Automatic provisioning and onboarding of offline or disconnected machines
US-12182236-B2 · Dec 31, 2024 · US
Inhibiting denial-of-service attacks using group controls
US9027151B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9027151-B2 |
| Application number | US-201113029702-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 17, 2011 |
| Priority date | Feb 17, 2011 |
| Publication date | May 5, 2015 |
| Grant date | May 5, 2015 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A sandbox tool can cooperate with components of a secure operating system (OS) to create an isolated execution environment for accessing content without exposing other processes and resources of the computing system to the untrusted content. The sandbox tool can utilize task control groups (cgroups) of the secure OS with the isolated execution environment. A cgroup defines the hardware resources that can be accessed and utilized by the isolated execution environment. The cgroups can define accessible hardware resources by particular hardware resources, amount of hardware resources, and/or components of the hardware resources. Once a cgroup is applied to the isolated execution environment, any processes running in the isolated execution environment will be confined to the hardware resources defined by the applied cgroup. If a process running in the isolated execution environment attempts to utilize hardware resources outside the definition of the cgroup, the secure OS can block the usage.
First claim
Opening claim text (preview).
What is claimed is: 1. A method, comprising: receiving, by a processor, a request to create an isolated execution environment within a host environment controlled by an operating system executing on a computing system; creating, by the processor, a new process server to support communications with one or more processes to be executed in the isolated execution environment; assigning, by the processor, a security context to the new process server, wherein the creating of the new…
Assignees
Inventors
Classifications
Electricity · mapped topic
- G06F21/53Primary
Physics · mapped topic
Physics · mapped topic
Physics · mapped topic
Physics · mapped topic
Patent family
Related publications grouped by family.
External sources
Next steps
Free tools are coming soon. Tell us what you want to track and we'll notify you.
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9027151B2 cover?
- A sandbox tool can cooperate with components of a secure operating system (OS) to create an isolated execution environment for accessing content without exposing other processes and resources of the computing system to the untrusted content. The sandbox tool can utilize task control groups (cgroups) of the secure OS with the isolated execution environment. A cgroup defines the hardware resource…
- Who is the assignee on this patent?
- Walsh Daniel J, Red Hat Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/53. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue May 05 2015 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).