System and method for preventing data loss using virtual machine wrapped applications
First Claim
1. A method, comprising:
- receiving a request from a host operating system outside a virtual machine for access to a data from a browser within the virtual machine;
evaluating a criterion of a policy to determine whether to permit the access to the data, wherein the evaluating is performed in response to a determination that a master image is not available, the master image corresponding to a version of the virtual machine;
downloading the browser, in response to a determination that the browser is not being used;
comparing the browser to the master image to determine if the browser is current;
updating the browser if the browser is determined, based on the master image, to not be current, wherein the browser is part of an application suite wrapped in the virtual machine; and
creating a buffer for manipulating the data within the virtual machine, based on the criterion of the policy, wherein the buffer cannot be accessed by the host operating system.
10 Assignments
0 Petitions
Accused Products
Abstract
A method in one example implementation includes selecting at least one criterion for controlling data transmission from within a virtual machine. At least one application is included within the virtual machine, which includes a policy module. The selected criterion corresponds to at least one policy associated with the policy module. The method also includes evaluating the selected criterion of the policy to permit an attempt to transmit the data from within the virtual machine. In more specific embodiments, the policy may include a plurality of criteria with a first selected criterion permitting transmission of the data to a first application and a second selected criterion prohibiting transmission of the data to a second application. In another specific embodiment, the method may include updating the policy module through an administration module to modify the selected criterion.
240 Citations
17 Claims
-
1. A method, comprising:
-
receiving a request from a host operating system outside a virtual machine for access to a data from a browser within the virtual machine; evaluating a criterion of a policy to determine whether to permit the access to the data, wherein the evaluating is performed in response to a determination that a master image is not available, the master image corresponding to a version of the virtual machine; downloading the browser, in response to a determination that the browser is not being used; comparing the browser to the master image to determine if the browser is current; updating the browser if the browser is determined, based on the master image, to not be current, wherein the browser is part of an application suite wrapped in the virtual machine; and creating a buffer for manipulating the data within the virtual machine, based on the criterion of the policy, wherein the buffer cannot be accessed by the host operating system. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. One or more non-transitory computer readable storage media that include codes for execution that, when executed by a processor, are operable to perform operations comprising:
-
receiving a request from a host operating system outside a virtual machine for access to a data from a browser within the virtual machine; evaluating a criterion of a policy to determine whether to permit the access to the data, wherein the evaluating is performed in response to a determination that a master image is not available, the master image corresponding to a version of the virtual machine; downloading the browser, in response to a determination that the browser is not being used; comparing the browser to the master image to determine if the browser is current; updating the browser if the browser is determined, based on the master image, to not be current, wherein the browser is part of an application suite wrapped in the virtual machine; and creating a buffer for manipulating the data within the virtual machine, based on the criterion of the policy, wherein the buffer cannot be accessed by the host operating system. - View Dependent Claims (8, 9, 10, 16, 17)
-
-
11. An apparatus, comprising:
-
a memory element; and a processor that executes instructions associated with the memory element, wherein the apparatus is configured for receiving a request from a host operating system outside a virtual machine for access to a data from at least one browser within the virtual machine; evaluating, in response to a determination that a master image is not available, a criterion of a policy to determine whether to permit the access to the data, the master image corresponding to a version of the virtual machine; downloading the at least one browser, in response to a determination that the at least one browser is not being used; comparing the at least one browser to the master image to determine if the at least one browser is current; updating the at least one browser if the at least one browser is determined, based on the master image, to not be current, wherein the at least one browser is part of an application suite wrapped in the virtual machine; and creating a buffer for manipulating the data within the virtual machine, based on the criterion of the policy, wherein the buffer cannot be accessed by the host operating system. - View Dependent Claims (12, 13, 14, 15)
-
Specification