Undefeatable transformation for virtual machine I/O operations
First Claim
1. A method for controlling input/output (I/O) operations of a user'"'"'s computer comprising the following steps:
- implementing the user'"'"'s computer as a virtual machine (VM);
including an interface software component between the VM and a physical computer system that includes at least one device;
in the interface software component;
sensing a request for an I/O operation between the VM and the device;
performing a transformation of I/O data passing between the VM and the device, said transformation changing contents of the I/O data and being adjunct to necessary completion of the request, as issued, for the I/O operation;
the transformation of the I/O data thereby being undefeatable by any user action via the VM.
1 Assignment
0 Petitions
Accused Products
Abstract
I/O operations between a virtual machine (VM) and a device external to the VM are monitored by a virtual machine monitor (VMM). Data passing between the VM and the external device is transformed by the VMM, in some cases only when a predetermined filtering or triggering condition is met. Because the VMM, and thus the transformation operation, is transparent to the VM, the transformation cannot be prevented or undone or even affected by any action by a user of the VM. Examples of the non-defeatable transformation of I/O data include generating display overlays such as banners, masking out portions of a display, encryption, compression and network shaping such as bandwidth limiting.
-
Citations
32 Claims
-
1. A method for controlling input/output (I/O) operations of a user'"'"'s computer comprising the following steps:
-
implementing the user'"'"'s computer as a virtual machine (VM); including an interface software component between the VM and a physical computer system that includes at least one device; in the interface software component; sensing a request for an I/O operation between the VM and the device; performing a transformation of I/O data passing between the VM and the device, said transformation changing contents of the I/O data and being adjunct to necessary completion of the request, as issued, for the I/O operation; the transformation of the I/O data thereby being undefeatable by any user action via the VM. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A method for controlling input/output (I/O) of a user'"'"'s computer comprising the following steps:
-
implementing the user'"'"'s computer as a virtual machine (VM); including an interface software component between the VM and a physical computer system that includes at least one device that carries out an I/O operation on the basis of device control data; storing the device control data associated with the VM in a buffer; upon sensing a transformation command from an administrative system external to the VM, changing contents of the device control data by entering replacement data into at least a portion of the buffer, said replacement data being entered as a processing step that is adjunct to the necessary completion of the I/O operation; the entry of the replacement data thereby being undefeatable by any action initiated via the VM.
-
-
28. A system having a processor for controlling input/output (I/O) operations of a user'"'"'s computer, comprising:
-
a virtual machine (VM) constituting the user'"'"'s computer; an interface software component between the VM and a physical computer system that includes at least one device; the interface software component including computer-executable code; for sensing a request for an I/O operation between the VM and the device; and for performing a transformation of I/O data passing between the VM and the device, said transformation changing contents of the I/O data and being adjunct to necessary completion of the request, as issued, for the I/O operation; the transformation of the I/O data thereby being undefeatable by any action via the VM. - View Dependent Claims (29, 30, 31, 32)
-
Specification