SYSTEMS AND METHODS FOR GENERATING POLICIES FOR AN APPLICATION USING A VIRTUALIZED ENVIRONMENT
First Claim
1. A method for generating policies for a new application using a virtualized environment prior to executing on a host operating system of a client device, the method comprising:
- installing, prior to allowing a new application to operate on a host system, the new application in a virtualized environment for execution;
determining, for a first program execution restrictor of the virtualized environment, a set of policies for the new application, the set of policies allowing the new application to add specific program elements during installation and execution of the new application in the virtualized environment;
verifying, via the first program execution restrictor applying the set of policies, an absence of malicious behavior from the new application while the new application executes in the virtualized environment; and
executing, responsive to the verification, the new application on the host system, the host system having a second program execution restrictor that applies the set of policies when the new application executes on the host system.
8 Assignments
0 Petitions
Accused Products
Abstract
Provided herein are systems and methods for generating policies for a new application using a virtualized environment. Prior to allowing a new application to operate on a host system, the new application may be installed in a virtual environment. A first program execution restrictor of the virtualized environment may determine a set of policies for the new application. The set of policies may allow the new application to add specific program elements during installation and execution in the virtualized environment. The first program execution restrictor may verify an absence of malicious behavior from the new application while the new application executes in the virtualized environment. The new application may be executed on the host system responsive to the verification. The host system may have a second program execution restrictor that applies the set of policies when the new application is allowed to execute on the host system.
15 Citations
20 Claims
-
1. A method for generating policies for a new application using a virtualized environment prior to executing on a host operating system of a client device, the method comprising:
-
installing, prior to allowing a new application to operate on a host system, the new application in a virtualized environment for execution; determining, for a first program execution restrictor of the virtualized environment, a set of policies for the new application, the set of policies allowing the new application to add specific program elements during installation and execution of the new application in the virtualized environment; verifying, via the first program execution restrictor applying the set of policies, an absence of malicious behavior from the new application while the new application executes in the virtualized environment; and executing, responsive to the verification, the new application on the host system, the host system having a second program execution restrictor that applies the set of policies when the new application executes on the host system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for generating policies for a new application using a virtualized environment prior to executing on a host operating system of a client device, the system comprising:
-
a virtualized environment configured for installing a new application for execution, prior to allowing the new application to operate on a host system; a first program execution restrictor executing in the virtualized environment, the first program execution restrictor configured for; determining a set of policies for the new application, the set of policies allowing the new application to add specific program elements during installation and execution of the new application in the virtualized environment; and verifying, via the set of policies, an absence of malicious behavior from the new application while the new application executes in the virtualized environment, wherein the new application allowed to execute on the host system responsive to the verification; and a second program execution restrictor executing on the host system, the second program execution restrictor configured to apply the set of policies when the new application executes on the host system. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification