Virtualized security isolation

Virtualized security isolation

A method performed by a host operating system executing on a host device, comprising: detecting that an application that is running on the host operating system is attempting to access a network resource that is accessible to the host device via a network; in response to detecting that the applicati...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Pulapaka, Hari R, Pai, Navin Narayan, Viswanathan, Giridhar, Schultz, Benjamin M, Pashov, Ivan Dimitrov, Jeffries, Charles G, Ebersol, Michael B, Rao, Vikram Mangalore, Diaz Cuellar, Gerardo, Gaddehosur, Poornananda R, Smith, Frederick J, Reuther, Lars
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method performed by a host operating system executing on a host device, comprising: detecting that an application that is running on the host operating system is attempting to access a network resource that is accessible to the host device via a network; in response to detecting that the application is attempting to access the network resource, determining whether the network resource is an untrusted network resource; in response to determining that the network resource is an untrusted network resource: activating a container that is isolated from the host operating system, the container being configured to run a version of the application; and passing the untrusted network resource to the container thereby allowing the version of the application running in the container to access the untrusted network resource; and in response to determining that access to the untrusted network resource has ended, suspending the container.