Patents Assigned to VMware
-
Publication number: 20110047211Abstract: Methods, systems, and computer programs for measuring performance of virtual desktop services offered by a server computer are presented. The method includes receiving an action request at the server computer, where the server computer is configured to generate display views for the requesting client. The method further embeds, at the server computer, a first encoded area into a first image frame that is communicated to a client computer when acknowledging receipt of the action request. After the action associated with the action request is completed, the method embeds a second encoded area into a second image frame that is communicated to the client computer. Action performance time is stored in memory, where the action performance time is based on the time difference between arrivals of the first and second image frames at the client computer. The stored timing information is used to generate statistical performance data.Type: ApplicationFiled: November 3, 2010Publication date: February 24, 2011Applicant: VMWARE, INC.Inventors: Vikram M. MAKHIJA, Rishi N. BIDARKAR, Sunil SATNUR, Srinivas KRISHNAN
-
Publication number: 20110047195Abstract: An architecture and system are described that provide a unified file access service within in a managed computing environment composed of diverse networks, computing devices, and storage devices. The service provides mechanisms for remotely accessing the file systems of any managed computer or disk snapshot, independently of the computer's current state (powered on, suspended or powered off), its location within the environment, its hardware type (virtual vs. physical), its operating system type, and its file system formats. The system isolates centralized FPAs from the details of clients, proxies and storage elements by providing a service that decomposes offloaded file system access into two steps. A FPA or a requester acting on behalf of the FPA first expresses the disk set or the computer containing the file systems it wishes to access, along with requirements and preferences about the access method.Type: ApplicationFiled: August 9, 2010Publication date: February 24, 2011Applicant: VMWARE, INC.Inventors: Bich Cau LE, Robert Frederick DEUEL, Christian CZEZATKE
-
Patent number: 7895437Abstract: To establish credentials, a user network station transmits a first value. An authenticating entity network station generates a first key portion based on the transmitted first value and a second value unknown to the user, splits one of a private key and a public key of a user asymmetric crypto-key into the first key portion and a second key portion, stores the second key portion of the one key so as to be accessible only to the authenticating entity network device, generates a cookie including the second value, transmits the generated cookie to the user network station, and destroys the transmitted first value, the second value, the one key, and the first key portion of the one key. The first value represents a first and the second value included in the transmitted cookie represents a second user credential useable to authenticate the user.Type: GrantFiled: May 31, 2006Date of Patent: February 22, 2011Assignee: VMware, Inc.Inventors: Ravi Ganesan, Ravi Singh Sandhu, Andrew Paul Cottrell, Kyle Austin
-
Patent number: 7890754Abstract: Upon occurrence of a trigger condition, writes of allocation units of data (including code) to a device, such as writes of blocks to a disk, are first encrypted. Each allocation unit is preferably a predetermined integral multiple number of minimum I/O units. A data structure is marked to indicate which units are encrypted. Upon reads from the device, only those allocation units marked as encrypted are decrypted. The disk protected by selective encryption is preferably the virtual disk of a virtual machine (VM). The trigger condition is preferably either that the virtual disk has been initialized or that the VM has been powered on. Mechanisms are also provided for selectively declassifying (storing in unencrypted form) already-encrypted, stored data, and for determining which data units represent public, general-use data units that do not need to be encrypted. The “encrypt-on-write” feature of the invention may be used in conjunction with a “copy-on-write” technique.Type: GrantFiled: September 2, 2008Date of Patent: February 15, 2011Assignee: VMware, Inc.Inventors: Carl A. Waldspurger, Matthew Eccleston
-
Patent number: 7886127Abstract: A virtual memory system implementing the invention provides concurrent access to translations for virtual addresses from multiple address spaces. One embodiment of the invention is implemented in a virtual computer system, in which a virtual machine monitor supports a virtual machine. In this embodiment, the invention provides concurrent access to translations for virtual addresses from the respective address spaces of both the virtual machine monitor and the virtual machine. Multiple page tables contain the translations for the multiple address spaces. Information about an operating state of the computer system, as well as an address space identifier, are used to determine whether, and under what circumstances, an attempted memory access is permissible. If the attempted memory access is permissible, the address space identifier is also used to determine which of the multiple page tables contains the translation for the attempted memory access.Type: GrantFiled: December 30, 2008Date of Patent: February 8, 2011Assignee: VMware, Inc.Inventors: Xiaoxin Chen, Alberto J. Munoz
-
Patent number: 7886346Abstract: To authenticate a user of a communications network, credentials from the user are centrally receiving. An authentication sequence is retrieved from a plurality of retrievable authentication sequences, and the retrieved authentication sequence is performed to authenticate the user based on the received credentials.Type: GrantFiled: February 12, 2007Date of Patent: February 8, 2011Assignee: VMware, Inc.Inventors: Ravi Singh Sandhu, Ravi Ganesan, Andrew Paul Cottrell, Timothy Scott Renshaw, Brett Jason Schoppert, Kyle Austin
-
Publication number: 20110029821Abstract: The execution behavior of a selected application is recorded for subsequent replay. During recording, only those portions of memory that are accessed by the selected application are stored. As a result, the amount of data that is stored during the recording session is reduced and data that is not necessary for replaying the selected application, which may include possible sensitive and personal information, are not stored.Type: ApplicationFiled: July 30, 2009Publication date: February 3, 2011Applicant: VMWARE, INC.Inventors: James CHOW, Tal GARFINKEL, Dominic LUCCHETTI
-
System and Method for Replicating Disk Images in a Cloud Computing Based Virtual Machine File System
Publication number: 20110022574Abstract: A replicated decentralized storage system comprises a plurality of servers that locally store disk images for locally running virtual machines as well as disk images, for failover purposes, for remotely running virtual machines. To ensure that disk images stored for failover purposes are properly replicated upon an update of the disk image on the server running the virtual machine, a hash of a unique value known only to the server running the virtual machine is used to verify the origin of update operations that have been transmitted by the server to the other servers storing replications of the disk image for failover purposes. If verified, the update operations are added to such failover disk images.Type: ApplicationFiled: July 21, 2009Publication date: January 27, 2011Applicant: VMWARE, INC.Inventor: Jacob Gorm Hansen -
Publication number: 20110022694Abstract: Methods, systems, and computer programs for creating virtual machines (VM) and associated networks in a virtual infrastructure are presented. The method defines virtual network templates in a database, where each virtual network template includes network specifications. A configuration of a virtual system is created, which includes VMs, virtual lab networks associated with virtual network templates, and connections from the VMs to the virtual lab networks. Further, the configuration is deployed in the virtual infrastructure resulting in a deployed configuration. The deployment of the configuration includes instantiating in the virtual infrastructure the VMs of the configuration, instantiating in the virtual infrastructure the virtual lab networks, retrieving information from the database, and creating and executing programming instructions for the VMs.Type: ApplicationFiled: July 27, 2009Publication date: January 27, 2011Applicant: VMWARE, INC.Inventors: Anupam DALAL, Min-Ken LAI, Aastha BHARDWAJ
-
Publication number: 20110022695Abstract: Methods, systems, and computer programs for creating isolated environments that include virtual machines (VM) and networks in a virtual infrastructure are presented. The method includes an operation to define a configuration of a virtual system which includes VMs, virtual network interface cards (VNIC) in the VMs, and configuration local networks (CLN). Further, the method associates each VNIC with one of the CLNs and transmits instructions to the virtual infrastructure for deploying the configuration. Deploying the configuration includes instantiating VMs and CLNs in the virtual infrastructure. Each VM is instantiated in a host monitored by a virtual lab server, and the CLNs are instantiated in the same hosts where the VMs have been instantiated. Only VMs from the configuration can connect to the instantiated CLNs.Type: ApplicationFiled: July 27, 2009Publication date: January 27, 2011Applicant: VMware, Inc.Inventors: Anupam DALAL, Min-Ken LAI, Aastha BHARDWAJ
-
Publication number: 20110022883Abstract: A replicated decentralized storage system comprises a plurality of servers that locally store disk images for locally running virtual machines as well as disk images, for failover purposes, for remotely running virtual machines. To ensure that disk images stored for failover purposes are properly replicated upon an update of the disk image on the server running the virtual machine, a hash of a unique value known only to the server running the virtual machine is used to verify the origin of update operations that have been transmitted by the server to the other servers storing replications of the disk image for failover purposes. If verified, the update operations are added to such failover disk images. To enable the replicated decentralized system to recover from a failure of the primary server, the master secret is subdivided into parts and distributed to other servers in the cluster.Type: ApplicationFiled: July 21, 2009Publication date: January 27, 2011Applicant: VMWARE, INC.Inventor: Jacob Gorm HANSEN
-
Publication number: 20110023030Abstract: In a virtualized system running one or more virtual machines on a first hypervisor, a second hypervisor is installed and control of the hardware resources of the physical computer supporting the virtualized system is migrated from the first hypervisor to the second hypervisor without interrupting the operation of the first hypervisor and the virtual machines. Initially a minimal set of hardware resources is hot-removed from control by the first hypervisor, and the second hypervisor is launched on the minimal set of hardware resources. Both the remaining hardware resources and the virtual machines are then migrated from the first hypervisor to the second hypervisor until all the virtual machines have been migrated over to the second hypervisor, while the virtual machines and the first hypervisor continue running largely unaffected by the migration process.Type: ApplicationFiled: October 4, 2010Publication date: January 27, 2011Applicant: VMWARE, INC.Inventors: Beng-Hong LIM, Kinshuk GOVIL
-
Publication number: 20110010390Abstract: A manager program for managing virtual machines includes a process which receives a notification message indicating an occurrence of an event affecting a data storage unit in a data storage system that supports a shared file system. The notification message might have come from a virtual machine host or resulted from a hardware reconfiguration. The manager program then determines whether another virtual machine host is sharing the data storage unit. The manager program might make this determination by polling each of the virtual machine hosts it manages or by checking information previously collected and stored in a database. If another virtual machine host is sharing the data storage unit, the manager program sends a refresh message to that virtual machine host that causes the virtual machine host to update information relating to the data storage unit in a cache associated with the virtual machine host.Type: ApplicationFiled: July 13, 2009Publication date: January 13, 2011Applicant: VMware, INC.Inventors: Haripriya RAJAGOPAL, Satyam VAGHANI, Yuen-Lin TAN
-
Publication number: 20110010691Abstract: A method of creating computing environment in a cloud computing environment for execution of a test is disclosed. The method includes loading a setup script from a script store. The loading is performed by a test manager that is in communication with the script store. The test manager checks if there are more setup scripts to be loaded. If yes, the remaining setup scripts are loaded by the test manager. The test manager then calculates computing resources needed to run all tests as coded in all loaded scripts. The test manager then attempts to reserve needed computing resources in a virtual data center using a data center infrastructure manager.Type: ApplicationFiled: July 8, 2009Publication date: January 13, 2011Applicant: VMWARE, INC.Inventors: Zihong LU, Wei LI, Karthik Sreenivasa MURTHY, Sirish RAGHURAM
-
Patent number: 7865663Abstract: A virtualization technique, in accordance with one embodiment of the present invention, includes emulating the small computing system interface (SCSI) protocol to access a virtual SCSI storage device backed by a file stored on network attached storage (NAS).Type: GrantFiled: February 16, 2007Date of Patent: January 4, 2011Assignee: VMware, Inc.Inventors: Michael Nelson, Hao Xu, Daniel J. Scales, Matthew B. Amdur
-
Publication number: 20100332635Abstract: One embodiment of the present invention is a method of migrating functionality to a target virtualized mobile device including virtualization software that supports one or more virtual machines, the method including: (a) embodying the functionality in a virtual machine; and (b) migrating the virtual machine to the target virtualized mobile device.Type: ApplicationFiled: June 26, 2009Publication date: December 30, 2010Applicant: VMware, Inc.,Inventors: Lawrence S. ROGEL, Scott W. Devine
-
Publication number: 20100332910Abstract: A system for identifying an exiting process and removing traces and shadow page table pages corresponding to the process' page table pages. An accessed minimum virtual address is maintained corresponding to an address space. In one embodiment, whenever a page table entry corresponding to the accessed minimum virtual address changes from present to not present, the process is determined to be exiting and removal of corresponding trace and shadow page table pages is begun. In a second embodiment, consecutive present to not-present PTE transitions are tracked for guest page tables on a per address space basis. When at least two guest page tables each has at least four consecutive present to not-present PTE transitions, a next present to not-present PTE transition event in the address space leads to the corresponding guest page table trace being dropped and the shadow page table page being removed.Type: ApplicationFiled: June 26, 2009Publication date: December 30, 2010Applicant: VMware, Inc.Inventors: Qasim ALI, Raviprasad MUMMIDI, Kiran TATI
-
Publication number: 20100332889Abstract: Information Technology Risk to an organization is associated with a plurality of virtual machines (VMs) each running on a plurality of hosts, each host being a computer system connected to a network and in communication with a risk orchestrator, which receives threat indication messages (TIMs) from threat indicators. Each TIM indicates a status of a threat to which a hosts is vulnerable. Downtime probability (DTP) resulting from the threat and an overall host DTP for each host are calculated. For each VM, a risk value associated with the VM is calculated as a function of the host DTP for and an impact for the VM, the impact being a value reflecting a relative importance of the VM to the organization. Each VM requiring risk mitigation is identified and prioritized in accordance with a policy, and a configured mitigation control action may be carried out for each VM requiring risk mitigation.Type: ApplicationFiled: June 25, 2009Publication date: December 30, 2010Applicant: VMWARE, INC.Inventors: Oren SHNEORSON, Jeffrey J. HANSON, Corey Pace CAUDLE
-
Publication number: 20100328064Abstract: One embodiment is a method of preventing malware attacks in a virtualized mobile device including virtualization software that supports one or more virtual machines, the method including: (a) collecting information related to the status of physical device drivers; and (b) sending the information to virus protection software; wherein the virus protection software includes a set of rules that trigger one or more actions based on the information it receives concerning the physical device drivers.Type: ApplicationFiled: June 26, 2009Publication date: December 30, 2010Applicant: VMware, Inc.Inventor: Lawrence S. ROGEL
-
Publication number: 20100333088Abstract: One embodiment is a virtualized mobile device including virtualization software that supports one or more virtual machines and further includes: (a) device emulation software that communicates with device driver software in the one or more virtual machines; (b) device driver software that communicates with one or more physical devices of the mobile device; and (c) transformer stack software that interacts with the device emulation software and the device driver software.Type: ApplicationFiled: June 26, 2009Publication date: December 30, 2010Applicant: VMware, Inc.Inventors: Lawrence S. ROGEL, Scott W. Devine