KR102551936B1 - 보안 인터페이스 컨트롤 스토리지를 위한 호스트 가상 주소 공간 - Google Patents

보안 인터페이스 컨트롤 스토리지를 위한 호스트 가상 주소 공간 Download PDF

Info

Publication number
KR102551936B1
KR102551936B1 KR1020217027019A KR20217027019A KR102551936B1 KR 102551936 B1 KR102551936 B1 KR 102551936B1 KR 1020217027019 A KR1020217027019 A KR 1020217027019A KR 20217027019 A KR20217027019 A KR 20217027019A KR 102551936 B1 KR102551936 B1 KR 102551936B1
Authority
KR
South Korea
Prior art keywords
secure
interface control
address
virtual
host
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
KR1020217027019A
Other languages
English (en)
Korean (ko)
Other versions
KR20210121124A (ko
Inventor
클라우디오 임브렌다
크리스찬 본트래거
리사 헬러
파디 부사바
조나단 브래드버리
Original Assignee
인터내셔널 비지네스 머신즈 코포레이션
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 인터내셔널 비지네스 머신즈 코포레이션 filed Critical 인터내셔널 비지네스 머신즈 코포레이션
Publication of KR20210121124A publication Critical patent/KR20210121124A/ko
Application granted granted Critical
Publication of KR102551936B1 publication Critical patent/KR102551936B1/ko
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1009Address translation using page tables, e.g. page table structures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/109Address translation for multiple virtual address spaces, e.g. segmentation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1466Key-lock mechanism
    • G06F12/1475Key-lock mechanism in a virtual system, e.g. with translation means
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1052Security improvement
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/15Use in a specific computing environment
    • G06F2212/151Emulated environment, e.g. virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/65Details of virtual memory and virtual address translation
    • G06F2212/651Multi-level translation tables
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/65Details of virtual memory and virtual address translation
    • G06F2212/656Address space sharing
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/65Details of virtual memory and virtual address translation
    • G06F2212/657Virtual address space management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Memory System Of A Hierarchy Structure (AREA)
  • Stored Programmes (AREA)
KR1020217027019A 2019-03-08 2020-03-06 보안 인터페이스 컨트롤 스토리지를 위한 호스트 가상 주소 공간 Active KR102551936B1 (ko)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US16/296,301 US11176054B2 (en) 2019-03-08 2019-03-08 Host virtual address space for secure interface control storage
US16/296,301 2019-03-08
PCT/EP2020/056033 WO2020182664A1 (en) 2019-03-08 2020-03-06 Host virtual address space for secure interface control storage

Publications (2)

Publication Number Publication Date
KR20210121124A KR20210121124A (ko) 2021-10-07
KR102551936B1 true KR102551936B1 (ko) 2023-07-06

Family

ID=69770916

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020217027019A Active KR102551936B1 (ko) 2019-03-08 2020-03-06 보안 인터페이스 컨트롤 스토리지를 위한 호스트 가상 주소 공간

Country Status (11)

Country Link
US (2) US11176054B2 (https=)
EP (1) EP3935546B1 (https=)
JP (1) JP7379516B2 (https=)
KR (1) KR102551936B1 (https=)
CN (1) CN113597609B (https=)
ES (1) ES2966715T3 (https=)
HU (1) HUE064583T2 (https=)
MX (1) MX395008B (https=)
PL (1) PL3935546T3 (https=)
SG (1) SG11202105425TA (https=)
WO (1) WO2020182664A1 (https=)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11308215B2 (en) * 2019-03-08 2022-04-19 International Business Machines Corporation Secure interface control high-level instruction interception for interruption enablement
US11347529B2 (en) 2019-03-08 2022-05-31 International Business Machines Corporation Inject interrupts and exceptions into secure virtual machine
US11283800B2 (en) 2019-03-08 2022-03-22 International Business Machines Corporation Secure interface control secure storage hardware tagging
US11176054B2 (en) 2019-03-08 2021-11-16 International Business Machines Corporation Host virtual address space for secure interface control storage
US11068310B2 (en) 2019-03-08 2021-07-20 International Business Machines Corporation Secure storage query and donation
US11455398B2 (en) 2019-03-08 2022-09-27 International Business Machines Corporation Testing storage protection hardware in a secure virtual machine environment
US20230221982A1 (en) * 2020-07-30 2023-07-13 Red Hat, Inc. Enabling communication between virtual machines and virtual devices by hypervisor-controlled firmware
US12443429B2 (en) * 2022-08-30 2025-10-14 Red Hat, Inc. Memory deduplication for encrypted virtual machines

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090222816A1 (en) * 2008-02-29 2009-09-03 Arm Limited Data processing apparatus and method for controlling access to secure memory by virtual machines executing on processing circuirty
US20150378930A1 (en) * 2014-06-27 2015-12-31 Ravi L. Sahita Validating virtual address translation
US20180189190A1 (en) * 2016-07-29 2018-07-05 Advanced Micro Devices, Inc. Controlling Access to Pages in a Memory in a Computing Device

Family Cites Families (95)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4245302A (en) 1978-10-10 1981-01-13 Magnuson Computer Systems, Inc. Computer and method for executing target instructions
US4787031A (en) 1985-01-04 1988-11-22 Digital Equipment Corporation Computer with virtual machine mode and multiple protection rings
US7194740B1 (en) 1999-05-28 2007-03-20 Oracle International Corporation System for extending an addressable range of memory
US8108873B1 (en) 1999-05-28 2012-01-31 Oracle International Corporation System for extending an addressable range of memory
US6678815B1 (en) 2000-06-27 2004-01-13 Intel Corporation Apparatus and method for reducing power consumption due to cache and TLB accesses in a processor front-end
US8037530B1 (en) 2000-08-28 2011-10-11 Verizon Corporate Services Group Inc. Method and apparatus for providing adaptive self-synchronized dynamic address translation as an intrusion detection sensor
US7433951B1 (en) 2000-09-22 2008-10-07 Vmware, Inc. System and method for controlling resource revocation in a multi-guest computer system
US7191440B2 (en) 2001-08-15 2007-03-13 Intel Corporation Tracking operating system process and thread execution and virtual machine execution in hardware or in a virtual machine monitor
US7069442B2 (en) 2002-03-29 2006-06-27 Intel Corporation System and method for execution of a secured environment initialization instruction
US20030226014A1 (en) 2002-05-31 2003-12-04 Schmidt Rodney W. Trusted client utilizing security kernel under secure execution mode
WO2004046934A2 (en) 2002-11-18 2004-06-03 Arm Limited Secure memory for protecting against malicious programs
US7149862B2 (en) 2002-11-18 2006-12-12 Arm Limited Access control in a data processing apparatus
WO2005036367A2 (en) 2003-10-08 2005-04-21 Unisys Corporation Virtual data center that allocates and manages system resources across multiple nodes
US7421533B2 (en) 2004-04-19 2008-09-02 Intel Corporation Method to manage memory in a platform with virtual machines
US7191292B2 (en) 2004-06-04 2007-03-13 Sun Microsystems, Inc. Logging of level-two cache transactions into banks of the level-two cache for system rollback
US7475166B2 (en) 2005-02-28 2009-01-06 International Business Machines Corporation Method and system for fully trusted adapter validation of addresses referenced in a virtual host transfer request
US7685635B2 (en) 2005-03-11 2010-03-23 Microsoft Corporation Systems and methods for multi-level intercept processing in a virtual machine environment
US20070094323A1 (en) 2005-10-25 2007-04-26 Smith Jeffrey C Managed resource sharing method and apparatus
US20070091809A1 (en) 2005-10-25 2007-04-26 Smith Jeffrey C Managed network resource sharing and optimization method and apparatus
US20080294866A1 (en) 2007-05-22 2008-11-27 Hewlett-Packard Development Company, L.P. Method And Apparatus For Memory Management
US8219989B2 (en) 2007-08-02 2012-07-10 International Business Machines Corporation Partition adjunct with non-native device driver for facilitating access to a physical input/output device
US8010763B2 (en) 2007-08-02 2011-08-30 International Business Machines Corporation Hypervisor-enforced isolation of entities within a single logical partition's virtual address space
US8145676B2 (en) 2008-02-11 2012-03-27 International Business Machines Corporation Shared inventory item donation in a virtual universe
US8176280B2 (en) 2008-02-25 2012-05-08 International Business Machines Corporation Use of test protection instruction in computing environments that support pageable guests
US8458438B2 (en) 2008-02-26 2013-06-04 International Business Machines Corporation System, method and computer program product for providing quiesce filtering for shared memory
US8312230B2 (en) 2008-06-06 2012-11-13 International Business Machines Corporation Dynamic control of partition memory affinity in a shared memory partition data processing system
US8799892B2 (en) 2008-06-09 2014-08-05 International Business Machines Corporation Selective memory donation in virtual real memory environment
US8151032B2 (en) 2008-06-26 2012-04-03 Microsoft Corporation Direct memory access filter for virtualized operating systems
US8261320B1 (en) 2008-06-30 2012-09-04 Symantec Corporation Systems and methods for securely managing access to data
WO2011041615A1 (en) 2009-09-30 2011-04-07 Citrix Systems, Inc. Dynamic reallocation of physical memory responsive to virtual machine events
US9087200B2 (en) 2009-12-22 2015-07-21 Intel Corporation Method and apparatus to provide secure application execution
US20110153944A1 (en) 2009-12-22 2011-06-23 Klaus Kursawe Secure Cache Memory Architecture
US8510599B2 (en) 2010-06-23 2013-08-13 International Business Machines Corporation Managing processing associated with hardware events
US20120297177A1 (en) 2010-11-15 2012-11-22 Ghosh Anup K Hardware Assisted Operating System Switch
CN102594852B (zh) 2011-01-04 2016-03-30 中国移动通信集团公司 数据访问方法、节点及系统
KR20120097136A (ko) 2011-02-24 2012-09-03 삼성전자주식회사 가상화 환경에서의 메모리 풀 관리
WO2012128681A1 (en) 2011-03-22 2012-09-27 Telefonaktiebolaget L M Ericsson (Publ) Method for switching between virtualized and non-virtualized system operation
US9276953B2 (en) 2011-05-13 2016-03-01 International Business Machines Corporation Method and apparatus to detect and block unauthorized MAC address by virtual machine aware network switches
US8590005B2 (en) 2011-06-08 2013-11-19 Adventium Enterprises, Llc Multi-domain information sharing
US9141785B2 (en) 2011-08-03 2015-09-22 Cloudbyte, Inc. Techniques for providing tenant based storage security and service level assurance in cloud storage environment
US8788763B2 (en) 2011-10-13 2014-07-22 International Business Machines Corporation Protecting memory of a virtual guest
US9251039B2 (en) 2012-02-17 2016-02-02 Microsoft Technology Licensing, Llc Remote debugging as a service
US20130232315A1 (en) 2012-03-02 2013-09-05 Samsung Electronics Co., Ltd. Scalable, customizable, and load-balancing physical memory management scheme
US20140007189A1 (en) 2012-06-28 2014-01-02 International Business Machines Corporation Secure access to shared storage resources
US9697047B2 (en) 2012-09-25 2017-07-04 International Business Machines Corporation Cooperation of hoarding memory allocators in a multi-process system
CN103729230B (zh) 2012-10-11 2017-04-12 财团法人工业技术研究院 虚拟机系统的内存管理方法和计算机系统
EP2923478B1 (en) 2012-11-21 2019-08-14 Apple Inc. Policy-based techniques for managing access control
US9185114B2 (en) 2012-12-05 2015-11-10 Symantec Corporation Methods and systems for secure storage segmentation based on security context in a virtual environment
US9767044B2 (en) 2013-09-24 2017-09-19 Intel Corporation Secure memory repartitioning
US9792448B2 (en) 2014-02-28 2017-10-17 Advanced Micro Devices, Inc. Cryptographic protection of information in a processing system
WO2015132753A1 (en) 2014-03-07 2015-09-11 Eco4Cloud S.R.L. Method for memory management in virtual machines, and corresponding system and computer program product
US9672058B2 (en) 2014-03-13 2017-06-06 Unisys Corporation Reduced service partition virtualization system and method
US9483639B2 (en) 2014-03-13 2016-11-01 Unisys Corporation Service partition virtualization system and method having a secure application
GB2525596B (en) 2014-04-28 2021-05-26 Arm Ip Ltd Access control and code scheduling
CN105095094B (zh) 2014-05-06 2018-11-30 华为技术有限公司 内存管理方法和设备
US9553850B2 (en) 2014-06-30 2017-01-24 International Business Machines Corporation Multi-tenant secure separation of data in a cloud-based application
KR101592782B1 (ko) 2014-11-05 2016-02-12 플러스기술주식회사 전가상화 시스템에서 자원을 감시하는 장치 및 방법
WO2016081867A1 (en) 2014-11-20 2016-05-26 Interdigital Patent Holdings, Inc. Providing security to computing systems
US9870324B2 (en) 2015-04-09 2018-01-16 Vmware, Inc. Isolating guest code and data using multiple nested page tables
US9875047B2 (en) 2015-05-27 2018-01-23 Red Hat Israel, Ltd. Exit-less host memory locking in a virtualized environment
US10114958B2 (en) 2015-06-16 2018-10-30 Microsoft Technology Licensing, Llc Protected regions
US9942035B2 (en) 2015-08-18 2018-04-10 Intel Corporation Platform migration of secure enclaves
US9760290B2 (en) 2015-09-25 2017-09-12 International Business Machines Corporation Smart volume manager for storage space usage optimization
US9558004B1 (en) 2015-10-16 2017-01-31 International Business Machines Corporation Inter-platform management of computing resources
US10157276B2 (en) * 2015-11-23 2018-12-18 Armor Defense Inc. Extracting malicious instructions on a virtual machine in a network environment
US10019279B2 (en) 2015-12-17 2018-07-10 International Business Machines Corporation Transparent secure interception handling
US10013579B2 (en) 2015-12-23 2018-07-03 Intel Corporation Secure routing of trusted software transactions in unsecure fabric
US10516533B2 (en) 2016-02-05 2019-12-24 Mohammad Mannan Password triggered trusted encryption key deletion
US9910768B1 (en) 2016-05-23 2018-03-06 Parallels IP Holdings GmbH Method for memory management for virtual machines
US10152350B2 (en) 2016-07-01 2018-12-11 Intel Corporation Secure domain manager
US10248573B2 (en) * 2016-07-18 2019-04-02 International Business Machines Corporation Managing memory used to back address translation structures
US10462219B2 (en) 2016-08-10 2019-10-29 Iboss, Inc. Distributed network security system providing isolation of customer data
US12265849B2 (en) 2016-08-28 2025-04-01 VMware LLC Use of nested hypervisors by a resource-exchange system to enhance data and operational security and to facilitate component installation
US10528721B2 (en) 2016-10-20 2020-01-07 Intel Corporation Trusted packet processing for multi-domain separatization and security
US9710395B1 (en) 2016-10-26 2017-07-18 International Business Machines Corporation Dynamic address translation table allocation
US10380032B2 (en) 2017-03-09 2019-08-13 Internatinoal Business Machines Corporation Multi-engine address translation facility
KR102257320B1 (ko) 2017-03-29 2021-05-27 어드밴스드 마이크로 디바이시즈, 인코포레이티드 하이퍼바이저 및 가상 머신 간 메모리 페이지 이행의 모니터링
US10387686B2 (en) 2017-07-27 2019-08-20 International Business Machines Corporation Hardware based isolation for secure execution of virtual machines
US11687654B2 (en) 2017-09-15 2023-06-27 Intel Corporation Providing isolation in virtualized systems using trust domains
US10671737B2 (en) 2017-11-10 2020-06-02 Intel Corporation Cryptographic memory ownership table for secure public cloud
US10474382B2 (en) 2017-12-01 2019-11-12 Red Hat, Inc. Fast virtual machine storage allocation with encrypted storage
US10552344B2 (en) 2017-12-26 2020-02-04 Intel Corporation Unblock instruction to reverse page block during paging
JP2019159562A (ja) 2018-03-09 2019-09-19 富士通株式会社 情報処理装置、情報処理システム、及びプログラム
EP3776288A4 (en) 2018-04-10 2022-01-05 Al Belooshi, Bushra Abbas Mohammed SECURITY SYSTEM AND METHOD OF CRYPTOGRAPHIC KEYS IN THE CLOUD
US11258861B2 (en) 2018-06-29 2022-02-22 Intel Corporation Secure reporting of platform state information to a remote server
US10929165B2 (en) 2018-07-31 2021-02-23 Nutanix, Inc. System and method for memory resizing in a virtual computing environment
US10761996B2 (en) 2018-09-28 2020-09-01 Intel Corporation Apparatus and method for secure memory access using trust domains
US11461244B2 (en) 2018-12-20 2022-10-04 Intel Corporation Co-existence of trust domain architecture with multi-key total memory encryption technology in servers
US11182192B2 (en) 2019-03-08 2021-11-23 International Business Machines Corporation Controlling access to secure storage of a virtual machine
US11283800B2 (en) 2019-03-08 2022-03-22 International Business Machines Corporation Secure interface control secure storage hardware tagging
US11176054B2 (en) 2019-03-08 2021-11-16 International Business Machines Corporation Host virtual address space for secure interface control storage
US11487906B2 (en) 2019-03-08 2022-11-01 International Business Machines Corporation Storage sharing between a secure domain and a non-secure entity
US10956188B2 (en) 2019-03-08 2021-03-23 International Business Machines Corporation Transparent interpretation of guest instructions in secure virtual machine environment
US11068310B2 (en) 2019-03-08 2021-07-20 International Business Machines Corporation Secure storage query and donation
US11455398B2 (en) 2019-03-08 2022-09-27 International Business Machines Corporation Testing storage protection hardware in a secure virtual machine environment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090222816A1 (en) * 2008-02-29 2009-09-03 Arm Limited Data processing apparatus and method for controlling access to secure memory by virtual machines executing on processing circuirty
US20150378930A1 (en) * 2014-06-27 2015-12-31 Ravi L. Sahita Validating virtual address translation
US20180189190A1 (en) * 2016-07-29 2018-07-05 Advanced Micro Devices, Inc. Controlling Access to Pages in a Memory in a Computing Device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Seongwook Jin 외 5인, ‘H-SVM: Hardware-Assisted Secure Virtual Machines under a Vulnerable Hypervisor’, IEEE Transactions on Computers, Vol 64, Issue: 10, 01 October 2015.*

Also Published As

Publication number Publication date
SG11202105425TA (en) 2021-06-29
MX2021010589A (es) 2022-08-25
MX395008B (es) 2025-03-24
EP3935546B1 (en) 2023-11-29
CN113597609A (zh) 2021-11-02
JP7379516B2 (ja) 2023-11-14
CN113597609B (zh) 2025-04-04
EP3935546A1 (en) 2022-01-12
WO2020182664A1 (en) 2020-09-17
ES2966715T3 (es) 2024-04-23
JP2022523785A (ja) 2022-04-26
HUE064583T2 (hu) 2024-03-28
PL3935546T3 (pl) 2024-03-11
US11669462B2 (en) 2023-06-06
US20200285589A1 (en) 2020-09-10
US11176054B2 (en) 2021-11-16
KR20210121124A (ko) 2021-10-07
EP3935546C0 (en) 2023-11-29
US20220004499A1 (en) 2022-01-06

Similar Documents

Publication Publication Date Title
KR102551936B1 (ko) 보안 인터페이스 컨트롤 스토리지를 위한 호스트 가상 주소 공간
JP7379512B2 (ja) セキュア・ドメインと非セキュア・エンティティとの間のストレージ共用
KR102738488B1 (ko) 여러 보안 도메인들에 걸친 보안 메모리의 공유
KR102789374B1 (ko) 보안 인터페이스 컨트롤 보안 스토리지 하드웨어 태깅
JP7410161B2 (ja) ページ変更検出によるセキュアなページング
CN113544645B (zh) 在安全虚拟机环境中测试存储保护硬件
JP7531509B2 (ja) セキュア・ストレージのクエリおよび提供方法、システム、プログラム
KR102774738B1 (ko) 보안 인터페이스 컨트롤 고-레벨 페이지 관리
KR102681250B1 (ko) 보안 스토리지 격리
JP7398472B2 (ja) 割り込みイネーブルのためのセキュア・インターフェース制御ハイレベル命令インターセプト
JP7525234B2 (ja) セキュア・インターフェース・コントロールの通信インターフェース
HK40057848A (en) Communication interface of a secure interface control
HK40057638A (en) Secure interface control secure storage hardware tagging
HK40057848B (zh) 安全接口控件的通信接口

Legal Events

Date Code Title Description
PA0105 International application

St.27 status event code: A-0-1-A10-A15-nap-PA0105

A201 Request for examination
PA0201 Request for examination

St.27 status event code: A-1-2-D10-D11-exm-PA0201

PG1501 Laying open of application

St.27 status event code: A-1-1-Q10-Q12-nap-PG1501

D13-X000 Search requested

St.27 status event code: A-1-2-D10-D13-srh-X000

D14-X000 Search report completed

St.27 status event code: A-1-2-D10-D14-srh-X000

E902 Notification of reason for refusal
PE0902 Notice of grounds for rejection

St.27 status event code: A-1-2-D10-D21-exm-PE0902

E13-X000 Pre-grant limitation requested

St.27 status event code: A-2-3-E10-E13-lim-X000

P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

E701 Decision to grant or registration of patent right
PE0701 Decision of registration

St.27 status event code: A-1-2-D10-D22-exm-PE0701

PR0701 Registration of establishment

St.27 status event code: A-2-4-F10-F11-exm-PR0701

PR1002 Payment of registration fee

St.27 status event code: A-2-2-U10-U12-oth-PR1002

Fee payment year number: 1

PG1601 Publication of registration

St.27 status event code: A-4-4-Q10-Q13-nap-PG1601