| Patent application number | Description | Published |
|---|
| 20080256534 | METHOD FOR IMPROVED IMAGE-CUSTOMIZATION BY USE OF EMBEDDED METADATA - The present invention relates to a method for the customization of virtual machine images. The method comprises identifying and retrieving a virtual machine image template. A customized virtual machine image is created from the virtual machine image template. The customized virtual machine image template being created by identifying at least one file-system or memory image that is associated with the virtual machine image template, identifying within the at least one file-system or memory image at least one data set, wherein the at least one data set comprises metadata. The metadata contains information detailing the required execution context customization aspects for at least one specified image subset of the virtual machine. Execution context-specific information that is required to customize the image subset of the virtual machine is retrieved. Further, the image subset of the virtual machine is modified in accordance with the retrieved execution context-specific information. | 10-16-2008 |
| 20080256633 | Method and Apparatus for Determination of the Non-Replicative Behavior of a Malicious Program - Disclosed is a method, a computer system and a computer readable media product that contains a set of computer executable software instructions for directing the computer system to execute a process for determining a non-replicative behavior of a program that is suspected of containing an undesirable software entity. The process causes execution of the program in at least one known environment and automatically examines the at least one known environment to detect if a change has occurred in the environment as a result of the execution of the program. If a change is detected, the process automatically analyzes the detected change (i.e., the process performs a side effects analysis) to determine if the change resulted from execution of the program or from execution of the undesirable software entity. The process then uses the result of the analysis at least for undoing a detected change that results from execution of the undesirable software entity. The result of the analysis can also be used for informing a user of an anti-virus system of the non-replicative changes made to the environment. | 10-16-2008 |
| 20080271016 | HYPERVISOR WITH CLONING-AWARENESS NOTIFICATIONS - A method, information processing system, and computer readable medium for managing virtual machine imaging. The method includes receiving a request for an imaging operation associated with at least one virtual machine. A notification is sent to at least one operating system associated with the at least one virtual machine of the request for the imaging operation. The operating system is determined to be in a state for the virtual machine to be imaged. The request for the imaging operation is granting in response to determining. | 10-30-2008 |
| 20090307747 | System To Establish Trust Between Policy Systems And Users - A system and method are provided to establish trust between a user and a policy system that generates recommended actions in accordance with specified policies. Trust is introduced into the policy-based system by assigning a value to each execution of each policy with respect to the policy-based system, called the instantaneous trust index. The instantaneous trust indices for each one of the policies, for the each execution of a given policy or for both are combined into the overall trust index for a given policy or for a given policy-based system. The recommended actions are processed in accordance with the level or trust associated with a given policy as expressed by the trust indices. Manual user input is provided to monitor or change the recommended actions. In addition, reinforcement learning algorithms are used to further enhance the level of trust between the user and the policy-based system. | 12-10-2009 |
| 20110004735 | METHOD AND APPARATUS FOR TWO-PHASE STORAGE-AWARE PLACEMENT OF VIRTUAL MACHINES - Techniques for placement of a virtual machine in a computing system. A first request is sent from a pool management subsystem to a placement subsystem. The first request includes specification of available storage capacities of storage systems in a computer network. The placement subsystem automatically determines a target storage system based, at least in part, on the available storage capacities. An identification of the target storage system is received at the pool management subsystem. At least one disk image of the virtual machine is written to the target storage system. Then, a second request is sent to the placement subsystem. The placement subsystem automatically determines a target computer. The latter determination is based, at least in part, on connectivity between the target computer and the target storage system. The virtual machine is installed at the target computer. The techniques facilitate live migration of virtual machines placed thereby. | 01-06-2011 |
| 20110296429 | SYSTEM AND METHOD FOR MANAGEMENT OF LICENSE ENTITLEMENTS IN A VIRTUALIZED ENVIRONMENT - A management system and method for a virtualized environment includes a computer entity having a usage limitation based on an entitlement. A resource manager, using a processor and programmed on and executed from a memory storage device, is configured to manage resources in a virtualized environment. An entitlement-usage module is coupled to the resource manager and is configured to track entitlement-related constraints in accordance with changes in the virtualized environment to permit the resource manager to make allocation decisions which include the entitlement-related constraints to ensure that the usage limitation is met for the computer entity. | 12-01-2011 |
| 20120173866 | SYSTEM FOR SECURING VIRTUAL MACHINE DISKS ON A REMOTE SHARED STORAGE SUBSYSTEM - Embodiments of the present invention provide a method, data processing system and computer program product for secure distribution of virtualized storage. In an embodiment of the invention, a method for secure distribution of virtualized storage in a host in a cloud computing can include composing at least one virtual machine (VM) disk in a secure container and configured to deploy VM images into a cloud computing environment, encrypting the composed at least one VM disk, transmitting the encrypted VM disk to a hypervisor in the cloud computing environment receiving a request to activate a VM instance and generating a bootloader in the secure container, transmitting the bootloader to the hypervisor in the cloud computing environment and providing a key to the bootloader to unlock the at least one VM disk. | 07-05-2012 |
| 20120173871 | SYSTEM FOR SECURING VIRTUAL MACHINE DISKS ON A REMOTE SHARED STORAGE SUBSYSTEM - Embodiments of the present invention provide a method, data processing system and computer program product for secure distribution of virtualized storage. In an embodiment of the invention, a method for secure distribution of virtualized storage in a host in a cloud computing can include composing at least one virtual machine (VM) disk in a secure container and configured to deploy VM images into a cloud computing environment, encrypting the composed at least one VM disk, transmitting the encrypted VM disk to a hypervisor in the cloud computing environment receiving a request to activate a VM instance and generating a bootloader in the secure container, transmitting the bootloader to the hypervisor in the cloud computing environment and providing a key to the bootloader to unlock the at least one VM disk. | 07-05-2012 |
