Method for controlling file access on computer systems
First Claim
1. A method comprising:
- providing a location table having a plurality of location fields;
providing a virtual machine manager (VMM) in a computer system, wherein said VMM interfaces between an operating system of said computer system and hardware of said computer system;
in response to a write request,determining whether or not a location field of said location table is valid by said VMM;
writing write request information to a storage device by said VMM if said location field is not valid; and
encrypting said write request information with a public key associated with said location field by said VMM before writing said write request information to said storage device if said location field is valid; and
in response to a read request,determining whether or not said location field is valid by said VMM;
sending read request information from said storage device by said VMM if said location field is not valid; and
decrypting information with a public key associated with said location field by said VMM before sending said read request information device if said location field is valid.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for controlling file access on computer systems is disclosed. Initially, a virtual machine manager (VMM) is provided in a computer system. In response to a write request, the VMM determines whether or not a location field is valid. If the location field is not valid, then the VMM writes the write request information to a storage device; but if the location field is valid, then the VMM encrypts the write request information before writing the write request information to the storage device. In response to a read request, the VMM again determines whether or not a location field is valid. If the location field is not valid, then the VMM sends the read request information to a read requester; but, if the location field is valid, then the VMM decrypts the read request information before sending the read request information to the read requester.
43 Citations
15 Claims
-
1. A method comprising:
-
providing a location table having a plurality of location fields; providing a virtual machine manager (VMM) in a computer system, wherein said VMM interfaces between an operating system of said computer system and hardware of said computer system; in response to a write request, determining whether or not a location field of said location table is valid by said VMM; writing write request information to a storage device by said VMM if said location field is not valid; and encrypting said write request information with a public key associated with said location field by said VMM before writing said write request information to said storage device if said location field is valid; and in response to a read request, determining whether or not said location field is valid by said VMM; sending read request information from said storage device by said VMM if said location field is not valid; and decrypting information with a public key associated with said location field by said VMM before sending said read request information device if said location field is valid. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A non-transitory computer usable medium having a computer program product for controlling file access on computer systems, said computer usable medium comprising:
-
program code for providing a location table having a plurality of location fields; program code for providing a virtual machine manager (VMM) in a computer system, wherein said VMM interfaces between an operating system of said computer system and hardware of said computer system; in response to a write request, program code for determining whether or not a location field of said location table is valid by said VMM; program code for writing write request information to a storage device by said VMM if said location field is not valid; and program code for encrypting said write request information with a public key associated with said location field by said VMM before writing said write request information to said storage device if said location field is valid; and in response to a read request, program code for determining whether or not said location field is valid by said VMM; program code for sending read request information from said storage device by said VMM if said location field is not valid; and program code for decrypting information with a public key associated with said location field by said VMM before sending said read request information device if said location field is valid. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A computer system comprising:
-
a processor; a location table having a plurality of location fields; a first virtual machine having a first application and a first operating system; a second virtual machine having a second application and a second operating system; a virtual machine manager (VMM) for interfacing between said virtual machines and said processor, wherein said VMM in response to a write request, determines whether or not a location field of said location table is valid; sends write request information to a storage device if said location field is not valid; and encrypts said write request information with a public key associated with said location field before writing said write request information to said storage device if said location field is valid; and in response to a read request, determines whether or not a location field is valid; sends read request information from said storage device if said location field is not valid; and decrypts information with a public key associated with said location field before sending said read request information device if said location field is valid. - View Dependent Claims (12, 13, 14, 15)
-
Specification