CA3014917A1 - Data protection using virtual resource views - Google Patents

Data protection using virtual resource views Download PDF

Info

Publication number
CA3014917A1
CA3014917A1 CA3014917A CA3014917A CA3014917A1 CA 3014917 A1 CA3014917 A1 CA 3014917A1 CA 3014917 A CA3014917 A CA 3014917A CA 3014917 A CA3014917 A CA 3014917A CA 3014917 A1 CA3014917 A1 CA 3014917A1
Authority
CA
Canada
Prior art keywords
computing device
resource
requesting entity
owner
device resource
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
CA3014917A
Other languages
English (en)
French (fr)
Inventor
Mihai Christodorescu
Dinakar Dhurjati
Nayeem Islam
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of CA3014917A1 publication Critical patent/CA3014917A1/en
Abandoned legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • G06F12/1433Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a module or a part of a module
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1483Protection against unauthorised use of memory or access to memory by checking the subject access rights using an access-table, e.g. matrix or list
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45591Monitoring or debugging support

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Mathematical Physics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)
CA3014917A 2016-03-22 2017-02-24 Data protection using virtual resource views Abandoned CA3014917A1 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US15/076,936 2016-03-22
US15/076,936 US20170277903A1 (en) 2016-03-22 2016-03-22 Data Protection Using Virtual Resource Views
PCT/US2017/019396 WO2017165073A1 (en) 2016-03-22 2017-02-24 Data protection using virtual resource views

Publications (1)

Publication Number Publication Date
CA3014917A1 true CA3014917A1 (en) 2017-09-28

Family

ID=58264630

Family Applications (1)

Application Number Title Priority Date Filing Date
CA3014917A Abandoned CA3014917A1 (en) 2016-03-22 2017-02-24 Data protection using virtual resource views

Country Status (9)

Country Link
US (1) US20170277903A1 (enExample)
EP (1) EP3433748A1 (enExample)
JP (1) JP6903682B2 (enExample)
KR (1) KR20180124048A (enExample)
CN (1) CN108713194A (enExample)
BR (1) BR112018069030A2 (enExample)
CA (1) CA3014917A1 (enExample)
TW (1) TW201737059A (enExample)
WO (1) WO2017165073A1 (enExample)

Families Citing this family (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3140734B1 (en) 2014-05-09 2020-04-08 Nutanix, Inc. Mechanism for providing external access to a secured networked virtualization environment
CN105184154B (zh) * 2015-09-15 2017-06-20 中国科学院信息工程研究所 一种在虚拟化环境中提供密码运算服务的系统和方法
US11550558B2 (en) 2016-02-12 2023-01-10 Nutanix, Inc. Virtualized file server deployment
US11218418B2 (en) 2016-05-20 2022-01-04 Nutanix, Inc. Scalable leadership election in a multi-processing computing environment
US11568073B2 (en) 2016-12-02 2023-01-31 Nutanix, Inc. Handling permissions for virtualized file servers
US10824455B2 (en) * 2016-12-02 2020-11-03 Nutanix, Inc. Virtualized server systems and methods including load balancing for virtualized file servers
US10728090B2 (en) 2016-12-02 2020-07-28 Nutanix, Inc. Configuring network segmentation for a virtualization environment
US11562034B2 (en) 2016-12-02 2023-01-24 Nutanix, Inc. Transparent referrals for distributed file servers
US11294777B2 (en) 2016-12-05 2022-04-05 Nutanix, Inc. Disaster recovery for distributed file servers, including metadata fixers
US11281484B2 (en) 2016-12-06 2022-03-22 Nutanix, Inc. Virtualized server systems and methods including scaling of file system virtual machines
US11288239B2 (en) 2016-12-06 2022-03-29 Nutanix, Inc. Cloning virtualized file servers
US10558250B2 (en) * 2016-12-23 2020-02-11 Oracle International Corporation System and method for coordinated link up handling following switch reset in a high performance computing network
GB2563885B (en) * 2017-06-28 2019-10-23 Advanced Risc Mach Ltd Interrupting export of memory regions
CN111611618B (zh) 2017-10-31 2023-08-04 创新先进技术有限公司 一种数据统计方法和装置
CN110019475B (zh) * 2017-12-21 2021-07-20 华为技术有限公司 数据持久化处理方法、装置及系统
US11086826B2 (en) 2018-04-30 2021-08-10 Nutanix, Inc. Virtualized server systems and methods including domain joining techniques
US11194680B2 (en) 2018-07-20 2021-12-07 Nutanix, Inc. Two node clusters recovery on a failure
US11770447B2 (en) 2018-10-31 2023-09-26 Nutanix, Inc. Managing high-availability file servers
US11768809B2 (en) 2020-05-08 2023-09-26 Nutanix, Inc. Managing incremental snapshots for fast leader node bring-up
US12248435B2 (en) 2021-03-31 2025-03-11 Nutanix, Inc. File analytics systems and methods
US12131192B2 (en) 2021-03-18 2024-10-29 Nutanix, Inc. Scope-based distributed lock infrastructure for virtualized file server
US12197398B2 (en) 2021-03-31 2025-01-14 Nutanix, Inc. Virtualized file servers and methods to persistently store file system event data
US12248434B2 (en) 2021-03-31 2025-03-11 Nutanix, Inc. File analytics systems including examples providing metrics adjusted for application operation
US12242455B2 (en) 2021-03-31 2025-03-04 Nutanix, Inc. File analytics systems and methods including receiving and processing file system event data in order
US12367108B2 (en) 2021-03-31 2025-07-22 Nutanix, Inc. File analytics systems and methods including retrieving metadata from file system snapshots
US12164383B2 (en) 2021-08-19 2024-12-10 Nutanix, Inc. Failover and failback of distributed file servers
US12117972B2 (en) 2021-08-19 2024-10-15 Nutanix, Inc. File server managers and systems for managing virtualized file servers
CN113992425B (zh) * 2021-11-12 2022-09-23 北京天融信网络安全技术有限公司 一种收发网络数据包的方法、网络设备以及通信系统
US12153690B2 (en) 2022-01-24 2024-11-26 Nutanix, Inc. Consistent access control lists across file servers for local users in a distributed file server environment
US12182264B2 (en) 2022-03-11 2024-12-31 Nutanix, Inc. Malicious activity detection, validation, and remediation in virtualized file servers
US12184791B2 (en) * 2022-06-02 2024-12-31 Sap Se Client secure connections for database host
US12189499B2 (en) 2022-07-29 2025-01-07 Nutanix, Inc. Self-service restore (SSR) snapshot replication with share-level file system disaster recovery on virtualized file servers
US12461832B2 (en) 2023-09-27 2025-11-04 Nutanix, Inc. Durable handle management for failover in distributed file servers

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6772350B1 (en) * 1998-05-15 2004-08-03 E.Piphany, Inc. System and method for controlling access to resources in a distributed environment
US8453142B2 (en) * 2007-04-26 2013-05-28 Hewlett-Packard Development Company, L.P. Virtual machine control
US8819676B2 (en) * 2007-10-30 2014-08-26 Vmware, Inc. Transparent memory-mapped emulation of I/O calls
GB2460393B (en) * 2008-02-29 2012-03-28 Advanced Risc Mach Ltd A data processing apparatus and method for controlling access to secure memory by virtual machines executing on processing circuitry
WO2011081935A2 (en) * 2009-12-14 2011-07-07 Citrix Systems, Inc. Methods and systems for communicating between trusted and non-trusted virtual machines
EP2569698B1 (en) * 2010-05-10 2019-07-10 Citrix Systems, Inc. Redirection of information from secure virtual machines to unsecure virtual machines
US8856504B2 (en) * 2010-06-07 2014-10-07 Cisco Technology, Inc. Secure virtual machine bootstrap in untrusted cloud infrastructures
US20130097417A1 (en) * 2011-10-13 2013-04-18 Microsoft Corporation Secure private computation services
US9038083B2 (en) * 2012-02-09 2015-05-19 Citrix Systems, Inc. Virtual machine provisioning based on tagged physical resources in a cloud computing environment
US9122780B2 (en) * 2012-06-20 2015-09-01 Intel Corporation Monitoring resource usage by a virtual machine
US9275223B2 (en) * 2012-10-19 2016-03-01 Mcafee, Inc. Real-time module protection
US9503268B2 (en) * 2013-01-22 2016-11-22 Amazon Technologies, Inc. Securing results of privileged computing operations
US9396011B2 (en) * 2013-03-12 2016-07-19 Qualcomm Incorporated Algorithm and apparatus to deploy virtual machine monitor on demand
US9792448B2 (en) * 2014-02-28 2017-10-17 Advanced Micro Devices, Inc. Cryptographic protection of information in a processing system

Also Published As

Publication number Publication date
EP3433748A1 (en) 2019-01-30
US20170277903A1 (en) 2017-09-28
BR112018069030A2 (pt) 2019-01-29
KR20180124048A (ko) 2018-11-20
CN108713194A (zh) 2018-10-26
JP6903682B2 (ja) 2021-07-14
WO2017165073A1 (en) 2017-09-28
JP2019512811A (ja) 2019-05-16
TW201737059A (zh) 2017-10-16

Similar Documents

Publication Publication Date Title
US20170277903A1 (en) Data Protection Using Virtual Resource Views
US12124581B2 (en) System on chip and operation method thereof
US10013554B2 (en) Time varying address space layout randomization
US20160253497A1 (en) Return Oriented Programming Attack Detection Via Memory Monitoring
KR20170033891A (ko) 보호 영역에서의 메모리 초기화
EP4165533B1 (en) Security enhancement in hierarchical protection domains
US20190026231A1 (en) System Memory Management Unit Architecture For Consolidated Management Of Virtual Machine Stage 1 Address Translations
JP7201686B2 (ja) 間接アクセスメモリコントローラ向けの保護機能を追加するための機器
EP4616293A1 (en) Inline encryption solution for nonvolatile memory express (nvme) storage devices
US11386012B1 (en) Increasing address space layout randomization entropy via page remapping and rotations
US20070056033A1 (en) Platform configuration apparatus, systems, and methods
WO2024187365A1 (en) Detecting unexpected memory read
US20240348437A1 (en) Novel Approach To Protect Hardware Managed Integrated Cryptographic Engine Keys Efficiently While Preventing Data At Rest Attacks
US20160103612A1 (en) Approximation of Execution Events Using Memory Hierarchy Monitoring
WO2023096677A1 (en) Method for circumventing processor error induced vulnerability
EP4457637A1 (en) Multimedia compressed frame aware cache replacement policy

Legal Events

Date Code Title Description
FZDE Discontinued

Effective date: 20210831

FZDE Discontinued

Effective date: 20210831