Patents by Inventor Sergey A. Khorun
Sergey A. Khorun has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9720952Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for virtual block storage. In one aspect, a method includes receiving a request to initialize a virtual machine, the virtual machine having an associated virtual block device; accessing a file map comprising a plurality of file map entries; determining file map entries corresponding to blocks of data allocated to the virtual block device and one or more files in which the blocks of data allocated to the virtual block device are stored; determining that a particular one of the blocks allocated to the virtual block device has been written to a new position not associated with the particular block in the file map; and updating the position associated with the particular block to the new position.Type: GrantFiled: June 25, 2015Date of Patent: August 1, 2017Assignee: Google Inc.Inventors: Andrew Kadatch, Sergey Khorun
-
Patent number: 9501233Abstract: In general, one aspect of the subject matter described in this specification can be embodied in methods that include receiving, at a computer system, a request to create a snapshot of a virtual storage device, wherein the virtual storage device virtually stores data at virtual addresses, the data being physically stored at a plurality of physical storage locations that are managed by an underlying storage system associated with virtual storage device. The methods can further include identifying, by the computer system, one or more regions of the virtual storage device that have been written to since a previous snapshot of the virtual storage device was created. The methods can additionally include generating a unique identifier for the requested snapshot; and creating the requested snapshot using the identified one more regions and the unique identifier.Type: GrantFiled: December 21, 2015Date of Patent: November 22, 2016Assignee: Google Inc.Inventors: Matthew S. Harris, Andrew Kadatch, Sergey Khorun, Carl Hamilton
-
Publication number: 20160124669Abstract: In general, one aspect of the subject matter described in this specification can be embodied in methods that include receiving, at a computer system, a request to create a snapshot of a virtual storage device, wherein the virtual storage device virtually stores data at virtual addresses, the data being physically stored at a plurality of physical storage locations that are managed by an underlying storage system associated with virtual storage device. The methods can further include identifying, by the computer system, one or more regions of the virtual storage device that have been written to since a previous snapshot of the virtual storage device was created. The methods can additionally include generating a unique identifier for the requested snapshot; and creating the requested snapshot using the identified one more regions and the unique identifier.Type: ApplicationFiled: December 21, 2015Publication date: May 5, 2016Inventors: Matthew S. Harris, Andrew Kadatch, Sergey Khorun, Carl Hamilton
-
Patent number: 9251234Abstract: In general, one aspect of the subject matter described in this specification can be embodied in methods that include receiving, at a computer system, a request to create a snapshot of a virtual storage device, wherein the virtual storage device virtually stores data at virtual addresses, the data being physically stored at a plurality of physical storage locations that are managed by an underlying storage system associated with virtual storage device. The methods can further include identifying, by the computer system, one or more regions of the virtual storage device that have been written to since a previous snapshot of the virtual storage device was created. The methods can additionally include generating a unique identifier for the requested snapshot; and creating the requested snapshot using the identified one more regions and the unique identifier.Type: GrantFiled: February 23, 2015Date of Patent: February 2, 2016Assignee: Google Inc.Inventors: Matthew S. Harris, Andrew Kadatch, Sergey Khorun, Carl Hamilton
-
Publication number: 20150310056Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for virtual block storage. In one aspect, a method includes receiving a request to initialize a virtual machine, the virtual machine having an associated virtual block device; accessing a file map comprising a plurality of file map entries; determining file map entries corresponding to blocks of data allocated to the virtual block device and one or more files in which the blocks of data allocated to the virtual block device are stored; determining that a particular one of the blocks allocated to the virtual block device has been written to a new position not associated with the particular block in the file map; and updating the position associated with the particular block to the new position.Type: ApplicationFiled: June 25, 2015Publication date: October 29, 2015Inventors: Andrew Kadatch, Sergey Khorun
-
Patent number: 9069806Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for virtual block storage. In one aspect, a method includes receiving a request to initialize a virtual machine, the virtual machine having an associated virtual block device; accessing a file map comprising a plurality of file map entries; determining file map entries corresponding to blocks of data allocated to the virtual block device and one or more files in which the blocks of data allocated to the virtual block device are stored; determining that a particular one of the blocks allocated to the virtual block device has been written to a new position not associated with the particular block in the file map; and updating the position associated with the particular block to the new position.Type: GrantFiled: March 14, 2013Date of Patent: June 30, 2015Assignee: Google Inc.Inventors: Andrew Kadatch, Sergey Khorun
-
Patent number: 9069616Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for managing resources in a computing system. For virtual hard disk drives supported by multiple physic hard disk drives over a network, artificial throttling of the disk access bandwidth is implemented, such that the resulting latency behavior of each virtual hard disk drive resembles the latency behavior of a corresponding physical hard disk drive emulated by the virtual hard disk drive. In various implementations, the artificial throttling simulates both characteristics of sequential access latencies and random access latencies on a physical hard drive.Type: GrantFiled: September 23, 2011Date of Patent: June 30, 2015Assignee: Google Inc.Inventors: Andrew Kadatch, Sergey Khorun
-
Patent number: 8966198Abstract: In general, one aspect of the subject matter described in this specification can be embodied in methods that include receiving, at a computer system, a request to create a snapshot of a virtual storage device, wherein the virtual storage device virtually stores data at virtual addresses, the data being physically stored at a plurality of physical storage locations that are managed by an underlying storage system associated with virtual storage device; the methods can further include identifying, by the computer system, one or more regions of the virtual storage device that have been written to since a previous snapshot of the virtual storage device was created; the methods can additionally include generating a unique identifier for the requested snapshot; and creating the requested snapshot using the identified one more regions and the unique identifier.Type: GrantFiled: September 4, 2012Date of Patent: February 24, 2015Assignee: Google Inc.Inventors: Matthew S. Harris, Andrew Kadatch, Sergey Khorun, Carl Hamilton
-
Publication number: 20130262405Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for virtual block storage. In one aspect, a method includes receiving a request to initialize a virtual machine, the virtual machine having an associated virtual block device; accessing a file map comprising a plurality of file map entries; determining file map entries corresponding to blocks of data allocated to the virtual block device and one or more files in which the blocks of data allocated to the virtual block device are stored; determining that a particular one of the blocks allocated to the virtual block device has been written to a new position not associated with the particular block in the file map; and updating the position associated with the particular block to the new position.Type: ApplicationFiled: March 14, 2013Publication date: October 3, 2013Inventors: Andrew Kadatch, Sergey Khorun
-
Publication number: 20130081014Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for managing resources in a computing system. For virtual hard disk drives supported by multiple physic hard disk drives over a network, artificial throttling of the disk access bandwidth is implemented, such that the resulting latency behavior of each virtual hard disk drive resembles the latency behavior of a corresponding physical hard disk drive emulated by the virtual hard disk drive. In various implementations, the artificial throttling simulates both characteristics of sequential access latencies and random access latencies on a physical hard drive.Type: ApplicationFiled: September 23, 2011Publication date: March 28, 2013Applicant: GOOGLE INC.Inventors: Andrew Kadatch, Sergey Khorun
-
Patent number: 8156558Abstract: Described is a mechanism for collectively evaluating security risks associated with loading an application. A hosting environment associated with loading the application invokes a trust manager to evaluate the security risks. The trust manager invokes a plurality of trust evaluators, where each trust evaluator is responsible for analyzing and assessing a different security risk. Upon completion of each security risk evaluation, results of those individual security risk evaluations are returned to the trust manager. The trust manager aggregates the variety of security risk evaluation results and makes a security determination based on the aggregated evaluation results. That determination may be to move forward with loading the application, to block the load of the application, or perhaps to prompt the user for a decision about whether to move forward with the load.Type: GrantFiled: May 17, 2003Date of Patent: April 10, 2012Assignee: Microsoft CorporationInventors: Aaron R. Goldfeder, John M. Hawkins, Sergey A. Khorun, Viresh N. Ramdatmisier, Joseph Thomas Farro, Gregory Darrell Fee, Jeremiah S. Epling, Andrew G. Bybee, Jingyang Xu, Tony Edward Schreiner, Jamie L. Cool
-
Patent number: 7669238Abstract: Evidence-based application security may be implemented at the application and/or application group levels. A manifest may be provided defining at least one trust condition for the application or application group. A policy manager evaluates application evidence (e.g., an XrML license) for an application or group of applications relative to the manifest. The application is only granted permissions on the computer system if the application evidence indicates that the application is trusted. Similarly, a group of applications are only granted permissions on the computer system if the evidence indicates that the group of applications is trusted. If the application evidence satisfies the at least one trust condition defined by the manifest, the policy manager generates a permission grant set for each code assembly that is a member of the at least one application. Evidence may be further evaluated for code assemblies that are members of the trusted application or application group.Type: GrantFiled: November 10, 2003Date of Patent: February 23, 2010Assignee: Microsoft CorporationInventors: Gregory D. Fee, Aaron Goldfeder, John M. Hawkins, Jamie L. Cool, Sebastian Lange, Sergey Khorun
-
Publication number: 20040148514Abstract: Evidence-based application security may be implemented at the application and/or application group levels. A manifest may be provided defining at least one trust condition for the application or application group. A policy manager evaluates application evidence (e.g., an XrML license) for an application or group of applications relative to the manifest. The application is only granted permissions on the computer system if the application evidence indicates that the application is trusted. Similarly, a group of applications are only granted permissions on the computer system if the evidence indicates that the group of applications is trusted. If the application evidence satisfies the at least one trust condition defined by the manifest, the policy manager generates a permission grant set for each code assembly that is a member of the at least one application. Evidence may be further evaluated for code assemblies that are members of the trusted application or application group.Type: ApplicationFiled: November 10, 2003Publication date: July 29, 2004Inventors: Gregory D. Fee, Aaron Goldfeder, John M. Hawkins, Jamie L. Cool, Sebastian Lange, Sergey Khorun