Virtualization Technology News and Information
Aplix Develops a Unique Virtualization Technology
A New OS Independent User-Space Virtualization Technology -- Allows Better Control Over the Access of Resources in a Multi-Tasking Environment, and Supporting the Security Needs of the Next Generation Information Appliances

Aplix Corporation today unveiled its newly developed patent-pending user-space virtualization technology that can dynamically generate virtual execution spaces for native applications running on information appliances.

Image 1.1 Dynamically generate virtual execution space for any user applications. Click here ( to view diagram.

In recent years, computer viruses and spyware have proliferated in the mobile space via the Internet, which has prompted the industry to develop different security mechanisms based on the platform it has targeted. Compared the solutions available thus far, this new user-space virtualization technology is unique in several aspects:

  • It automatically creates a virtual execution space for any native application, restricting the application from directly accessing the underlying operating system, thus providing a secure environment for the running application. 
  • While it is as secure as the Java execution environment, it is lightweight with fast execution speed as it traps only a limited number of instructions. 
  • It is OS independent as it does not rely on the underlying architecture of the operating system, thus can support Linux, Windows Mobile, Symbian, BREW, and many others. 
  • Compared to the conventional OS, where means of permission is limited to statically preset file access with an associated user-id, user-space virtualization allows for a very flexible configuration to control the usage of any system services/resources (e.g. communication bandwidth, file usage, display access, etc) per application, and can be easily modified by downloading a description file. 
  • It operates in "user-mode" to enable application-level deployment, making security policies modifiable via OTA. 
  • It does not need to call any security functions nor be pre-processed with the security systems already in place, thus current applications can be executed without any modification.

In today's mobile networks, Operators often enforce a set of pre-defined rules for the access of system resources on the network devices when distributing applications over its network. In light of this, user-space virtualization technology aims to bring a common security platform by providing a reference implementation that is coherent across different system platforms.


Image 1.2 Architecture Diagram. Click here ( to view diagram.

The user-space virtualization technology is comprised of a number of different functions, such as user-space virtual machine, state machine and security manager. When an application is executed, the user-space virtual machine scans the binary code to detect any security-sensitive code. If any dubious code is found, the user space virtual machine generates the safe code. The generated safe code calls to the security manager that to check whether the code should be granted the access to the system resources.

The reference implementation and architecture of this technology is applicable to any CPU architecture, and compatible to Java runtime environment, BREW, Linux, Symbian platform security, and others. Aplix plans to license this technology as part of its platform solution and also provide technology license for a broad range of devices.

Aplix CTO Ryu Koriyama says, "In the next generation of data device platforms, the question of how we can ensure security is an extremely important issue. I think the security technology we provide for the execution of innovative applications may prove to be the basis of a solution. Our user-space virtualization technology can be installed in almost all data device platforms currently available, creating value by enabling the construction of a safe environment for application execution."

Published Tuesday, October 24, 2006 6:40 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<October 2006>