Method and apparatus for protecting data using a virtual environment
First Claim
Patent Images
1. A data protection method comprising:
- constructing a virtual environment having therein resources that support execution of an application program in a computer;
when a process generated based on the application program corresponds with a preset condition, driving the process within the virtual environment; and
processing data within the virtual environment in response to a data input request or a data output request generated by the process,wherein said driving the process includes;
monitoring generation of the process;
determining whether the process is allowed to access the virtual environment based on a result obtained by comparing the monitored process and the preset condition; and
when the process is determined to be allowed to access the virtual environment, driving the process within the virtual environment, and when the process is determined not to be allowed to access the virtual environment, driving the process outside the virtual environment.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention relates to a method and apparatus for protecting data using a virtual environment, which creates a safe virtual environment that supports the execution of application programs being operated on a computer and which enables important data to be inputted or outputted only within the virtual environment, such that access to the important data is prevented in a general local environment. According to the present invention, data leakage is initially prevented to protect data, and convenience is provided in that a user may use the computer in a general manner while performing desired work.
-
Citations
19 Claims
-
1. A data protection method comprising:
-
constructing a virtual environment having therein resources that support execution of an application program in a computer; when a process generated based on the application program corresponds with a preset condition, driving the process within the virtual environment; and processing data within the virtual environment in response to a data input request or a data output request generated by the process, wherein said driving the process includes; monitoring generation of the process; determining whether the process is allowed to access the virtual environment based on a result obtained by comparing the monitored process and the preset condition; and when the process is determined to be allowed to access the virtual environment, driving the process within the virtual environment, and when the process is determined not to be allowed to access the virtual environment, driving the process outside the virtual environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A data protection apparatus comprising:
-
a process monitoring unit configured to monitor a process which is generated by based on an application program in a computer; a virtualization driving unit configured to construct a virtual environment having therein resources that support execution of the application program, and, when the process corresponds with a preset condition, driving drive the process within the virtual environment; and a data processing unit configured to process data within the virtual environment in response to a data input request or an output request, which is generated by the process, wherein said driving the process includes; monitoring generation of the process; determining whether the process is allowed to access the virtual environment based on a result obtained by comparing the monitored process and the preset condition; and when the process is determined to be allowed to access the virtual environment, driving the process within the virtual environment, and when the process is determined not to be allowed to access the virtual environment, driving the process outside the virtual environment. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
Specification