MX2021010584A - Inicio de un invitado seguro utilizando un mecanismo de carga de programa inicial. - Google Patents

Inicio de un invitado seguro utilizando un mecanismo de carga de programa inicial.

Info

Publication number
MX2021010584A
MX2021010584A MX2021010584A MX2021010584A MX2021010584A MX 2021010584 A MX2021010584 A MX 2021010584A MX 2021010584 A MX2021010584 A MX 2021010584A MX 2021010584 A MX2021010584 A MX 2021010584A MX 2021010584 A MX2021010584 A MX 2021010584A
Authority
MX
Mexico
Prior art keywords
starting
initial program
load mechanism
secure guest
program load
Prior art date
Application number
MX2021010584A
Other languages
English (en)
Inventor
Claudio Imbrenda
Viktor Mihajlovski
Original Assignee
Ibm
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ibm filed Critical Ibm
Publication of MX2021010584A publication Critical patent/MX2021010584A/es

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45545Guest-host, i.e. hypervisor is an application program itself, e.g. VirtualBox
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45562Creating, deleting, cloning virtual machine instances
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45575Starting, stopping, suspending or resuming virtual machine instances
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Stored Programmes (AREA)
  • Hardware Redundancy (AREA)
  • Storage Device Security (AREA)

Abstract

Un método para iniciar un invitado seguro incluye recibir, mediante un hipervisor que se está ejecutando en un servidor anfitrión, una solicitud para enviar una máquina virtual (VM) al servidor anfitrión. La VM se envía al servidor anfitrión por el hipervisor. La VM incluye una instrucción de reinicio. La instrucción de reinicio se activada por el hipervisor para reiniciar la VM en modo seguro.
MX2021010584A 2019-03-08 2020-03-06 Inicio de un invitado seguro utilizando un mecanismo de carga de programa inicial. MX2021010584A (es)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US16/296,304 US10970100B2 (en) 2019-03-08 2019-03-08 Starting a secure guest using an initial program load mechanism
PCT/EP2020/055971 WO2020182642A1 (en) 2019-03-08 2020-03-06 Starting a secure guest using an initial program load mechanism

Publications (1)

Publication Number Publication Date
MX2021010584A true MX2021010584A (es) 2022-03-31

Family

ID=70189895

Family Applications (1)

Application Number Title Priority Date Filing Date
MX2021010584A MX2021010584A (es) 2019-03-08 2020-03-06 Inicio de un invitado seguro utilizando un mecanismo de carga de programa inicial.

Country Status (13)

Country Link
US (1) US10970100B2 (es)
EP (1) EP3935498A1 (es)
JP (1) JP7418093B2 (es)
CN (1) CN113544643A (es)
AU (1) AU2020235010B2 (es)
BR (1) BR112021017782B1 (es)
CA (1) CA3132756A1 (es)
IL (1) IL285225B2 (es)
MX (1) MX2021010584A (es)
SG (1) SG11202105430SA (es)
TW (1) TWI734379B (es)
WO (1) WO2020182642A1 (es)
ZA (1) ZA202106314B (es)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11308215B2 (en) * 2019-03-08 2022-04-19 International Business Machines Corporation Secure interface control high-level instruction interception for interruption enablement
US11205003B2 (en) 2020-03-27 2021-12-21 Intel Corporation Platform security mechanism
CN113434372B (zh) * 2021-06-10 2023-07-18 浙江大华技术股份有限公司 一种定位指示的方法、设备、系统及存储介质
US11874776B2 (en) 2021-06-25 2024-01-16 Intel Corporation Cryptographic protection of memory attached over interconnects
WO2024005143A1 (ja) * 2022-06-29 2024-01-04 セーラ・ネットワークス株式会社 演算処理装置、演算処理システム、演算処理方法、及び演算処理プログラム

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4245302A (en) 1978-10-10 1981-01-13 Magnuson Computer Systems, Inc. Computer and method for executing target instructions
US5155809A (en) * 1989-05-17 1992-10-13 International Business Machines Corp. Uncoupling a central processing unit from its associated hardware for interaction with data handling apparatus alien to the operating system controlling said unit and hardware
US6138236A (en) 1996-07-01 2000-10-24 Sun Microsystems, Inc. Method and apparatus for firmware authentication
US6658562B1 (en) * 2000-08-25 2003-12-02 International Business Machines Corporation Method, system, and program for customizing a basic input/output system (“BIOS”) configuration according to the type of user
US7356677B1 (en) * 2001-10-19 2008-04-08 Flash Vos, Inc. Computer system capable of fast switching between multiple operating systems and applications
US20080177994A1 (en) * 2003-01-12 2008-07-24 Yaron Mayer System and method for improving the efficiency, comfort, and/or reliability in Operating Systems, such as for example Windows
US7984108B2 (en) 2003-10-08 2011-07-19 Unisys Corporation Computer system para-virtualization using a hypervisor that is implemented in a partition of the host system
US9086913B2 (en) 2008-12-31 2015-07-21 Intel Corporation Processor extensions for execution of secure embedded containers
US8387114B2 (en) 2009-01-02 2013-02-26 International Business Machines Corporation Secure workload partitioning in a server environment
JP2011048661A (ja) 2009-08-27 2011-03-10 Nomura Research Institute Ltd 仮想サーバ暗号化システム
US8639783B1 (en) 2009-08-28 2014-01-28 Cisco Technology, Inc. Policy based configuration of interfaces in a virtual machine environment
US8856504B2 (en) * 2010-06-07 2014-10-07 Cisco Technology, Inc. Secure virtual machine bootstrap in untrusted cloud infrastructures
CN103250163B (zh) 2010-12-09 2016-08-10 国际商业机器公司 用于加密和解密虚拟盘的计算机可读存储介质
US20120179904A1 (en) 2011-01-11 2012-07-12 Safenet, Inc. Remote Pre-Boot Authentication
TW201535145A (zh) * 2013-12-04 2015-09-16 Insyde Software Corp 使用保護讀取儲存器安全地儲存韌體數據之系統及方法
US9785801B2 (en) * 2014-06-27 2017-10-10 Intel Corporation Management of authenticated variables
US10599458B2 (en) 2015-01-23 2020-03-24 Unisys Corporation Fabric computing system having an embedded software defined network
US20190095357A1 (en) * 2017-09-28 2019-03-28 Intel Corporation Hardware support for static mode of protected memory management on flexibly-convertible enclave platform

Also Published As

Publication number Publication date
IL285225B2 (en) 2024-03-01
BR112021017782B1 (pt) 2022-08-30
WO2020182642A1 (en) 2020-09-17
CN113544643A (zh) 2021-10-22
AU2020235010B2 (en) 2022-12-01
JP2022522643A (ja) 2022-04-20
TW202101207A (zh) 2021-01-01
US20200285492A1 (en) 2020-09-10
IL285225B1 (en) 2023-11-01
IL285225A (en) 2021-09-30
ZA202106314B (en) 2022-07-27
TWI734379B (zh) 2021-07-21
EP3935498A1 (en) 2022-01-12
CA3132756A1 (en) 2020-09-17
US10970100B2 (en) 2021-04-06
JP7418093B2 (ja) 2024-01-19
BR112021017782A2 (es) 2021-11-23
SG11202105430SA (en) 2021-06-29
AU2020235010A1 (en) 2021-06-17
KR20210118130A (ko) 2021-09-29

Similar Documents

Publication Publication Date Title
MX2021010584A (es) Inicio de un invitado seguro utilizando un mecanismo de carga de programa inicial.
US9229705B2 (en) In-band hypervisor-managed firmware updates
US10445123B2 (en) Hypervisor exchange with virtual-machine consolidation
US9164790B2 (en) Live virtual machine template creation
CN107636612B (zh) 应用迁移装置、方法与存储介质
GB2508553A (en) Protecting memory of a virtual guest
US10365936B2 (en) Idle processor management by guest in virtualized systems
EP4310685A3 (en) Gpu virtualisation
MX2018015044A (es) Aplicaciones criptograficas para un sistema de cadena de bloques.
TW201612749A (en) Method and system for handling interrupts in a virtualized environment
RU2008145040A (ru) Запуск гипервизора в запущенной операционной системе
US9588793B2 (en) Creating new virtual machines based on post-boot virtual machine snapshots
US10169075B2 (en) Method for processing interrupt by virtualization platform, and related device
US11157302B2 (en) Idle processor management in virtualized systems via paravirtualization
NO20091281L (no) Virtualisering for diversifiserende inngrepsmotstand
PL2223203T3 (pl) Wykonywanie zmian konfiguracji wirtualnej topologii
WO2010078143A3 (en) Processor extensions for execution of secure embedded containers
Ameen et al. Survey of server virtualization
RU2016127443A (ru) Команда запуска виртуального выполнения для диспетчеризации множественных потоков в компьютере
GB2523057A (en) User trusted device for detecting a virtualized environment
WO2014000497A1 (zh) 一种虚拟系统的平滑关闭方法及系统
CN102279769B (zh) 一种面向嵌入式Hypervisor 的中断虚拟化操作方法
US11573815B2 (en) Dynamic power management states for virtual machine migration
US9164788B2 (en) Apparatus and method for automatic para-virtualization of OS kernel
CN106815067B (zh) 带i/o虚拟化的虚拟机在线迁移方法、装置