring execution of the first downloaded content in the first at least one of a quarantine partition and multi-partition space;
  
  storing first monitored information of the first downloaded content in a computer readable medium;
  
  determining a second user context;
  
  installing a second downloaded content in a second at least one of a quarantine partition and multi-partition space of the plurality of quarantine partitions and/or multi-partition spaces stored in the computer readable medium, wherein the second at least one of a quarantine partition and/or multi-partition space is associated with the second user context, wherein the first at least one of a quarantine partition and multi-partition space comprises a first set of capabilities that is more restrictive than a second set of capabilities of the second at least one of a quarantine partition and multi-partition space of the plurality of quarantine partitions and/or multi-partition spaces;
  
  executing the second downloaded content in the second at least one of a quarantine partition and multi-partition space;
  
  monitoring execution of the second downloaded content in the second at least one of a quarantine partition and multi-partition space; and
  
  storing second monitored information of the second downloaded content in the storage medium.
- View Dependent Claims (18, 19, 20)
- - 18. The computer readable medium as defined in claim 17, wherein in response to determining that the first stored information indicates a behavior that would go beyond the capabilities of the first at least one of a quarantine partition and multi-partition space, preventing the first downloaded content from being permanently installed.
  - 19. The computer readable medium as defined in claim 17, wherein in response to determining that the first stored monitored information indicates a behavior that requires access beyond the first set of capabilities, displaying an approval prompt to receive input regarding allowance of access to the information that requires access beyond the first set of capabilities.
  - 20. The computer readable medium as defined in claim 17, wherein in response to determining that the second stored monitored information indicates a behavior that requires access beyond the second set of capabilities, displaying an approval prompt to receive input regarding allowance of access to the information that requires access beyond the second set of capabilities.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avaya Incorporated
Original Assignee
Avaya Incorporated
Inventors
Mohler, David S.

Granted Patent

US 8,806,639 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/24
CPC Class Codes

G06F 21/53 by executing in a restricte...

CONTEXTUAL VIRTUAL MACHINES FOR APPLICATION QUARANTINE AND ASSESSMENT METHOD AND SYSTEM

First Claim

18 Assignments

0 Petitions

Accused Products

Abstract

434 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

CONTEXTUAL VIRTUAL MACHINES FOR APPLICATION QUARANTINE AND ASSESSMENT METHOD AND SYSTEM

First Claim

18 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

434 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links