1. Field
The disclosed embodiments generally relate to techniques for executing virtual machines within computer systems. More specifically, the disclosed embodiments relate to techniques for providing security by selectively triggering a security scan within a host operating system for a virtual machine.
2. Related Art
Virtual machines are often used to extend the functionality and portability of computing environments. For example, a virtual machine containing a guest operating system may be executed on any computer with a compatible virtual machine monitor (also referred to as a “hypervisor”). The self-contained nature of a virtual machine can also facilitate efficiently transferring the virtual machine to different computing platforms, including personal computers, servers, and portable storage devices.
Additionally, ease of deployment and portability of virtual machines may be further enhanced through the centralized management and local execution of virtual machines. An exemplary central management solution for locally executed virtual machines is embodied in the MokaFive Server™, MokaFive Player™ and MokaFive Creator™ products, which are offered by moka5, Inc. (a Delaware corporation). In particular, a virtual machine may be centrally defined using the MokaFive Creator™ and managed using the MokaFive Server™. Then, any computer containing the MokaFive Player™ can download an image of the virtual machine from the MokaFive Server™ and can run the virtual machine within the MokaFive Player™. Changes made to the virtual machine from the computer may be backed up on the MokaFive Server™ so that subsequent execution of the virtual machine from other computers can take advantage of the changes. Similarly, updates to the virtual machine may be administered by the MokaFive Server™ and automatically included in the virtual machine image so that subsequent use of the virtual machine includes the updates.
Because a virtual machine can be deployed across a wide range of diverse computing devices, ensuring security for a virtual machine can be a challenging task. For example, when the virtual machine initially launches within a host operating system, the user is typically presented with an authorization dialog box which asks for a username and password. However, if malware exists on the host operating system, the malware can potentially use key-logging techniques to steal the username and password. Additionally, when the virtual machine is up and running, malware can potentially use screen-scraping techniques to steal data which is displayed by the virtual machine. The malware can also potentially use code that implements a “rootkit” to gain privileged access to the computer system.
Hence, what is needed is a method and an apparatus for protecting a virtual machine against these types of malware attacks.