Invention Grant
US08869265B2 System and method for enforcing security policies in a virtual environment
有权
在虚拟环境中执行安全策略的系统和方法
- Patent Title: System and method for enforcing security policies in a virtual environment
- Patent Title (中): 在虚拟环境中执行安全策略的系统和方法
-
Application No.: US13723445Application Date: 2012-12-21
-
Publication No.: US08869265B2Publication Date: 2014-10-21
- Inventor: Amit Dang , Preet Mohinder
- Applicant: McAfee, Inc.
- Applicant Address: US CA Santa Clara
- Assignee: McAfee, Inc.
- Current Assignee: McAfee, Inc.
- Current Assignee Address: US CA Santa Clara
- Agency: Baker Botts L.L.P.
- Main IPC: G06F21/12
- IPC: G06F21/12 ; G06F21/62 ; G06F21/55 ; G06F9/46 ; G06F9/455 ; G06F21/52
Abstract:
A method in one example implementation includes intercepting a request associated with an execution of an object (e.g., a kernel module or a binary) in a computer configured to operate in a virtual machine environment. The request is associated with a privileged domain of the computer that operates logically below one or more operating systems. The method also includes verifying an authorization of the object by computing a checksum for the object and comparing the checksum to a plurality of stored checksums in a memory element. The execution of the object is denied if it is not authorized. In other embodiments, the method can include evaluating a plurality of entries within the memory element of the computer, wherein the entries include authorized binaries and kernel modules. In other embodiments, the method can include intercepting an attempt from a remote computer to execute code from a previously authorized binary.
Public/Granted literature
- US20130117823A1 SYSTEM AND METHOD FOR ENFORCING SECURITY POLICIES IN A VIRTUAL ENVIRONMENT Public/Granted day:2013-05-09
Information query
