JP2024533120A - セキュア仮想マシンの診断状態の格納 - Google Patents

セキュア仮想マシンの診断状態の格納 Download PDF

Info

Publication number
JP2024533120A
JP2024533120A JP2024513747A JP2024513747A JP2024533120A JP 2024533120 A JP2024533120 A JP 2024533120A JP 2024513747 A JP2024513747 A JP 2024513747A JP 2024513747 A JP2024513747 A JP 2024513747A JP 2024533120 A JP2024533120 A JP 2024533120A
Authority
JP
Japan
Prior art keywords
virtual machine
memory
diagnostic
obtaining
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2024513747A
Other languages
English (en)
Japanese (ja)
Other versions
JP2024533120A5 (https=
Inventor
ブラッドベリー、ジョナサン
ヘンデル、トーステン
ブエントゲン、ラインハルト
インブレンダ、クラウディオ
ボーントレーガー、クリスチャン
フランク、ヤーノシュ、アンドレアス
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of JP2024533120A publication Critical patent/JP2024533120A/ja
Publication of JP2024533120A5 publication Critical patent/JP2024533120A5/ja
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Memory System Of A Hierarchy Structure (AREA)
  • Magnetic Resonance Imaging Apparatus (AREA)
  • Crushing And Grinding (AREA)
  • Debugging And Monitoring (AREA)
JP2024513747A 2021-09-14 2022-09-12 セキュア仮想マシンの診断状態の格納 Pending JP2024533120A (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US17/474,220 2021-09-14
US17/474,220 US12019772B2 (en) 2021-09-14 2021-09-14 Storing diagnostic state of secure virtual machines
PCT/EP2022/075220 WO2023041462A1 (en) 2021-09-14 2022-09-12 Storing diagnostic state of secure virtual machines

Publications (2)

Publication Number Publication Date
JP2024533120A true JP2024533120A (ja) 2024-09-12
JP2024533120A5 JP2024533120A5 (https=) 2024-11-08

Family

ID=83322570

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2024513747A Pending JP2024533120A (ja) 2021-09-14 2022-09-12 セキュア仮想マシンの診断状態の格納

Country Status (8)

Country Link
US (1) US12019772B2 (https=)
EP (1) EP4402570A1 (https=)
JP (1) JP2024533120A (https=)
KR (1) KR20240038774A (https=)
CN (1) CN117940900A (https=)
CA (1) CA3217891A1 (https=)
TW (1) TWI806622B (https=)
WO (1) WO2023041462A1 (https=)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230102111A1 (en) * 2021-09-30 2023-03-30 Lenovo Global Technology (United States) Inc. Securing customer sensitive information on private cloud platforms
US12130695B2 (en) * 2023-02-06 2024-10-29 Dell Products L.P. Collecting crash-related information for a secure workspace
US12418423B2 (en) * 2023-04-11 2025-09-16 Hewlett Packard Enterprise Development Lp Binding a virtual security processor to a physical security processor

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180081824A1 (en) * 2016-09-16 2018-03-22 International Business Machines Corporation Generating memory dumps
JP2018526720A (ja) * 2015-06-24 2018-09-13 アドバンスト・マイクロ・ディバイシズ・インコーポレイテッドAdvanced Micro Devices Incorporated 仮想マシンの状態情報の保護

Family Cites Families (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5224206A (en) * 1989-12-01 1993-06-29 Digital Equipment Corporation System and method for retrieving justifiably relevant cases from a case library
US5699505A (en) * 1994-08-08 1997-12-16 Unisys Corporation Method and system for automatically collecting diagnostic information from a computer system
US6738928B1 (en) * 2000-06-19 2004-05-18 Hewlett-Packard Development Company, L.P. Method and expert system for analysis of crash dumps
US6671687B1 (en) * 2000-09-29 2003-12-30 Ncr Corporation Method and apparatus for protecting data retrieved from a database
US8375386B2 (en) * 2005-06-29 2013-02-12 Microsoft Corporation Failure management for a virtualized computing environment
US9354927B2 (en) * 2006-12-21 2016-05-31 Vmware, Inc. Securing virtual machine data
JP5255348B2 (ja) * 2007-07-16 2013-08-07 ヒューレット−パッカード デベロップメント カンパニー エル.ピー. クラッシュダンプ用のメモリアロケーション
US9251339B2 (en) * 2007-12-29 2016-02-02 International Business Machines Corporation Core dump privacy during application failure
US20090240953A1 (en) 2008-03-19 2009-09-24 Safenet, Inc. On-disk software image encryption
US9383970B2 (en) * 2009-08-13 2016-07-05 Microsoft Technology Licensing, Llc Distributed analytics platform
GB2526217B (en) 2013-03-15 2020-11-04 Intel Corp Mobile computing device technology and systems and methods utilizing the same
US9286152B2 (en) 2013-06-14 2016-03-15 Microsoft Technology Licensing, Llc Securely obtaining memory content after device malfunction
US9792448B2 (en) 2014-02-28 2017-10-17 Advanced Micro Devices, Inc. Cryptographic protection of information in a processing system
US10296413B2 (en) 2016-05-02 2019-05-21 Microsoft Technology Licensing, Llc Recovery environment for a virtual machine
US10366227B2 (en) 2016-11-15 2019-07-30 International Business Machines Corporation Secure debugging in a trustable computing environment
US10496425B2 (en) 2017-02-21 2019-12-03 Red Hat, Inc. Systems and methods for providing processor state protections in a virtualized environment
US9892256B1 (en) 2017-04-10 2018-02-13 Bracket Computing, Inc. Threat defense techniques
US20180341768A1 (en) * 2017-05-26 2018-11-29 Microsoft Technology Licensing, Llc Virtual machine attestation
US10848474B2 (en) 2018-02-26 2020-11-24 Red Hat, Inc. Firmware validation for encrypted virtual machines
US10698716B2 (en) * 2018-03-15 2020-06-30 Nutanix, Inc. Virtual machine state recorder
US11308215B2 (en) * 2019-03-08 2022-04-19 International Business Machines Corporation Secure interface control high-level instruction interception for interruption enablement
CN112860380A (zh) 2021-03-04 2021-05-28 中国科学院信息工程研究所 一种基于内置安全芯片的虚拟机可信迁移方法

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2018526720A (ja) * 2015-06-24 2018-09-13 アドバンスト・マイクロ・ディバイシズ・インコーポレイテッドAdvanced Micro Devices Incorporated 仮想マシンの状態情報の保護
US20180081824A1 (en) * 2016-09-16 2018-03-22 International Business Machines Corporation Generating memory dumps

Also Published As

Publication number Publication date
TW202311945A (zh) 2023-03-16
US12019772B2 (en) 2024-06-25
EP4402570A1 (en) 2024-07-24
CN117940900A (zh) 2024-04-26
WO2023041462A1 (en) 2023-03-23
KR20240038774A (ko) 2024-03-25
US20230083083A1 (en) 2023-03-16
TWI806622B (zh) 2023-06-21
CA3217891A1 (en) 2023-03-23

Similar Documents

Publication Publication Date Title
JP7546675B2 (ja) セキュア・ゲストへのセキュリティ・モジュールのセキュア・オブジェクトのバインディング
JP7725169B2 (ja) 準同型暗号化を使用したセキュアなコンピューティング・リソース配置
KR102551935B1 (ko) 보안 운영 체제 이미지의 점진적 복호화 및 무결성 검증
TW202034655A (zh) 以加密金鑰指令計算數位簽章驗證標記
JP7851392B2 (ja) セキュア・ゲスト・イメージおよびセキュア・ゲスト・メタデータの更新
JP2024533120A (ja) セキュア仮想マシンの診断状態の格納
TW202032398A (zh) 計算數位簽章認證驗證指令
JP2024528930A (ja) セキュア・ゲストの証明
EP3925158B1 (en) Perform cryptographic computation scalar multiply instruction
TW202040966A (zh) 計算數位簽章認證標記指令
WO2023012197A1 (en) Confidential data provided to a secure guest via metadata
US20200313869A1 (en) Generating a protected key for selective use
US11372983B2 (en) Employing a protected key in performing operations
HK40104309A (zh) 存储安全虚拟机的诊断状态
HK40057636B (zh) 安全操作系统影像的增量解密和完整性验证

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20241029

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20250220

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20260212

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20260226

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20260409

RD12 Notification of acceptance of power of sub attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7432

Effective date: 20260409