| Patent application number | Description | Published |
|---|
| 20110138165 | SYSTEM AND METHOD FOR PHYSICAL TO VIRTUAL DISK RE-LAYOUT - A method and device may, in a computing system executing a operating system and having a mass storage device, rewrite the boot sector of the operating system on the storage device to execute a hypervisor operating system in a boot process, copy a file including the hypervisor kernel to a first sub-area on the storage device, copy software components of the hypervisor to a second sub-area on the storage device, boot to execute the hypervisor as an operating system, execute the operating system, retrieve information indicative of absolute mapping of sectors used by the operating system on the storage device, allocate for the sectors on a third sub-area of the mass storage device, perform a second boot to run the hypervisor as a host operating system, and execute the operating system as guest operating system. | 06-09-2011 |
| 20110219234 | SYSTEM AND METHOD FOR HYPERVISOR-BASED REMEDIATION AND PROVISIONING OF A COMPUTER - A computer located outside of an organizational computing environment is remotely prepared and configured to work in the organizational computing environment. A hypervisor operating system is installed and replaces the primary operating system of the computer, and the primary operating system, virtual software appliances (VSA) and virtual machines (VM) can execute as processes of the hypervisor. The hypervisor is configured to establish secure connection with organizational computing environment and to receive from it organization-configured image software for configuring the compute to work in the organizational computing environment. The secure connection can also be used for remote maintenance of the computer even when the computer operating system is faulty or inactive. | 09-08-2011 |
| Patent application number | Description | Published |
|---|
| 20080235779 | TRUSTED LOCAL SINGLE SIGN-ON - A method includes running on a computer a first operating environment for performing general-purpose operations and a second operating environment, which is configured exclusively for interacting with multiple servers in respective secure communication sessions and is isolated from the first operating environment. Multiple server-specific credentials for authenticating a user of the computer to the respective servers, as well as a single set of master credentials for authenticating the user to the second operating environment, are stored in the second operating environment. | 09-25-2008 |
| 20080235794 | PROTECTION AGAINST IMPERSONATION ATTACKS - A computing method includes running on a user computer a first operating environment for performing general-purpose operations and a second operating environment, which is configured expressly for interacting with a server in a protected communication session and is isolated from the first operating environment. A program running in the second operating environment detects an attempt to imitate the protected communication session made by an illegitimate communication session that interacts with the first operating environment. The detected attempt is inhibited automatically. | 09-25-2008 |
| 20090177798 | DATA DISTRIBUTION USING DNS - A method for distributing data includes selecting for transmission to a client a plurality of data items from a data set. The selected data items are encapsulated in multiple CNAME-type resource records, each such resource record containing an artificial domain name including one or more of the data items. The resource records are arranged in a linked list, in which the artificial domain name contained in at least one of the resource records serves as a key for another of the resource records. The linked list of the resource records is uploaded to a Domain Name System (DNS) server for delivery to the client in response to a single DNS request submitted by the client. | 07-09-2009 |
| 20090178138 | Stateless attestation system - A method includes assessing a trustworthiness level of a user computer by communication between the user computer and a first server. A record indicating the trustworthiness level is sent from the first server to the user computer, for storage by the user computer. A request is sent from the user computer to a second server, different from the first server, for a service to be provided to the user computer by the second server. The record is provided from the user computer to the second server by communicating between the user computer and the second server. At the second server, the trustworthiness level is extracted from the record, and the requested service is conditionally allowed to be provided to the user computer depending on the extracted trustworthiness level. | 07-09-2009 |
| 20090307705 | SECURE MULTI-PURPOSE COMPUTING CLIENT - A method includes, in a computer that runs multiple operating environments using hardware resources, defining and managing an allocation policy of the hardware resources, which eliminates effects from operations performed in one of the operating environments on the operations performed in another of the operating environments. The hardware resources are assigned to the multiple operating environments in accordance with the allocation policy, so as to isolate the multiple operating environments from one another. | 12-10-2009 |
