Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or data isolation. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a rootkit defense mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or prevention of malicious code, for example, in a manner/context that is isolated and not able to be corrupted, detected, prevented, bypassed, and/or otherwise affected by the malicious code.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or hypervisor fingerprinting. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a CPU ID instruction handler (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it). The CPU ID instruction handler may perform processing, inter alia, to return configurable values different from the actual values for the physical hardware. The virtualization assistance layer may further contain virtual devices, which when probed by guest operating system code, return the same values as their physical counterparts.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or memory access. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a detection mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or notification of, and action by a monitoring guest upon access by a monitored guest to predetermined physical memory locations.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or hypervisor fingerprinting. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a CPU ID instruction handler (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it). The CPU ID instruction handler may perform processing, inter alia, to return configurable values different from the actual values for the physical hardware. The virtualization assistance layer may further contain virtual devices, which when probed by guest operating system code, return the same values as their physical counterparts.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or memory access. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a detection mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or notification of, and action by a monitoring guest upon access by a monitored guest to predetermined physical memory locations.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or data isolation. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a rootkit defense mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or prevention of malicious code, for example, in a manner/context that is isolated and not able to be corrupted, detected, prevented, bypassed, and/or otherwise affected by the malicious code.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or memory access. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a detection mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or notification of, and action by a monitoring guest upon access by a monitored guest to predetermined physical memory locations.

Abstract: Systems and methods are disclosed for providing secure information processing. In one exemplary implementation, there is provided a method of secure domain isolation. Moreover, the method may include configuring a computing component with data/programming associated with address swapping and/or establishing isolation between domains or virtual machines, processing information such as instructions from an input device while keeping the domains or virtual machines separate, and/or performing navigating and/or other processing among the domains or virtual machines as a function of the data/programming and/or information, wherein secure isolation between the domains or virtual machines is maintained.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or memory access. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a instruction execution detection/interception mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it). The instruction execution detection/interception mechanism may perform processing, inter alia, for detection and/or notification of, and actions upon by a monitoring guest, code execution by a monitored guest involving predetermined physical memory locations, such as API calls.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or memory access. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a detection mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or notification of, and action by a monitoring guest upon access by a monitored guest to predetermined physical memory locations.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or memory access. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a instruction execution detection/interception mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it). The instruction execution detection/interception mechanism may perform processing, inter alia, for detection and/or notification of, and actions upon by a monitoring guest, code execution by a monitored guest involving predetermined physical memory locations, such as API calls.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or data isolation. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a rootkit defense mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or prevention of malicious code, for example, in a manner/context that is isolated and not able to be corrupted, detected, prevented, bypassed, and/or otherwise affected by the malicious code.

Abstract: Systems and methods are disclosed for providing secure information processing. In one exemplary implementation, there is provided a method of secure domain isolation. Moreover, the method may include configuring a computing component with data/programming associated with address swapping and/or establishing isolation between domains or virtual machines, processing information such as instructions from an input device while keeping the domains or virtual machines separate, and/or performing navigating and/or other processing among the domains or virtual machines as a function of the data/programming and/or information, wherein secure isolation between the domains or virtual machines is maintained.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or memory access. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a detection mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or notification of, and action by a monitoring guest upon access by a monitored guest to predetermined physical memory locations.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or data isolation. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a rootkit defense mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or prevention of malicious code, for example, in a manner/context that is isolated and not able to be corrupted, detected, prevented, bypassed, and/or otherwise affected by the malicious code.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or memory access. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a detection mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or notification of, and action by a monitoring guest upon access by a monitored guest to predetermined physical memory locations.

Abstract: The present disclosure relates to saving and restoring operating system states and, more particularly, towards systems and methods of processing information associated with obtaining snapshots of and restoring guest operating system states rapidly.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or memory access. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a instruction execution detection/interception mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it). The instruction execution detection/interception mechanism may perform processing, inter alia, for detection and/or notification of, and actions upon by a monitoring guest, code execution by a monitored guest involving predetermined physical memory locations, such as API calls.

Abstract: Systems and methods are disclosed for providing secure information processing. In one exemplary implementation, there is provided a method of secure domain isolation. Moreover, the method may include configuring a computing component with data/programming associated with address swapping and/or establishing isolation between domains or virtual machines, processing information such as instructions from an input device while keeping the domains or virtual machines separate, and/or performing navigating and/or other processing among the domains or virtual machines as a function of the data/programming and/or information, wherein secure isolation between the domains or virtual machines is maintained.

Abstract: The present disclosure relates to saving and restoring operating system states and, more particularly, towards systems and methods of processing information associated with obtaining snapshots of and restoring guest operating system states rapidly.