Patents by Inventor Jean Guyader
Jean Guyader has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9514507Abstract: The present disclosure is directed towards methods and systems for maintaining state in a virtual machine when disconnected from graphics hardware. The virtual machine is one of a plurality of virtual machines hosted by a hypervisor executing on a computing device. A control virtual machine may be hosted by a hypervisor executing on a computing device. The control virtual machine may store state information of a graphics processing unit (GPU) of the computing device. The GPU may render an image from a first virtual machine. The control virtual machine may remove, from the first virtual machine, access to the GPU. The control virtual machine may redirect the first virtual machine to a GPU emulation program. The GPU emulation program may render the image from the first virtual machine using at least a portion of the stored state information.Type: GrantFiled: November 28, 2012Date of Patent: December 6, 2016Assignee: Citrix Systems, Inc.Inventors: James McKenzie, Jean Guyader
-
Patent number: 9507615Abstract: The methods and systems described herein provide for allocating a universal serial bus (USB) device to one of a trusted virtual machine and a non-trusted virtual machine. A control program receives data indicating a USB port on the computing machine received a USB device and identifies at least one attribute of the USB device. The control program selects, based on application of a policy to the identified at least one device attribute, one of a trusted virtual machine and a non-trusted virtual machine executing. The control program grants, to the virtual machine selected by the control program, access to the USB device.Type: GrantFiled: December 9, 2013Date of Patent: November 29, 2016Assignee: Citrix Systems, Inc.Inventors: James McKenzie, Jean Guyader
-
Patent number: 9406099Abstract: The present disclosure is directed towards methods and systems for maintaining state in a virtual machine when disconnected from graphics hardware. The virtual machine is one of a plurality of virtual machines hosted by a hypervisor executing on a computing device. A control virtual machine may be hosted by a hypervisor executing on a computing device. The control virtual machine may store state information of a graphics processing unit (GPU) of the computing device. The GPU may render an image from a first virtual machine. The control virtual machine may remove, from the first virtual machine, access to the GPU. The control virtual machine may redirect the first virtual machine to a GPU emulation program. The GPU emulation program may render the image from the first virtual machine using at least a portion of the stored state information.Type: GrantFiled: February 26, 2015Date of Patent: August 2, 2016Assignee: Citrix Systems, Inc.Inventors: James McKenzie, Jean Guyader
-
Methods and systems for preventing access to display graphics generated by a trusted virtual machine
Patent number: 9110700Abstract: The methods and systems described herein provide for preventing a non-trusted virtual machine from reading the graphical output of a trusted virtual machine. A graphics manager receives a request from a trusted virtual machine to render graphical data using a graphics processing unit. The graphics manager assigns, to the trusted virtual machine, a secure section of a memory of the graphics processing unit. The graphics manager renders graphics from the trusted virtual machine graphical data to the secure section of the graphics processing unit memory. The graphics manager receives a request from a non-trusted virtual machine to read graphics rendered from the trusted virtual machine graphical data and stored in the secure section of the graphics processing unit memory, and prevents the non-trusted virtual machine from reading the trusted virtual machine rendered graphics stored in the secure section of the graphics processing unit memory.Type: GrantFiled: December 9, 2013Date of Patent: August 18, 2015Assignee: Citrix Systems, Inc.Inventors: James McKenzie, Jean Guyader -
Publication number: 20150178883Abstract: The present disclosure is directed towards methods and systems for maintaining state in a virtual machine when disconnected from graphics hardware. The virtual machine is one of a plurality of virtual machines hosted by a hypervisor executing on a computing device. A control virtual machine may be hosted by a hypervisor executing on a computing device. The control virtual machine may store state information of a graphics processing unit (GPU) of the computing device. The GPU may render an image from a first virtual machine. The control virtual machine may remove, from the first virtual machine, access to the GPU. The control virtual machine may redirect the first virtual machine to a GPU emulation program. The GPU emulation program may render the image from the first virtual machine using at least a portion of the stored state information.Type: ApplicationFiled: February 26, 2015Publication date: June 25, 2015Applicant: Citrix Systems, Inc.Inventors: James McKenzie, Jean Guyader
-
Patent number: 8972984Abstract: The present disclosure is directed towards methods and systems for virtualizing audio hardware for one or more virtual machines. A control virtual machine (VM) may translate a first stream of audio functions calls from a first VM hosted by a hypervisor. The translated first stream of audio function calls may be destined for a sound card of the computing device executing the hypervisor. The control VM may detect a second stream of audio functions calls from a second VM hosted by the hypervisor. The control VM may translate the second stream of audio functions calls from the second VM. The control VM may further merge the translated first stream of audio function calls and the translated second stream of the audio function calls in response to the detected second stream. The control VM may transmit the merged stream of audio function calls to the sound card.Type: GrantFiled: May 18, 2012Date of Patent: March 3, 2015Assignee: Citrix Systems, Inc.Inventors: Steven Meisner, Jean Guyader, Ian Pratt
-
Patent number: 8869144Abstract: The methods and systems described herein provide functionality for managing injection of input events to one virtual machine of a plurality of guest virtual machines, in a computing device executing a hypervisor hosting a trusted virtual machine and a non-trusted virtual machine. An input manager receives a first item of input data from an input device communicating with the computing device. The input manager identifies whether the first item of input data includes a predetermined string. The input manager forwards, responsive to the identification, the first item of input data to one of (i) a first virtual machine of a plurality of guest virtual machines executed by the processor of the computing device and (ii) an application executed by the control virtual machine, wherein at least one virtual machine of the plurality of guest virtual machines is a trusted virtual machine.Type: GrantFiled: December 14, 2010Date of Patent: October 21, 2014Assignee: Citrix Systems, Inc.Inventors: Ian Pratt, Jean Guyader, Vincent Hanquez
-
METHODS AND SYSTEMS FOR PREVENTING ACCESS TO DISPLAY GRAPHICS GENERATED BY A TRUSTED VIRTUAL MACHINE
Publication number: 20140109180Abstract: The methods and systems described herein provide for preventing a non-trusted virtual machine from reading the graphical output of a trusted virtual machine. A graphics manager receives a request from a trusted virtual machine to render graphical data using a graphics processing unit. The graphics manager assigns, to the trusted virtual machine, a secure section of a memory of the graphics processing unit. The graphics manager renders graphics from the trusted virtual machine graphical data to the secure section of the graphics processing unit memory. The graphics manager receives a request from a non-trusted virtual machine to read graphics rendered from the trusted virtual machine graphical data and stored in the secure section of the graphics processing unit memory, and prevents the non-trusted virtual machine from reading the trusted virtual machine rendered graphics stored in the secure section of the graphics processing unit memory.Type: ApplicationFiled: December 9, 2013Publication date: April 17, 2014Applicant: Citrix Systems, Inc.Inventors: James McKenzie, Jean Guyader -
Publication number: 20140101754Abstract: The methods and systems described herein provide for allocating a universal serial bus (USB) device to one of a trusted virtual machine and a non-trusted virtual machine. A control program receives data indicating a USB port on the computing machine received a USB device and identifies at least one attribute of the USB device. The control program selects, based on application of a policy to the identified at least one device attribute, one of a trusted virtual machine and a non-trusted virtual machine executing. The control program grants, to the virtual machine selected by the control program, access to the USB device.Type: ApplicationFiled: December 9, 2013Publication date: April 10, 2014Applicant: Citrix Systems, Inc.Inventors: James McKenzie, Jean Guyader
-
Patent number: 8689213Abstract: The methods and systems described herein provide for establishing a secure communication channel between a non-trusted virtual machine and a trusted virtual machine, in a computing device executing a hypervisor hosting the trusted virtual machine, the non-trusted virtual machine, and a third virtual machine. The method includes writing, by a non-trusted virtual machine, a first string of data to a region of memory of the computing device. The method also includes detecting, by a trusted virtual machine, the first string of data written to the region of memory. The method further includes establishing a communication channel between the trusted virtual machine and the non-trusted virtual machine by locking, by the trusted virtual machine and responsive to the detection, the region of memory for the duration of the communication to prevent a third virtual machine from accessing the region of memory.Type: GrantFiled: December 14, 2010Date of Patent: April 1, 2014Assignee: Citrix Systems, Inc.Inventors: Ross Philipson, Steven Smith, James McKenzie, Jean Guyader
-
Patent number: 8661436Abstract: The methods and systems described herein provide for granting a virtual machine exclusive access to an optical disc drive responsive to a determination the virtual machine initiated a transaction with the optical disc drive. A drive manager maps an optical disc drive connected to the computing device to a plurality of virtual machines hosted by a hypervisor executed by the computing device. The drive manager intercepts a transaction stream generated by the optical disc drive and converts the transaction stream to a command stream. The drive manager determines, based on an analysis of the command stream, a first virtual machine of the plurality of virtual machines initiated a transaction with the optical disc drive. Responsive to the determination, the drive manager locks the optical disc drive to grant the first virtual machine exclusive access to the optical disc drive.Type: GrantFiled: December 14, 2010Date of Patent: February 25, 2014Assignee: Citrix Systems, Inc.Inventors: James McKenzie, Jean Guyader
-
Patent number: 8646028Abstract: The methods and systems provide for allocating a universal serial bus (USB) device to one of a trusted virtual machine and a non-trusted virtual machine. A control program receives data indicating a USB port on the computing machine received a USB device and identifies at least one attribute of the USB device. The control program selects, based on application of a policy to the identified at least one device attribute, one of a trusted virtual machine and a non-trusted virtual machine executing. The control program grants, to the virtual machine selected by the control program, access to the USB device.Type: GrantFiled: December 14, 2010Date of Patent: February 4, 2014Assignee: Citrix Systems, Inc.Inventors: James McKenzie, Jean Guyader
-
Methods and systems for preventing access to display graphics generated by a trusted virtual machine
Patent number: 8627456Abstract: The methods and systems provide for preventing a non-trusted virtual machine from reading the graphical output of a trusted virtual machine. A graphics manager receives a request from a trusted virtual machine to render graphical data using a graphics processing unit. The graphics manager assigns, to the trusted virtual machine, a secure section of a memory of the graphics processing unit. The graphics manager renders graphics from the trusted virtual machine graphical data to the secure section of the graphics processing unit memory. The graphics manager receives a request from a non-trusted virtual machine to read graphics rendered from the trusted virtual machine graphical data and stored in the secure section of the graphics processing unit memory, and prevents the non-trusted virtual machine from reading the trusted virtual machine rendered graphics stored in the secure section of the graphics processing unit memory.Type: GrantFiled: December 14, 2010Date of Patent: January 7, 2014Assignee: Citrix Systems, Inc.Inventors: James McKenzie, Jean Guyader -
Publication number: 20130155083Abstract: The present disclosure is directed towards methods and systems for maintaining state in a virtual machine when disconnected from graphics hardware. The virtual machine is one of a plurality of virtual machines hosted by a hypervisor executing on a computing device. A control virtual machine may be hosted by a hypervisor executing on a computing device. The control virtual machine may store state information of a graphics processing unit (GPU) of the computing device. The GPU may render an image from a first virtual machine. The control virtual machine may remove, from the first virtual machine, access to the GPU. The control virtual machine may redirect the first virtual machine to a GPU emulation program. The GPU emulation program may render the image from the first virtual machine using at least a portion of the stored state information.Type: ApplicationFiled: November 28, 2012Publication date: June 20, 2013Inventors: James McKenzie, Jean Guyader
-
Publication number: 20120297383Abstract: The present disclosure is directed towards methods and systems for virtualizing audio hardware for one or more virtual machines. A control virtual machine (VM) may translate a first stream of audio functions calls from a first VM hosted by a hypervisor. The translated first stream of audio function calls may be destined for a sound card of the computing device executing the hypervisor. The control VM may detect a second stream of audio functions calls from a second VM hosted by the hypervisor. The control VM may translate the second stream of audio functions calls from the second VM. The control VM may further merge the translated first stream of audio function calls and the translated second stream of the audio function calls in response to the detected second stream. The control VM may transmit the merged stream of audio function calls to the sound card.Type: ApplicationFiled: May 18, 2012Publication date: November 22, 2012Inventors: Steven Meisner, Jean Guyader, Ian Pratt
-
Publication number: 20110145821Abstract: The methods and systems described herein provide for establishing a secure communication channel between a non-trusted virtual machine and a trusted virtual machine, in a computing device executing a hypervisor hosting the trusted virtual machine, the non-trusted virtual machine, and a third virtual machine. The method includes writing, by a non-trusted virtual machine, a first string of data to a region of memory of the computing device. The method also includes detecting, by a trusted virtual machine, the first string of data written to the region of memory. The method further includes establishing a communication channel between the trusted virtual machine and the non-trusted virtual machine by locking, by the trusted virtual machine and responsive to the detection, the region of memory for the duration of the communication to prevent a third virtual machine from accessing the region of memory.Type: ApplicationFiled: December 14, 2010Publication date: June 16, 2011Inventors: Ross Philipson, Steven Smith, James McKenzie, Jean Guyader
-
METHODS AND SYSTEMS FOR PREVENTING ACCESS TO DISPLAY GRAPHICS GENERATED BY A TRUSTED VIRTUAL MACHINE
Publication number: 20110145916Abstract: The methods and systems described herein provide for preventing a non-trusted virtual machine from reading the graphical output of a trusted virtual machine. A graphics manager receives a request from a trusted virtual machine to render graphical data using a graphics processing unit. The graphics manager assigns, to the trusted virtual machine, a secure section of a memory of the graphics processing unit. The graphics manager renders graphics from the trusted virtual machine graphical data to the secure section of the graphics processing unit memory. The graphics manager receives a request from a non-trusted virtual machine to read graphics rendered from the trusted virtual machine graphical data and stored in the secure section of the graphics processing unit memory, and prevents the non-trusted virtual machine from reading the trusted virtual machine rendered graphics stored in the secure section of the graphics processing unit memory.Type: ApplicationFiled: December 14, 2010Publication date: June 16, 2011Inventors: JAMES MCKENZIE, Jean Guyader -
Publication number: 20110145820Abstract: The methods and systems described herein provide functionality for managing injection of input events to one virtual machine of a plurality of guest virtual machines, in a computing device executing a hypervisor hosting a trusted virtual machine and a non-trusted virtual machine. An input manager receives a first item of input data from an input device communicating with the computing device. The input manager identifies whether the first item of input data includes a predetermined string. The input manager forwards, responsive to the identification, the first item of input data to one of (i) a first virtual machine of a plurality of guest virtual machines executed by the processor of the computing device and (ii) an application executed by the control virtual machine, wherein at least one virtual machine of the plurality of guest virtual machines is a trusted virtual machine.Type: ApplicationFiled: December 14, 2010Publication date: June 16, 2011Inventors: IAN PRATT, Jean Guyader, Vincent Hanquez
-
Publication number: 20110145886Abstract: The methods and systems described herein provide for allocating a universal serial bus (USB) device to one of a trusted virtual machine and a non-trusted virtual machine. A control program receives data indicating a USB port on the computing machine received a USB device and identifies at least one attribute of the USB device. The control program selects, based on application of a policy to the identified at least one device attribute, one of a trusted virtual machine and a non-trusted virtual machine executing. The control program grants, to the virtual machine selected by the control program, access to the USB device.Type: ApplicationFiled: December 14, 2010Publication date: June 16, 2011Inventors: JAMES MCKENZIE, Jean Guyader
-
Publication number: 20110145819Abstract: The methods and systems described herein provide for granting a virtual machine exclusive access to an optical disc drive responsive to a determination the virtual machine initiated a transaction with the optical disc drive. A drive manager maps an optical disc drive connected to the computing device to a plurality of virtual machines hosted by a hypervisor executed by the computing device. The drive manager intercepts a transaction stream generated by the optical disc drive and converts the transaction stream to a command stream. The drive manager determines, based on an analysis of the command stream, a first virtual machine of the plurality of virtual machines initiated a transaction with the optical disc drive. Responsive to the determination, the drive manager locks the optical disc drive to grant the first virtual machine exclusive access to the optical disc drive.Type: ApplicationFiled: December 14, 2010Publication date: June 16, 2011Inventors: James McKenzie, Jean Guyader