1. Field of the Invention
This invention relates very broadly to a computer system, and in particular to a system and related method of operation for controlling input and output (I/O) operations between at least one virtual machine and systems external to the virtual machine.
2. Description of the Related Art
Input/output (I/O) operations are among the most common carried out on modern computers. Some I/O operations are required simply for the efficient operation of the computer within the limits of the existing hardware and are performed substantially without user intervention, sometimes not as the result of any user action at all. For example, an operating system (OS) may need to swap data between a fast, volatile RAM memory and a hard disk simply because there is not enough RAM available for some immediate need.
Other I/O operations arise because of some user action. For example, when a user wants to send e-mail via a network, he may click on a “Send” icon in an e-mail application. Several I/O operations must take place in order to carry out this command. First, the displayed icon itself represents an output operation from the browser application, via the OS, a display driver, and a graphics card, to the monitor that the user is looking at. Second, sensing the position of the displayed cursor and the click of the input device (such as a button on a standard mouse) both involve inputs that are routed to the application via the appropriate driver in the OS. Third, in order to complete the “Send” operation, the OS must transfer the data (and associated transmission information) as an output operation to the driver of some device such as a modem or equivalent network connector, which then coordinates the actual transfer of the data out to the network.
Each I/O operation is a potential security weakness. A very common example of this would be destructive computer viruses: If users never needed their computers to be connected to any other computers, and never loaded data that came from any other source, and all their native software and hardware were certain not to have any viruses to begin with, then they would never need to worry about viruses. This would of course be the equivalent of living one's entire life in a sterile environment without any chance of contamination from the outside world. This is also of course impractical in all but very specialized cases.
Other problems of “security” have nothing to do with destruction of valuable data or damage to the computer's software itself. As many concerned parents have come to realize, the Internet makes readily available to the eyes and ears of curious children much material that even the most jaded adult would be far better off not seeing or hearing. As a result, many software packages are now available that attempt to filter the input from the Internet to the users' display screen and/or loudspeakers. Because such commercial network filters are applications loaded into the computer like any other, they can be defeated, often more easily by the computer-savvy children they are meant to protect than by the concerned parents.
Yet another frequent security concern involves the privacy of data transferred outside the computer (for example, over a network), or even within a single computer that has multiple users. The most common method for dealing with this is encryption. In conventional systems, some software package is installed in the computer that encrypts and decrypts the data before and after I/O operations. Once again, if the encryption routine is implemented purely as software that is at the same functional level as other applications, then it can be defeated or rendered non-functional. To minimize this weakness, some systems include specialized encryption hardware that resists software attack. Although generally more secure, the strength of this solution is also its weakness—the user must buy and install specialized hardware.
Other issues of I/O control have nothing to do with security as such. Companies that maintain frequently accessed general web sites, such as those for major news organizations, web-based e-mail systems, etc., agree to insert into their sites banners or other forms of displayed advertising that users see whenever they view the site. Of course, users are generally as keen to be rid of such irritating advertising clutter as the advertisers are to have it displayed. Accordingly, filtering software exists that tries to analyze the content of each particular web page and eliminate the advertisements.
From the perspective of the user, the ability to eliminate advertising banners may be a blessing, but in this and other cases it may be undesirable to allow the user to defeat such a display. For example, employers who have an internal company network may want to make sure that the company logo always appears on any display, or that a banner or tag such as “Company Confidential” always displays when an employee is viewing a screen that is displaying information from certain sensitive files such as the information in personnel files. Again, as in previous examples, any software application one might install to prevent the user from defeating the display itself could be defeated by a sufficiently skillful user, that is, one who knows enough about the system software, hardware and the application itself. Note that even supposedly “impenetrable” software has been defeated (“hacked”) in recent years, often by users accessing the respective systems remotely, and often by “experts” who are so young that their parents have to drive them to their criminal trials.