| Patent application number | Description | Published |
|---|
| 20110145819 | METHODS AND SYSTEMS FOR CONTROLLING VIRTUAL MACHINE ACCESS TO AN OPTICAL DISK DRIVE - The methods and systems described herein provide for granting a virtual machine exclusive access to an optical disc drive responsive to a determination the virtual machine initiated a transaction with the optical disc drive. A drive manager maps an optical disc drive connected to the computing device to a plurality of virtual machines hosted by a hypervisor executed by the computing device. The drive manager intercepts a transaction stream generated by the optical disc drive and converts the transaction stream to a command stream. The drive manager determines, based on an analysis of the command stream, a first virtual machine of the plurality of virtual machines initiated a transaction with the optical disc drive. Responsive to the determination, the drive manager locks the optical disc drive to grant the first virtual machine exclusive access to the optical disc drive. | 06-16-2011 |
| 20110145820 | METHODS AND SYSTEMS FOR MANAGING INJECTION OF INPUT DATA INTO A VIRTUALIZATION ENVIRONMENT - The methods and systems described herein provide functionality for managing injection of input events to one virtual machine of a plurality of guest virtual machines, in a computing device executing a hypervisor hosting a trusted virtual machine and a non-trusted virtual machine. An input manager receives a first item of input data from an input device communicating with the computing device. The input manager identifies whether the first item of input data includes a predetermined string. The input manager forwards, responsive to the identification, the first item of input data to one of (i) a first virtual machine of a plurality of guest virtual machines executed by the processor of the computing device and (ii) an application executed by the control virtual machine, wherein at least one virtual machine of the plurality of guest virtual machines is a trusted virtual machine. | 06-16-2011 |
| 20110145821 | METHODS AND SYSTEMS FOR COMMUNICATING BETWEEN TRUSTED AND NON-TRUSTED VIRTUAL MACHINES - The methods and systems described herein provide for establishing a secure communication channel between a non-trusted virtual machine and a trusted virtual machine, in a computing device executing a hypervisor hosting the trusted virtual machine, the non-trusted virtual machine, and a third virtual machine. The method includes writing, by a non-trusted virtual machine, a first string of data to a region of memory of the computing device. The method also includes detecting, by a trusted virtual machine, the first string of data written to the region of memory. The method further includes establishing a communication channel between the trusted virtual machine and the non-trusted virtual machine by locking, by the trusted virtual machine and responsive to the detection, the region of memory for the duration of the communication to prevent a third virtual machine from accessing the region of memory. | 06-16-2011 |
| 20110145886 | METHODS AND SYSTEMS FOR ALLOCATING A USB DEVICE TO A TRUSTED VIRTUAL MACHINE OR A NON-TRUSTED VIRTUAL MACHINE - The methods and systems described herein provide for allocating a universal serial bus (USB) device to one of a trusted virtual machine and a non-trusted virtual machine. A control program receives data indicating a USB port on the computing machine received a USB device and identifies at least one attribute of the USB device. The control program selects, based on application of a policy to the identified at least one device attribute, one of a trusted virtual machine and a non-trusted virtual machine executing. The control program grants, to the virtual machine selected by the control program, access to the USB device. | 06-16-2011 |
| 20110145916 | METHODS AND SYSTEMS FOR PREVENTING ACCESS TO DISPLAY GRAPHICS GENERATED BY A TRUSTED VIRTUAL MACHINE - The methods and systems described herein provide for preventing a non-trusted virtual machine from reading the graphical output of a trusted virtual machine. A graphics manager receives a request from a trusted virtual machine to render graphical data using a graphics processing unit. The graphics manager assigns, to the trusted virtual machine, a secure section of a memory of the graphics processing unit. The graphics manager renders graphics from the trusted virtual machine graphical data to the secure section of the graphics processing unit memory. The graphics manager receives a request from a non-trusted virtual machine to read graphics rendered from the trusted virtual machine graphical data and stored in the secure section of the graphics processing unit memory, and prevents the non-trusted virtual machine from reading the trusted virtual machine rendered graphics stored in the secure section of the graphics processing unit memory. | 06-16-2011 |
