Abstract: A method for reacting to system calls made to a kernel of a computerized system, the method includes controlling an execution of at least one system call by the kernel in response to a result of a comparison between information of system calls mane to a kernal and between data structure elements (DEs) of a non-executable control data structure that includes fields that correspond to the system call type fields, to the system call initiator fields and to the system call request fields of the segments of the first control data structure. The method also includes (A) Receiving a first control data structure. The first control data includes multiple segments. Each segment includes a system call type field, at least one system call initiator field and at least one system call request field. And (B) Converting the first control data structure into the non-executable control data structure.

Abstract: A computer implementing a kernel, the computer including: (a) a processor that is configured to run processes in kernel mode and to run other processes not in kernel mode, wherein the processor is configured to run in the kernel mode the following processes: (i) selecting a rule out of a group of rules that is stored in a kernel memory of the computer, in response to system call information that pertains to a system call made to a kernel entity of the kernel; (ii) assigning a priority to the system call in response to the rule selected; and (iii) selectively enabling transmission of the system call to a hardware device of the computerized entity, in response to the priority assigned to the system call; (b) a memory that includes the memory kernel; and (c) the hardware device that is configured to execute the system call, wherein execution of the system call by the hardware device results in modifying a state of the hardware device.

Abstract: A computer implementing a kernel, the computer including: a processor that is configured to run processes in kernel mode and to run other processes not in kernel mode, wherein the processor is configured to run in the kernel mode the following processes: (a) determining selection parameters that relates to a system call requesting an operation by a hardware device, by processing information of the system call; (b) deterministically selecting a single data-structure element (DSE) of a data-structure in response to a type of the system call, to at least one other determined selection parameter, and to a status of an activity flag included in the DSE that indicates an availability of the DSE for selection; wherein the selecting includes selecting a DSE that includes an activity flag that indicates that the DSE is available for selection; wherein at least one DSE of the data-structure is an inactive DSE that includes an activity flag indicating that the inactive DSE is not available for selection; (c) modifying a

Abstract: A method for reacting to system calls made to a kernel of a computerized system, the method includes: receiving a first control data structure that comprises multiple segments; wherein each segment comprises a system call type field, at least one system call initiator field and at least one system call request field; converting the first control data structure into a non-executable control data structure that comprises multiple data-structure elements (DEs), wherein the DEs comprise DE fields that correspond to the system call type fields, to the system call initiator fields and to the system call request fields of the segments of the first control data structure; monitoring system calls made to the kernel by a comparing information of system calls made to the kernel to DE-fields of the non-executable control data structure; and controlling an execution of at least one system call by the kernel in response to a result of the comparing.

Abstract: A computer implementing a kernel, the computer including: (a) a processor that is configured to run processes in kernel mode and to run other processes not in kernel mode, wherein the processor is configured to run in the kernel mode the following processes: (i) selecting a rule out of a group of rules that is stored in a kernel memory of the computer, in response to system call information that pertains to a system call made to a kernel entity of the kernel; (ii) assigning a priority to the system call in response to the rule selected; and (iii) selectively enabling transmission of the system call to a hardware device of the computerized entity, in response to the priority assigned to the system call; (b) a memory that includes the memory kernel; and (c) the hardware device that is configured to execute the system call, wherein execution of the system call by the hardware device results in modifying a state of the hardware device.

Abstract: A computer implementing a kernel, the computer including: a processor that is configured to run processes in kernel mode and to run other processes not in kernel mode, wherein the processor is configured to run in the kernel mode the following processes: (a) determining selection parameters that relates to a system call requesting an operation by a hardware device, by processing information of the system call; (b) deterministically selecting a single data-structure element (DSE) of a data-structure in response to a type of the system call, to at least one other determined selection parameter, and to a status of an activity flag included in the DSE that indicates an availability of the DSE for selection; wherein the selecting includes selecting a DSE that includes an activity flag that indicates that the DSE is available for selection; wherein at least one DSE of the data-structure is an inactive DSE that includes an activity flag indicating that the inactive DSE is not available for selection; (c) modifying a