JP6903682B2 - 仮想リソースビューを使用するデータ保護 - Google Patents

仮想リソースビューを使用するデータ保護 Download PDF

Info

Publication number
JP6903682B2
JP6903682B2 JP2018549579A JP2018549579A JP6903682B2 JP 6903682 B2 JP6903682 B2 JP 6903682B2 JP 2018549579 A JP2018549579 A JP 2018549579A JP 2018549579 A JP2018549579 A JP 2018549579A JP 6903682 B2 JP6903682 B2 JP 6903682B2
Authority
JP
Japan
Prior art keywords
resource
computing device
owner
requesting entity
virtual
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP2018549579A
Other languages
English (en)
Japanese (ja)
Other versions
JP2019512811A5 (enExample
JP2019512811A (ja
Inventor
クリストドレスク、ミハイ
ドゥルジャーティ、ディナカール
イスラム、ナイーム
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of JP2019512811A publication Critical patent/JP2019512811A/ja
Publication of JP2019512811A5 publication Critical patent/JP2019512811A5/ja
Application granted granted Critical
Publication of JP6903682B2 publication Critical patent/JP6903682B2/ja
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • G06F12/1433Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a module or a part of a module
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1483Protection against unauthorised use of memory or access to memory by checking the subject access rights using an access-table, e.g. matrix or list
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45591Monitoring or debugging support

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Mathematical Physics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)
JP2018549579A 2016-03-22 2017-02-24 仮想リソースビューを使用するデータ保護 Expired - Fee Related JP6903682B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US15/076,936 2016-03-22
US15/076,936 US20170277903A1 (en) 2016-03-22 2016-03-22 Data Protection Using Virtual Resource Views
PCT/US2017/019396 WO2017165073A1 (en) 2016-03-22 2017-02-24 Data protection using virtual resource views

Publications (3)

Publication Number Publication Date
JP2019512811A JP2019512811A (ja) 2019-05-16
JP2019512811A5 JP2019512811A5 (enExample) 2020-03-12
JP6903682B2 true JP6903682B2 (ja) 2021-07-14

Family

ID=58264630

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2018549579A Expired - Fee Related JP6903682B2 (ja) 2016-03-22 2017-02-24 仮想リソースビューを使用するデータ保護

Country Status (9)

Country Link
US (1) US20170277903A1 (enExample)
EP (1) EP3433748A1 (enExample)
JP (1) JP6903682B2 (enExample)
KR (1) KR20180124048A (enExample)
CN (1) CN108713194A (enExample)
BR (1) BR112018069030A2 (enExample)
CA (1) CA3014917A1 (enExample)
TW (1) TW201737059A (enExample)
WO (1) WO2017165073A1 (enExample)

Families Citing this family (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3140734B1 (en) 2014-05-09 2020-04-08 Nutanix, Inc. Mechanism for providing external access to a secured networked virtualization environment
CN105184154B (zh) * 2015-09-15 2017-06-20 中国科学院信息工程研究所 一种在虚拟化环境中提供密码运算服务的系统和方法
US11550558B2 (en) 2016-02-12 2023-01-10 Nutanix, Inc. Virtualized file server deployment
US11218418B2 (en) 2016-05-20 2022-01-04 Nutanix, Inc. Scalable leadership election in a multi-processing computing environment
US11568073B2 (en) 2016-12-02 2023-01-31 Nutanix, Inc. Handling permissions for virtualized file servers
US10824455B2 (en) * 2016-12-02 2020-11-03 Nutanix, Inc. Virtualized server systems and methods including load balancing for virtualized file servers
US10728090B2 (en) 2016-12-02 2020-07-28 Nutanix, Inc. Configuring network segmentation for a virtualization environment
US11562034B2 (en) 2016-12-02 2023-01-24 Nutanix, Inc. Transparent referrals for distributed file servers
US11294777B2 (en) 2016-12-05 2022-04-05 Nutanix, Inc. Disaster recovery for distributed file servers, including metadata fixers
US11281484B2 (en) 2016-12-06 2022-03-22 Nutanix, Inc. Virtualized server systems and methods including scaling of file system virtual machines
US11288239B2 (en) 2016-12-06 2022-03-29 Nutanix, Inc. Cloning virtualized file servers
US10558250B2 (en) * 2016-12-23 2020-02-11 Oracle International Corporation System and method for coordinated link up handling following switch reset in a high performance computing network
GB2563885B (en) * 2017-06-28 2019-10-23 Advanced Risc Mach Ltd Interrupting export of memory regions
CN111611618B (zh) 2017-10-31 2023-08-04 创新先进技术有限公司 一种数据统计方法和装置
CN110019475B (zh) * 2017-12-21 2021-07-20 华为技术有限公司 数据持久化处理方法、装置及系统
US11086826B2 (en) 2018-04-30 2021-08-10 Nutanix, Inc. Virtualized server systems and methods including domain joining techniques
US11194680B2 (en) 2018-07-20 2021-12-07 Nutanix, Inc. Two node clusters recovery on a failure
US11770447B2 (en) 2018-10-31 2023-09-26 Nutanix, Inc. Managing high-availability file servers
US11768809B2 (en) 2020-05-08 2023-09-26 Nutanix, Inc. Managing incremental snapshots for fast leader node bring-up
US12248435B2 (en) 2021-03-31 2025-03-11 Nutanix, Inc. File analytics systems and methods
US12131192B2 (en) 2021-03-18 2024-10-29 Nutanix, Inc. Scope-based distributed lock infrastructure for virtualized file server
US12197398B2 (en) 2021-03-31 2025-01-14 Nutanix, Inc. Virtualized file servers and methods to persistently store file system event data
US12248434B2 (en) 2021-03-31 2025-03-11 Nutanix, Inc. File analytics systems including examples providing metrics adjusted for application operation
US12242455B2 (en) 2021-03-31 2025-03-04 Nutanix, Inc. File analytics systems and methods including receiving and processing file system event data in order
US12367108B2 (en) 2021-03-31 2025-07-22 Nutanix, Inc. File analytics systems and methods including retrieving metadata from file system snapshots
US12164383B2 (en) 2021-08-19 2024-12-10 Nutanix, Inc. Failover and failback of distributed file servers
US12117972B2 (en) 2021-08-19 2024-10-15 Nutanix, Inc. File server managers and systems for managing virtualized file servers
CN113992425B (zh) * 2021-11-12 2022-09-23 北京天融信网络安全技术有限公司 一种收发网络数据包的方法、网络设备以及通信系统
US12153690B2 (en) 2022-01-24 2024-11-26 Nutanix, Inc. Consistent access control lists across file servers for local users in a distributed file server environment
US12182264B2 (en) 2022-03-11 2024-12-31 Nutanix, Inc. Malicious activity detection, validation, and remediation in virtualized file servers
US12184791B2 (en) * 2022-06-02 2024-12-31 Sap Se Client secure connections for database host
US12189499B2 (en) 2022-07-29 2025-01-07 Nutanix, Inc. Self-service restore (SSR) snapshot replication with share-level file system disaster recovery on virtualized file servers
US12461832B2 (en) 2023-09-27 2025-11-04 Nutanix, Inc. Durable handle management for failover in distributed file servers

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6772350B1 (en) * 1998-05-15 2004-08-03 E.Piphany, Inc. System and method for controlling access to resources in a distributed environment
US8453142B2 (en) * 2007-04-26 2013-05-28 Hewlett-Packard Development Company, L.P. Virtual machine control
US8819676B2 (en) * 2007-10-30 2014-08-26 Vmware, Inc. Transparent memory-mapped emulation of I/O calls
GB2460393B (en) * 2008-02-29 2012-03-28 Advanced Risc Mach Ltd A data processing apparatus and method for controlling access to secure memory by virtual machines executing on processing circuitry
WO2011081935A2 (en) * 2009-12-14 2011-07-07 Citrix Systems, Inc. Methods and systems for communicating between trusted and non-trusted virtual machines
EP2569698B1 (en) * 2010-05-10 2019-07-10 Citrix Systems, Inc. Redirection of information from secure virtual machines to unsecure virtual machines
US8856504B2 (en) * 2010-06-07 2014-10-07 Cisco Technology, Inc. Secure virtual machine bootstrap in untrusted cloud infrastructures
US20130097417A1 (en) * 2011-10-13 2013-04-18 Microsoft Corporation Secure private computation services
US9038083B2 (en) * 2012-02-09 2015-05-19 Citrix Systems, Inc. Virtual machine provisioning based on tagged physical resources in a cloud computing environment
US9122780B2 (en) * 2012-06-20 2015-09-01 Intel Corporation Monitoring resource usage by a virtual machine
US9275223B2 (en) * 2012-10-19 2016-03-01 Mcafee, Inc. Real-time module protection
US9503268B2 (en) * 2013-01-22 2016-11-22 Amazon Technologies, Inc. Securing results of privileged computing operations
US9396011B2 (en) * 2013-03-12 2016-07-19 Qualcomm Incorporated Algorithm and apparatus to deploy virtual machine monitor on demand
US9792448B2 (en) * 2014-02-28 2017-10-17 Advanced Micro Devices, Inc. Cryptographic protection of information in a processing system

Also Published As

Publication number Publication date
EP3433748A1 (en) 2019-01-30
US20170277903A1 (en) 2017-09-28
BR112018069030A2 (pt) 2019-01-29
KR20180124048A (ko) 2018-11-20
CN108713194A (zh) 2018-10-26
WO2017165073A1 (en) 2017-09-28
CA3014917A1 (en) 2017-09-28
JP2019512811A (ja) 2019-05-16
TW201737059A (zh) 2017-10-16

Similar Documents

Publication Publication Date Title
JP6903682B2 (ja) 仮想リソースビューを使用するデータ保護
CN108062242B (zh) 在富执行环境中安全地执行安全应用的计算系统
US10013554B2 (en) Time varying address space layout randomization
EP3602376B1 (en) Monitoring of memory page transitions between a hypervisor and a virtual machine
US10180908B2 (en) Method and apparatus for virtualized control of a shared system cache
US10726120B2 (en) System, apparatus and method for providing locality assertion between a security processor and an enclave
US10372628B2 (en) Cross-domain security in cryptographically partitioned cloud
US20160253497A1 (en) Return Oriented Programming Attack Detection Via Memory Monitoring
US20210279334A1 (en) System on chip and operation method thereof
US9542112B2 (en) Secure cross-process memory sharing
JP7201686B2 (ja) 間接アクセスメモリコントローラ向けの保護機能を追加するための機器
US12399850B2 (en) Secure direct memory access
US11386012B1 (en) Increasing address space layout randomization entropy via page remapping and rotations
US10019574B2 (en) Systems and methods for providing dynamic file system awareness on storage devices
WO2024187365A1 (en) Detecting unexpected memory read

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20200128

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20200128

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20210325

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20210406

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20210512

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20210525

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20210623

R150 Certificate of patent or registration of utility model

Ref document number: 6903682

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

LAPS Cancellation because of no payment of annual fees