KR20180124048A - 가상 리소스 뷰들을 이용한 데이터 보호 - Google Patents

가상 리소스 뷰들을 이용한 데이터 보호 Download PDF

Info

Publication number
KR20180124048A
KR20180124048A KR1020187027284A KR20187027284A KR20180124048A KR 20180124048 A KR20180124048 A KR 20180124048A KR 1020187027284 A KR1020187027284 A KR 1020187027284A KR 20187027284 A KR20187027284 A KR 20187027284A KR 20180124048 A KR20180124048 A KR 20180124048A
Authority
KR
South Korea
Prior art keywords
computing device
resource
requesting entity
owner
device resource
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
KR1020187027284A
Other languages
English (en)
Korean (ko)
Inventor
미하이 크리스토도레스쿠
디나카르 두르자티
나임 이슬람
Original Assignee
퀄컴 인코포레이티드
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 퀄컴 인코포레이티드 filed Critical 퀄컴 인코포레이티드
Publication of KR20180124048A publication Critical patent/KR20180124048A/ko
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • G06F12/1433Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a module or a part of a module
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1483Protection against unauthorised use of memory or access to memory by checking the subject access rights using an access-table, e.g. matrix or list
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45591Monitoring or debugging support

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Mathematical Physics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)
KR1020187027284A 2016-03-22 2017-02-24 가상 리소스 뷰들을 이용한 데이터 보호 Withdrawn KR20180124048A (ko)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US15/076,936 2016-03-22
US15/076,936 US20170277903A1 (en) 2016-03-22 2016-03-22 Data Protection Using Virtual Resource Views
PCT/US2017/019396 WO2017165073A1 (en) 2016-03-22 2017-02-24 Data protection using virtual resource views

Publications (1)

Publication Number Publication Date
KR20180124048A true KR20180124048A (ko) 2018-11-20

Family

ID=58264630

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020187027284A Withdrawn KR20180124048A (ko) 2016-03-22 2017-02-24 가상 리소스 뷰들을 이용한 데이터 보호

Country Status (9)

Country Link
US (1) US20170277903A1 (enExample)
EP (1) EP3433748A1 (enExample)
JP (1) JP6903682B2 (enExample)
KR (1) KR20180124048A (enExample)
CN (1) CN108713194A (enExample)
BR (1) BR112018069030A2 (enExample)
CA (1) CA3014917A1 (enExample)
TW (1) TW201737059A (enExample)
WO (1) WO2017165073A1 (enExample)

Families Citing this family (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3140734B1 (en) 2014-05-09 2020-04-08 Nutanix, Inc. Mechanism for providing external access to a secured networked virtualization environment
CN105184154B (zh) * 2015-09-15 2017-06-20 中国科学院信息工程研究所 一种在虚拟化环境中提供密码运算服务的系统和方法
US11550558B2 (en) 2016-02-12 2023-01-10 Nutanix, Inc. Virtualized file server deployment
US11218418B2 (en) 2016-05-20 2022-01-04 Nutanix, Inc. Scalable leadership election in a multi-processing computing environment
US11568073B2 (en) 2016-12-02 2023-01-31 Nutanix, Inc. Handling permissions for virtualized file servers
US10824455B2 (en) * 2016-12-02 2020-11-03 Nutanix, Inc. Virtualized server systems and methods including load balancing for virtualized file servers
US10728090B2 (en) 2016-12-02 2020-07-28 Nutanix, Inc. Configuring network segmentation for a virtualization environment
US11562034B2 (en) 2016-12-02 2023-01-24 Nutanix, Inc. Transparent referrals for distributed file servers
US11294777B2 (en) 2016-12-05 2022-04-05 Nutanix, Inc. Disaster recovery for distributed file servers, including metadata fixers
US11281484B2 (en) 2016-12-06 2022-03-22 Nutanix, Inc. Virtualized server systems and methods including scaling of file system virtual machines
US11288239B2 (en) 2016-12-06 2022-03-29 Nutanix, Inc. Cloning virtualized file servers
US10558250B2 (en) * 2016-12-23 2020-02-11 Oracle International Corporation System and method for coordinated link up handling following switch reset in a high performance computing network
GB2563885B (en) * 2017-06-28 2019-10-23 Advanced Risc Mach Ltd Interrupting export of memory regions
CN111611618B (zh) 2017-10-31 2023-08-04 创新先进技术有限公司 一种数据统计方法和装置
CN110019475B (zh) * 2017-12-21 2021-07-20 华为技术有限公司 数据持久化处理方法、装置及系统
US11086826B2 (en) 2018-04-30 2021-08-10 Nutanix, Inc. Virtualized server systems and methods including domain joining techniques
US11194680B2 (en) 2018-07-20 2021-12-07 Nutanix, Inc. Two node clusters recovery on a failure
US11770447B2 (en) 2018-10-31 2023-09-26 Nutanix, Inc. Managing high-availability file servers
US11768809B2 (en) 2020-05-08 2023-09-26 Nutanix, Inc. Managing incremental snapshots for fast leader node bring-up
US12248435B2 (en) 2021-03-31 2025-03-11 Nutanix, Inc. File analytics systems and methods
US12131192B2 (en) 2021-03-18 2024-10-29 Nutanix, Inc. Scope-based distributed lock infrastructure for virtualized file server
US12197398B2 (en) 2021-03-31 2025-01-14 Nutanix, Inc. Virtualized file servers and methods to persistently store file system event data
US12248434B2 (en) 2021-03-31 2025-03-11 Nutanix, Inc. File analytics systems including examples providing metrics adjusted for application operation
US12242455B2 (en) 2021-03-31 2025-03-04 Nutanix, Inc. File analytics systems and methods including receiving and processing file system event data in order
US12367108B2 (en) 2021-03-31 2025-07-22 Nutanix, Inc. File analytics systems and methods including retrieving metadata from file system snapshots
US12164383B2 (en) 2021-08-19 2024-12-10 Nutanix, Inc. Failover and failback of distributed file servers
US12117972B2 (en) 2021-08-19 2024-10-15 Nutanix, Inc. File server managers and systems for managing virtualized file servers
CN113992425B (zh) * 2021-11-12 2022-09-23 北京天融信网络安全技术有限公司 一种收发网络数据包的方法、网络设备以及通信系统
US12153690B2 (en) 2022-01-24 2024-11-26 Nutanix, Inc. Consistent access control lists across file servers for local users in a distributed file server environment
US12182264B2 (en) 2022-03-11 2024-12-31 Nutanix, Inc. Malicious activity detection, validation, and remediation in virtualized file servers
US12184791B2 (en) * 2022-06-02 2024-12-31 Sap Se Client secure connections for database host
US12189499B2 (en) 2022-07-29 2025-01-07 Nutanix, Inc. Self-service restore (SSR) snapshot replication with share-level file system disaster recovery on virtualized file servers
US12461832B2 (en) 2023-09-27 2025-11-04 Nutanix, Inc. Durable handle management for failover in distributed file servers

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6772350B1 (en) * 1998-05-15 2004-08-03 E.Piphany, Inc. System and method for controlling access to resources in a distributed environment
US8453142B2 (en) * 2007-04-26 2013-05-28 Hewlett-Packard Development Company, L.P. Virtual machine control
US8819676B2 (en) * 2007-10-30 2014-08-26 Vmware, Inc. Transparent memory-mapped emulation of I/O calls
GB2460393B (en) * 2008-02-29 2012-03-28 Advanced Risc Mach Ltd A data processing apparatus and method for controlling access to secure memory by virtual machines executing on processing circuitry
WO2011081935A2 (en) * 2009-12-14 2011-07-07 Citrix Systems, Inc. Methods and systems for communicating between trusted and non-trusted virtual machines
EP2569698B1 (en) * 2010-05-10 2019-07-10 Citrix Systems, Inc. Redirection of information from secure virtual machines to unsecure virtual machines
US8856504B2 (en) * 2010-06-07 2014-10-07 Cisco Technology, Inc. Secure virtual machine bootstrap in untrusted cloud infrastructures
US20130097417A1 (en) * 2011-10-13 2013-04-18 Microsoft Corporation Secure private computation services
US9038083B2 (en) * 2012-02-09 2015-05-19 Citrix Systems, Inc. Virtual machine provisioning based on tagged physical resources in a cloud computing environment
US9122780B2 (en) * 2012-06-20 2015-09-01 Intel Corporation Monitoring resource usage by a virtual machine
US9275223B2 (en) * 2012-10-19 2016-03-01 Mcafee, Inc. Real-time module protection
US9503268B2 (en) * 2013-01-22 2016-11-22 Amazon Technologies, Inc. Securing results of privileged computing operations
US9396011B2 (en) * 2013-03-12 2016-07-19 Qualcomm Incorporated Algorithm and apparatus to deploy virtual machine monitor on demand
US9792448B2 (en) * 2014-02-28 2017-10-17 Advanced Micro Devices, Inc. Cryptographic protection of information in a processing system

Also Published As

Publication number Publication date
EP3433748A1 (en) 2019-01-30
US20170277903A1 (en) 2017-09-28
BR112018069030A2 (pt) 2019-01-29
CN108713194A (zh) 2018-10-26
JP6903682B2 (ja) 2021-07-14
WO2017165073A1 (en) 2017-09-28
CA3014917A1 (en) 2017-09-28
JP2019512811A (ja) 2019-05-16
TW201737059A (zh) 2017-10-16

Similar Documents

Publication Publication Date Title
KR20180124048A (ko) 가상 리소스 뷰들을 이용한 데이터 보호
US9772953B2 (en) Methods and apparatus for protecting operating system data
US8689349B2 (en) Information flow tracking and protection
US10114958B2 (en) Protected regions
CA2922490C (en) Virtual machine manager facilitated selective code integrity enforcement
JP5736090B2 (ja) 仮想ゲストのメモリ保護の方法、システムおよびコンピュータプログラム
JP5500458B2 (ja) プロセッサメインメモリのメモリコンテンツのセキュリティ保護
US8646050B2 (en) System and method for supporting JIT in a secure system with randomly allocated memory ranges
JP7213879B2 (ja) 間接アクセスメモリコントローラ用のメモリ保護装置
CN110383240B (zh) 用于容器化的安全计算资源的方法和装置
CN101517549A (zh) 存储器访问安全管理
CN113434453A (zh) 片上系统及其操作方法
CN107851032A (zh) 在容器中执行服务
CN110352411B (zh) 用于控制对安全计算资源的访问的方法和装置
KR20140127124A (ko) 시스템 자원에 대한 접근을 관리하는 전자 장치
US20250086269A1 (en) System and method for managing memory, and electronic device
AU2013202876B2 (en) System and method for supporting JIT in a secure system with randomly allocated memory ranges

Legal Events

Date Code Title Description
PA0105 International application

Patent event date: 20180919

Patent event code: PA01051R01D

Comment text: International Patent Application

PG1501 Laying open of application
PC1203 Withdrawal of no request for examination