Methods to restrict network file access in guest virtual machines using in-guest agents
US11057385B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 12, 2018 |
| Grant date | Jul 6, 2021 |
| Priority date | — |
| Expiry date | Feb 14, 2039 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2009/45595
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Certain embodiments described herein are generally directed to systems and methods for preventing access to files on a virtual machine. One example method involves receiving network information associated with a network connection opened at the virtual machine and determining a process that opened the network connection. The method further involves receiving information indicative of a file access event attempted at the virtual machine and determining the process that opened the network connection initiated the file access event. The method further involves transmitting information indicative of the file access event and the network connection to a security virtual machine and receiving an enforcement decision for the file access event from the security virtual machine based on the information indicative of the file access event and the network connection. The method further involves applying the enforcement decision to either allow or prevent the file access event by the process.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.