Hardware-Based Virtualized Security Isolation

A host operating system running on a computing device monitors network communications for the computing device to identify network resources that are requested by the computing device. The host operating system compares requested network resources against security policies to determine if the reques...

Full description

Saved in:
Bibliographic Details
Main Authors Pai Navin Narayan, Smith Frederick J, Rao Vikram Mangalore, Ebersol Michael B, Viswanathan Giridhar, Gaddehosur Poornananda R, Jeffries Charles G, Diaz Cuellar Gerardo, Schultz Benjamin M, Pulapaka Hari R, Pashov Ivan Dimitrov, Reuther Lars
Format Patent
LanguageEnglish
Published 07.12.2017
Subjects
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:A host operating system running on a computing device monitors network communications for the computing device to identify network resources that are requested by the computing device. The host operating system compares requested network resources against security policies to determine if the requested network resources are trusted. When an untrusted network resource is identified, the host operating system accesses the untrusted network resource within a container that is isolated from the host operating system kernel using techniques discussed herein. By restricting access to untrusted network resources to isolated containers, the host operating system is protected from even kernel-level attacks or infections that may result from an untrusted network resource.
Bibliography:Application Number: US201615171917