Abstract: A system, method, and medium for implementing I/O fencing in a virtual machine cluster sharing virtual storage objects. A volume manager driver receives access requests from virtual machines directed to a virtual storage object such as a volume. The volume manager driver then translates the access request to point to a storage device underlying the volume. The access request includes keys and/or other group reservation data required to implement an I/O fencing method so as to prevent access to shared data by malfunctioning or non-responsive virtual machines.

Abstract: A system and method for storing data. In one embodiment, a storage system includes a resource manager and a hierarchical entry tree describing storage entities of the storage system. At each given level of the tree higher than the bottom level, metadata entries summarize storage availability at a level below the given level. The resource manager receives a request to store data of a target size at a target location corresponding to a first portion of the entry tree and scans the entry tree to determine if contiguous, free storage entities of the target size are available at the target location. In response to determining that contiguous, free storage entities of the target size are not available at the target location, the resource manager scans portions of the entry tree outside the first portion to identify contiguous, free storage entities of the target size, where it stores the data.

Abstract: A method and apparatus supporting compound deposition for data images. The method and apparatus comprises configuring a backup process according to a storage plan, wherein the storage plan is defined by destination list, backup properties, and backup policy and rules.

Abstract: A method and mechanism for performing data backups in a computing system. A “delta” catalog is utilized for the maintenance of data backups. The delta catalog includes a backed up object table and an extent map. For a given backup, the backed up object table update stores entries which identify only those objects backed up during that backup. The backed up object table is further configured to store entries which identify objects which were deleted between the time of a prior backup procedure and a current backup procedure. The extent map is configured identify all objects present in the system at the time of a particular backup. The extent map identifies the objects which were present as one or more sequences of entries in the backed up object table.

Abstract: Content to be scanned for confidential information may be identified. A determination is made if the content includes confidential information. The determination may be based on at least one data loss prevention policy. When the content includes confidential information, a content management recommendation is created. The content management recommendation may comprise at least one of a recommendation pertaining to a storage of the content and a recommendation pertaining to a backup of the content. The content management recommendation may be provided to a content management system.

Abstract: A system and method for managing a resource reclamation reference list at a coarse level. A storage device is configured to store a plurality of storage objects in a plurality of storage containers, each of said storage containers being configured to store a plurality of said storage objects. A storage container reference list is maintained, wherein for each of the storage containers the storage container reference list identifies which files of a plurality of files reference a storage object within a given storage container. In response to detecting deletion of a given file that references an object within a particular storage container of the storage containers, a server is configured to update the storage container reference list by removing from the storage container reference list an identification of the given file. A reference list associating segment objects with files that reference those segment objects may not be updated response to the deletion.

Abstract: A computing device receives a command to restrict access to encrypted data. The computing device generates a new record that can access the encrypted data. The computing device encrypts the record information for the new record using a public key of a trusted entity. The computing device prevents access to the encrypted data for a previously generated record or records.

Abstract: Method and apparatus for behavioral detection of malware in a computer system are described. In some embodiments, a request by a process executing on a computer to change time of a clock managed by the computer is detected. The process is identified as a potential threat. At least one attribute associated with the process is analyzed to determine a threat level. The request to change the time of the clock is blocked and the process is designated as a true positive threat if the threat level satisfies a threshold level.

Abstract: A method and apparatus for providing high availability to service groups within a datacenter is described. In one embodiment, the method includes accessing policy master information regarding a plurality of nodes to identify at least one suitable node of the plurality of nodes for operating a service group, generating network topology information to identify at least one single point of failure amongst the plurality of nodes, processing high availability information regarding at least one computer resource at the at least one suitable node and determining availability indicia of the service group based upon the network topology information and the high availability information.

Abstract: Various embodiments of a computer system and methods are disclosed. In one embodiment, a computer system includes hosts coupled to a backup medium. The backup medium stores data segments and objects, each object referencing one or more segments. A second host conveys a write request to a first host identifying a data entity comprising segments referenced by a first object. The first host restores a copy of the data entity and creates a second object referencing the segments that were referenced by the first object in response to receiving the write request. The first host adds segment references to the second object in response to receiving a change that adds data to the copy or deletes a portion of a segment from the copy. The first host removes a segment reference from the second object if a change deletes all of a segment from the copy.

Abstract: A multi-disk fault-tolerant system, a method for generating a check block, and a method for recovering a data block are provided. The multi-disk fault-tolerant system includes a disk array and a calculation module connected through a system bus, the disk array is formed by p disks, and a fault-tolerant disk amount of the disk array is q; data in the disk array is arranged according to a form of a matrix M of (m+q)×p, where m is a prime number smaller than or equal to p?q; in the matrix M, a 0th row is virtual data blocks being virtual and having values being 0, a 1st row to an (m?1)th row are data blocks, an mth row to an (m+q?1)th row are check blocks. Therefore, during a procedure of generating the check block and recovering the data block in the multi-disk fault-tolerant system, calculation complexity is lowered.

Abstract: A system and method for generically performing a granular restore operation from a volume image backup. A volume image backup may be booted into a virtual environment. Input may be received selecting one or more application objects of an application on the volume image backup for restore. The selected application object(s) may be retrieved from the volume image backup by a first backup system agent on the volume image backup. The selected application object(s) may be sent from the first backup system agent to a second backup system agent on a restore target. The selected application object(s) may be restored on the restore target by the second backup system agent.

Abstract: A system and method for creating shortcuts within a database for archived items. A client computer sends a retrieval request for a given item to a web server. The given item may be an electronic document. A custom HTTPModule within the web server intercepts the request. The HTTPModule uses a uniform resource locator (URL) provided in the request to locate a record associated with the given item. If a given fixed string value is read from the record in place of the original content data, then the web server requests original content data for the given item from an archive store. The record still maintains identification information, such as a document identifier and the URL in order to maintain links and workflows. The retrieval request is not rerouted to an alternate path, and the client computer receives the original content data, rather than an indication of a shortcut.

Abstract: A computer-implemented method for providing security information about quick response codes may include (1) identifying an image captured by a mobile device including a matrix barcode, (2) determining that the matrix barcode includes a link to an Internet resource, (3) determining the trustworthiness of the Internet resource referenced by the matrix barcode, and then (4) augmenting the image with a visual augmentation that is based at least in part on the trustworthiness of the Internet resource. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Monitoring activity in a network is disclosed, including monitoring a communication associated with a messaging service, observing suspicious activity associated with a host associated with the messaging service, and sending a challenge to the host using the messaging service.

Abstract: A computer-implemented method for filtering input/output communications of guest operating systems may include: 1) identifying a guest operating system running in a virtual machine, 2) creating an input/output filtering layer that resides outside the guest operating system, 3) intercepting, at the input/output filtering layer, an input/output communication involving the guest operating system, and then 4) performing a filtering operation on the input/output communication. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for reporting online behavior may include identifying a user account subject to parental monitoring. The computer-implemented method may also include identifying a plurality of online resources accessed by the user account over a period of time. The computer-implemented method may further include determining a reputation for each of the plurality of online resources. The reputation may indicate a level of security threat. The computer-implemented method may additionally include generating an online behavior score for the user account based on the determining of the reputations. The online behavior score may indicate an overall level of security threat posed by online activity on the user account. Lastly, the computer-implemented method may include reporting the online behavior score to a predetermined contact associated with the user account. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Techniques for securely performing reputation based analysis using virtualization are disclosed. In one particular exemplary embodiment, the techniques may be realized as a computer implemented method for performing reputation based analysis comprising detecting a specified activity associated with a virtual client, determining a reputation associated with the specified activity, and performing an action associated with the determined reputation.

Abstract: A system and method for generating extensible file system metadata. In one embodiment, the system may include a storage device configured to store data and a file system configured to manage access to the storage device and to store file system content. The file system may be further configured to detect a file system content access event, and in response to detecting the file system content access event, to generate a metadata record, where the metadata record is stored in an extensible, self-describing data format.

Abstract: Systems and methods for fault handling are presented. In one embodiment, a fault handling method includes: performing an information collection process, wherein the information collection process includes collecting information regarding guest operating system files of a virtual machine; performing a selective replication region identification process, wherein the selective replication region identification process includes identifying regions associated with a selective amount of the guest operating system files; and performing a replication process based upon result of the replication region identification process. In one embodiment, the selective replication region identification process includes identifying regions associated with files of interest. The selective replication region identification process can include identifying regions associated with temporary files.