CN117940900A - 存储安全虚拟机的诊断状态 - Google Patents

存储安全虚拟机的诊断状态 Download PDF

Info

Publication number
CN117940900A
CN117940900A CN202280062038.4A CN202280062038A CN117940900A CN 117940900 A CN117940900 A CN 117940900A CN 202280062038 A CN202280062038 A CN 202280062038A CN 117940900 A CN117940900 A CN 117940900A
Authority
CN
China
Prior art keywords
virtual machine
diagnostic
storage
request
memory
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202280062038.4A
Other languages
English (en)
Chinese (zh)
Inventor
J·布拉德伯里
T·亨德尔
R·宾德根
C·伊布伦达
C·博尔特雷格
J·A·弗兰克
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of CN117940900A publication Critical patent/CN117940900A/zh
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Memory System Of A Hierarchy Structure (AREA)
  • Magnetic Resonance Imaging Apparatus (AREA)
  • Crushing And Grinding (AREA)
  • Debugging And Monitoring (AREA)
CN202280062038.4A 2021-09-14 2022-09-12 存储安全虚拟机的诊断状态 Pending CN117940900A (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US17/474,220 2021-09-14
US17/474,220 US12019772B2 (en) 2021-09-14 2021-09-14 Storing diagnostic state of secure virtual machines
PCT/EP2022/075220 WO2023041462A1 (en) 2021-09-14 2022-09-12 Storing diagnostic state of secure virtual machines

Publications (1)

Publication Number Publication Date
CN117940900A true CN117940900A (zh) 2024-04-26

Family

ID=83322570

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202280062038.4A Pending CN117940900A (zh) 2021-09-14 2022-09-12 存储安全虚拟机的诊断状态

Country Status (8)

Country Link
US (1) US12019772B2 (https=)
EP (1) EP4402570A1 (https=)
JP (1) JP2024533120A (https=)
KR (1) KR20240038774A (https=)
CN (1) CN117940900A (https=)
CA (1) CA3217891A1 (https=)
TW (1) TWI806622B (https=)
WO (1) WO2023041462A1 (https=)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230102111A1 (en) * 2021-09-30 2023-03-30 Lenovo Global Technology (United States) Inc. Securing customer sensitive information on private cloud platforms
US12130695B2 (en) * 2023-02-06 2024-10-29 Dell Products L.P. Collecting crash-related information for a secure workspace
US12418423B2 (en) * 2023-04-11 2025-09-16 Hewlett Packard Enterprise Development Lp Binding a virtual security processor to a physical security processor

Family Cites Families (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5224206A (en) * 1989-12-01 1993-06-29 Digital Equipment Corporation System and method for retrieving justifiably relevant cases from a case library
US5699505A (en) * 1994-08-08 1997-12-16 Unisys Corporation Method and system for automatically collecting diagnostic information from a computer system
US6738928B1 (en) * 2000-06-19 2004-05-18 Hewlett-Packard Development Company, L.P. Method and expert system for analysis of crash dumps
US6671687B1 (en) * 2000-09-29 2003-12-30 Ncr Corporation Method and apparatus for protecting data retrieved from a database
US8375386B2 (en) * 2005-06-29 2013-02-12 Microsoft Corporation Failure management for a virtualized computing environment
US9354927B2 (en) * 2006-12-21 2016-05-31 Vmware, Inc. Securing virtual machine data
JP5255348B2 (ja) * 2007-07-16 2013-08-07 ヒューレット−パッカード デベロップメント カンパニー エル.ピー. クラッシュダンプ用のメモリアロケーション
US9251339B2 (en) * 2007-12-29 2016-02-02 International Business Machines Corporation Core dump privacy during application failure
US20090240953A1 (en) 2008-03-19 2009-09-24 Safenet, Inc. On-disk software image encryption
US9383970B2 (en) * 2009-08-13 2016-07-05 Microsoft Technology Licensing, Llc Distributed analytics platform
GB2526217B (en) 2013-03-15 2020-11-04 Intel Corp Mobile computing device technology and systems and methods utilizing the same
US9286152B2 (en) 2013-06-14 2016-03-15 Microsoft Technology Licensing, Llc Securely obtaining memory content after device malfunction
US9792448B2 (en) 2014-02-28 2017-10-17 Advanced Micro Devices, Inc. Cryptographic protection of information in a processing system
KR102584506B1 (ko) * 2015-06-24 2023-10-04 어드밴스드 마이크로 디바이시즈, 인코포레이티드 가상 기계들을 위한 상태 정보 보호
US10296413B2 (en) 2016-05-02 2019-05-21 Microsoft Technology Licensing, Llc Recovery environment for a virtual machine
US10270596B2 (en) 2016-09-16 2019-04-23 International Business Machnines Corporation Generating memory dumps
US10366227B2 (en) 2016-11-15 2019-07-30 International Business Machines Corporation Secure debugging in a trustable computing environment
US10496425B2 (en) 2017-02-21 2019-12-03 Red Hat, Inc. Systems and methods for providing processor state protections in a virtualized environment
US9892256B1 (en) 2017-04-10 2018-02-13 Bracket Computing, Inc. Threat defense techniques
US20180341768A1 (en) * 2017-05-26 2018-11-29 Microsoft Technology Licensing, Llc Virtual machine attestation
US10848474B2 (en) 2018-02-26 2020-11-24 Red Hat, Inc. Firmware validation for encrypted virtual machines
US10698716B2 (en) * 2018-03-15 2020-06-30 Nutanix, Inc. Virtual machine state recorder
US11308215B2 (en) * 2019-03-08 2022-04-19 International Business Machines Corporation Secure interface control high-level instruction interception for interruption enablement
CN112860380A (zh) 2021-03-04 2021-05-28 中国科学院信息工程研究所 一种基于内置安全芯片的虚拟机可信迁移方法

Also Published As

Publication number Publication date
TW202311945A (zh) 2023-03-16
US12019772B2 (en) 2024-06-25
EP4402570A1 (en) 2024-07-24
WO2023041462A1 (en) 2023-03-23
KR20240038774A (ko) 2024-03-25
US20230083083A1 (en) 2023-03-16
JP2024533120A (ja) 2024-09-12
TWI806622B (zh) 2023-06-21
CA3217891A1 (en) 2023-03-23

Similar Documents

Publication Publication Date Title
JP7546675B2 (ja) セキュア・ゲストへのセキュリティ・モジュールのセキュア・オブジェクトのバインディング
CN113544679B (zh) 安全操作系统映像的增量解密和完整性验证
CN113544674B (zh) 用于安全接口控件的安全执行客户机所有者控制
KR102932681B1 (ko) 보안 게스트 이미지 및 메타데이터 업데이트
CN117940900A (zh) 存储安全虚拟机的诊断状态
EP3925158B1 (en) Perform cryptographic computation scalar multiply instruction
WO2023012197A1 (en) Confidential data provided to a secure guest via metadata
HK40104309A (zh) 存储安全虚拟机的诊断状态
HK40057636A (en) Incremental decryption and integrity verification of a secure operating system image
HK40104306A (zh) 安全客机影像和元数据更新
HK40057636B (zh) 安全操作系统影像的增量解密和完整性验证

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40104309

Country of ref document: HK