CA2769239C - Systeme pour effectuer un traitement automatique de donnees multi-usages - Google Patents

Systeme pour effectuer un traitement automatique de donnees multi-usages Download PDF

Info

Publication number
CA2769239C
CA2769239C CA2769239A CA2769239A CA2769239C CA 2769239 C CA2769239 C CA 2769239C CA 2769239 A CA2769239 A CA 2769239A CA 2769239 A CA2769239 A CA 2769239A CA 2769239 C CA2769239 C CA 2769239C
Authority
CA
Canada
Prior art keywords
automated processing
use data
responsibility
security
software component
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CA2769239A
Other languages
English (en)
Other versions
CA2769239A1 (fr
Inventor
Severine Vermande
Philippe Biondi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Airbus SAS
Original Assignee
Airbus SAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Airbus SAS filed Critical Airbus SAS
Publication of CA2769239A1 publication Critical patent/CA2769239A1/fr
Application granted granted Critical
Publication of CA2769239C publication Critical patent/CA2769239C/fr
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2113Multi-level security, e.g. mandatory access control

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)

Abstract

L'invention a notamment pour objet un composant logiciel pour le traitement automatisé de données multi-usages, mettant en oeuvre des fonctions ayant besoin de différents niveaux de sûreté ou limites de responsabilité. Le composant logiciel selon l'invention comprend une pluralité de machines virtuelles (215), chaque machine virtuelle étant adaptée à exécuter au moins une fonction ayant besoin d'un niveau de sûreté ou d'une limite de responsabilité prédéterminé et un hyperviseur (210) adapté à contrôler l'exécution de ladite pluralité de machines virtuelles.
CA2769239A 2009-07-28 2010-07-28 Systeme pour effectuer un traitement automatique de donnees multi-usages Active CA2769239C (fr)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
FR0955281A FR2948789B1 (fr) 2009-07-28 2009-07-28 Composant logiciel et dispositif pour le traitement automatise de donnees multi-usages, mettant en oeuvre des fonctions ayant besoin de differents niveaux de surete ou limites de responsabilite
FR0955281 2009-07-28
PCT/FR2010/000552 WO2011020954A2 (fr) 2009-07-28 2010-07-28 COMPOSANT LOGICIEL ET DISPOSITIF POUR LE TRAITEMENT AUTOMATISÉ DE DONNÉES MULTI-USAGES, METTANT EN œUVRE DES FONCTIONS AVANT BESOIN DE DIFFÉRENTS NIVEAUX DE SÛRETÉ OU LIMITES DE RESPONSABILITÉ

Publications (2)

Publication Number Publication Date
CA2769239A1 CA2769239A1 (fr) 2011-02-24
CA2769239C true CA2769239C (fr) 2018-10-23

Family

ID=41432807

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2769239A Active CA2769239C (fr) 2009-07-28 2010-07-28 Systeme pour effectuer un traitement automatique de donnees multi-usages

Country Status (8)

Country Link
US (1) US9804875B2 (fr)
EP (1) EP2460071A2 (fr)
JP (1) JP5646622B2 (fr)
CN (1) CN102656559B (fr)
CA (1) CA2769239C (fr)
FR (1) FR2948789B1 (fr)
RU (1) RU2012107091A (fr)
WO (1) WO2011020954A2 (fr)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2539818A1 (fr) * 2010-02-23 2013-01-02 Astronautics Corporation Of America Sac de vol électronique de classe 3 à processeur unique
CN103677983B (zh) * 2012-09-20 2018-05-04 三亚中兴软件有限责任公司 应用的调度方法及装置
FR2997811B1 (fr) * 2012-11-05 2015-01-02 Viaccess Sa Dispositif de traitement de contenus multimedia mettant en oeuvre une pluralite de machines virtuelles.
US9781118B2 (en) 2013-03-14 2017-10-03 Intel Corporation Differentiated containerization and execution of web content based on trust level and other attributes
RU2568282C2 (ru) * 2014-04-18 2015-11-20 Закрытое акционерное общество "Лаборатория Касперского" Система и способ обеспечения отказоустойчивости антивирусной защиты, реализуемой в виртуальной среде
US9454497B2 (en) * 2014-08-15 2016-09-27 Intel Corporation Technologies for secure inter-virtual-machine shared memory communication
US20160098259A1 (en) * 2014-10-02 2016-04-07 The Boeing Company Software Aircraft Part Installation System
US9444849B2 (en) * 2014-10-06 2016-09-13 The Boeing Company Enforcing policy compliance on a device
WO2016079742A1 (fr) 2014-11-19 2016-05-26 Technion Research & Development Foundation Limited Système de génération de plasma froid
FR3038404B1 (fr) * 2015-07-02 2019-04-26 Viaccess Procede et systeme d'execution securisee de machines virtuelles par un ensemble de dispositifs programmables interconnectes
US20180213402A1 (en) * 2015-07-15 2018-07-26 Nokia Solutions And Networks Oy Security aware instantiation of network services and/or virtualized network functions
DE102015214389A1 (de) * 2015-07-29 2017-02-02 Robert Bosch Gmbh Verfahren und Vorrichtung zum Aktualisieren einer auf einer physischen Maschine unter einem Hypervisor betriebenen virtuellen Maschine
US10225349B2 (en) 2016-10-26 2019-03-05 Honeywell International Inc. Software development kit for aircraft tablet device and airborne application server
US11175937B2 (en) * 2018-03-30 2021-11-16 The Boeing Company Virtualized avionics systems for operational environments
CN116260823B (zh) * 2023-05-15 2023-09-15 南方电网数字电网研究院有限公司 受控数据共享方法、装置、计算机设备和存储介质

Family Cites Families (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5442645A (en) * 1989-06-06 1995-08-15 Bull Cp8 Method for checking the integrity of a program or data, and apparatus for implementing this method
US5809493A (en) * 1995-12-14 1998-09-15 Lucent Technologies Inc. Knowledge processing system employing confidence levels
US5870610A (en) * 1996-06-28 1999-02-09 Siemens Business Communication Systems, Inc. Autoconfigurable method and system having automated downloading
US6941410B1 (en) * 2000-06-02 2005-09-06 Sun Microsystems, Inc. Virtual heap for a virtual machine
US6922774B2 (en) * 2001-05-14 2005-07-26 The United States Of America As Represented By The National Security Agency Device for and method of secure computing using virtual machines
US7730318B2 (en) * 2003-10-24 2010-06-01 Microsoft Corporation Integration of high-assurance features into an application through application factoring
US7401230B2 (en) * 2004-03-31 2008-07-15 Intel Corporation Secure virtual machine monitor to tear down a secure execution environment
US7506170B2 (en) * 2004-05-28 2009-03-17 Microsoft Corporation Method for secure access to multiple secure networks
JP2006201845A (ja) * 2005-01-18 2006-08-03 Hitachi Software Eng Co Ltd ウィルス感染及び機密情報漏洩防止対策コンピュータ
US7881755B1 (en) * 2005-05-26 2011-02-01 Marvell International Ltd. Wireless LAN power savings
CN100547515C (zh) * 2005-07-15 2009-10-07 联想(北京)有限公司 支持可信计算的虚拟机系统及在其上实现可信计算的方法
JP2009512939A (ja) * 2005-10-21 2009-03-26 ヴァー2アス インコーポレイテッド 複数のオペレーティングシステムのインスタンスが単一のマシン資源を安全に共有することを可能とする、オペレーティングシステムの仮想化、を有するコンピュータセキュリティ方法
US8341756B2 (en) * 2006-01-17 2012-12-25 Kidaro (Israel) Ltd. Securing data in a networked environment
JP4735331B2 (ja) * 2006-03-01 2011-07-27 日本電気株式会社 仮想マシンを利用した情報処理装置および情報処理システム、並びに、アクセス制御方法
JP2008084081A (ja) * 2006-09-28 2008-04-10 Nec Corp 機密情報の漏洩防止システム、機密情報の漏洩防止方法、記録媒体、及びプログラム
US8949826B2 (en) * 2006-10-17 2015-02-03 Managelq, Inc. Control and management of virtual systems
US9015703B2 (en) * 2006-10-17 2015-04-21 Manageiq, Inc. Enforcement of compliance policies in managed virtual systems
US8234641B2 (en) * 2006-10-17 2012-07-31 Managelq, Inc. Compliance-based adaptations in managed virtual systems
JP4907371B2 (ja) * 2007-02-01 2012-03-28 株式会社日立ソリューションズ ウィルス感染及び機密情報漏洩防止対策システム
US8024790B2 (en) * 2007-04-11 2011-09-20 Trend Micro Incorporated Portable secured computing environment for performing online confidential transactions in untrusted computers
JP4987555B2 (ja) * 2007-04-27 2012-07-25 株式会社東芝 情報処理装置、および情報処理システム
WO2009044461A1 (fr) * 2007-10-03 2009-04-09 Fujitsu Limited Programme et procédé de contrôle d'accès à un dispositif et processeur d'informations
US8261265B2 (en) * 2007-10-30 2012-09-04 Vmware, Inc. Transparent VMM-assisted user-mode execution control transfer
US20090133097A1 (en) * 2007-11-15 2009-05-21 Ned Smith Device, system, and method for provisioning trusted platform module policies to a virtual machine monitor
KR101489244B1 (ko) * 2007-12-24 2015-02-04 삼성전자 주식회사 가상 머신 모니터 기반의 프로그램 실행 시스템 및 그 제어방법
JP5029701B2 (ja) * 2008-01-09 2012-09-19 富士通株式会社 仮想マシン実行プログラム、ユーザ認証プログラムおよび情報処理装置
CA2661398C (fr) * 2008-04-05 2016-05-17 Third Brigade Inc. Systeme et methode de coordination intelligente de prevention d'intrusion au niveau de l'hote dans un environnement virtuel
US8561137B2 (en) * 2008-07-23 2013-10-15 Oracle International Corporation Techniques for identity authentication of virtualized machines
US8387046B1 (en) * 2009-03-26 2013-02-26 Symantec Corporation Security driver for hypervisors and operating systems of virtualized datacenters

Also Published As

Publication number Publication date
WO2011020954A3 (fr) 2011-04-14
CN102656559A (zh) 2012-09-05
CN102656559B (zh) 2016-12-07
EP2460071A2 (fr) 2012-06-06
US9804875B2 (en) 2017-10-31
WO2011020954A2 (fr) 2011-02-24
US20120167089A1 (en) 2012-06-28
RU2012107091A (ru) 2013-09-10
FR2948789B1 (fr) 2016-12-09
CA2769239A1 (fr) 2011-02-24
FR2948789A1 (fr) 2011-02-04
JP2013500531A (ja) 2013-01-07
JP5646622B2 (ja) 2014-12-24

Similar Documents

Publication Publication Date Title
CA2769239C (fr) Systeme pour effectuer un traitement automatique de donnees multi-usages
WO2016094840A3 (fr) Système, procédé et support lisible par ordinateur pour la protection de logiciels au moyen de machines virtuelles composables de niveau processus
EP3613170A4 (fr) Traitement de données de chaîne de blocs sur la base d'opérations sur contrats intelligents exécutées dans un environnement d'exécution de confiance
GB201302443D0 (en) Detecting malicious computer code in an executing program module
WO2012097073A3 (fr) Verrouillage de mode de processeur
EP4099137A3 (fr) Systèmes et procédés d'isolation de domaine sécurisé
MX2018003751A (es) Metodo y sistema para signar tareas a equipos mineros y/o de construccion.
GB2508553A (en) Protecting memory of a virtual guest
WO2011090596A3 (fr) Isolation de coeurs de processeur par hyperviseur
WO2012048162A3 (fr) Système et procédé d'extension d'une plate-forme de visualisation
WO2008115279A3 (fr) Virtualisation pour inviolabilité diversifiée
WO2009136080A3 (fr) Systeme et procede de securisation d'un ordinateur comportant un micronoyau
GB2557478A (en) Manegement of virtual machine in virtualized computing environment based on fabric limit
WO2011139302A3 (fr) Système de messagerie stéganographique utilisant des parties invariantes de code
TW200745951A (en) Computer security method having operating system virtualization allowing multiple operating system instances to securely share single machine resources
WO2009094582A3 (fr) Procédé et systèmes de fourniture d'un disque virtuel à des machines virtuelle et physique sans disque
SG10201407589UA (en) Systems and methods for security verification in electronic learning systems and other systems
WO2012088171A3 (fr) Procédé d'emploi de point de reprise et restauration d'état de programme
MX346007B (es) Equipo de interrupcion de pista de advertencia.
WO2014009243A3 (fr) Ensemble comprenant un système à microprocesseur
WO2014198464A9 (fr) Détection d'incidents de processeur multicoeur pour applications logicielles critiques pour la sécurité
WO2014104912A8 (fr) Procédé de traitement pour processeur multicoeur et processeur multicoeur
WO2008017796A8 (fr) Appareil et procédé pour réaliser des contrôles d'intégrité sur un logiciel
WO2012112302A3 (fr) Traitement parallèle dans des applications d'interface homme-machine
EP2487618A3 (fr) Gestion du démarrage de dispositifs sécurisés avec un logiciel douteux

Legal Events

Date Code Title Description
EEER Examination request

Effective date: 20150702