CN106462439B - 以持续所有者访问对加密虚拟机的安全传输 - Google Patents
以持续所有者访问对加密虚拟机的安全传输 Download PDFInfo
- Publication number
- CN106462439B CN106462439B CN201580023933.5A CN201580023933A CN106462439B CN 106462439 B CN106462439 B CN 106462439B CN 201580023933 A CN201580023933 A CN 201580023933A CN 106462439 B CN106462439 B CN 106462439B
- Authority
- CN
- China
- Prior art keywords
- key
- decryption key
- encrypted
- data set
- entity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012546 transfer Methods 0.000 title description 5
- 230000002085 persistent effect Effects 0.000 title description 2
- 238000000034 method Methods 0.000 claims abstract description 52
- 230000007246 mechanism Effects 0.000 claims abstract description 32
- 238000013508 migration Methods 0.000 description 34
- 230000005012 migration Effects 0.000 description 34
- 230000036541 health Effects 0.000 description 12
- 230000006870 function Effects 0.000 description 11
- 230000004044 response Effects 0.000 description 9
- 230000005540 biological transmission Effects 0.000 description 8
- 238000007726 management method Methods 0.000 description 8
- 238000009795 derivation Methods 0.000 description 6
- 230000007366 host health Effects 0.000 description 5
- 239000004744 fabric Substances 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000013175 transesophageal echocardiography Methods 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 238000011156 evaluation Methods 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 230000006378 damage Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 238000000605 extraction Methods 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 238000011084 recovery Methods 0.000 description 2
- 241000169624 Casearia sylvestris Species 0.000 description 1
- 101000822695 Clostridium perfringens (strain 13 / Type A) Small, acid-soluble spore protein C1 Proteins 0.000 description 1
- 101000655262 Clostridium perfringens (strain 13 / Type A) Small, acid-soluble spore protein C2 Proteins 0.000 description 1
- 101000655256 Paraclostridium bifermentans Small, acid-soluble spore protein alpha Proteins 0.000 description 1
- 101000655264 Paraclostridium bifermentans Small, acid-soluble spore protein beta Proteins 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 239000011159 matrix material Substances 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 229920001690 polydopamine Polymers 0.000 description 1
- 238000011176 pooling Methods 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/02—Addressing or allocation; Relocation
- G06F12/08—Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6281—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database at program execution time, where the protection is within the operating system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/4557—Distribution of virtual machine instances; Migration and load balancing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45583—Memory management, e.g. access or allocation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45595—Network integration; Enabling network access in virtual machine instances
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2212/00—Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
- G06F2212/65—Details of virtual memory and virtual address translation
- G06F2212/652—Page size control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
- H04L2209/127—Trusted platform modules [TPM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/24—Key scheduling, i.e. generating round keys or sub-keys for block encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/062—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Stored Programmes (AREA)
Abstract
解说了管理经加密的数据集。一种方法包括获得第一解密密钥。第一解密密钥被配置成被用于对使用第一加密机制被加密的经加密数据集进行解密。第一加密机制与可被用于解密该数据集的第一解密密钥相关联。该方法进一步包括用第二加密机制来加密第一解密密钥。该方法进一步包括用第三加密机制来加密第一解密密钥。该方法进一步包括创建一个包,该包包括至少用第二加密方法加密的第一解密密钥以及用第三加密方法加密的第一解密密钥。该方法进一步包括用守卫者签名来签署该包,并且用从第一解密密钥中创建的签名来签署该包。
Description
背景
背景和相关技术
计算系统的互连已便于分布式计算系统,诸如所谓的“云”计算系统。在本说明书中,“云计算”可以是用于允许对可配置的计算资源(如网络、服务器、存储、应用、服务等)的共享池进行无处不在的、方便的、按需的网络访问的系统或资源,这些计算资源可用减少的管理努力或服务提供者交互来快速地被供应和发行。云模型可由各种特性(如按需自服务、广泛网络访问、资源池、快速灵活性、测量服务等)、服务模型(如软件即服务(“SaaS”)、平台即服务(“PaaS”)、基础结构即服务(“IaaS”))以及部署模型(如私有云、社区云、公共云、混合云等)组成。
基于云和远程的服务应用是流行的。这种应用被主存于诸如云的公有和私有远程系统上,并且通常提供一组基于web的服务用于与客户端来回传送。
在云计算环境中,承租人可包括用户、公司、公司部门、或对部署在由云服务供应商运行的数据中心处的虚拟机中的一者或多者具有访问权限的其他实体。承租人可能希望代表其自身来部署虚拟机。然而,承租人可能希望在其虚拟机被部署为数据中心处的主机之前处于储存中时或者当虚拟机被部署为数据中心中的主机时阻止其他实体(诸如其他承租人、窃听者、或甚至数据中心管理员)能够访问其虚拟机。为了实现这一目的,虚拟机可以被加密,诸如通过对虚拟硬盘和/或虚拟机的元数据进行加密。因而,经加密的虚拟机将按照保护其内容的机密性和完整性的方式在离线储存与主机之间迁入迁出。此外,用于加密虚拟机的内容的密钥可能需要以某种规律性被翻转(即,改变)。这可能向虚拟机的所有者提出了能够访问他们的经加密虚拟机的挑战。
然而,可能存在使虚拟机既能够被部署在主机处又能够可供VM所有者(例如,承租人)的检索和执行的某种期望。给定各种加密方案的保护本质,这可能是困难的。具体地,加密的目的在于通过保护用户解密的秘密来阻止大量实体能够解密经加密的VM。因而,使两个不同实体能够解密经加密的VM存在挑战。
本文要求保护的主题不限于解决任何缺点或仅在诸如上述环境这样的环境中操作的各实施例。相反,提供该背景仅用于例示其中可实施所述一些实施例的一个示例性技术领域。
简要概述
此处解说的一个实施例包括可在计算环境中实施的方法。该方法包括用于管理经加密的数据集的动作。该方法包括获得第一解密密钥。第一解密密钥被配置成被用于对使用第一加密机制被加密的经加密数据集进行解密。第一加密机制与可被用于解密该数据集的第一解密密钥相关联。该方法进一步包括用第二加密机制来加密第一解密密钥。第二加密机制与第一实体所使用的第二解密密钥相关联,以使得第二解密密钥可被第一实体用于通过首先使用第二解密密钥对经第一密钥加密的密钥进行解密并且接着使用经解密的第一密钥来解密该数据集来解密该数据集。该方法进一步包括用第三加密机制来加密第一解密密钥。第三加密机制与第二实体所使用的第三解密密钥相关联,以使得第三解密密钥可被第二实体用于通过首先使用第三解密密钥对经第一密钥加密的密钥进行解密并且接着使用经解密的第一密钥来解密该数据集来解密该数据集。该方法进一步包括创建一个包,该包包括至少用第二加密方法加密的第一解密密钥以及用第三加密方法加密的第一解密密钥。该方法进一步包括用守卫者签名来签署该包,并且用从第一解密密钥中创建的签名来签署该包。
提供本概述以便以简化的形式介绍以下在详细描述中进一步描述的一些概念。本概述并非旨在标识出要求保护的主题的关键特征或必要特征,亦非旨在用作辅助确定要求保护的主题的范围。
附加特征和优点将在以下描述中提出,且部分会从描述中显而易见,或者可以通过实施本文的原理来获悉。本发明的特征和优点可以通过在所附权利要求书中特别指出的工具和组合来实现和获得。本发明的特征从以下描述和所附权利要求书中将更完全显而易见,或者可以通过如下文所述实施本发明而获悉。
附图简述
为了描述能够获得上述和其它优点和特征的方式,将通过参考附图中示出的各具体实施例来呈现对以上简述的主题的更为具体的描述。理解这些附图仅描述典型的实施例,因此不应被视为限制本发明的范围,各实施例将通过使用附图以附加的具体性和细节来描述和解释,附图中:
图1解说了经加密的数据集以及具有用于解密经加密的数据集的经加密密钥的包;
图2解说了部署经加密的虚拟机;
图3解说了主机和目标的证明操作;
图4解说了用于在主机上启动虚拟机的流程;
图5解说了用于迁移虚拟机的流程;以及
图6解说了管理经加密的数据集的方法。
详细描述
本发明的一个实施例的简单解说参考图1来解说。图1解说了经加密的数据集101。经加密的数据集101可以使用传输密钥102来解密。在所解说的示例中,传输密钥102的多个副本使用特定于特定实体的加密方案被加密。因而,例如,第一副本102-0针对所有者被加密,以使得数据集101的所有者可以解密该副本,但其他实体不能。图1进一步解说了n个附加副本,其中n个附加副本102-1到102-n中的每一者针对保管者(诸如可以主存或存储所有者的数据集的实体)被加密,以使得每一保管者能够解密他们的副本,但其他实体不能。在一些实施例中,这可以通过使用非对称加密技术来实现。因而,例如,第一副本102-0使用所有者的公共密钥被加密,以使得所有者能够使用其私有密钥来解密第一副本102-0。类似地,副本102-1可以使用第一保管者的公共密钥被加密,以使得第一保管者能够使用该保管者的私有密钥来解密副本102-1。类似的加密和解密可以针对其余的保管者副本来完成。
各个副本被打包在一起并且用使用密码密钥散列或数字签名的守卫者签名103来签署以确保该包不被篡改。守卫者(签署副本的实体)可以是例如所有者或保管者,并且可以随着经加密的数据集101被转移和/或重新加密而改变。守卫者签名可以密码地将包绑定在一起以确保数据集101不能被暴露于未经授权实体。该包还包括传输密钥签名104,传输密钥签名104是通过执行传输密钥的密码散列或其他函数(诸如消息认证码(MAC)函数)而创建的一种形式的认证(能够被用作守卫者对传输密钥的知识的证明)。
现在解说更详细的示例,本文所解说的一些实施例涉及按照允许主机解密经加密的虚拟机(VM)并且VM的承租人所有者能够解密经加密的VM的方式将经加密的VM安全地部署到数据中心中的主机。这可以通过系统对VM加密并且创建VM的VM解密密钥的两个(或更多个,如果期望的话)副本来实现。VM解密密钥的一个副本使用承租人公共密钥来加密(从而允许承租人使用承租人私有密钥来解密VM解密密钥,并且接着使用VM解密密钥来解密VM),而VM解密密钥的第二副本使用密钥分发服务(KDS)公共密钥来加密(允许主机在来自KDS的帮助下获得VM解密密钥)。另外地,两个经加密密钥可以被恰适地包装,诸如使用如上所述的守卫者签名和解密密钥签名以确保不发生篡改。
尽管以上概述是在将虚拟机部署在数据中心环境中的上下文中,但应当领会,各实施例也可实现在其他场景中。
虚拟机示例在图2中解说,图2解说了承租人200、云服务201、虚拟机管理器202、虚拟机存储203、虚拟机204、迁移代理205、KDS 206、以及主机207。在所解说的示例中,虚拟机204被加密,如虚拟机存储203中的虚拟机的交叉影线所解说的。虚拟机存储203是由云服务供应商201维护的存储系统。承租人200将VM提供给云服务供应商201,云服务供应商可以将虚拟机存储在机器存储203中。承租人200可以加密VM,或者VM可以由其他实体加密。
迁移代理205(或另一恰适实体,例如承租人200)提供解密经加密的虚拟机204所需的密钥的两个副本。密钥可以由承租人200或KDS 206或某一其他受信实体提供给迁移代理。密钥208的一个副本209使用承租人200的公共密钥来加密,而密钥208的另一副本210使用KDS 206的公共密钥来加密。各种替换方式可被实现。
密钥208可被用于解密VM 204本身。替换地,密钥208可被用于解密可用于解密VM204的虚拟受信平台模块(vTPM)(如将在下文更详细地说明的)。然而,这仍然落在被描述为VM被加密的范围内。在一些实施例中,可以通过加密虚拟硬盘(VHD)和/或VM 204的元数据来加密VM 204。
如果承租人200期望检索和读取经加密的VM 204,则承租人能够简单地向虚拟机存储203请求回经加密的VM 204,并且使用其私有密钥来解密密钥208的第一副本209,并且接着使用密钥208来访问VM 204。
为了将VM 204部署到主机207,经加密的VM被发送到主机207。附加地,包括密钥208的经加密的副本209和210的包212被发送到主机207。
包212用守卫者签名和密钥208的签名两者来签署。
主机207将请求211和包212发送到KDS 206。替换地,连同将请求211发送到KDS206,主机207还可将密钥208的第二副本210发送到KDS。替换地,KDS 206可以从另一服务接收第二副本210,并且在预期到请求211的情况下可以存储第二副本210。
在一些实施例中,可以作出主机207满足某些条件的确定,并且如果主机207满足这些条件,则密钥208可以被KDS 206访问并且被发送回到主机207。例如,各实施例可以要求主机207满足某些健康要求,诸如主机可能需要运行某些软件(或某些软件版本),具有某些配置设置,具有恰适的引导记录。主机接着可以使用这一密钥208来解锁VM 204,从而允许VM 204被部署在主机207上(如VM 204的无经交叉影线版本所解说的)。
现在下文将解说附加细节。在要求使用密钥分发服务的流程中,使用被称为“保护描述符”或PD的数据结构。PD的主要功能是对加密密钥(例如,密钥208)的密码包装,该加密密钥被称为传输密钥。这一包装确保对密钥的访问仅被授予经授权实体。KDS 206不知晓或关心传输密钥保护什么数据。
作为解说,虚拟机(VM)的所有者可能希望将VM部署到主机服务供应商(hoster)。VM包括两个数据集——元数据区段以及虚拟硬盘(VHD)集。VHD使用恰适的加密技术来加密,诸如可从华盛顿州雷蒙德市微软公司获得的BitLocker。用于解密主VHD的整卷加密密钥(FVEK)受到虚拟受信平台模块(vTPM)的保护,虚拟受信平台模块的状态作为元数据的一部分连同PD一起被加密和存储。vTPM状态本身使用PD所包装的密钥来加密。这允许所有者保护VM免于对VM的不想要的访问。
当主机服务供应商处的主机需要启动VM时,它从元数据中提取vTPM的PD并且将其发送给KDS。如果主机针对vTPM密钥被授权,则KDS将向受信执行环境(TEE)(诸如主机的安全子系统)返回可用其来解密vTPM的密钥。各种不同的安全子系统可以联合地或替换地被使用。在一个实施例中,这一子系统可以被实现为在主机VM的内核中运行的功能。在另一实现中,它可以在管理程序中运行。在其他实施例中,它可以使用处理器的存储器映射能力被实现为由管理程序实施的单独地址空间(有时在本文中被称为虚拟安全模式(VSM))。在其他实施例中,它可以被实现为由处理器实施的单独执行区域(诸如ARM架构的信任区域、由加利福尼亚州圣克拉拉市的英特尔公司描述的新兴SGX能力、或受信平台模块(TPM)技术)。这些不同的实现可以提供相似的功能,诸如执行密码操作、存储凭证、验证代码或数据的完整性的有效性、以及保护秘密的能力。然而,它们在它们所提供的安全属性方面有所差异。
替换地,在一些实施例中,如果VM在VM所有者的环境中被访问,则KDS不涉及释放密钥,因为PD包含允许VM的所有者的直接访问的传输密钥的包装。值得注意的是,在一些实施例中,KDS可以由云服务201维护,但在其他实施例中,也可由第三方维护。
被授权接收密钥的实体要么是“所有者”要么是零个或更多个“保管者”。在一些实施例中,这两者间的主要区别在于,所有者能够创建原始PD;同样在一些实施例中,只有所有者能够使用自签署的证书在PD中被表达。PD设计将注意力集中于冒充者检测:注意确保未经授权实体无法假扮PD的所有者或保管者。最后,制作用于从密钥破坏中进行恢复的供应。例如,这可以通过使用不同生命期的密钥来实现,其中所有者由高度受保护的长期密钥表示并且该密钥被用于签署可能无法提供相同保护程度的较短期所有者密钥。短期密钥实际上成为保管者(即,作为保管者的所有者)。
各实施例还可包括自动密钥滚动。每一次KDS 206被要求捶开(crack open)PD时,正是因为某一实体(诸如结构主机)正试图读取经加密的数据片。此类操作与“进入”流程相关联,诸如迁移到VM中或者从某一经加密的“定制数据”中创建新的受保护VM。KDS 206用所请求的密钥以及另一PD对此类请求作出响应——该另一PD在后续“外出”流程(通常意味着VM到另一主机213或到离线存储(例如,机器存储203)的迁移)中使用。这一设立确保了KDS206仅被联系一次——在进入时,并且这就是主机健康被评估的时候。如果KDS不再被联系超过一次,则在外出时不进行附加的主机评估。然而,各实施例可允许到KDS 206的多次往返,因为在这个发生过程中没有损害。主机评估可以在每一次各实施例联系KDS时被执行。因而,如果在外出时KDS没有被联系,则在外出时也不存在主机评估。
在一些实施例中,在任何时间点,仅有一个实体(要么所有者要么保管者)被指派为PD的“守卫者”——该实体创建并签署PD(例如,如在103所解说的)。随着PD从所有者移动到保管者以及从一个保管者移动到另一保管者,守卫关系将改变。然而,只要相同的KDS206处理该PD,守卫关系将保持相同。任何保管者或所有者可以在不涉及当前守卫者的情况下“接管”现有PD(成为其守卫者)。
以下解说了一个示例的数学上严格的解说。以下章节将利用以下表示:
·K0,Ki,ST,TT–流程中涉及的实体(承租人K0、保管人Ki、源TEE ST、目标TEE TT)
·NEPub,NEPri–某一实体N的公共和私有加密密钥;NE是NEPub的缩写
·NSPub,NSPri–某一实体N的公共和私有签署密钥;NS是NSPub的缩写
·TKi,TKe–对称传输密钥(例如,TKi可以是进入密钥而TKe是外出密钥);在一些实施例中,传输密钥不旨在被直接使用,而是作为密钥导出函数的输入以产生用于总受保护VM有效载荷的各个部分的加密和认证密钥,然而,不同的密钥导出方案可以被使用
·ε(K)[M]–使用密钥K加密的消息M;取决于上下文,K可以是对称的或非对称的
·α(K)[M]–使用对称密钥K认证的消息M
·α(K)[M]–使用非对称密钥K签署的消息M
·M1||M2–消息M1和M2的级联
此外,流程描述中的缩写将使用变量来表示更复杂的消息;特别在进入主机时,可能处理如下所述的消息:
·TK-e:=KDF(TK,”e”)–导出的加密密钥(KDF表示“密钥导出函数”。“e”是用于例如对加密密钥的导出与例如签署密钥的导出相区分的KDF的输入。然而,应当注意,这仅仅是一个示例,并且任何其他恰
适的输入也可被使用。)
o这是出于加密有效载荷的目的从TK导出的对称密钥
o注意,若干此类加密密钥可能需要从单个传输密钥导出,对应于受保护VM有效载荷的不同部分(例如,经加密vTPM状态仅仅是一个这样的部分)
·TK-a:=KDF(TK,“a”)–导出的认证密钥
o这是出于经由例如HMAC函数认证有效载荷的目的从TK导出的对称密钥
o注意,出于经认证的加密目的,从单个传输密钥中导出若干此类认证密钥可能是必要的
·A:=ε(TK-e)[P]||α(TK-a)[P]–经加密的且经认证的有效载荷P
o使用加密密钥以及对应于传输密钥TK的其伴随认证密钥创建的经认证的且经加密的有效载荷(诸如vTPM状态)
尽管在此处解说的示例中,解说了单独的认证密钥和加密密钥,应当领会在其他实施例中,一些密码算法允许相同的密钥被用于加密和认证。因而,在其他实施例中,本文解说的数据结构可以被简化。
PD将包括多个传输密钥包装——所有者一个(下文将被称为类型“B”的消息)以及由所有者委托的保管者零个或更多个包装(这些是被称为类型“C”的消息)。
o这是对VM的所有者加密的传输密钥;它允许VM在任何时间点被其所有者拾取
o仅所有者的条目能够在签署密钥上包含非委托(自签署)证书
o这一消息存在三个部分——所有者的签署密钥上的证书,所有者的公共加密密钥上的所有者发出的证书,以及使用该公共加密密钥对传输密钥的加密(所有者的签署密钥上的证书可以是自签署的,但它不必是自签署的,并且可以由被所有方相互信任的证书决策机构发出)。
o这是对VM的保管者加密的相同传输密钥
o Kj是传输密钥对其加密的“当前”保管者
o Ki是链条中的“前一”保管者(对于所有者,i==0),其将保管者决策机构委托给Kj
o对于VM可能存在零个或更多个保管者,因此PD内部可能存在零个或更多个类型C的消息
不同的传输密钥包装被组合成一集合,以下被解说为一矩阵,其中每一行包含对应于所有者或保管者的多个级联条目。所有者被如此标识(使用字母“o”)。当前守卫者如此用星号来标记。在以下解说的示例中,PD处于当其首次被所有者创建以供由KDS 206消耗时存在的形状。不同密钥包装的组合是类型D消息。由所有者为单个保管者生成的消息看上去会是:
KDS 206可以消耗这一消息,使得它自己成为守卫者并且添加附加守卫者,从而得到看上去如下的PD:
类型D消息的完整性和真实性由类型E消息提供。这一消息用于守卫者实际上具有对类型D消息所保护的密钥的知识并且实际上创作了该消息的证明。
·Ei:=α[TK-a](Di)||σ(GSPri)[Di]
其中GSPri是消息D中被标记为“守卫者”的条目的私有签署密钥。
最后,类型F消息是实际的“PD”——类型D和E消息的级联:
·F:=D||E
在一些实施例中,PD数据格式还包括头部(以传达诸如PD块版本号之类的信息)以及密码灵活性的供应(密码选择、每一密钥的模式和密钥大小)。
涉及某一有效载荷上的PD的典型流程包括主机将进入密钥TKi的PD Fi发送给KDS,并且KDS用两个信息片来作出响应:
1)两个传输密钥的包装(进入和外出——TKi和TKe)以供由主机的TEE消耗。
这一包装涉及进入和外出密钥的级联的经认证的加密:
o TW–包装密钥,由KDS生成
o TW-e,TW-a–从TW导出的加密和认证密钥
o H:=ε(STEPub)[TW]||ε(TW-e)[TKi||TKe]||α(TW-a)[TKi||TKe]
2)围绕TKe构建的外出密钥PD Fe要与外出有效载荷包括在一起。这并非在主机的TEE处被定标,并且仅可由所有者或保管者之一破解。
在一些情形中,主机将提供多个进入保护描述符。在该情形中,KDS将确保所有保护描述符具有完全相同的所有者(如从委托链条根部的自签署证书所证实的)。所得的外出保护描述符将是来自进入保护描述符的所有保管者的超集,并且消息H将看上去像:
H:=ε(STEPub)[TW]||ε(TW-e)[TKi1||TKi2||…||TKin||TKe]||α(TW-a)[TKi1||TKi2||…||TKin||TKe]
如已经提及的,KDS 206不具有类型F的块所保护的有效载荷类型的知识。有效载荷可以是vTPM状态,VM的供应信息,或完全不同的某种东西。在一些实施例中,有效载荷使用从“主”传输密钥中导出的加密密钥来加密,并且使用对应的认证密钥来认证(如由类型A消息所解说)。然而,其他密钥导出安排可以被构建以达成相同或类似的整体效果。
在一些实施例中,每一主机(例如,主机207和213)在它能够要么主存VM要么参与迁移流程之前完成证明。在成功完成与主机证明服务(HAS)214的证明之际,该主机被发放健康证书。在一些实施例中,证书中的密钥是主机的受信子系统的TEE公共加密密钥。主机随后将健康证书呈现给KDS 206,KDS 206通过对主机的TEE加密敏感数据(例如,vTPM加密密钥)来作出响应。注意到,在这一情形中,不存在对健康证书的“认证”并且KDS 206不要求占有证明来认证主机。简单来说,主机自由地呈现它想要的任何健康证书,但如果它不具有对应的私有密钥,则它将无法理解它从KDS接收到的响应。
现在对图3作出参考,图3解说了一个非常具体的示例的流程300。参考图3:
1.主机通过联系证明服务来发起证明
2.证明服务发出请求。在使用TPM技术的各实施例中,这可以是平台配置注册表(PCR)读取请求。这在图3中被示出为单个请求/响应交换,但实际上很可能采取两条腿:一个用于建立会话而另一个用于满足请求。
·在使用TPM 2.0设备的各实施例中,两种不同模式的证明是可能的——一个是传统的服务提供的随机数上的受信计算组(TCG)引述,而另一个是经认证的熟练会话上的“直接PCR读取”。注意,这仅仅是一个示例。在其他实施例中,例如,TPM 1.2可以被使用,尽管直接PCR读取功能将不可用
3.设备通过提供所请求的PCR的值以及TCG日志来满足PCR读取请求
4.设备将包括对PCR读取请求的响应的“证明请求”放在一起
5.服务检查所提供的TCG日志、PCR值、以及可任选地咨询策略以确定主机所提供的TCG日志的内容是否是健康的(除了简单地匹配PCR值之外)
6.服务产生健康证书,该健康证书内部地编码TEE公共密钥以及主机健康的一组测量,如由健康证明服务214所确定的。
7.这一健康证书被主机存储以供稍后在VM启动和迁移流程中使用。
虚拟机主存和迁移
VM迁移是包含若干移动片段的复杂流程。它涉及源主机服务器、目标主机服务器、以及协调移动的管理服务。这一章节将主要聚焦于与VM迁移有关的密钥管理。VM迁移可以例如在以下情形之一中发生:
·在相同保管者的范围下从一个主机到另一主机
·从所有者到保管者
·从一个保管者到另一保管者
·从保管者回到所有者
在每一情形中,VM被假定穿越恶意领地(网络、存储、地址空间)。以上描述的保护有效载荷和PD本身的方式达成了VM及其密钥材料的安全端到端传输。
在每一VM迁移情景中,受保护的VM整体地从一个主机行经到另一主机或者去往/来自存储。在一个实施例中,VM包括以下构成块:
·vTPM加密密钥
·vTPM状态
·VM元数据
·一个或多个VHD
·VM存储器状态
·VM设备状态
vTPM加密密钥(例如,传输密钥或者从传输密钥导出的密钥)被加密,使得仅VM的所有者或保管者能够获得对它们的访问。传输密钥接着被向下传递到被授权查看它们的主机的TEE。
在一个说明性示例中,vTPM状态使用传输密钥或从传输密钥导出的加密密钥来加密;加密进一步使用认证密钥(也从相同的传输密钥导出)来认证。vTPM状态和保护它的传输密钥不会使主机的TEE不受保护。然而,应当领会,这仅仅是一个示例,并且实际上可以有落在本发明的各实施例范围内的无限数量的方式来使用密钥保护机密性和完整性。
元数据的敏感部分也可使用同样从传输密钥导出的不同认证密钥来认证(在一些实施例中,作为良好密码实践,用于验证vTPM经加密状态的有效性的认证密钥不会离开TEE,因此使用单独的密钥)。更一般地,在所解说的示例中,涉及这些秘密密钥的所有密码要么使用TEE要么TEE扩展之一(此类扩展可以是使用管理程序实施的代码完整性来保护的主机OS的内核)来完成。密钥分层结构可以被构建成,传输密钥在其根部,而VM状态的各个部分使用这一分层结构中的密钥来加密。
VHD被预设为使用受vTPM保护的FVEK来加密,从而迁移架构不做进一步的尝试来保护它。另外,承租人200从服务供应商201下载属于该承租人的VM并且直接运行(即,不涉及KDS 206)该VM是可能的。
最后,VM存储器和设备状态使用从主传输密钥导出的密钥来加密。这些可以使用对应的认证密钥来类似地认证。
在涉及受保护客VM的流程可以开始之前,若干先决条件被满足。
1.(可任选的——仅针对其中VMM 202协调迁移流程的情形)管理服务VMM(诸如可以从华盛顿州雷蒙德市微软公司获得的SCVMM)上线并且运行,可供源服务器和目标服务器两者使用。
2.密钥分发服务206和主机证明服务214上线。
3.源主机服务器(例如,主机207)使客虚拟机204上线并且运行。
4.在迁移的情形中,目标主机服务器(例如,主机213)是具备TEE能力的,并且上线和运行。
在任何实际迁移发生之前采取一系列步骤。由于可能存在于一些实施例中的极端时间约束,热迁移尤其要求在实际迁移尝试之前(一段时间或很久)采取这些步骤。注意,以下列表有目的地仅列举出新的供应,并且略去了公知的步骤,诸如源主机查询目标以获得主存新客VM的资源的可用性等。
1.源主机(例如,主机207)和目标主机(例如,主机213)完成了证明(例如,诸如以上所述的)
2.目标主机(例如,主机213)满足进入迁移策略,否则它没有资格接收VM状态——有用于在早期就建立这一认识,尽管主机对迁移策略的遵守应当由KDS 206在实际迁移时进行检查
3.成功证明使得能够通过对实体之间的数据的加密在源和目标主机的根TEE(具体地,在根TEE内部运行的迁移代理信托(trustlet))与KDS 206之间创建安全通信。
将现有VM转换成受保护VM
可以通过将承租人环境中的VM与vTPM相关联而将其转换成“受保护VM”状态。这通常预期接下来是将VM迁入服务供应商的结构。在一些实施例中,为了从常规VM中创建受保护VM,发生以下操作:
1.VM的PD被创建,并且用正确的所有者和保管者来填充
2.vTPM被创建,并且可任选地通过发放由恰适决策机构(诸如举例来说,承租人自己的证书决策机构)签署的背书证书来被证实。
3.加密技术(诸如BitLocker)在VM上被启用并且其VHD被完全加密
一旦VM的VHD已经被完全加密,VM是“足够安全”以被迁入服务供应商的结构。
全新PD的创建(与对现有PD的重新加密不同)不同于其他流程,因为在涉及PD的其他情形中,主机通过使其成功破解现有PD来认证KDS 206。在全新PD创建的情形中,这一原始的PD尚不存在。
一些实施例可以通过以“空”PD(由所有者和每一个被允许的承租人包装的已知进入密钥)开始来围绕新PD创建引导流程。这一空PD的守卫者是所有者本身。PD可供承租人中的任一者的主机用于VM创建任务。为了为新VM创建PD,主机将空PD提交给KDS,KDS返回两个密钥(用于进入的已知密钥,加上新的外出密钥)以及围绕外出密钥的PD。这一外出密钥被主机用于将VM迁出机器存储器203(或其他存储)或者迁移到服务供应商。
在创建外出密钥之后,主机可以创建和证实vTPM。一旦vTPM被创建和证实,它可以被附连到VM的元数据。VM的OS接着被重启,并且新的vTPM虚拟设备在下一次引导时被暴露于VM的OS。此时,OS自由地加密其VHD,诸如通过使用BitLocker。
主机上的VM启动
在主机能够迁出VM之前,它首先需要加载并运行VM。这通过将VM从离线存储进行下载来实现。VM的VHD被预设为是经加密的(例如,通过BitLocker),并且密钥被密封在VM的vTPM内部。vTPM状态使用传输密钥TKi以及帮助KDS为主机解包装密钥TKi相关联的数据(PDFi)来包装(消息Ai)。Ai和Fi两者都是VM元数据的一部分。
参考图4,逐步地,VM启动流程400为:
1.管理服务通过联系主机并且向主机提供到要被启动的VM的链接来在主机上发起VM启动。
2.主机接收到请求
3.主机联系离线存储以下载VM
4.在下载VM之后,主机在内部查看VM元数据并且继续构建向KDS的请求:
·提取块Ai(经包装的vTPM状态)和Fi(由KDS包装的vTPM加密密钥的PD)
·向KDS发送PD Fi以及主机的健康证书,该健康证书包含其TEE公共密钥STEPub
5.KDS接收请求并且认证该健康证书
·证书未期满
·证书上的签名有效(如果证书是自签署的,则该签名匹配证明服务的签名;否则该证书来自KDS所识别的证书决策机构(CA))
·(可任选的)证书中编码的发放策略对应于根据当前主机健康策略的健康主机
·注意:KDS不验证来自主机的请求占有对应于健康证书的私有密钥的有效性;其响应将使用请求方的公共TEE密钥来加密并且因而对于攻击者是无用的
6.KDS破解块Fi并且计算响应:
·处理进入PD以提取进入传输密钥:
o从Fi提取Di和Ei
o从Di提取Bi以及零个或更多个类型Ci消息
o在消息Bi和Ci之中,定位对应于KDS的行
o构建起始于守卫者的签署证书的证书链,以确保该链中的所有签署密钥证书向上滚动至所有者的签署证书(是能够自签署的唯一一个证书,并且如果它不是自签署的,则验证它是由受信决策机构(诸如举例来说弗吉尼亚州雷斯顿的威瑞信)签署的)。
o验证所有的消息Bi和Ci可能是有利的。
o从对应于KDS的消息Bi和Ci,解密TKi
o从TKi,导出TKi-a
o使用TKi-a,验证Ei内部的HMAC以及PD上的守卫者签名
·生成外出传输密钥TKe
·生成TKe的PD:
o从TEPub(获得自Bi)和TKe,生成Be
o从KEpub和TKe,生成Ce(这对于所有C消息执行,C消息可以是零个或更多个)
o从Be和Ce,生成De;在该处时将其自身标记为守卫者
o用TKe-a认证De,得到消息Ee
o使用De的签署密钥来签署De
o将De和Ee级联成外出PD Fe
·准备将TKi和TKe发送回主机
o生成TW并且从中生成TW-e和TW-a
o从TW、TW-a、TW-e、TKi、TKe和STEPub,生成H
·对主机的响应包括经级联的消息:H||Fe
7.主机从KDS接收到响应,并且将消息H以及Ai传递到TEE
8.TEE处理来自KDS的响应:
·从H,使用STEPri,解密TW
·从TW,导出TW-e和TW-a
·使用TW-e,解密TKi和TKe
·使用TW-a来认证对TKi和TKe的加密,因而认证KDS破解PD的能力(且因而认证KDS的真实性)
·从TKi导出加密和认证密钥——TKi-e和TKi-a
·使用TKi-e,从Ai解密vTPM状态
·使用TKi-a,认证vTPM状态加密
9.一旦vTPM状态被解密,TEE就启动vTPM
·TEE保持为TKe的值,直到当它不得不将vTPM迁出时为止(即,组成消息Ae并且将Ae||Fe发送给目标)
10.现在主机可以完成VM启动序列
实际迁移
在一些实施例中,出于前向加密原因,每一迁移实例要求单独针对该迁移有益的唯一密钥。这一设计提供的一种重要的安全性考量在于对VMM 202服务存在很少的信任或不存在信任。
用于涉及TEE状态的迁移的一种可能机制在图5中解说。图5中解说的流程500利用若干服务:“管理服务”(诸如SCVMM)、“证明服务”和“密钥分发服务”。证明服务和密钥分发服务可以共处一地,因为它们被同等地信任(并且比SCVMM更多地被信任)。
实际迁移开始于“密钥协议”,之后是实际的数据传递。
1.管理服务通过联系源主机并且向其提供要被迁移的虚拟机ID和目标主机的身份来发起迁移。
2.源主机将迁移请求以及外出传输密钥PD Fe转发给目标主机;从目标的角度来说,这是进入PD。
3.目标主机接收到迁移请求。
4.目标主机通过将它从源主机接收到的消息Fe以及其主机健康证书发送到KDS来请求KDS为它解包装传输密钥。
5.KDS按照上文针对源主机描述的相同方式来验证目标主机所呈现的主机健康证书。
6.KDS如对于上述VM启动那样对状态加密密钥完成类似的处理,只是这一次它返回密钥TKe和TKe而非TKi和TKe。
7.目标主机接收这一响应并且将其传递给其TEE以供解包装。
8.目标主机的TEE使用其私有TEE密钥TTEpri来解密密钥TKe
9.目标主机用信号向源主机指示它准备好进行实际迁移。
这完成了密钥协商阶段并且设置了用于最后一个步骤的阶段——实际安全数据传递。
10.最后,在以上的所有步骤都实现之后,两个服务器可以开始状态的传递——由TEE迁移信托在源上进行加密,并且被传递通过到目标TEE。
11.源和目标上的TEE使用所导出的密钥来处理vTPM状态加密和解密以将状态在彼此之间传递。
虚拟机备份和恢复
从密钥管理和数据流角度来看,备份和恢复流程与从源服务器迁出到某一静止数据存储设施,然后(在之后的某一时间)将相同数据迁入目标服务器非常相似。如此被备份的静止数据不要求任何附加的保护,因为该流程已经被设计成穿过非安全境地。唯一的要求是VM ID和经加密的(由KDS)迁移密钥与VM状态一起存储,因为这些被密钥分发服务用来解封恢复必需的解密密钥的使用。
前向加密的要求将受到最优服务,如果备份VM状态的主机获得新的加密密钥并且在备份VM状态之前使用它来重新加密VM状态。
群集内部的虚拟机故障转移
群集内部的VM故障转移也可被认为是迁移的一种特例;在该情形中,群集中的所有节点共享由该群集主存的每一VM ID的相同VM元数据,并且因而能够在任何故障转移之前从KDS获得迁移密钥。群集中的各节点共享其中VM数据所位于的存储;因为群集中的所有节点就要使用哪个经包装的VM密钥协商一致,密钥协商同样地易于建立以确保快速且安全的故障转移。具体地,故障转移场景不要求前向加密,因此vTPM用其来加密的密钥不会改变,只要VM留在群集内。
数据中心之间的虚拟机迁移
只要VM的PD包含数据中心作为保管者,迁移就与承租人到服务供应商情形中的情形没什么区别——接收方保管者破开PD,生成新PD并且将其自身设为PD的守卫者。新PD中的传输密钥对所有者和每一保管者加密,如之前那样。
下面的讨论现在涉及可被执行的多个方法和方法动作。尽管这些方法动作可以以特定次序被讨论或在流程图中被例示为以指定次序发生,但是除非特别指明否则不需要任何特定排序,或者因某一动作取决于在该动作被执行之前完成的另一个动作而要求特定排序。
现在参考图6,例示出方法600。方法600可以在计算环境中实施。该方法包括管理经加密的数据集的动作。该方法包括获得第一解密密钥(动作602)。第一解密密钥被配置成被用于对使用第一加密机制被加密的经加密数据集进行解密。第一加密机制与可被用于解密该数据集的第一解密密钥相关联。
该方法600进一步包括用第二加密机制来加密第一解密密钥(动作604)。第二加密机制与第一实体所使用的第二解密密钥相关联,以使得第二解密密钥可被第一实体通过首先使用第二解密密钥对第一经加密密钥进行解密并且接着使用经解密的第一密钥来解密该数据集来解密该数据集。
该方法600进一步包括用第三加密机制来加密第一解密密钥(动作606)。第三加密机制与第二实体所使用的第三解密密钥相关联,以使得第三解密密钥可被第二实体用于通过首先使用第三解密密钥对经第一密钥加密的密钥进行解密并且接着使用经解密的第一密钥来解密该数据集来解密该数据集。
该方法600进一步包括创建一个包,该包包括至少用第二加密方法加密的第一解密密钥以及用第三加密方法加密的第一解密密钥(动作608)。
该方法进一步包括用守卫者签名来签署该包(动作610),并且用从第一解密密钥中创建的签名来签署该包(动作612)。
而且,各方法可由计算机系统实现,计算机系统包括一个或多个处理器以及诸如计算机存储器这样的计算机可读介质。特别是,计算机存储器可以存储计算机可执行指令,该计算机可执行指令在由一个或多个处理器执行时使各种功能得以被执行,诸如各实施例中记载的动作。
本发明的各实施例可以包括或使用包括计算机硬件的专用或通用计算机,如以下更详细讨论的。本发明范围内的各实施例也包括用于实现或存储计算机可执行指令和/或数据结构的实体及其它计算机可读介质。这样的计算机可读介质可以是可由通用或专用计算机系统访问的任何可用介质。存储计算机可执行指令的计算机可读介质是物理存储介质。承载计算机可执行指令的计算机可读介质是传输介质。由此,作为示例而非限制,本发明的各实施例可包括至少两种显著不同的计算机可读介质:物理计算机可读存储介质和传输计算机可读介质。
物理计算机可读存储介质包括RAM、ROM、EEPROM、CD-ROM或其他光盘存储器(诸如CD、DVD等)、磁盘存储器或其他磁性存储设备、或者可用于存储计算机执行指令或数据结构形式的期望程序代码装置并且可被通用或专用计算机访问的任何其他介质。
“网络”被定义为使得电子数据能够在计算机系统和/或模块和/或其它电子设备之间传输的一个或多个数据链路。当信息通过网络或另一个通信连接(硬连线、无线、或者硬连线或无线的组合)传输或提供给计算机时,该计算机将该连接适当地视为传输介质。传输介质可以包括可用于携带计算机可执行指令或数据结构形式的期望程序代码装置并可被通用或专用计算机访问的网络和/或数据链路。以上的组合也被包括在计算机可读介质的范围内。
此外,在到达各种计算机系统组件之后,计算机可执行指令或数据结构形式的程序代码装置可从传输计算机可读介质自动转移到物理计算机可读存储介质(或者相反)。例如,通过网络或数据链路接收到的计算机可执行指令或数据结构可被缓存在网络接口模块(例如,“NIC”)内的RAM中,并且然后最终被传输至计算机系统RAM和/或计算机系统处的较不易失性的计算机可读物理存储介质。因此,计算机可读物理存储介质可以被包括在同样(或甚至主要)利用传输介质的计算机系统组件中。
计算机可执行指令包括例如使通用计算机、专用计算机或专用处理设备执行某一功能或一组功能的指令和数据。计算机可执行指令可以是例如二进制代码、诸如汇编语言之类的中间格式指令、或甚至源代码。尽管用结构特征和/或方法动作专用的语言描述了本主题,但可以理解,所附权利要求书中定义的主题不必限于上述特征或动作。相反,上述特征和动作是作为实现权利要求的示例形式而公开的。
本领域的技术人员将理解,本发明可以在具有许多类型的计算机系统配置的网络计算环境中实践,这些计算机系统配置包括个人计算机、台式计算机、膝上型计算机、消息处理器、手持式设备、多处理器系统、基于微处理器的或可编程消费电子设备、网络PC、小型计算机、大型计算机、移动电话、PDA、寻呼机、路由器、交换机等等。本发明也可在其中通过网络链接(或者通过硬连线数据链路、无线数据链路,或者通过硬连线和无线数据链路的组合)的本地和远程计算机系统两者都执行任务的分布式系统环境中实施。在分布式系统环境中,程序模块可以位于本地和远程存储器存储设备二者中。
替换地或附加地,此处描述的功能可以至少部分由一个或多个硬件逻辑组件来执行。例如、但非限制,可使用的硬件逻辑组件的说明性类型包括现场可编程门阵列(FPGA)、程序专用的集成电路(ASIC)、程序专用的标准产品(ASSP)、片上系统系统(SOC)、复杂可编程逻辑器件(CPLD)、等等。
本发明可以以其他具体形式来体现,而不背离其精神或特征。所描述的实施例在所有方面都应被认为仅是说明性而非限制性的。从而,本发明的范围由所附权利要求书而非前述描述指示。落入权利要求书的等效方案的含义和范围内的所有改变应被权利要求书的范围所涵盖。
Claims (14)
1.一种在计算环境中的管理经加密的数据集的方法,所述方法包括:
获得第一解密密钥,所述第一解密密钥被配置成被用于解密使用第一加密机制被加密的经加密的数据集,所述第一加密机制与能够被用于解密所述数据集的所述第一解密密钥相关联;
用第二加密机制加密所述第一解密密钥,所述第二加密机制与第一实体所使用的第二解密密钥相关联,以使得所述第二解密密钥能够被所述第一实体用于通过首先使用所述第二解密密钥来解密用第一密钥加密的密钥并接着使用经解密的第一密钥来解密所述数据集来解密所述数据集;
用第三加密机制加密所述第一解密密钥,所述第三加密机制与第二实体所使用的第三解密密钥相关联,以使得所述第三解密密钥能够被所述第二实体用于通过首先使用所述第三解密密钥来解密用所述第一密钥加密的密钥并接着使用经解密的第一密钥来解密所述数据集来解密所述数据集;
创建一个包,所述包包括至少用第二加密方法加密的第一解密密钥以及用第三加密方法加密的第一解密密钥;
用守卫者签名签署所述包;以及
用从所述第一解密密钥创建的签名签署所述包;
其中所述数据集包括虚拟机的各部分;
其中密钥分层结构被构建成,所述密钥分层结构的根部是所述第一解密秘钥,并且所述虚拟机的各部分使用这一分层结构中的密钥来加密;
其中所述第一实体是所述虚拟机的主机服务供应商,而所述第二实体是所述主机服务供应商的承租人。
2.如权利要求1所述的方法,其特征在于,所述第一密钥是所述虚拟机的vTPM的主密钥。
3.如权利要求1所述的方法,其特征在于,所述数据集包括VM的供应信息。
4.如权利要求1所述的方法,其特征在于,所述数据集包括vTPM状态。
5.如权利要求1所述的方法,其特征在于,所述包包括对多个不同保管者的不同加密机制加密的第一解密密钥的多个副本。
6.一种在计算环境中的管理经加密的数据集的系统,所述系统包括:
一个或多个处理器;以及
一个或多个计算机可读介质,其中所述一个或多个计算机可读介质包括计算机可执行指令,所述计算机可执行指令在由所述一个或多个处理器中的至少一个处理器执行时使得所述系统执行以下操作:
获得第一解密密钥,所述第一解密密钥被配置成被用于解密使用第一加密机制被加密的经加密的数据集,所述第一加密机制与能够被用于解密所述数据集的所述第一解密密钥相关联;
用第二加密机制加密所述第一解密密钥,所述第二加密机制与第一实体所使用的第二解密密钥相关联,以使得所述第二解密密钥能够被所述第一实体用于通过首先使用所述第二解密密钥来解密用第一密钥加密的密钥并接着使用经解密的第一密钥来解密所述数据集来解密所述数据集;
用第三加密机制加密所述第一解密密钥,所述第三加密机制与第二实体所使用的第三解密密钥相关联,以使得所述第三解密密钥能够被所述第二实体用于通过首先使用所述第三解密密钥来解密用所述第一密钥加密的密钥并接着使用经解密的第一密钥来解密所述数据集来解密所述数据集;
创建一个包,所述包包括至少用第二加密方法加密的第一解密密钥以及用第三加密方法加密的第一解密密钥;
用守卫者签名签署所述包;以及
用从所述第一解密密钥创建的签名签署所述包;
其中所述数据集包括虚拟机的各部分;
其中密钥分层结构被构建成,所述密钥分层结构的根部是所述第一解密秘钥,并且所述虚拟机的各部分使用这一分层结构中的密钥来加密;
其中所述第一实体是所述虚拟机的主机服务供应商,而所述第二实体是所述主机服务供应商的承租人。
7.如权利要求6所述的系统,其特征在于,所述第一密钥是所述虚拟机的vTPM的主密钥。
8.如权利要求6所述的系统,其特征在于,所述数据集包括VM的供应信息。
9.如权利要求6所述的系统,其特征在于,所述数据集包括vTPM状态。
10.如权利要求6所述的系统,其特征在于,所述包包括对多个不同保管者的不同加密机制加密的第一解密密钥的多个副本。
11.一种或多种包括计算机可执行指令的物理计算机可读存储介质,所述计算机可执行指令在由一个或多个处理器中的至少一个处理器执行时使得系统执行以下操作:
获得第一解密密钥,所述第一解密密钥被配置成被用于解密使用第一加密机制被加密的经加密的数据集,所述第一加密机制与能够被用于解密所述数据集的所述第一解密密钥相关联;
用第二加密机制加密所述第一解密密钥,所述第二加密机制与第一实体所使用的第二解密密钥相关联,以使得所述第二解密密钥能够被所述第一实体用于通过首先使用所述第二解密密钥来解密用第一密钥加密的密钥并接着使用经解密的第一密钥来解密所述数据集来解密所述数据集;
用第三加密机制加密所述第一解密密钥,所述第三加密机制与第二实体所使用的第三解密密钥相关联,以使得所述第三解密密钥能够被所述第二实体用于通过首先使用所述第三解密密钥来解密用所述第一密钥加密的密钥并接着使用经解密的第一密钥来解密所述数据集来解密所述数据集;
创建一个包,所述包包括至少用第二加密方法加密的第一解密密钥以及用第三加密方法加密的第一解密密钥;
用守卫者签名签署所述包;以及
用从所述第一解密密钥创建的签名签署所述包;
其中所述数据集包括虚拟机的各部分;
其中密钥分层结构被构建成,所述密钥分层结构的根部是所述第一解密秘钥,并且所述虚拟机的各部分使用这一分层结构中的密钥来加密;
其中所述第一实体是所述虚拟机的主机服务供应商,而所述第二实体是所述主机服务供应商的承租人。
12.如权利要求11所述的一种或多种物理计算机可读存储介质,其特征在于,所述第一密钥是所述虚拟机的vTPM的主密钥。
13.如权利要求11所述的一种或多种物理计算机可读存储介质,其特征在于,所述数据集包括VM的供应信息。
14.如权利要求11所述的一种或多种物理计算机可读存储介质,其特征在于,所述数据集包括vTPM状态。
Applications Claiming Priority (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201461988786P | 2014-05-05 | 2014-05-05 | |
US61/988,786 | 2014-05-05 | ||
US14/481,399 US9652631B2 (en) | 2014-05-05 | 2014-09-09 | Secure transport of encrypted virtual machines with continuous owner access |
US14/481,399 | 2014-09-09 | ||
PCT/US2015/028991 WO2015171476A1 (en) | 2014-05-05 | 2015-05-04 | Secure transport of encrypted virtual machines with continuous owner access |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106462439A CN106462439A (zh) | 2017-02-22 |
CN106462439B true CN106462439B (zh) | 2020-02-07 |
Family
ID=54356002
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201580023933.5A Active CN106462439B (zh) | 2014-05-05 | 2015-05-04 | 以持续所有者访问对加密虚拟机的安全传输 |
CN201580023853.XA Active CN106462438B (zh) | 2014-05-05 | 2015-05-04 | 包含受信执行环境的主机的证明 |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201580023853.XA Active CN106462438B (zh) | 2014-05-05 | 2015-05-04 | 包含受信执行环境的主机的证明 |
Country Status (7)
Country | Link |
---|---|
US (4) | US9652631B2 (zh) |
EP (2) | EP3140950B1 (zh) |
JP (2) | JP6665113B2 (zh) |
CN (2) | CN106462439B (zh) |
BR (2) | BR112016024453B1 (zh) |
RU (2) | RU2679721C2 (zh) |
WO (2) | WO2015171476A1 (zh) |
Families Citing this family (290)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102183852B1 (ko) * | 2013-11-22 | 2020-11-30 | 삼성전자주식회사 | 전자 장치의 무결성 검증을 위한 방법, 저장 매체 및 전자 장치 |
US9519498B2 (en) | 2013-12-24 | 2016-12-13 | Microsoft Technology Licensing, Llc | Virtual machine assurances |
US9792448B2 (en) | 2014-02-28 | 2017-10-17 | Advanced Micro Devices, Inc. | Cryptographic protection of information in a processing system |
US9652631B2 (en) | 2014-05-05 | 2017-05-16 | Microsoft Technology Licensing, Llc | Secure transport of encrypted virtual machines with continuous owner access |
US9760712B2 (en) * | 2014-05-23 | 2017-09-12 | Vmware, Inc. | Application whitelisting using user identification |
CN104268477B (zh) * | 2014-09-26 | 2017-09-26 | 华为技术有限公司 | 一种安全控制方法及网络设备 |
US10048974B1 (en) | 2014-09-30 | 2018-08-14 | Amazon Technologies, Inc. | Message-based computation request scheduling |
US9830193B1 (en) | 2014-09-30 | 2017-11-28 | Amazon Technologies, Inc. | Automatic management of low latency computational capacity |
US9678773B1 (en) | 2014-09-30 | 2017-06-13 | Amazon Technologies, Inc. | Low latency computational capacity provisioning |
US9323556B2 (en) | 2014-09-30 | 2016-04-26 | Amazon Technologies, Inc. | Programmatic event detection and message generation for requests to execute program code |
US9146764B1 (en) | 2014-09-30 | 2015-09-29 | Amazon Technologies, Inc. | Processing event messages for user requests to execute program code |
US9715402B2 (en) | 2014-09-30 | 2017-07-25 | Amazon Technologies, Inc. | Dynamic code deployment and versioning |
US9600312B2 (en) | 2014-09-30 | 2017-03-21 | Amazon Technologies, Inc. | Threading as a service |
US9584317B2 (en) | 2014-10-13 | 2017-02-28 | Microsoft Technology Licensing, Llc | Identifying security boundaries on computing devices |
US10229272B2 (en) | 2014-10-13 | 2019-03-12 | Microsoft Technology Licensing, Llc | Identifying security boundaries on computing devices |
US10303879B1 (en) * | 2014-11-06 | 2019-05-28 | Amazon Technologies, Inc. | Multi-tenant trusted platform modules |
US9519787B2 (en) | 2014-11-14 | 2016-12-13 | Microsoft Technology Licensing, Llc | Secure creation of encrypted virtual machines from encrypted templates |
US9413626B2 (en) | 2014-12-05 | 2016-08-09 | Amazon Technologies, Inc. | Automatic management of resource sizing |
WO2016112338A1 (en) * | 2015-01-08 | 2016-07-14 | Intertrust Technologies Corporation | Cryptographic systems and methods |
US10013567B2 (en) * | 2015-01-27 | 2018-07-03 | Apple Inc. | Private and public sharing of electronic assets |
US9621948B2 (en) | 2015-01-29 | 2017-04-11 | Universal Electronics Inc. | System and method for prioritizing and filtering CEC commands |
US9588790B1 (en) | 2015-02-04 | 2017-03-07 | Amazon Technologies, Inc. | Stateful virtual compute system |
US9733967B2 (en) | 2015-02-04 | 2017-08-15 | Amazon Technologies, Inc. | Security protocols for low latency execution of program code |
US9712503B1 (en) * | 2015-03-23 | 2017-07-18 | Amazon Technologies, Inc. | Computing instance migration |
US9756050B1 (en) * | 2015-03-26 | 2017-09-05 | Amazon Technologies, Inc. | Using transient processing containers for security authorization |
US20160292431A1 (en) * | 2015-04-02 | 2016-10-06 | defend7, Inc. | Management of encryption keys in an application container environment |
US9930103B2 (en) | 2015-04-08 | 2018-03-27 | Amazon Technologies, Inc. | Endpoint management system providing an application programming interface proxy service |
US9785476B2 (en) | 2015-04-08 | 2017-10-10 | Amazon Technologies, Inc. | Endpoint management system and virtual compute system |
US10078549B2 (en) | 2015-05-19 | 2018-09-18 | Vmware, Inc. | Maintaining hole boundary information for restoring snapshots from parity |
US9652634B2 (en) * | 2015-05-19 | 2017-05-16 | Vmware, Inc. | Maintaing encryption keys to provide encryption on top of data deduplication |
US9866574B1 (en) * | 2015-06-01 | 2018-01-09 | Amazon Technologies, Inc. | Protected data type handling awareness |
US10395029B1 (en) * | 2015-06-30 | 2019-08-27 | Fireeye, Inc. | Virtual system and method with threat protection |
US11113086B1 (en) | 2015-06-30 | 2021-09-07 | Fireeye, Inc. | Virtual system and method for securing external network connectivity |
US10642753B1 (en) | 2015-06-30 | 2020-05-05 | Fireeye, Inc. | System and method for protecting a software component running in virtual machine using a virtualization layer |
US10726127B1 (en) | 2015-06-30 | 2020-07-28 | Fireeye, Inc. | System and method for protecting a software component running in a virtual machine through virtual interrupts by the virtualization layer |
US10002014B2 (en) | 2015-07-10 | 2018-06-19 | International Business Machines Corporation | Management of a virtual machine in a virtualized computing environment based on a fabric limit |
US9973432B2 (en) | 2015-07-10 | 2018-05-15 | International Business Machines Corporation | Load balancing in a virtualized computing environment based on a fabric limit |
US10002015B2 (en) * | 2015-07-10 | 2018-06-19 | International Business Machines Corporation | Delayed boot of a virtual machine in a virtualized computing environment based on a fabric limit |
US10230529B2 (en) * | 2015-07-31 | 2019-03-12 | Microsft Technology Licensing, LLC | Techniques to secure computation data in a computing environment |
US9768966B2 (en) * | 2015-08-07 | 2017-09-19 | Google Inc. | Peer to peer attestation |
US11150927B1 (en) * | 2015-08-10 | 2021-10-19 | Amazon Technologies, Inc. | Policy-based virtual machine instance cotenancy |
US10929797B1 (en) * | 2015-09-23 | 2021-02-23 | Amazon Technologies, Inc. | Fault tolerance determinations for networked resources |
US9928108B1 (en) | 2015-09-29 | 2018-03-27 | Amazon Technologies, Inc. | Metaevent handling for on-demand code execution environments |
US10042660B2 (en) | 2015-09-30 | 2018-08-07 | Amazon Technologies, Inc. | Management of periodic requests for compute capacity |
US9917687B2 (en) * | 2015-10-12 | 2018-03-13 | Microsoft Technology Licensing, Llc | Migrating secrets using hardware roots of trust for devices |
CN106775917B (zh) * | 2015-11-19 | 2020-03-24 | 苏宁云计算有限公司 | 一种虚拟机启动的方法及系统 |
US10025947B1 (en) * | 2015-11-30 | 2018-07-17 | Ims Health Incorporated | System and method to produce a virtually trusted database record |
US9894051B2 (en) | 2015-12-14 | 2018-02-13 | International Business Machines Corporation | Extending shrouding capability of hosting system |
US9882901B2 (en) | 2015-12-14 | 2018-01-30 | International Business Machines Corporation | End-to-end protection for shrouded virtual servers |
JP2017111581A (ja) * | 2015-12-15 | 2017-06-22 | キヤノン株式会社 | 情報処理システム、制御方法 |
US10013267B1 (en) | 2015-12-16 | 2018-07-03 | Amazon Technologies, Inc. | Pre-triggers for code execution environments |
US10754701B1 (en) | 2015-12-16 | 2020-08-25 | Amazon Technologies, Inc. | Executing user-defined code in response to determining that resources expected to be utilized comply with resource restrictions |
US9811434B1 (en) | 2015-12-16 | 2017-11-07 | Amazon Technologies, Inc. | Predictive management of on-demand code execution |
US9830449B1 (en) * | 2015-12-16 | 2017-11-28 | Amazon Technologies, Inc. | Execution locations for request-driven code |
US9910713B2 (en) | 2015-12-21 | 2018-03-06 | Amazon Technologies, Inc. | Code execution request routing |
US10067801B1 (en) | 2015-12-21 | 2018-09-04 | Amazon Technologies, Inc. | Acquisition and maintenance of compute capacity |
US10002026B1 (en) | 2015-12-21 | 2018-06-19 | Amazon Technologies, Inc. | Acquisition and maintenance of dedicated, reserved, and variable compute capacity |
US10079693B2 (en) * | 2015-12-28 | 2018-09-18 | Netapp, Inc. | Storage cluster management proxy |
WO2017131712A1 (en) * | 2016-01-28 | 2017-08-03 | Hewlett-Packard Development Company, L.P. | Thresholds on scripts executable by unified extensible firmware interface systems |
US10681078B2 (en) | 2016-06-10 | 2020-06-09 | Sophos Limited | Key throttling to mitigate unauthorized file access |
US10791097B2 (en) * | 2016-04-14 | 2020-09-29 | Sophos Limited | Portable encryption format |
US10650154B2 (en) | 2016-02-12 | 2020-05-12 | Sophos Limited | Process-level control of encrypted content |
US10686827B2 (en) | 2016-04-14 | 2020-06-16 | Sophos Limited | Intermediate encryption for exposed content |
US11429412B2 (en) | 2016-02-25 | 2022-08-30 | Red Hat Israel, Ltd. | Guest protection from application code execution in kernel mode |
CN105825131B (zh) * | 2016-03-16 | 2018-12-21 | 广东工业大学 | 一种基于uefi的计算机安全启动防护方法 |
US10326744B1 (en) * | 2016-03-21 | 2019-06-18 | EMC IP Holding Company LLC | Security layer for containers in multi-tenant environments |
US10063372B1 (en) * | 2016-03-25 | 2018-08-28 | EMC IP Holding Company LLC | Generating pre-encrypted keys |
US20170277898A1 (en) * | 2016-03-25 | 2017-09-28 | Advanced Micro Devices, Inc. | Key management for secure memory address spaces |
US10891145B2 (en) | 2016-03-30 | 2021-01-12 | Amazon Technologies, Inc. | Processing pre-existing data sets at an on demand code execution environment |
US10162672B2 (en) | 2016-03-30 | 2018-12-25 | Amazon Technologies, Inc. | Generating data streams from pre-existing data sets |
US11132213B1 (en) | 2016-03-30 | 2021-09-28 | Amazon Technologies, Inc. | Dependency-based process of pre-existing data sets at an on demand code execution environment |
US11379385B2 (en) * | 2016-04-16 | 2022-07-05 | Vmware, Inc. | Techniques for protecting memory pages of a virtual computing instance |
US10228924B2 (en) * | 2016-04-19 | 2019-03-12 | International Business Machines Corporation | Application deployment and monitoring in a cloud environment to satisfy integrity and geo-fencing constraints |
EP3244568B1 (en) * | 2016-05-13 | 2019-01-09 | Talenta s.r.o. | Electronic locking system |
US10135622B2 (en) * | 2016-06-03 | 2018-11-20 | Intel Corporation | Flexible provisioning of attestation keys in secure enclaves |
US10282229B2 (en) | 2016-06-28 | 2019-05-07 | Amazon Technologies, Inc. | Asynchronous task management in an on-demand network code execution environment |
US10102040B2 (en) | 2016-06-29 | 2018-10-16 | Amazon Technologies, Inc | Adjusting variable limit on concurrent code executions |
US10127068B2 (en) | 2016-06-30 | 2018-11-13 | Amazon Technologies, Inc. | Performance variability reduction using an opportunistic hypervisor |
GB2551983B (en) | 2016-06-30 | 2020-03-04 | Sophos Ltd | Perimeter encryption |
US10203990B2 (en) | 2016-06-30 | 2019-02-12 | Amazon Technologies, Inc. | On-demand network code execution with cross-account aliases |
US10277708B2 (en) | 2016-06-30 | 2019-04-30 | Amazon Technologies, Inc. | On-demand network code execution with cross-account aliases |
US10318311B2 (en) * | 2016-06-30 | 2019-06-11 | Amazon Technologies, Inc. | Memory allocation techniques at partially-offloaded virtualization managers |
US10460113B2 (en) * | 2016-08-16 | 2019-10-29 | International Business Machines Corporation | Security fix of a container in a virtual machine environment |
US20180060077A1 (en) * | 2016-08-26 | 2018-03-01 | Qualcomm Incorporated | Trusted platform module support on reduced instruction set computing architectures |
US10460118B2 (en) | 2016-08-30 | 2019-10-29 | Workday, Inc. | Secure storage audit verification system |
US10177908B2 (en) * | 2016-08-30 | 2019-01-08 | Workday, Inc. | Secure storage decryption system |
US10187203B2 (en) * | 2016-08-30 | 2019-01-22 | Workday, Inc. | Secure storage encryption system |
US10177910B2 (en) * | 2016-08-31 | 2019-01-08 | Microsoft Technology Licensing, Llc | Preserving protected secrets across a secure boot update |
WO2018054473A1 (en) * | 2016-09-22 | 2018-03-29 | Telefonaktiebolaget Lm Ericsson (Publ) | Version control for trusted computing |
US10061613B1 (en) | 2016-09-23 | 2018-08-28 | Amazon Technologies, Inc. | Idempotent task execution in on-demand network code execution systems |
US10884787B1 (en) | 2016-09-23 | 2021-01-05 | Amazon Technologies, Inc. | Execution guarantees in an on-demand network code execution system |
US10320571B2 (en) * | 2016-09-23 | 2019-06-11 | Microsoft Technology Licensing, Llc | Techniques for authenticating devices using a trusted platform module device |
US11119813B1 (en) | 2016-09-30 | 2021-09-14 | Amazon Technologies, Inc. | Mapreduce implementation using an on-demand network code execution system |
US10310885B2 (en) * | 2016-10-25 | 2019-06-04 | Microsoft Technology Licensing, Llc | Secure service hosted in a virtual security environment |
US10462212B2 (en) * | 2016-10-28 | 2019-10-29 | At&T Intellectual Property I, L.P. | Hybrid clouds |
KR102511451B1 (ko) | 2016-11-09 | 2023-03-17 | 삼성전자주식회사 | 리치 실행 환경에서 보안 어플리케이션을 안전하게 실행하는 컴퓨팅 시스템 |
US10447668B1 (en) * | 2016-11-14 | 2019-10-15 | Amazon Technologies, Inc. | Virtual cryptographic module with load balancer and cryptographic module fleet |
US10855464B2 (en) * | 2016-11-23 | 2020-12-01 | Vmware, Inc. | Methods and apparatus to manage credentials in hyper-converged infrastructures |
US10482034B2 (en) * | 2016-11-29 | 2019-11-19 | Microsoft Technology Licensing, Llc | Remote attestation model for secure memory applications |
CN108243163B (zh) * | 2016-12-26 | 2020-11-13 | 航天信息股份有限公司 | 一种物流运输的加密安全控制方法、装置及系统 |
CN110121857B (zh) * | 2016-12-30 | 2021-02-09 | 华为技术有限公司 | 一种凭据分发的方法和设备 |
EP3550781B1 (en) * | 2016-12-30 | 2021-02-17 | Huawei Technologies Co., Ltd. | Private information distribution method and device |
US10530777B2 (en) * | 2017-01-24 | 2020-01-07 | Microsoft Technology Licensing, Llc | Data unsealing with a sealing enclave |
US10897360B2 (en) | 2017-01-26 | 2021-01-19 | Microsoft Technology Licensing, Llc | Addressing a trusted execution environment using clean room provisioning |
US10419402B2 (en) * | 2017-01-26 | 2019-09-17 | Microsoft Technology Licensing, Llc | Addressing a trusted execution environment using signing key |
US10972265B2 (en) | 2017-01-26 | 2021-04-06 | Microsoft Technology Licensing, Llc | Addressing a trusted execution environment |
US10897459B2 (en) * | 2017-01-26 | 2021-01-19 | Microsoft Technology Licensing, Llc | Addressing a trusted execution environment using encryption key |
US10250517B2 (en) | 2017-02-03 | 2019-04-02 | Microsoft Technology Licensing, Llc | Completion-side client throttling |
US11108698B2 (en) | 2017-02-03 | 2021-08-31 | Microsoft Technology Licensing, Llc | Systems and methods for client-side throttling after server handling in a trusted client component |
US10496425B2 (en) * | 2017-02-21 | 2019-12-03 | Red Hat, Inc. | Systems and methods for providing processor state protections in a virtualized environment |
CN108469986B (zh) | 2017-02-23 | 2021-04-09 | 华为技术有限公司 | 一种数据迁移方法及装置 |
CN107797817B (zh) * | 2017-03-13 | 2021-02-19 | 平安科技(深圳)有限公司 | 应用更新方法和装置 |
JP6408627B2 (ja) * | 2017-03-14 | 2018-10-17 | Kddi株式会社 | 遠隔機器制御システム、及び、遠隔機器制御方法 |
US10509733B2 (en) | 2017-03-24 | 2019-12-17 | Red Hat, Inc. | Kernel same-page merging for encrypted memory |
US10169577B1 (en) * | 2017-03-28 | 2019-01-01 | Symantec Corporation | Systems and methods for detecting modification attacks on shared physical memory |
US20180288101A1 (en) * | 2017-03-29 | 2018-10-04 | Hewlett Packard Enterprise Development Lp | Verifying that usage of virtual network function (vnf) by a plurality of compute nodes comply with allowed usage rights |
US10956193B2 (en) * | 2017-03-31 | 2021-03-23 | Microsoft Technology Licensing, Llc | Hypervisor virtual processor execution with extra-hypervisor scheduling |
US9992029B1 (en) * | 2017-04-05 | 2018-06-05 | Stripe, Inc. | Systems and methods for providing authentication to a plurality of devices |
US10587411B2 (en) | 2017-04-11 | 2020-03-10 | International Business Machines Corporation | Zero-knowledge verifiably attestable transaction containers using secure processors |
US10209917B2 (en) | 2017-04-20 | 2019-02-19 | Red Hat, Inc. | Physical memory migration for secure encrypted virtual machines |
US10423791B2 (en) * | 2017-04-27 | 2019-09-24 | Microsoft Technology Licensing, Llc | Enabling offline restart of shielded virtual machines using key caching |
US10379764B2 (en) | 2017-05-11 | 2019-08-13 | Red Hat, Inc. | Virtual machine page movement for encrypted memory |
US10747585B2 (en) * | 2017-05-26 | 2020-08-18 | Vmware Inc. | Methods and apparatus to perform data migration in a distributed environment |
US10860724B2 (en) * | 2017-06-13 | 2020-12-08 | Microsoft Technology Licensing, Llc | Active key rolling for sensitive data protection |
US10771439B2 (en) * | 2017-06-28 | 2020-09-08 | Microsoft Technology Licensing, Llc | Shielded networks for virtual machines |
US10445009B2 (en) * | 2017-06-30 | 2019-10-15 | Intel Corporation | Systems and methods of controlling memory footprint |
CN109218260B (zh) | 2017-07-03 | 2020-11-06 | 深圳市中兴微电子技术有限公司 | 一种基于可信任环境的认证保护系统及方法 |
US10819696B2 (en) * | 2017-07-13 | 2020-10-27 | Microsoft Technology Licensing, Llc | Key attestation statement generation providing device anonymity |
US11354420B2 (en) | 2017-07-21 | 2022-06-07 | Red Hat, Inc. | Re-duplication of de-duplicated encrypted memory |
US11726813B2 (en) * | 2017-08-01 | 2023-08-15 | Cable Television Laboratories, Inc. | Systems and methods for establishing scalable credential creation and access |
US10848494B2 (en) * | 2017-08-14 | 2020-11-24 | Microsoft Technology Licensing, Llc | Compliance boundaries for multi-tenant cloud environment |
US10534921B2 (en) | 2017-08-23 | 2020-01-14 | Red Hat, Inc. | Copy and decrypt support for encrypted virtual machines |
US10693844B2 (en) * | 2017-08-24 | 2020-06-23 | Red Hat, Inc. | Efficient migration for encrypted virtual machines by active page copying |
US10841089B2 (en) * | 2017-08-25 | 2020-11-17 | Nutanix, Inc. | Key managers for distributed computing systems |
US10831935B2 (en) | 2017-08-31 | 2020-11-10 | Pure Storage, Inc. | Encryption management with host-side data reduction |
US11947489B2 (en) | 2017-09-05 | 2024-04-02 | Robin Systems, Inc. | Creating snapshots of a storage volume in a distributed storage system |
US20190087580A1 (en) * | 2017-09-19 | 2019-03-21 | Microsoft Technology Licensing, Llc | Secure launch for a hypervisor |
CN111066284B (zh) * | 2017-10-09 | 2021-06-29 | 华为技术有限公司 | 一种业务证书管理方法、终端及服务器 |
US11943368B2 (en) * | 2017-11-03 | 2024-03-26 | Microsoft Technology Licensing, Llc | Provisioning trusted execution environment based on chain of trust including platform |
US10713144B2 (en) * | 2017-11-15 | 2020-07-14 | General Electric Company | Virtual processor enabling real-time in situ disassembly and debugging in SoC environment |
US20200358603A1 (en) * | 2017-11-20 | 2020-11-12 | Telefonaktiebolaget Lm Ericsson (Publ) | Deployment of Components of a Distributed Application to Runtime Environments |
US10922132B1 (en) * | 2017-12-11 | 2021-02-16 | Amazon Technologies, Inc. | Secure migration of servers from customer networks to service provider systems |
US10303492B1 (en) | 2017-12-13 | 2019-05-28 | Amazon Technologies, Inc. | Managing custom runtimes in an on-demand code execution system |
US10564946B1 (en) | 2017-12-13 | 2020-02-18 | Amazon Technologies, Inc. | Dependency handling in an on-demand network code execution system |
US11113400B1 (en) * | 2017-12-26 | 2021-09-07 | Virtuozzo International Gmbh | System and method for providing distributed compute platform on untrusted hardware |
US11748203B2 (en) | 2018-01-11 | 2023-09-05 | Robin Systems, Inc. | Multi-role application orchestration in a distributed storage system |
US11582168B2 (en) | 2018-01-11 | 2023-02-14 | Robin Systems, Inc. | Fenced clone applications |
US11392363B2 (en) | 2018-01-11 | 2022-07-19 | Robin Systems, Inc. | Implementing application entrypoints with containers of a bundled application |
US10733085B1 (en) | 2018-02-05 | 2020-08-04 | Amazon Technologies, Inc. | Detecting impedance mismatches due to cross-service calls |
US10572375B1 (en) | 2018-02-05 | 2020-02-25 | Amazon Technologies, Inc. | Detecting parameter validity in code including cross-service calls |
US10831898B1 (en) | 2018-02-05 | 2020-11-10 | Amazon Technologies, Inc. | Detecting privilege escalations in code including cross-service calls |
US10353678B1 (en) | 2018-02-05 | 2019-07-16 | Amazon Technologies, Inc. | Detecting code characteristic alterations due to cross-service calls |
US10725752B1 (en) | 2018-02-13 | 2020-07-28 | Amazon Technologies, Inc. | Dependency handling in an on-demand network code execution system |
US10776091B1 (en) | 2018-02-26 | 2020-09-15 | Amazon Technologies, Inc. | Logging endpoint in an on-demand code execution system |
US10855724B2 (en) * | 2018-03-22 | 2020-12-01 | EMC IP Holding Company, LLC | Securely establishing key-based SSH communications between virtual machines during cloud marketplace provisioning |
US10713110B2 (en) * | 2018-03-27 | 2020-07-14 | Accenture Global Solutions Limited | Automated issue detection and resolution framework for enterprise resource planning |
US11356315B2 (en) | 2018-03-28 | 2022-06-07 | Intel Corporation | Methods and apparatus to dynamically control devices based on distributed data |
KR102545407B1 (ko) * | 2018-04-20 | 2023-06-20 | 비샬 굽타 | 분산된 문서 및 엔티티 검증 엔진 |
CN110414245B (zh) * | 2018-04-28 | 2023-09-22 | 伊姆西Ip控股有限责任公司 | 用于在存储系统中管理加密密钥的方法、装置和计算机程序产品 |
US10922441B2 (en) * | 2018-05-04 | 2021-02-16 | Huawei Technologies Co., Ltd. | Device and method for data security with a trusted execution environment |
KR102095114B1 (ko) * | 2018-05-08 | 2020-03-30 | 한국과학기술원 | 기능확장을 위한 신뢰실행환경들의 결합 방법 및 비즈니스 프로세스 지원을 위한 fido u2f 활용 방법 |
US10891385B2 (en) * | 2018-05-16 | 2021-01-12 | Microsoft Technology Licensing, Llc | Encryption at rest for cloud-resourced virtual machines |
US11029986B2 (en) * | 2018-05-25 | 2021-06-08 | Microsoft Technology Licensing, Llc | Processor feature ID response for virtualization |
US10853115B2 (en) | 2018-06-25 | 2020-12-01 | Amazon Technologies, Inc. | Execution of auxiliary functions in an on-demand network code execution system |
US10649749B1 (en) | 2018-06-26 | 2020-05-12 | Amazon Technologies, Inc. | Cross-environment application of tracing information for improved code execution |
US11146569B1 (en) | 2018-06-28 | 2021-10-12 | Amazon Technologies, Inc. | Escalation-resistant secure network services using request-scoped authentication information |
US10949237B2 (en) | 2018-06-29 | 2021-03-16 | Amazon Technologies, Inc. | Operating system customization in an on-demand network code execution system |
US11099870B1 (en) | 2018-07-25 | 2021-08-24 | Amazon Technologies, Inc. | Reducing execution times in an on-demand network code execution system using saved machine states |
JP7135569B2 (ja) * | 2018-08-13 | 2022-09-13 | 日本電信電話株式会社 | 端末登録システムおよび端末登録方法 |
WO2020041473A1 (en) | 2018-08-21 | 2020-02-27 | The Regents Of The University Of Michigan | Computer system with moving target defenses against vulnerability attacks |
US11042641B2 (en) | 2018-09-11 | 2021-06-22 | Amari.Ai Incorporated | Deployment and communications gateway for deployment, trusted execution, and secure communications |
US11188477B2 (en) | 2018-09-11 | 2021-11-30 | Apple Inc. | Page protection layer |
US11017092B2 (en) * | 2018-09-27 | 2021-05-25 | Intel Corporation | Technologies for fast launch of trusted containers |
US11243953B2 (en) | 2018-09-27 | 2022-02-08 | Amazon Technologies, Inc. | Mapreduce implementation in an on-demand network code execution system and stream data processing system |
US11099917B2 (en) | 2018-09-27 | 2021-08-24 | Amazon Technologies, Inc. | Efficient state maintenance for execution environments in an on-demand code execution system |
US11943093B1 (en) | 2018-11-20 | 2024-03-26 | Amazon Technologies, Inc. | Network connection recovery after virtual machine transition in an on-demand network code execution system |
US10901918B2 (en) * | 2018-11-29 | 2021-01-26 | International Business Machines Corporation | Constructing flexibly-secure systems in a disaggregated environment |
EP3661244A1 (en) * | 2018-11-30 | 2020-06-03 | Nagravision SA | Key negotiation and provisioning for devices in a network |
CN109684829B (zh) * | 2018-12-04 | 2020-12-04 | 中国科学院数据与通信保护研究教育中心 | 一种虚拟化环境中服务调用监控方法和系统 |
US10884812B2 (en) | 2018-12-13 | 2021-01-05 | Amazon Technologies, Inc. | Performance-based hardware emulation in an on-demand network code execution system |
US11271994B2 (en) * | 2018-12-28 | 2022-03-08 | Intel Corporation | Technologies for providing selective offload of execution to the edge |
US11010188B1 (en) | 2019-02-05 | 2021-05-18 | Amazon Technologies, Inc. | Simulated data object storage using on-demand computation of data objects |
US11475138B2 (en) * | 2019-02-06 | 2022-10-18 | International Business Machines Corporation | Creation and execution of secure containers |
US10795718B2 (en) | 2019-02-08 | 2020-10-06 | Microsoft Technology Licensing, Llc | Updating hardware with reduced virtual machine downtime |
US11469903B2 (en) * | 2019-02-28 | 2022-10-11 | Microsoft Technology Licensing, Llc | Autonomous signing management operations for a key distribution service |
US11126453B2 (en) * | 2019-03-07 | 2021-09-21 | Micron Technology, Inc. | Protected regions management of memory |
US11531627B2 (en) | 2019-03-08 | 2022-12-20 | International Business Machines Corporation | Secure storage isolation |
US11640361B2 (en) | 2019-03-08 | 2023-05-02 | International Business Machines Corporation | Sharing secure memory across multiple security domains |
US11354421B2 (en) * | 2019-03-08 | 2022-06-07 | International Business Machines Corporation | Secure execution guest owner controls for secure interface control |
US11487906B2 (en) * | 2019-03-08 | 2022-11-01 | International Business Machines Corporation | Storage sharing between a secure domain and a non-secure entity |
US11861386B1 (en) | 2019-03-22 | 2024-01-02 | Amazon Technologies, Inc. | Application gateways in an on-demand network code execution system |
CN109921902B (zh) | 2019-03-22 | 2020-10-23 | 创新先进技术有限公司 | 一种密钥管理方法、安全芯片、业务服务器及信息系统 |
US11256434B2 (en) | 2019-04-17 | 2022-02-22 | Robin Systems, Inc. | Data de-duplication |
US20200364354A1 (en) * | 2019-05-17 | 2020-11-19 | Microsoft Technology Licensing, Llc | Mitigation of ransomware in integrated, isolated applications |
US11095661B2 (en) | 2019-05-29 | 2021-08-17 | Cisco Technology, Inc. | Enforcing data sovereignty policies in a cloud environment |
US11537421B1 (en) * | 2019-06-07 | 2022-12-27 | Amazon Technologies, Inc. | Virtual machine monitor providing secure cryptographic operations |
US11119809B1 (en) | 2019-06-20 | 2021-09-14 | Amazon Technologies, Inc. | Virtualization-based transaction handling in an on-demand network code execution system |
US11115404B2 (en) | 2019-06-28 | 2021-09-07 | Amazon Technologies, Inc. | Facilitating service connections in serverless code executions |
US11190609B2 (en) | 2019-06-28 | 2021-11-30 | Amazon Technologies, Inc. | Connection pooling for scalable network services |
US11159528B2 (en) | 2019-06-28 | 2021-10-26 | Amazon Technologies, Inc. | Authentication to network-services using hosted authentication information |
US11489675B1 (en) * | 2019-07-12 | 2022-11-01 | Allscripts Software, Llc | Computing system for electronic message tamper-roofing |
DE102019211314A1 (de) * | 2019-07-30 | 2021-02-04 | Infineon Technologies Ag | Vertrauenswürdige Datenverarbeitung |
WO2021034753A2 (en) * | 2019-08-16 | 2021-02-25 | The Regents Of The University Of Michigan | Thwarting control plane attacks with displaced and dilated address spaces |
US11159453B2 (en) | 2019-08-22 | 2021-10-26 | International Business Machines Corporation | Fabric-based storage-server connection |
US11507666B2 (en) | 2019-08-27 | 2022-11-22 | Red Hat, Inc. | Trusted execution environment verification of a software package |
US10790979B1 (en) | 2019-08-29 | 2020-09-29 | Alibaba Group Holding Limited | Providing high availability computing service by issuing a certificate |
CN110677240B (zh) * | 2019-08-29 | 2020-07-10 | 阿里巴巴集团控股有限公司 | 通过证书签发提供高可用计算服务的方法、装置及介质 |
US11249851B2 (en) | 2019-09-05 | 2022-02-15 | Robin Systems, Inc. | Creating snapshots of a storage volume in a distributed storage system |
US11520650B2 (en) | 2019-09-05 | 2022-12-06 | Robin Systems, Inc. | Performing root cause analysis in a multi-role application |
US11494493B1 (en) * | 2019-09-23 | 2022-11-08 | Amazon Technologies, Inc. | Software verification for network-accessible applications |
US11962624B2 (en) | 2019-09-27 | 2024-04-16 | International Business Machines Corporation | Metadata driven selection of entitlements in an identity governance system |
US11550944B2 (en) | 2019-09-27 | 2023-01-10 | Amazon Technologies, Inc. | Code execution environment customization system for object storage service |
US11055112B2 (en) | 2019-09-27 | 2021-07-06 | Amazon Technologies, Inc. | Inserting executions of owner-specified code into input/output path of object storage service |
US11656892B1 (en) | 2019-09-27 | 2023-05-23 | Amazon Technologies, Inc. | Sequential execution of user-submitted code and native functions |
US11360948B2 (en) | 2019-09-27 | 2022-06-14 | Amazon Technologies, Inc. | Inserting owner-specified data processing pipelines into input/output path of object storage service |
US11023311B2 (en) | 2019-09-27 | 2021-06-01 | Amazon Technologies, Inc. | On-demand code execution in input path of data uploaded to storage service in multiple data portions |
US11416628B2 (en) | 2019-09-27 | 2022-08-16 | Amazon Technologies, Inc. | User-specific data manipulation system for object storage service based on user-submitted code |
US11386230B2 (en) | 2019-09-27 | 2022-07-12 | Amazon Technologies, Inc. | On-demand code obfuscation of data in input path of object storage service |
US10996961B2 (en) | 2019-09-27 | 2021-05-04 | Amazon Technologies, Inc. | On-demand indexing of data in input path of object storage service |
US11394761B1 (en) | 2019-09-27 | 2022-07-19 | Amazon Technologies, Inc. | Execution of user-submitted code on a stream of data |
US11250007B1 (en) | 2019-09-27 | 2022-02-15 | Amazon Technologies, Inc. | On-demand execution of object combination code in output path of object storage service |
US11106477B2 (en) | 2019-09-27 | 2021-08-31 | Amazon Technologies, Inc. | Execution of owner-specified code during input/output path to object storage service |
US11263220B2 (en) | 2019-09-27 | 2022-03-01 | Amazon Technologies, Inc. | On-demand execution of object transformation code in output path of object storage service |
US11023416B2 (en) | 2019-09-27 | 2021-06-01 | Amazon Technologies, Inc. | Data access control system for object storage service based on owner-defined code |
US10908927B1 (en) | 2019-09-27 | 2021-02-02 | Amazon Technologies, Inc. | On-demand execution of object filter code in output path of object storage service |
US11283635B2 (en) | 2019-09-28 | 2022-03-22 | Intel Corporation | Dynamic sharing in secure memory environments using edge service sidecars |
US11347684B2 (en) | 2019-10-04 | 2022-05-31 | Robin Systems, Inc. | Rolling back KUBERNETES applications including custom resources |
KR20210049603A (ko) * | 2019-10-25 | 2021-05-06 | 삼성전자주식회사 | 권한 정보에 기초한 인증서를 사용하여 액세스 컨트롤하는 방법 및 장치 |
US11354402B2 (en) * | 2019-11-01 | 2022-06-07 | Microsoft Technology Licensing, Llc | Virtual environment type validation for policy enforcement |
US11119826B2 (en) | 2019-11-27 | 2021-09-14 | Amazon Technologies, Inc. | Serverless call distribution to implement spillover while avoiding cold starts |
US10942795B1 (en) | 2019-11-27 | 2021-03-09 | Amazon Technologies, Inc. | Serverless call distribution to utilize reserved capacity without inhibiting scaling |
US11403188B2 (en) | 2019-12-04 | 2022-08-02 | Robin Systems, Inc. | Operation-level consistency points and rollback |
US11614956B2 (en) | 2019-12-06 | 2023-03-28 | Red Hat, Inc. | Multicast live migration for encrypted virtual machines |
CN111064569B (zh) * | 2019-12-09 | 2021-04-20 | 支付宝(杭州)信息技术有限公司 | 可信计算集群的集群密钥获取方法及装置 |
US11449601B2 (en) | 2020-01-08 | 2022-09-20 | Red Hat, Inc. | Proof of code compliance and protected integrity using a trusted execution environment |
US11711351B2 (en) * | 2020-01-14 | 2023-07-25 | Vmware, Inc. | Distributed management and installation of digital certificates on a cluster for authentication with an external key management service |
US11475131B2 (en) | 2020-01-27 | 2022-10-18 | Red Hat, Inc. | Hypervisor level signature checks for encrypted trusted execution environments |
US11475167B2 (en) | 2020-01-29 | 2022-10-18 | International Business Machines Corporation | Reserving one or more security modules for a secure guest |
US11533174B2 (en) | 2020-01-29 | 2022-12-20 | International Business Machines Corporation | Binding secure objects of a security module to a secure guest |
US11281607B2 (en) * | 2020-01-30 | 2022-03-22 | Red Hat, Inc. | Paravirtualized cluster mode for legacy APICs |
US11888972B2 (en) | 2020-02-26 | 2024-01-30 | Red Hat, Inc. | Split security for trusted execution environments |
US11630683B2 (en) | 2020-02-26 | 2023-04-18 | Red Hat, Inc. | Low latency launch for trusted execution environments |
WO2021173716A1 (en) | 2020-02-27 | 2021-09-02 | Virtru Corporation | Methods and systems for securing containerized applications |
US11714682B1 (en) | 2020-03-03 | 2023-08-01 | Amazon Technologies, Inc. | Reclaiming computing resources in an on-demand code execution system |
US11188391B1 (en) | 2020-03-11 | 2021-11-30 | Amazon Technologies, Inc. | Allocating resources to on-demand code executions under scarcity conditions |
US11620411B2 (en) | 2020-03-24 | 2023-04-04 | Red Hat, Inc. | Elastic launch for trusted execution environments |
US11775640B1 (en) | 2020-03-30 | 2023-10-03 | Amazon Technologies, Inc. | Resource utilization-based malicious task detection in an on-demand code execution system |
US11748133B2 (en) * | 2020-04-23 | 2023-09-05 | Netapp, Inc. | Methods and systems for booting virtual machines in the cloud |
US11397602B2 (en) * | 2020-04-24 | 2022-07-26 | Red Hat Inc. | Processor control register configuration support |
US11327783B2 (en) | 2020-04-29 | 2022-05-10 | Red Hat, Inc. | Asynchronous management of unencrypted memory page list of a virtual machine |
US11528186B2 (en) * | 2020-06-16 | 2022-12-13 | Robin Systems, Inc. | Automated initialization of bare metal servers |
US11880704B2 (en) * | 2020-06-24 | 2024-01-23 | Red Hat, Inc. | Nested virtual machine support for hypervisors of encrypted state virtual machines |
US11671412B2 (en) | 2020-07-01 | 2023-06-06 | Red Hat, Inc. | Network bound encryption for orchestrating workloads with sensitive data |
US11611431B2 (en) | 2020-07-01 | 2023-03-21 | Red Hat, Inc. | Network bound encryption for recovery of trusted execution environments |
US11645103B2 (en) * | 2020-07-23 | 2023-05-09 | EMC IP Holding Company LLC | Method and system for securing the movement of virtual machines between hosts |
US11741221B2 (en) | 2020-07-29 | 2023-08-29 | Red Hat, Inc. | Using a trusted execution environment to enable network booting |
US11558204B2 (en) | 2020-08-17 | 2023-01-17 | International Business Machines Corporation | Attesting control over network devices |
US11748140B2 (en) | 2020-08-31 | 2023-09-05 | Red Hat, Inc. | Virtual machine security policy implementation |
US11740980B2 (en) | 2020-09-22 | 2023-08-29 | Robin Systems, Inc. | Managing snapshot metadata following backup |
US11328111B2 (en) | 2020-09-25 | 2022-05-10 | Intel Corporation | Broadcast remote sealing for scalable trusted execution environment provisioning |
US11343082B2 (en) | 2020-09-28 | 2022-05-24 | Red Hat, Inc. | Resource sharing for trusted execution environments |
US11743188B2 (en) | 2020-10-01 | 2023-08-29 | Robin Systems, Inc. | Check-in monitoring for workflows |
US11271895B1 (en) | 2020-10-07 | 2022-03-08 | Robin Systems, Inc. | Implementing advanced networking capabilities using helm charts |
US11456914B2 (en) | 2020-10-07 | 2022-09-27 | Robin Systems, Inc. | Implementing affinity and anti-affinity with KUBERNETES |
US11900131B2 (en) * | 2020-10-15 | 2024-02-13 | EMC IP Holding Company LLC | Dynamic remediation actions in response to configuration checks in an information processing system |
US11750451B2 (en) | 2020-11-04 | 2023-09-05 | Robin Systems, Inc. | Batch manager for complex workflows |
US20210141658A1 (en) * | 2020-11-11 | 2021-05-13 | Ravi Sahita | Method and apparatus for trusted devices using trust domain extensions |
US11593270B1 (en) | 2020-11-25 | 2023-02-28 | Amazon Technologies, Inc. | Fast distributed caching using erasure coded object parts |
US11550713B1 (en) | 2020-11-25 | 2023-01-10 | Amazon Technologies, Inc. | Garbage collection in distributed systems using life cycled storage roots |
US11847253B2 (en) * | 2020-11-30 | 2023-12-19 | Red Hat, Inc. | Efficient launching of trusted execution environments |
US11556361B2 (en) | 2020-12-09 | 2023-01-17 | Robin Systems, Inc. | Monitoring and managing of complex multi-role applications |
US11799670B2 (en) * | 2020-12-11 | 2023-10-24 | Vmware, Inc. | Secure end-to-end deployment of workloads in a virtualized environment using hardware-based attestation |
US20220214902A1 (en) * | 2021-01-06 | 2022-07-07 | Baidu Usa Llc | Method for virtual machine migration with checkpoint authentication in virtualization environment |
US20220278963A1 (en) * | 2021-03-01 | 2022-09-01 | Samsung Electronics Co., Ltd. | Storage device, storage system, and method of secure data movement between storage devices |
CN112995206B (zh) * | 2021-04-13 | 2021-07-30 | 北京电信易通信息技术股份有限公司 | 一种基于可信技术实现多型工作单元安全联动的方法 |
US11829482B2 (en) * | 2021-06-08 | 2023-11-28 | Dell Products L.P. | Pre-boot authentication for virtual machines using credentials stored in virtual trusted platform modules |
US11388210B1 (en) | 2021-06-30 | 2022-07-12 | Amazon Technologies, Inc. | Streaming analytics using a serverless compute system |
US11995197B2 (en) | 2021-07-27 | 2024-05-28 | International Business Machines Corporation | Sensitive data encryption |
US20230030816A1 (en) * | 2021-07-30 | 2023-02-02 | Red Hat, Inc. | Security broker for consumers of tee-protected services |
US11870647B1 (en) | 2021-09-01 | 2024-01-09 | Amazon Technologies, Inc. | Mapping on-premise network nodes to cloud network nodes |
US11799633B1 (en) * | 2021-09-27 | 2023-10-24 | Workday, Inc. | Enabling using external tenant master keys |
US11968280B1 (en) | 2021-11-24 | 2024-04-23 | Amazon Technologies, Inc. | Controlling ingestion of streaming data to serverless function executions |
US11960607B2 (en) | 2021-12-09 | 2024-04-16 | Cisco Technology, Inc. | Achieving minimum trustworthiness in distributed workloads |
US11972007B2 (en) | 2021-12-09 | 2024-04-30 | Cisco Technology, Inc. | Enforcing location-based data privacy rules across networked workloads |
US12015603B2 (en) | 2021-12-10 | 2024-06-18 | Amazon Technologies, Inc. | Multi-tenant mode for serverless code execution |
CN116361818A (zh) * | 2021-12-27 | 2023-06-30 | 戴尔产品有限公司 | 用于访问管理控制器的自动安全验证 |
CN114637602A (zh) * | 2022-03-03 | 2022-06-17 | 鼎捷软件股份有限公司 | 数据分享系统以及数据分享方法 |
US20230289204A1 (en) * | 2022-03-10 | 2023-09-14 | BedRock Systems. Inc. | Zero Trust Endpoint Device |
US20230342469A1 (en) * | 2022-04-26 | 2023-10-26 | Dell Products L.P. | Clustered virtual trusted platform module domain services with a redirector/router service system |
EP4328772A1 (de) * | 2022-08-26 | 2024-02-28 | Siemens Aktiengesellschaft | Kaskadiert signierbares artefakt einer container-instanz |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101485137A (zh) * | 2006-06-30 | 2009-07-15 | 皇家飞利浦电子股份有限公司 | 用于加密/解密数据的方法和设备 |
CN103069428A (zh) * | 2010-06-07 | 2013-04-24 | 思科技术公司 | 不可信云基础设施中的安全虚拟机引导 |
CN103139221A (zh) * | 2013-03-07 | 2013-06-05 | 中国科学院软件研究所 | 一种可信虚拟平台及其构建方法、平台之间数据迁移方法 |
CN103577768A (zh) * | 2012-08-06 | 2014-02-12 | 三星电子株式会社 | 管理用于数据的安全存储的密钥的方法及其设备 |
Family Cites Families (109)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
AU2001239887A1 (en) | 2000-02-24 | 2001-09-03 | Valicert Corporation | Mechanism for efficient private bulk messaging |
GB2382419B (en) | 2001-11-22 | 2005-12-14 | Hewlett Packard Co | Apparatus and method for creating a trusted environment |
US8065713B1 (en) * | 2001-12-12 | 2011-11-22 | Klimenty Vainstein | System and method for providing multi-location access management to secured items |
US7631196B2 (en) * | 2002-02-25 | 2009-12-08 | Intel Corporation | Method and apparatus for loading a trustable operating system |
US20050166051A1 (en) | 2004-01-26 | 2005-07-28 | Mark Buer | System and method for certification of a secure platform |
US7552419B2 (en) * | 2004-03-18 | 2009-06-23 | Intel Corporation | Sharing trusted hardware across multiple operational environments |
US7380119B2 (en) | 2004-04-29 | 2008-05-27 | International Business Machines Corporation | Method and system for virtualization of trusted platform modules |
US7673139B1 (en) * | 2004-05-06 | 2010-03-02 | Symantec Corporation | Protecting administrative privileges |
US7590867B2 (en) | 2004-06-24 | 2009-09-15 | Intel Corporation | Method and apparatus for providing secure virtualization of a trusted platform module |
US7802250B2 (en) * | 2004-06-28 | 2010-09-21 | Intel Corporation | Support for transitioning to a virtual machine monitor based upon the privilege level of guest software |
US7757231B2 (en) * | 2004-12-10 | 2010-07-13 | Intel Corporation | System and method to deprivilege components of a virtual machine monitor |
US20060126836A1 (en) * | 2004-12-10 | 2006-06-15 | Hector Rivas | System and method for dynamic generation of encryption keys |
US7725703B2 (en) | 2005-01-07 | 2010-05-25 | Microsoft Corporation | Systems and methods for securely booting a computer with a trusted processing module |
US7860802B2 (en) * | 2005-02-01 | 2010-12-28 | Microsoft Corporation | Flexible licensing architecture in content rights management systems |
US7647589B1 (en) * | 2005-02-07 | 2010-01-12 | Parallels Software International, Inc. | Methods and systems for safe execution of guest code in virtual machine context |
US7836299B2 (en) | 2005-03-15 | 2010-11-16 | Microsoft Corporation | Virtualization of software configuration registers of the TPM cryptographic processor |
US7613921B2 (en) | 2005-05-13 | 2009-11-03 | Intel Corporation | Method and apparatus for remotely provisioning software-based security coprocessors |
US7636442B2 (en) | 2005-05-13 | 2009-12-22 | Intel Corporation | Method and apparatus for migrating software-based security coprocessors |
US8074262B2 (en) * | 2005-05-13 | 2011-12-06 | Intel Corporation | Method and apparatus for migrating virtual trusted platform modules |
RU2390959C2 (ru) * | 2005-06-17 | 2010-05-27 | Телефонактиеболагет Лм Эрикссон (Пабл) | Способ и устройство протокола идентификации хост-узла |
JP2007004661A (ja) * | 2005-06-27 | 2007-01-11 | Hitachi Ltd | 仮想計算機の制御方法及びプログラム |
US8090919B2 (en) * | 2007-12-31 | 2012-01-03 | Intel Corporation | System and method for high performance secure access to a trusted platform module on a hardware virtualization platform |
US8549592B2 (en) | 2005-07-12 | 2013-10-01 | International Business Machines Corporation | Establishing virtual endorsement credentials for dynamically generated endorsement keys in a trusted computing platform |
US9425958B2 (en) | 2005-08-05 | 2016-08-23 | Hewlett Packard Enterprise Development Lp | System, method and apparatus for cryptography key management for mobile devices |
CA2637980A1 (en) | 2006-01-24 | 2007-08-02 | Citrix Systems, Inc. | Methods and systems for providing access to a computing environment |
US7444670B2 (en) | 2006-03-21 | 2008-10-28 | International Business Machines Corporation | Method and apparatus for migrating a virtual TPM instance and preserving uniqueness and completeness of the instance |
JP5038396B2 (ja) | 2006-04-21 | 2012-10-03 | インターデイジタル テクノロジー コーポレーション | トラステッドコンピューティングの完全性測定の通知を実行する装置および方法 |
US20070271560A1 (en) * | 2006-05-18 | 2007-11-22 | Microsoft Corporation | Deploying virtual machine to host based on workload characterizations |
US8108668B2 (en) | 2006-06-26 | 2012-01-31 | Intel Corporation | Associating a multi-context trusted platform module with distributed platforms |
US8522018B2 (en) | 2006-08-18 | 2013-08-27 | Fujitsu Limited | Method and system for implementing a mobile trusted platform module |
CN101512535B (zh) | 2006-08-31 | 2011-05-18 | 国际商业机器公司 | 计算平台的证明 |
US9135444B2 (en) | 2006-10-19 | 2015-09-15 | Novell, Inc. | Trusted platform module (TPM) assisted data center management |
EP2137629A4 (en) | 2007-03-20 | 2010-12-29 | Sanggyu Lee | MOBILE VIRTUAL MACHINE IMAGE |
US8151262B2 (en) | 2007-03-30 | 2012-04-03 | Lenovo (Singapore) Pte. Ltd. | System and method for reporting the trusted state of a virtual machine |
US8875266B2 (en) * | 2007-05-16 | 2014-10-28 | Vmware, Inc. | System and methods for enforcing software license compliance with virtual machines |
US8060876B2 (en) | 2007-08-10 | 2011-11-15 | Intel Corporation | Methods and apparatus for creating an isolated partition for a virtual trusted platform module |
US7827371B2 (en) * | 2007-08-30 | 2010-11-02 | Intel Corporation | Method for isolating third party pre-boot firmware from trusted pre-boot firmware |
US9043896B2 (en) | 2007-08-31 | 2015-05-26 | International Business Machines Corporation | Device certificate based appliance configuration |
US8249257B2 (en) | 2007-09-28 | 2012-08-21 | Intel Corporation | Virtual TPM keys rooted in a hardware TPM |
US20090204964A1 (en) | 2007-10-12 | 2009-08-13 | Foley Peter F | Distributed trusted virtualization platform |
US8220029B2 (en) | 2007-11-13 | 2012-07-10 | Samsung Electronics Co., Ltd. | Method and system for enforcing trusted computing policies in a hypervisor security module architecture |
US8208637B2 (en) | 2007-12-17 | 2012-06-26 | Microsoft Corporation | Migration of computer secrets |
WO2009107349A1 (ja) | 2008-02-25 | 2009-09-03 | パナソニック株式会社 | 情報処理装置 |
WO2009123640A1 (en) | 2008-04-04 | 2009-10-08 | Hewlett-Packard Development Company, L.P. | Virtual machine manager system and methods |
US8543799B2 (en) | 2008-05-02 | 2013-09-24 | Microsoft Corporation | Client authentication during network boot |
US8578483B2 (en) * | 2008-07-31 | 2013-11-05 | Carnegie Mellon University | Systems and methods for preventing unauthorized modification of an operating system |
US8307353B2 (en) * | 2008-08-12 | 2012-11-06 | Oracle America, Inc. | Cross-domain inlining in a system virtual machine |
US20100082960A1 (en) | 2008-09-30 | 2010-04-01 | Steve Grobman | Protected network boot of operating system |
US8411863B2 (en) | 2008-10-03 | 2013-04-02 | Microsoft Corporation | Full volume encryption in a clustered environment |
US9300612B2 (en) * | 2009-01-15 | 2016-03-29 | International Business Machines Corporation | Managing interactions in a virtual world environment |
US8341427B2 (en) | 2009-02-16 | 2012-12-25 | Microsoft Corporation | Trusted cloud computing and services framework |
US8375195B2 (en) * | 2009-03-05 | 2013-02-12 | Oracle America, Inc. | Accessing memory locations for paged memory objects in an object-addressed memory system |
EP2278514B1 (en) * | 2009-07-16 | 2018-05-30 | Alcatel Lucent | System and method for providing secure virtual machines |
EP2457176B1 (en) | 2009-07-24 | 2018-11-14 | EntIT Software LLC | Virtual-machine based application-service provision |
US8713182B2 (en) | 2009-08-03 | 2014-04-29 | Oracle International Corporation | Selection of a suitable node to host a virtual machine in an environment containing a large number of nodes |
JP2011048661A (ja) * | 2009-08-27 | 2011-03-10 | Nomura Research Institute Ltd | 仮想サーバ暗号化システム |
CA2675701A1 (en) * | 2009-08-27 | 2009-11-05 | Ibm Canada Limited - Ibm Canada Limitee | Trust assertion using hierarchical weights |
US8700893B2 (en) | 2009-10-28 | 2014-04-15 | Microsoft Corporation | Key certification in one round trip |
US8478996B2 (en) | 2009-12-21 | 2013-07-02 | International Business Machines Corporation | Secure Kerberized access of encrypted file system |
US9703586B2 (en) | 2010-02-17 | 2017-07-11 | Microsoft Technology Licensing, Llc | Distribution control and tracking mechanism of virtual machine appliances |
EP2550621A4 (en) * | 2010-03-25 | 2015-09-16 | Virtustream Canada Holdings Inc | SYSTEM AND METHOD FOR SAFE CLOUD COMPUTING |
US8375437B2 (en) | 2010-03-30 | 2013-02-12 | Microsoft Corporation | Hardware supported virtualized cryptographic service |
US20110246778A1 (en) | 2010-03-31 | 2011-10-06 | Emc Corporation | Providing security mechanisms for virtual machine images |
US8375220B2 (en) | 2010-04-02 | 2013-02-12 | Intel Corporation | Methods and systems for secure remote wake, boot, and login to a computer from a mobile device |
US9443078B2 (en) * | 2010-04-20 | 2016-09-13 | International Business Machines Corporation | Secure access to a virtual machine |
US8555377B2 (en) | 2010-04-29 | 2013-10-08 | High Cloud Security | Secure virtual machine |
JP2013528872A (ja) | 2010-06-02 | 2013-07-11 | ヴイエムウェア インク | マルチ・テナント・クラウドにおける顧客仮想計算機の保護 |
US8694777B2 (en) | 2010-08-13 | 2014-04-08 | International Business Machines Corporation | Securely identifying host systems |
US9165137B2 (en) | 2010-08-18 | 2015-10-20 | Security First Corp. | Systems and methods for securing virtual machine computing environments |
US9043577B2 (en) * | 2010-08-26 | 2015-05-26 | Freescale Semiconductor, Inc. | Memory management unit for a microprocessor system, microprocessor system and method for managing memory |
US8495750B2 (en) * | 2010-08-31 | 2013-07-23 | International Business Machines Corporation | Filesystem management and security system |
JP5524355B2 (ja) * | 2010-12-16 | 2014-06-18 | 株式会社日立製作所 | 仮想計算機管理方法、計算機システム及び計算機 |
TW201241662A (en) | 2010-12-21 | 2012-10-16 | Ibm | Virtual machine validation |
US9202062B2 (en) | 2010-12-21 | 2015-12-01 | International Business Machines Corporation | Virtual machine validation |
US8880667B2 (en) | 2011-02-09 | 2014-11-04 | Microsoft Corporation | Self regulation of the subject of attestation |
US8875240B2 (en) | 2011-04-18 | 2014-10-28 | Bank Of America Corporation | Tenant data center for establishing a virtual machine in a cloud environment |
US9172683B2 (en) * | 2011-06-29 | 2015-10-27 | Apple Inc. | Method and apparatus for key distribution with implicit offline authorization |
US8732462B2 (en) * | 2011-07-07 | 2014-05-20 | Ziptr, Inc. | Methods and apparatus for secure data sharing |
US8943564B2 (en) * | 2011-07-21 | 2015-01-27 | International Business Machines Corporation | Virtual computer and service |
US8874935B2 (en) | 2011-08-30 | 2014-10-28 | Microsoft Corporation | Sector map-based rapid data encryption policy compliance |
US20130061293A1 (en) * | 2011-09-02 | 2013-03-07 | Wenbo Mao | Method and apparatus for securing the full lifecycle of a virtual machine |
US9270459B2 (en) | 2011-09-20 | 2016-02-23 | Cloudbyte, Inc. | Techniques for achieving tenant data confidentiality from cloud service provider administrators |
US8694786B2 (en) | 2011-10-04 | 2014-04-08 | International Business Machines Corporation | Virtual machine images encryption using trusted computing group sealing |
US20130097296A1 (en) | 2011-10-18 | 2013-04-18 | Telefonaktiebolaget L M Ericsson (Publ) | Secure cloud-based virtual machine migration |
WO2013112538A1 (en) | 2012-01-23 | 2013-08-01 | Citrix Systems, Inc. | Storage encryption |
US8909939B1 (en) | 2012-04-04 | 2014-12-09 | Google Inc. | Distribution of cryptographic host keys in a cloud computing environment |
WO2013174437A1 (en) | 2012-05-24 | 2013-11-28 | Telefonaktiebolaget L M Ericsson (Publ) | Enhanced secure virtual machine provisioning |
US9183031B2 (en) * | 2012-06-19 | 2015-11-10 | Bank Of America Corporation | Provisioning of a virtual machine by using a secured zone of a cloud environment |
US20140007087A1 (en) | 2012-06-29 | 2014-01-02 | Mark Scott-Nash | Virtual trusted platform module |
US20140019753A1 (en) | 2012-07-10 | 2014-01-16 | John Houston Lowry | Cloud key management |
US10248442B2 (en) | 2012-07-12 | 2019-04-02 | Unisys Corporation | Automated provisioning of virtual machines |
US20140052877A1 (en) | 2012-08-16 | 2014-02-20 | Wenbo Mao | Method and apparatus for tenant programmable logical network for multi-tenancy cloud datacenters |
US8656482B1 (en) * | 2012-08-20 | 2014-02-18 | Bitdefender IPR Management Ltd. | Secure communication using a trusted virtual machine |
US8997173B2 (en) | 2012-09-12 | 2015-03-31 | Ca, Inc. | Managing security clusters in cloud computing environments using autonomous security risk negotiation agents |
US8782401B2 (en) | 2012-09-26 | 2014-07-15 | Intel Corporation | Enhanced privacy ID based platform attestation |
US8924720B2 (en) | 2012-09-27 | 2014-12-30 | Intel Corporation | Method and system to securely migrate and provision virtual machine images and content |
RU2514140C1 (ru) * | 2012-09-28 | 2014-04-27 | Закрытое акционерное общество "Лаборатория Касперского" | Система и способ увеличения качества обнаружений вредоносных объектов с использованием правил и приоритетов |
US8700898B1 (en) | 2012-10-02 | 2014-04-15 | Ca, Inc. | System and method for multi-layered sensitive data protection in a virtual computing environment |
US9374228B2 (en) | 2012-10-12 | 2016-06-21 | International Business Machines Corporation | Verifying a geographic location of a virtual disk image executing at a data center server within a data center |
US20150355829A1 (en) * | 2013-01-11 | 2015-12-10 | Koninklijke Philips N.V. | Enabling a user to control coded light sources |
US20140281497A1 (en) | 2013-03-13 | 2014-09-18 | General Instrument Corporation | Online personalization update system for externally acquired keys |
US9027087B2 (en) * | 2013-03-14 | 2015-05-05 | Rackspace Us, Inc. | Method and system for identity-based authentication of virtual machines |
EP3039605B1 (en) | 2013-08-28 | 2020-02-05 | Intel Corporation | Systems and methods for authenticating access to an operating system by a user before the operating system is booted using a wireless communication token |
US9401954B2 (en) | 2013-11-06 | 2016-07-26 | International Business Machines Corporation | Scaling a trusted computing model in a globally distributed cloud environment |
US9519498B2 (en) | 2013-12-24 | 2016-12-13 | Microsoft Technology Licensing, Llc | Virtual machine assurances |
US9507935B2 (en) * | 2014-01-16 | 2016-11-29 | Fireeye, Inc. | Exploit detection system with threat-aware microvisor |
US9891918B2 (en) * | 2014-01-27 | 2018-02-13 | Via Alliance Semiconductor Co., Ltd. | Fractional use of prediction history storage for operating system routines |
US9652631B2 (en) | 2014-05-05 | 2017-05-16 | Microsoft Technology Licensing, Llc | Secure transport of encrypted virtual machines with continuous owner access |
US9519787B2 (en) | 2014-11-14 | 2016-12-13 | Microsoft Technology Licensing, Llc | Secure creation of encrypted virtual machines from encrypted templates |
-
2014
- 2014-09-09 US US14/481,399 patent/US9652631B2/en active Active
- 2014-10-01 US US14/504,096 patent/US9578017B2/en active Active
-
2015
- 2015-05-04 CN CN201580023933.5A patent/CN106462439B/zh active Active
- 2015-05-04 WO PCT/US2015/028991 patent/WO2015171476A1/en active Application Filing
- 2015-05-04 JP JP2016566806A patent/JP6665113B2/ja active Active
- 2015-05-04 EP EP15722863.6A patent/EP3140950B1/en active Active
- 2015-05-04 BR BR112016024453-2A patent/BR112016024453B1/pt active IP Right Grant
- 2015-05-04 JP JP2016566758A patent/JP6484255B2/ja active Active
- 2015-05-04 RU RU2016143089A patent/RU2679721C2/ru active
- 2015-05-04 WO PCT/US2015/028995 patent/WO2015171478A1/en active Application Filing
- 2015-05-04 CN CN201580023853.XA patent/CN106462438B/zh active Active
- 2015-05-04 BR BR112016024507-5A patent/BR112016024507B1/pt active IP Right Grant
- 2015-05-04 RU RU2016143088A patent/RU2693313C2/ru active
- 2015-05-04 EP EP15722864.4A patent/EP3140770B1/en active Active
-
2016
- 2016-08-22 US US15/243,647 patent/US10176095B2/en active Active
-
2019
- 2019-01-06 US US16/240,763 patent/US10956321B2/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101485137A (zh) * | 2006-06-30 | 2009-07-15 | 皇家飞利浦电子股份有限公司 | 用于加密/解密数据的方法和设备 |
CN103069428A (zh) * | 2010-06-07 | 2013-04-24 | 思科技术公司 | 不可信云基础设施中的安全虚拟机引导 |
CN103577768A (zh) * | 2012-08-06 | 2014-02-12 | 三星电子株式会社 | 管理用于数据的安全存储的密钥的方法及其设备 |
CN103139221A (zh) * | 2013-03-07 | 2013-06-05 | 中国科学院软件研究所 | 一种可信虚拟平台及其构建方法、平台之间数据迁移方法 |
Also Published As
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106462439B (zh) | 以持续所有者访问对加密虚拟机的安全传输 | |
JP6865850B2 (ja) | 高度に利用可能な信頼できる実行環境を使用してブロックチェーンネットワークに対するアクセスデータを取得すること | |
JP6869374B2 (ja) | トラステッド実行環境のための分散型鍵管理 | |
CA3061808C (en) | Securely executing smart contract operations in a trusted execution environment | |
JP7416775B2 (ja) | 周辺デバイス | |
US10511436B1 (en) | Protecting key material using white-box cryptography and split key techniques | |
US9026805B2 (en) | Key management using trusted platform modules | |
JP2020527259A (ja) | 高可用な高信頼実行環境を使用したブロックチェーンネットワークのためのパブリックデータの読み出し | |
WO2018125432A1 (en) | Provisioning keys for virtual machine secure enclaves | |
CN109964205B (zh) | 安全密钥管理 | |
Shin et al. | DFCloud: A TPM-based secure data access control method of cloud storage in mobile devices | |
US11121864B1 (en) | Secure private key distribution between endpoint instances | |
US20230205908A1 (en) | Protected storage for decryption data | |
CN117879819B (zh) | 密钥管理方法、装置、存储介质、设备及算力服务系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |