US Patent 8468591 Client authentication and data management system

Methods and systems for performing an authenticated boot (310); performing a continuous data protection (350); performing automatic protection and optionally a consolidation; and performing other defenses and protection of a protected computing device (110a, 110b, 110c) (such as a computer system) are provided. The aspects include integrating security mechanisms (which may include a “call home” function (330), role and rule-based policies (225), validating technologies, encryption and decryption technologies, data compression technologies, protected and segmented boot technologies, and virtualization technologies. Booting and operating (either fully or in a restricted manner) are permitted only under a control of a specified role-set, rule-set, and/or a controlling supervisory process or server system(s). The methods and systems make advantageous use of hypervisors (220) and other virtual machine monitors or managers.