JP7410161B2 - ページ変更検出によるセキュアなページング - Google Patents
ページ変更検出によるセキュアなページング Download PDFInfo
- Publication number
- JP7410161B2 JP7410161B2 JP2021549577A JP2021549577A JP7410161B2 JP 7410161 B2 JP7410161 B2 JP 7410161B2 JP 2021549577 A JP2021549577 A JP 2021549577A JP 2021549577 A JP2021549577 A JP 2021549577A JP 7410161 B2 JP7410161 B2 JP 7410161B2
- Authority
- JP
- Japan
- Prior art keywords
- secure
- page
- guest
- storage
- host
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000008859 change Effects 0.000 title description 12
- 238000001514 detection method Methods 0.000 title description 5
- 238000000034 method Methods 0.000 claims description 82
- 238000012545 processing Methods 0.000 claims description 25
- 230000004044 response Effects 0.000 claims description 9
- 230000008569 process Effects 0.000 description 68
- 238000010586 diagram Methods 0.000 description 26
- 238000013519 translation Methods 0.000 description 23
- 230000014616 translation Effects 0.000 description 23
- 230000006870 function Effects 0.000 description 21
- 238000013507 mapping Methods 0.000 description 17
- 230000008676 import Effects 0.000 description 12
- 230000008901 benefit Effects 0.000 description 11
- 238000006243 chemical reaction Methods 0.000 description 10
- 238000007726 management method Methods 0.000 description 9
- 238000004891 communication Methods 0.000 description 8
- 238000002955 isolation Methods 0.000 description 8
- 238000004590 computer program Methods 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000006872 improvement Effects 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 4
- 239000000203 mixture Substances 0.000 description 4
- 238000000926 separation method Methods 0.000 description 4
- 230000009466 transformation Effects 0.000 description 4
- 238000013461 design Methods 0.000 description 3
- 230000008520 organization Effects 0.000 description 3
- 238000005192 partition Methods 0.000 description 3
- 230000001902 propagating effect Effects 0.000 description 3
- 238000003491 array Methods 0.000 description 2
- 239000000835 fiber Substances 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 230000007704 transition Effects 0.000 description 2
- 238000012384 transportation and delivery Methods 0.000 description 2
- RYGMFSIKBFXOCR-UHFFFAOYSA-N Copper Chemical compound [Cu] RYGMFSIKBFXOCR-UHFFFAOYSA-N 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000004913 activation Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009172 bursting Effects 0.000 description 1
- 239000002131 composite material Substances 0.000 description 1
- 229910052802 copper Inorganic materials 0.000 description 1
- 239000010949 copper Substances 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000011900 installation process Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000013439 planning Methods 0.000 description 1
- 229920001690 polydopamine Polymers 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 238000013341 scale-up Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000000638 solvent extraction Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
- G06F12/145—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being virtual, e.g. for virtual blocks or segments before a translation mechanism
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
- G06F12/1425—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1408—Protection against unauthorised use of memory or access to memory by using cryptography
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2212/00—Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
- G06F2212/10—Providing a specific technical effect
- G06F2212/1052—Security improvement
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2212/00—Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
- G06F2212/15—Use in a specific computing environment
- G06F2212/151—Emulated environment, e.g. virtual machine
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Description
Claims (6)
- コンピュータ・システムのメモリのページのハッシュ値を計算することと、
前記ハッシュ値を前記ページの以前に計算されたハッシュ値と比較することと、
前記ハッシュ値が前記以前に計算されたハッシュ値に一致するということの決定に基づいて、ページごと、暗号化ごとの値を前記ページの暗号化において使用することと、
前記ハッシュ値が前記以前に計算されたハッシュ値に一致しないということの決定に基づいて、前記ページごと、暗号化ごとの値の修正値を前記ページの暗号化において使用することとを含む、方法。 - 前記ページをセキュア・ページから非セキュア・ページに変換するというホストの要求に応答して、セキュア制御インターフェイスによって前記暗号化が実行される、請求項1に記載の方法。
- 暗号化された前記非セキュア・ページを、格納のために前記ホストに提供することをさらに含む、請求項2に記載の方法。
- メモリと、
処理ユニットと、
前記処理ユニットおよび前記メモリとインターフェイスをとるセキュア・インターフェイス制御とを備えているシステムであって、前記セキュア・インターフェイス制御が、
前記メモリのページのハッシュ値を計算することと、
前記ハッシュ値を前記ページの以前に計算されたハッシュ値と比較することと、
前記ハッシュ値が前記以前に計算されたハッシュ値に一致するということの決定に基づいて、ページごと、暗号化ごとの値を前記ページの暗号化において使用することと、
前記ハッシュ値が前記以前に計算されたハッシュ値に一致しないということの決定に基づいて、前記ページごと、暗号化ごとの値の修正値を前記ページの暗号化において使用することとを含む動作を実行するように構成される、システム。 - コンピュータに、
コンピュータ・システムのメモリのページのハッシュ値を計算することと、
前記ハッシュ値を前記ページの以前に計算されたハッシュ値と比較することと、
前記ハッシュ値が前記以前に計算されたハッシュ値に一致するということの決定に基づいて、ページごと、暗号化ごとの値を前記ページの暗号化において使用することと、
前記ハッシュ値が前記以前に計算されたハッシュ値に一致しないということの決定に基づいて、前記ページごと、暗号化ごとの値の修正値を前記ページの暗号化において使用することとを実行させるためのプログラム。 - 請求項5に記載のプログラムを記憶したコンピュータ読取可能な記憶媒体。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/296,303 US11206128B2 (en) | 2019-03-08 | 2019-03-08 | Secure paging with page change detection |
US16/296,303 | 2019-03-08 | ||
PCT/IB2020/051941 WO2020183308A1 (en) | 2019-03-08 | 2020-03-06 | Secure paging with page change detection |
Publications (3)
Publication Number | Publication Date |
---|---|
JP2022522664A JP2022522664A (ja) | 2022-04-20 |
JPWO2020183308A5 JPWO2020183308A5 (ja) | 2022-08-12 |
JP7410161B2 true JP7410161B2 (ja) | 2024-01-09 |
Family
ID=72335881
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2021549577A Active JP7410161B2 (ja) | 2019-03-08 | 2020-03-06 | ページ変更検出によるセキュアなページング |
Country Status (6)
Country | Link |
---|---|
US (1) | US11206128B2 (ja) |
JP (1) | JP7410161B2 (ja) |
CN (1) | CN113544652A (ja) |
DE (1) | DE112020000286B4 (ja) |
GB (1) | GB2594905B (ja) |
WO (1) | WO2020183308A1 (ja) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11347529B2 (en) | 2019-03-08 | 2022-05-31 | International Business Machines Corporation | Inject interrupts and exceptions into secure virtual machine |
US11347869B2 (en) | 2019-03-08 | 2022-05-31 | International Business Machines Corporation | Secure interface control high-level page management |
US11308215B2 (en) * | 2019-03-08 | 2022-04-19 | International Business Machines Corporation | Secure interface control high-level instruction interception for interruption enablement |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2011181107A (ja) | 2011-06-09 | 2011-09-15 | Fujitsu Semiconductor Ltd | セキュアプロセッサ用プログラム |
JP2018502371A (ja) | 2014-12-15 | 2018-01-25 | インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation | セキュア・オブジェクトをサポートするプロセッサ、方法およびコンピュータ・プログラム |
US20180285140A1 (en) | 2017-03-29 | 2018-10-04 | Advanced Micro Devices, Inc. | Monitoring of memory page transitions between a hypervisor and a virtual machine |
Family Cites Families (49)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5343527A (en) | 1993-10-27 | 1994-08-30 | International Business Machines Corporation | Hybrid encryption method and system for protecting reusable software components |
US5757919A (en) * | 1996-12-12 | 1998-05-26 | Intel Corporation | Cryptographically protected paging subsystem |
US6021201A (en) | 1997-01-07 | 2000-02-01 | Intel Corporation | Method and apparatus for integrated ciphering and hashing |
US6983365B1 (en) | 2000-05-05 | 2006-01-03 | Microsoft Corporation | Encryption systems and methods for identifying and coalescing identical objects encrypted with different keys |
US6996748B2 (en) | 2002-06-29 | 2006-02-07 | Intel Corporation | Handling faults associated with operation of guest software in the virtual-machine architecture |
EP1678617A4 (en) | 2003-10-08 | 2008-03-26 | Unisys Corp | COMPUTER SYSTEM PARAVIRTUALIZATION BY USING A HYPERVISOR IMPLEMENTED IN A PARTITION OF THE HOST SYSTEM |
EP1870814B1 (en) | 2006-06-19 | 2014-08-13 | Texas Instruments France | Method and apparatus for secure demand paging for processor devices |
US7653819B2 (en) | 2004-10-01 | 2010-01-26 | Lenovo Singapore Pte Ltd. | Scalable paging of platform configuration registers |
US7886363B2 (en) | 2006-05-24 | 2011-02-08 | Noam Camiel | System and method for virtual memory and securing memory in programming languages |
EP1870813B1 (en) | 2006-06-19 | 2013-01-30 | Texas Instruments France | Page processing circuits, devices, methods and systems for secure demand paging and other operations |
US20080077767A1 (en) | 2006-09-27 | 2008-03-27 | Khosravi Hormuzd M | Method and apparatus for secure page swapping in virtual memory systems |
US8555081B2 (en) | 2007-10-30 | 2013-10-08 | Vmware, Inc. | Cryptographic multi-shadowing with integrity verification |
GB2460393B (en) | 2008-02-29 | 2012-03-28 | Advanced Risc Mach Ltd | A data processing apparatus and method for controlling access to secure memory by virtual machines executing on processing circuitry |
US8738932B2 (en) | 2009-01-16 | 2014-05-27 | Teleputers, Llc | System and method for processor-based security |
US8833437B2 (en) | 2009-05-06 | 2014-09-16 | Holtec International, Inc. | Heat exchanger apparatus for converting a shell-side liquid into a vapor |
US8904190B2 (en) | 2010-10-20 | 2014-12-02 | Advanced Micro Devices, Inc. | Method and apparatus including architecture for protecting sensitive code and data |
US20120185699A1 (en) * | 2011-01-14 | 2012-07-19 | International Business Machines Corporation | Space-efficient encryption with multi-block binding |
CN103583013B (zh) * | 2011-06-02 | 2016-04-13 | 三菱电机株式会社 | 密钥信息生成装置以及密钥信息生成方法 |
KR101323858B1 (ko) | 2011-06-22 | 2013-11-21 | 한국과학기술원 | 가상화 시스템에서 메모리 접근을 제어하는 장치 및 방법 |
US8681813B2 (en) * | 2011-11-29 | 2014-03-25 | Wyse Technology L.L.C. | Bandwidth optimization for remote desktop protocol |
WO2014004747A2 (en) | 2012-06-26 | 2014-01-03 | Lynuxworks, Inc. | Systems and methods involving features of hardware virtualization such as separation kernel hypervisors, hypervisors, hypervisor guest context, hypervisor context, rootkit detection/prevention, and/or other features |
US8910238B2 (en) | 2012-11-13 | 2014-12-09 | Bitdefender IPR Management Ltd. | Hypervisor-based enterprise endpoint protection |
WO2014081611A2 (en) | 2012-11-20 | 2014-05-30 | Unisys Corporation | Error recovery in securely partitioned virtualization system with dedicated resources |
US8931108B2 (en) | 2013-02-18 | 2015-01-06 | Qualcomm Incorporated | Hardware enforced content protection for graphics processing units |
US9792448B2 (en) | 2014-02-28 | 2017-10-17 | Advanced Micro Devices, Inc. | Cryptographic protection of information in a processing system |
US9483639B2 (en) | 2014-03-13 | 2016-11-01 | Unisys Corporation | Service partition virtualization system and method having a secure application |
US9390267B2 (en) | 2014-05-15 | 2016-07-12 | Lynx Software Technologies, Inc. | Systems and methods involving features of hardware virtualization, hypervisor, pages of interest, and/or other features |
US9251090B1 (en) | 2014-06-03 | 2016-02-02 | Amazon Technologies, Inc. | Hypervisor assisted virtual memory obfuscation |
US9454497B2 (en) | 2014-08-15 | 2016-09-27 | Intel Corporation | Technologies for secure inter-virtual-machine shared memory communication |
US9672354B2 (en) | 2014-08-18 | 2017-06-06 | Bitdefender IPR Management Ltd. | Systems and methods for exposing a result of a current processor instruction upon exiting a virtual machine |
US9305661B2 (en) | 2014-09-03 | 2016-04-05 | Microsemi Storage Solutions (U.S.), Inc. | Nonvolatile memory system that uses programming time to reduce bit errors |
CN105512559B (zh) | 2014-10-17 | 2019-09-17 | 阿里巴巴集团控股有限公司 | 一种用于提供访问页面的方法与设备 |
US10599458B2 (en) | 2015-01-23 | 2020-03-24 | Unisys Corporation | Fabric computing system having an embedded software defined network |
US10157146B2 (en) | 2015-02-12 | 2018-12-18 | Red Hat Israel, Ltd. | Local access DMA with shared memory pool |
US9842065B2 (en) | 2015-06-15 | 2017-12-12 | Intel Corporation | Virtualization-based platform protection technology |
US9720721B2 (en) | 2015-07-01 | 2017-08-01 | International Business Machines Corporation | Protected guests in a hypervisor controlled system |
US9942035B2 (en) | 2015-08-18 | 2018-04-10 | Intel Corporation | Platform migration of secure enclaves |
WO2017033180A1 (en) | 2015-08-26 | 2017-03-02 | B. G. Negev Technologies And Applications Ltd., At Ben-Gurion University | System and method for monitoring and protecting an untrusted operating system by means of a trusted operating system |
US9841987B2 (en) | 2015-12-17 | 2017-12-12 | International Business Machines Corporation | Transparent secure interception handling |
US10116630B2 (en) | 2016-04-04 | 2018-10-30 | Bitdefender IPR Management Ltd. | Systems and methods for decrypting network traffic in a virtualized environment |
WO2017211651A1 (en) | 2016-06-08 | 2017-12-14 | Thomson Licensing | Devices and methods for core dump deduplication |
US10237245B2 (en) | 2016-07-15 | 2019-03-19 | International Business Machines Corporation | Restricting guest instances in a shared environment |
US10303899B2 (en) * | 2016-08-11 | 2019-05-28 | Intel Corporation | Secure public cloud with protected guest-verified host control |
US10176122B2 (en) | 2016-10-19 | 2019-01-08 | Advanced Micro Devices, Inc. | Direct memory access authorization in a processing system |
US10169577B1 (en) | 2017-03-28 | 2019-01-01 | Symantec Corporation | Systems and methods for detecting modification attacks on shared physical memory |
US20180341529A1 (en) | 2017-05-26 | 2018-11-29 | Microsoft Technology Licensing, Llc | Hypervisor-based secure container |
US10693844B2 (en) | 2017-08-24 | 2020-06-23 | Red Hat, Inc. | Efficient migration for encrypted virtual machines by active page copying |
US11403409B2 (en) | 2019-03-08 | 2022-08-02 | International Business Machines Corporation | Program interruptions for page importing/exporting |
US11347869B2 (en) | 2019-03-08 | 2022-05-31 | International Business Machines Corporation | Secure interface control high-level page management |
-
2019
- 2019-03-08 US US16/296,303 patent/US11206128B2/en active Active
-
2020
- 2020-03-06 DE DE112020000286.1T patent/DE112020000286B4/de active Active
- 2020-03-06 JP JP2021549577A patent/JP7410161B2/ja active Active
- 2020-03-06 WO PCT/IB2020/051941 patent/WO2020183308A1/en active Application Filing
- 2020-03-06 GB GB2113007.5A patent/GB2594905B/en active Active
- 2020-03-06 CN CN202080018913.XA patent/CN113544652A/zh active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2011181107A (ja) | 2011-06-09 | 2011-09-15 | Fujitsu Semiconductor Ltd | セキュアプロセッサ用プログラム |
JP2018502371A (ja) | 2014-12-15 | 2018-01-25 | インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation | セキュア・オブジェクトをサポートするプロセッサ、方法およびコンピュータ・プログラム |
US20180285140A1 (en) | 2017-03-29 | 2018-10-04 | Advanced Micro Devices, Inc. | Monitoring of memory page transitions between a hypervisor and a virtual machine |
Also Published As
Publication number | Publication date |
---|---|
CN113544652A (zh) | 2021-10-22 |
DE112020000286B4 (de) | 2024-07-25 |
JP2022522664A (ja) | 2022-04-20 |
US20200287709A1 (en) | 2020-09-10 |
US11206128B2 (en) | 2021-12-21 |
WO2020183308A1 (en) | 2020-09-17 |
DE112020000286T5 (de) | 2021-09-09 |
GB2594905B (en) | 2022-04-20 |
GB2594905A (en) | 2021-11-10 |
GB202113007D0 (en) | 2021-10-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP7373578B2 (ja) | セキュア仮想マシン環境におけるストレージ保護ハードウェアのテスト方法、システム、プログラム | |
JP7379512B2 (ja) | セキュア・ドメインと非セキュア・エンティティとの間のストレージ共用 | |
JP7350868B2 (ja) | 複数のセキュリティ・ドメインにわたるセキュア・メモリの共用 | |
JP7379516B2 (ja) | セキュア・インターフェース制御ストレージのためのホスト仮想アドレス空間使用方法、システム、プログラム | |
JP7379517B2 (ja) | セキュア・インターフェース制御セキュア・ストレージ・ハードウェアのタグ付け方法、システム、プログラム | |
US11182192B2 (en) | Controlling access to secure storage of a virtual machine | |
JP7410161B2 (ja) | ページ変更検出によるセキュアなページング | |
JP7393846B2 (ja) | セキュア・インターフェイス制御の高レベルのページ管理 | |
AU2020238889B2 (en) | Secure storage isolation |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
RD04 | Notification of resignation of power of attorney |
Free format text: JAPANESE INTERMEDIATE CODE: A7424 Effective date: 20220512 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20220803 |
|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20220824 |
|
A977 | Report on retrieval |
Free format text: JAPANESE INTERMEDIATE CODE: A971007 Effective date: 20230831 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20230905 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20231122 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20231205 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20231221 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 7410161 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |