138 results about "Operating system level" patented technology

A usage based pattern authenticator for monitoring and reporting on user usage patterns in an operating system using a set of security rules and user usage patterns. This computer system security tool authenticates users at the operating system level in multi-user operating systems. It supports system administrators in limiting the ability of unauthorized users to disrupt system operations using a neural network and set of rules to track usage patterns and flag suspicious activity on the system. The data collection mode collects and stores usage patterns of authenticated users. The training mode trains an artificial neural network and sets the interconnection weights of the network. The production mode monitors and reports on usage patterns, and optionally performs automatic responses when confronted with non-authenticated users.

The present invention provides methods and a computer-readable program for providing autonomic, event driven upgrade maintenance of one or more software modules residing on a computer system. In a preferred embodiment, a method begins by detecting a predefined triggering event on the computer system indicative of a potential maintenance issue. Next the computer system connects to an upgrade management server, where the upgrade maintenance server creates a list of recommended upgrade modules to download to the computer system, the list based upon the triggering event and a set of selection policies. The method then downloads the list of recommended upgrade modules from the upgrade management server to the computer system, and selectively installs upgrade modules chosen from the list of recommended upgrade modules on the computer system. The user is then notified of the status of the upgrade maintenance operation.

A Personal Digital Key Digital Content Security System (PDK-DCSS) is used to protect computers from unauthorized use and protect the digital content stored on computers from being wrongfully accessed, copied, and / or distributed. The basic components of the PDK-DCSS are (1) a standard hard drive device, with the addition of a PDK Receiver / Decoder Circuit (PDK-RDC) optionally integrated into the hard drive's controller, and (2) a PDK-Key associated with the PDK-RDC. The PDK-Key and RDC technology is utilized to provide two categories of protection: (1) hard drive access control for providing Drive-Level and Sector-Level protection and (2) operating system-level independent file protection for providing File-Level and Network-Level protection.

A platform for remotely installing an operating system on a client machine includes a builder engine, for instance running on a support server. The builder engine may interrogate a remote client, for instance a diskless thin client or a machine having a disk but malfunctioning, and receive a machine state image from that machine. The builder engine may then assemble a customized image or kernel of an operating system such as Microsoft Windows™ for transmission to the client. A file system may be initialized in electronic memory, or otherwise and the machine may commence operation, without having executed an operating system setup process. In embodiments, the client machine may then link to a complete image of an operating system to reinstall a comprehensive version of that system, or perform other tasks.

Method, apparatus and computer program product manage a plurality of networks with a single tenant network management tool using virtualization and implement control plane virtualization of the single tenant management tool; data storage virtualization of a data storage apparatus and network address virtualization of an available address range. A virtual machine may be implemented for each network of the plurality of networks to contain an instance of the single tenant management tool. In one implementation, a proxy is used to implement data storage virtualization. In another implementation, separate data storage is maintained for each network and data storage virtualization is achieved by managing the network protocol stack virtualization. The network address virtualization may be implemented using machine-level virtualization or operating-system-level virtualization.

A method and wireless mobile device employs a virtual file system (706) and a digital rights management file system (708), at an operating system level, and a user space digital rights manager (712), at an application or user space level. The user space digital rights manager (712) is operative to manage digital rights associated with content that is stored in the digital rights management file system (708). For example, although an application may request content that has digital rights associated with it from the virtual file system (706), and the virtual file system (706) communicates with the digital rights management file system (708) at the operating system level, the DRM file system (708) redirects the calls to the user space digital rights manager (712) at the user space level which performs the digital rights operations.

A Personal Digital Key Digital Content Security System (PDK-DCSS) is used to protect computers from unauthorized use and protect the digital content stored on computers from being wrongfully accessed, copied, and / or distributed. The basic components of the PDK-DCSS are (1) a standard hard drive device, with the addition of a PDK Receiver / Decoder Circuit (PDK-RDC) optionally integrated into the hard drive's controller, and (2) a PDK-Key associated with the PDK-RDC. The PDK-Key and RDC technology is utilized to provide two categories of protection: (1) hard drive access control for providing Drive-Level and Sector-Level protection and (2) operating system-level independent file protection for providing File-Level and Network-Level protection.

A system and method for providing sticky applications are provided. A “sticky application” is an operating system (OS) level application that has the ability to “stick” to web applications and become a part of the web page on which the web application is running. While the sticky application is stuck to the web application, it behaves as if it were a web application with respect to the user. When the user chooses to “unstick” the application, it will return to behaving as an OS level application. The sticky application imitates being a web-based application instead of an operating system level application while stuck. This imitation involves the sticky application being placed on pixel coordinates within a web page of the web application and the sticky application remaining in the pixel coordinates within the web page where it is placed even when a user modifies the representation of the web page.

A system for managing the operation of a plurality of radio modems contained within the same WCD. One or more of the plurality of radio modems may be a dual-mode radio modem enabled to communicate using at least two separate radio protocols concurrently. The operation of the one or more dual-mode modems may be managed by resources encompassed in a radio modem interface coupled to, or integrated within, the dual-mode radio modem. These management resources may receive information from the operating system level of the WCD and from the at least two radio modem stacks utilizing the resources of the dual mode radio modem in order to coordinate the operation of the at least two radio protocols concurrently active in the modem.

The present invention provides a method and system for using an operating system level I / O filter driver for providing transparent database transaction log file redundancy. In accordance with the method, the I / O filter driver intercepts a database management system request to write data to the database transaction log file. The I / O filter driver writes the data to at least two transaction log files.

The invention discloses a system for synchronizing a smart mobile terminal and a cloud virtual mobile terminal. The system comprises the smart mobile terminal and a cloud end, wherein the smart mobile terminal operates in an android operating system, the cloud end comprises the virtual mobile terminal and a Web server, and the Web server serves as an mediation for interaction between the smart mobile terminal and the virtual mobile terminal, is communicated with the smart mobile terminal through WiFi or a 3G wireless network and then is communicated with the virtual mobile terminal through a wired network. A virtual mobile phone having the same operating system with a physical mobile phone is established at the cloud end, the physical mobile phone can be timely recovered to be of the initial state when the system of the physical mobile phone goes wrong, and real-time backup at a level of the operating system can be carried out on the physical mobile phone.

The invention relates to an extensible memory object storage system based on a heterogeneous memory, which comprises a DRAM (Dynamic Random Access Memory) and an NVM (Non-Volatile Memory), and is configured to: execute a memory allocation operation through a Slab-based memory allocation mechanism and divide each Slab Class into a DRAM (Dynamic Random Access Memory) domain and an NVM domain; monitor access heat degree information of each memory object at an application layer level; and dynamically adjust a storage area of corresponding key value data in each Slab Class based on the access heatdegree information of each memory object, store the key value data of the memory object with relatively high access heat in each Slab Class in a DRAM domain, and store the key value data of the memoryobject with relatively low access heat in each Slab Class in an NVM domain; and monitor the access heat of the memory object at the application layer level. Dynamic use of the DRAM / NVM heterogeneousmemory is achieved, and compared with a traditional method of monitoring the access heat of the application at the hardware or operating system level, huge hardware and operating system expenditure iseliminated.

This present invention relates to a method for using hypervisors to enable stable wireless network connections. The crux of the invention involves pushing the control of the networking devices from the Operating System level down to a networking front end hypervisor level. The hypervisor will control all networking devices, the authentication for these devices, and the selection of which connection to use. The hypervisor will also perform Network Address Translation (NAT) to the Operating System. Thus, the Operating System will receive a single, private IP address for use with the Operating System's applications. The hypervisor will handle the change of the IP address when roaming between networks and hide it from the Operating System through the use of the NAT.

The invention provides a bottom virtualization process (namely, virtualization for an operating system layer). According to a method, virtualization is realized by adding a virtual server function in an operating system layer. The bottom virtualization process comprises the following steps of: forming a virtualized layer on a hardware layer, thereby finishing virtualized integration of physical equipment; installing a plurality of client operating systems on the virtualized layer; and running an application program in the client operating systems. The client operating systems are communicated with the hardware through a VMM (Virtual Machine Monitor) in the virtualized layer, wherein the VMM is used for determining the access of all virtual machines to physical resources. In a virtualization solution, the VMM plays a role of a traditional operating system in a software set and the traditional operating system as the client operating system runs on the virtualized layer at a position of the application program. Compared with other virtualization processes, the bottom virtualization process has the advantages that a manager need not install and maintain a single operating system embodiment for each application, thereby lowering the management cost.

A pre-OS security agent runs in an environment independent of the operating system (OS) but interfaced with the file system and able to exchange information with a security application running over the OS. Prior to the start-up of the OS, an indication of a state or condition is obtained relating to a risk of an inability of the security application to function normally, or to a change in the computer system affecting the start-up of the OS. Based on the indication, a set of one or more actions are determined for resolving the state or condition. The pre-OS security agent executes the set of one or more actions in response to the indication.

A computer-implemented method for providing an operating system level interface for communicating credential data between applications includes detecting, by an operating system, a field configured to receive an authentication credential and identifying a credential management application configured to provide authentication credentials. The method includes requesting, by the operating system and using an operating system interface configured to communicate authentication credentials, the authentication credential from the credential management application. And when the credential management application provides the authentication credential using the operating system interface configured to communicate authentication credentials, the method includes providing the authentication credential for entry into the field.

A computing device operates in a secure operating mode in response to user selection. Computer hardware is initialized to verify a bootloader of an operating system, and the bootloader verifies the operating system kernel. The kernel then verifies operating-system level executable files. After verification, a limited set of the verified files is loaded into a portion of the memory that is subsequently marked by the kernel as read-only. These files are executed to provide a basic Internet browser session; all other files are identified as non-executable. When the user accesses an authorized website and conducts a transaction that requires a user to provide information, the information is encrypted during transmission of the network. In addition, such information cannot be accessed by other parties since the information provided is not persisted at the computing device.

An authentication method set forth which includes an interface that can be used by operating system level software to verify and set various hardware level passwords, like the BIOS boot password and hard disk password. The method further specifies an application behavior that allows an operating system level pre-boot authorization (PBA) enrollment application to set and verify and make use of any hardware level passwords that are needed for PBA enrollment.

A system and method for protecting against the unauthorized use of operating system level commands is disclosed. The system includes a computer module including: a processor configured for performing data operations; a memory unit configured to store instructions executable by the processor; and an operating system module for supporting basic functions of the computer module, such as scheduling tasks, executing applications, and controlling peripherals. A virtual keyboard is connected to the computer module for creating one or more events or sequences of events recognizable by the operating system module. A system level command filter module is provided for filtering system level commands from the one or more recognizable events or sequences of events.

A database system that incorporates numerous features that reduce the total cost of maintaining the database system is provided. That database system includes a database appliance that executes a database server on a platform that includes a special purpose operating system specifically tailored to the services required by the database server. The database appliance configures itself by detecting the environment in which it resides and setting operational parameters based on the detected environment. The configuration metadata of all components of the system are stored in a centralized repository which itself may reside external to the system. Both the database server configuration and the operating system configuration are managed by a remotely located integrated management console, which interacts with and configures the system at the database system level, the operating system level and, optionally, at the hardware subsystem level. Backup management may also be performed remotely. The remote components, such as the integrated management console, the backup server, and the configuration repository, may communicate with the system through a wide area network, such as the Internet, or directly through a dial-up connection.

The present invention relates to a virtual machine and / or a multi-Level Scheduling Support on systems with asymmetric processor cores. Different processor cores in a computing device can support different features. In one or more embodiments, the features supported by each of multiple physical processor cores of a computing device are identified. A set of one or more features of the multiple physical processor cores to make available to virtual processor cores of the virtual machine are determined based at least in part on both the one or more features supported by each of the multiple physical processor cores and a number of virtual processor cores of the virtual machine. In additional embodiments, a multi-level scheduling model is used. An operating system level scheduler of an operating system schedules multiple applications for execution on multiple processor cores, and a user level scheduler of an application schedules application threads of that application for execution on one or more of the multiple processor cores.

A method for providing context sensing and fusion may include receiving physical sensor data extracted from one or more physical sensors, receiving virtual sensor data extracted from one or more virtual sensors, and performing context fusion of the physical sensor data and the virtual sensor data at an operating system level. A corresponding computer program product and apparatus are also provided.

A system and method of exchanging project data between disparate levels of users, independent of whether the user is a client or professional, or which operating system level or software is employed.