Abstract: Access to virtual machine inputs and outputs are controlled. Controlling access to virtual machine inputs and outputs may comprise locking inputs and outputs of a virtual machine from within the virtual machine, other than a predefined limited access input, detecting a request to unlock the inputs and outputs of the virtual machine; determining if a requester is authorized to unlock the inputs and outputs of the virtual machine and unlocking, temporarily, the inputs and outputs of the virtual machine if the requester is authorized. The predefined limited access input is configured to receive an input device with a private secret for unlocking the inputs and outputs of the virtual machine. The inputs and outputs are unlocked when an input device having a shared password is attached.

Abstract: Provided herein are systems and methods for providing isolated virtual image communication in a virtual computing environment. Initially, a guest virtual machine that is activated in a virtual computing environment may be isolated into a private network. A service request may then be formulated at the guest virtual machine and addressed to a predetermined non-existent address. The request is then ostensibly sent to the predetermined address, whereupon the service request is actually transmitted to a shared resource with a security appliance machine in the virtual computing environment. The request is then forwarded to the security appliance machine and a reply formulated. The reply is sent back to the guest virtual machine via the shared resource.

Abstract: Systems and methods enabling secure virtual image access in a virtual or cloud computing environment. The systems and methods include assigning a status to indicator to guest virtual machines (virtual images) that provide applications and other services to cloud consumers in the cloud environment. A virtual appliance machine in the cloud environment maintains the status of the guest virtual machines and makes decisions based on the status as to whether to allow access to the guest virtual machines. These decisions are transmitted to local elements on the guest virtual machines, which enforce access control on a local level. In this manner, unauthorized virtual image access is prevented providing increased security and data integrity.

Abstract: Provided herein are systems and method enabling secure virtual image access in a virtual or cloud computing environment. The systems and methods include assigning a status to indicator to guest virtual machines (virtual images) that provide applications and other services to cloud consumers in the cloud environment. A virtual appliance machine in the cloud environment maintains the status of the guest virtual machines and makes decisions based on the status as to whether to allow access to the guest virtual machines. These decisions are transmitted to local elements on the guest virtual machines, which enforce access control on a local level. In this manner, unauthorized virtual image access is prevented providing increased security and data integrity.

Abstract: A device for drug delivery to an orifice of a subject, comprising a shell which is elastically stressed by an active pharmaceutical ingredient, said shell containing and being substantially impermeable to said active pharmaceutical ingredient, wherein said shell has at least one hole sized for in-vivo release of said active pharmaceutical ingredient as a result of elastic stressing.

Abstract: Systems and methods for providing sensitive data protection in a virtual computing environment. The systems and methods utilize a sensitive data control monitor on a virtual appliance machine administering guest virtual machines in a virtual computing environment, wherein each of the guest virtual machines may include a local sensitive data control agent. The sensitive data control monitor generates encryption keys for each guest virtual machine which are sent to the local sensitive data control agents and used to encrypt data locally on a protected guest virtual machine. In this manner the data itself on the virtual (or physical) disc associated with the guest virtual machine is encrypted while access attempts are gated by a combination of the local agent and the environment-based monitor, providing for secure yet administrable sensitive data protection.

Abstract: A rectally insertable device for localized drug delivery to the anal sphincter of a subject, a method of using the device and the use of the device is disclosed. The device comprises a shell for containing an active pharmaceutical ingredient, the shell being substantially impermeable to the active pharmaceutical ingredient wherein a lower portion of the shell is configured to release the active pharmaceutical ingredient from the shell and wherein when the device is inserted into the rectum of the subject, the lower portion of the shell is proximal to the anal sphincter, such that the active pharmaceutical ingredient is released proximal to the anal sphincter.

Abstract: A device for drug delivery to an orifice of a subject, comprising a shell which is elastically stressed by an active pharmaceutical ingredient, said shell containing and being substantially impermeable to said active pharmaceutical ingredient, wherein said shell has at least one hole sized for in-vivo release of said active pharmaceutical ingredient as a result of elastic stressing.

Abstract: Systems and methods for providing sensitive data protection in a virtual computing environment. The systems and methods utilize a sensitive data control monitor on a virtual appliance machine administering guest virtual machines in a virtual computing environment, wherein each of the guest virtual machines may include a local sensitive data control agent. The sensitive data control monitor generates encryption keys for each guest virtual machine which are sent to the local sensitive data control agents and used to encrypt data locally on a protected guest virtual machine. In this manner the data itself on the virtual (or physical) disc associated with the guest virtual machine is encrypted while access attempts are gated by a combination of the local agent and the environment-based monitor, providing for secure yet administrable sensitive data protection.

Abstract: Systems and methods for providing sensitive data protection in a virtual computing environment. The systems and methods utilize a sensitive data control monitor on a virtual appliance machine administering guest virtual machines in a virtual computing environment, wherein each of the guest virtual machines may include a local sensitive data control agent. The sensitive data control monitor generates encryption keys for each guest virtual machine which are sent to the local sensitive data control agents and used to encrypt data locally on a protected guest virtual machine. In this manner the data itself on the virtual (or physical) disc associated with the guest virtual machine is encrypted while access attempts are gated by a combination of the local agent and the environment-based monitor, providing for secure yet administrable sensitive data protection.

Abstract: Systems and methods associated with virtual machine security are described herein. One example method includes instantiating a guest virtual machine in a virtual computing environment. The method also includes installing a life cycle agent on the guest virtual machine, assigning an identifying certificate, a set of policies, and an encryption key to the guest virtual machine, and providing the certificate, policies, and encryption key to the guest virtual machine. The certificate, policies, and encryption key may then be used by the guest virtual machine to authenticate itself within the virtual computing environment and to protect data stored on the guest virtual machine.

Abstract: In a method of operating a computing system, a disk image corresponding to a production managed machine is mounted on a service managed machine that performs operations distinct from those performed by the production managed machine in providing a computing service. The disk image is scanned at the service managed machine to determine a corrective action to be performed with respect to the disk image, and performance of the corrective action for the disk image of the production managed machine is initiated at the service managed machine. Related systems and computer program products are also discussed.

Abstract: A method includes receiving at a similarity arbitrator information about a security policy of a candidate virtual machine that is proposed to be included in a cluster of virtual machines, comparing the security policy of the candidate virtual machine to the security policies of a plurality of virtual machines in the cluster, and in response to the comparison, recommending that a virtualization environment manager exclude the candidate virtual machine from the cluster or include the candidate virtual machine in the cluster. Related systems and computer program products are also disclosed.

Abstract: A rectally insertable device for localized drug delivery to the anal sphincter of a subject, a method of using the device and the use of the device is disclosed. The device comprises a shell for containing an active pharmaceutical ingredient, the shell being substantially impermeable to the active pharmaceutical ingredient wherein a lower portion of the shell is configured to release the active pharmaceutical ingredient from the shell and wherein when the device is inserted into the rectum of the subject, the lower portion of the shell is proximal to the anal sphincter, such that the active pharmaceutical ingredient is released proximal to the anal sphincter.

Abstract: A computer system includes a security coordinator configured to be communicatively coupled to a plurality of managed machines deployed in a same computing environment and managed by an environment manager. The security coordinator is configured to detect a security condition with respect to a first one of the managed machines, and to automatically initiate modification of a second one of the managed machines in the same computing environment responsive to detection of the security condition. The security coordinator is configured to initiate the modification of the second one of the managed machines prior to occurrence of a security condition therein and prior to action by the environment manager with respect to the second one of the managed machines in response to the detected security condition.

Abstract: Methods for treating fecal incontinence by administering to a subject in need thereof compositions including oxymetazoline as an active ingredient. Kits including compositions of oxymetazoline suitable for topical application, for the treatment of fecal incontinence.

Abstract: A method of operating a virtual computing system includes receiving at a security controller security data corresponding to a candidate virtual machine that is proposed to be included in a virtualization environment managed by a virtualization environment manager, comparing the security data of the candidate virtual machine to security data of other virtual machines in the virtualization environment, and in response to the comparison, recommending that the virtualization environment manager exclude the candidate virtual machine from the virtualization environment. Related systems and computer program products are disclosed.

Abstract: A computer system is disclosed that includes a host operating system and a virtual hypervisor that operates under management of the host operating system to control operations of virtual machines operating under management of the virtual hypervisor. The virtual hypervisor provides an interface between the virtual machines and the host operating system. A signing component generates digital signatures which identify owners of the virtual machines and associates the digital signatures with the virtual machines. A signature validation component determines the owners of the virtual machines using the digital signatures and responsive to occurrence of defined events. Related methods and computer program products for operating computer systems are also disclosed.

Abstract: Access to virtual machine inputs and outputs are controlled. Controlling access to virtual machine inputs and outputs may comprise locking inputs and outputs of a virtual machine from within the virtual machine, other than a predefined limited access input, detecting a request to unlock the inputs and outputs of the virtual machine; determining if a requester is authorized to unlock the inputs and outputs of the virtual machine and unlocking, temporarily, the inputs and outputs of the virtual machine if the requester is authorized. The predefined limited access input is configured to receive an input device with a private secret for unlocking the inputs and outputs of the virtual machine. The inputs and outputs are unlocked when an input device having a shared password is attached.

Abstract: A virtual machine console is recorded. A method for monitoring a virtual machine may comprise monitoring a virtualization environment, detecting a new virtual machine and associated console, creating an additional instantiation of the console by generating a reflection of the console on a video capture device and recording a real time video of an image of the additional instantiation of the console on the video capture device. Prior to recording, the image may be analyzed to determine a change and the recording of the image can be triggered based upon the analysis.