IDiyas

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 10650157 B1

PDFFull Text
Date of Patent:
May. 12, 2020

Filed:

Apr. 30, 2017

Securing virtual execution environments

Applicant:

Microsoft Technology Licensing, Llc, Redmond, WA (US);

Inventors:

Benjamin M. Schultz, Bothell, WA (US);

Kinshumann, Redmond, WA (US);

David John Linsley, Seattle, WA (US);

Charles Glenn Jeffries, Sammamish, WA (US);

Giridhar Viswanathan, Redmond, WA (US);

Scott Daniel Anderson, Seattle, WA (US);

Frederick J. Smith, Redmond, WA (US);

Hari R. Pulapaka, Redmond, WA (US);

JianMing Zhou, Sammamish, WA (US);

Margarit Simeonov Chenchev, Sammamish, WA (US);

David B. Probert, Snohomish, WA (US);

Assignee:

Microsoft Technology Licensing, LLC, Redmond, WA (US);

Attorney:
Primary Examiner:

Charlie Sun

Int. Cl.
CPC ...
G06F 9/455 (2018.01); G06F 21/62 (2013.01); G06F 21/57 (2013.01);
U.S. Cl.
CPC ...
G06F 21/6218 (2013.01); G06F 9/45558 (2013.01); G06F 21/575 (2013.01); G06F 2009/45587 (2013.01);
Abstract

Facilities are provided to secure guest runtime environments (GREs). Security policy specifications may be associated with GREs. A GRE's security policy may be specific to the GRE and may also include security policy inherited from higher levels such as a host operating environment. The security policy of a GRE specifies restrictions and/or permissions for activities that may be performed within the scope of execution of the GRE. A GRE's security policy may limit what the GRE's guest software may do within the GRE. Restrictions/permissions may be applied to objects such as files, configuration data, and the like. Security specifications may be applied to execution initiated within a GRE. A GRE's security specification may restrict/permit executable objects from loading and executing within the GRE. The executability or accessibility of objects may be conditioned on factors such as the health/integrity of the GRE, the host system, requested files, and others.

Find Patent Forward Citations

Loading…