Abstract: Provided are a computer readable storage medium, computer apparatus, and method for securely managing the execution of screen rendering instructions in a host operating system and virtual machine. A first rendering instruction hooking section is set to a first mode to hook a screen rendering instruction issued by a virtual machine application in a virtual machine. A second rendering instruction hooking section is set to a second mode to hook instructions issued by the virtual machine application. The hooked screen rendering instruction issued by the virtual machine application are encrypted in response to the setting of the first mode to produce illegible output. The hooked screen rendering instruction issued by the virtual machine application are encrypted in response to the setting of the second mode. The encrypted hooked screen rendering instruction encrypted in the second mode are issued to a host operating system to decrypt.

Abstract: A data distribution system, method and program for generating a distribution package for distribution data to a client. An environment of a requesting client requesting distribution data is detected. A determination is made of an access control execution program for implementing an access control mechanism and a loading unit on the requesting client. The access control execution program is adapted to the detected environment of the requesting client and control access to a resource from a process in the client. The loading unit loads the distribution data to a protected storage area of the client. A determination is made of a security policy specified for the distribution data. A distribution package is generated including the distribution data, the security policy, the loading unit, and the access control execution program adapted to the environment of the requesting client; and transmitting the generated distribution package to the requesting client.

Abstract: Provided are a computer readable storage medium, computer apparatus, and method for securely managing the execution of screen rendering instructions in a host operating system and virtual machine. A first rendering instruction hooking section is set to a first mode to hook a screen rendering instruction issued by a virtual machine application in a virtual machine. A second rendering instruction hooking section is set to a second mode to hook instructions issued by the virtual machine application. The hooked screen rendering instruction issued by the virtual machine application are encrypted in response to the setting of the first mode to produce illegible output. The hooked screen rendering instruction issued by the virtual machine application are encrypted in response to the setting of the second mode. The encrypted hooked screen rendering instruction encrypted in the second mode are issued to a host operating system to decrypt.

Abstract: Systems and methods categorize data to perform access control. A system receives first data, where the first data comprises at least a portion of data to be categorized. The system analyzes the first data to determine Whether the first data belongs to a first category. If the first data belongs to a first category, the system applies a first access control set to actions on the data to be categorized. Further, if one or more of the actions on the data to be categorized has an access control status of pending after applying the first access control set, the system receives second data, where the second data comprises at least a portion of data to be categorized. The system analyzes the second data to determine whether the second data belongs to a second category. If the second data belongs to a second category, the system applies a second access control set to at least one of the actions having the access control status of pending.

Abstract: A resource protection program, apparatus, and method for protecting resources to be processed on a computer. The resource protection program causes a computer to implement: a preparatory function as a function for preparing multiple defined state transition histories and multiple defined actions, both of which are associated with each other, wherein each of the defined state transition histories defines a state transition history of the computer upon execution of predetermined access to a predetermined resource, and each of the defined actions defined to be executable when a transition is made from a defined state to the next defined state; and an action execution function for selecting, upon execution of the real access to the real resource, a defined action associated with a marched defined state transition history from among one or more defined actions to execute die defined action selected.

Abstract: A sensitivity label for document information in a document may be determined in real time, according to one embodiment, by flexibly and dynamically determining a sensitivity label for the document based on content included in information within the document. Information within a document varies from day to day, for example, document information may decrease in importance with time, increase in importance due to an event, etc. Therefore, the sensitivity label of the document, according to embodiments described herein, may also change dynamically in accordance with document content, information, etc.