Systems and Methods Involving Features of Hardware Virtualization Such as Separation Kernel Hypervisors, Hypervisors, Hypervisor Guest Context, Hypervisor Contest, Rootkit Detection/Prevention, and/or Other Features
First Claim
1. A method for processing information securely, the method comprising:
- partitioning hardware platform resources via a separation kernel hypervisor into a plurality of guest operating system virtual machine protection domains; and
isolating and/or securing the domains in time and/or space from each other.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or data isolation. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a rootkit defense mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or prevention of malicious code, for example, in a manner/context that is isolated and not able to be corrupted, detected, prevented, bypassed, and/or otherwise affected by the malicious code.
29 Citations
119 Claims
-
1. A method for processing information securely, the method comprising:
-
partitioning hardware platform resources via a separation kernel hypervisor into a plurality of guest operating system virtual machine protection domains; and isolating and/or securing the domains in time and/or space from each other. - View Dependent Claims (2, 3, 5, 6, 7, 8, 9, 10, 11, 116, 117)
-
-
4. (canceled)
-
12. A method for processing information securely involving a separation kernel hypervisor, the method comprising:
-
partitioning hardware platform resources to isolate and/or secure in time and/or space a plurality of guest operating system virtual machine protection domains; and executing the guest operating system virtual machine protection domains to provide an isolated and secure software execution environment. - View Dependent Claims (13, 118, 119)
-
-
14. A method for processing information securely involving a separation kernel hypervisor, the method comprising:
-
partitioning hardware platform resources to isolate and/or secure in time and/or space a plurality of guest operating system virtual machine protection domains; executing the guest operating system virtual machine protection domains to provide an isolated and secure software execution environment, wherein each of the guest operating system virtual machine protection domains include a guest operating system, virtualization assistance layer and a malicious code and/or root kit defense mechanism. - View Dependent Claims (83, 84)
-
-
15-82. -82. (canceled)
-
85-115. -115. (canceled)
Specification