PL3935537T3 - Środowiskowe sterowniki właściciela gościa bezpiecznego wykonania - Google Patents

Środowiskowe sterowniki właściciela gościa bezpiecznego wykonania

Info

Publication number
PL3935537T3
PL3935537T3 PL20707425.3T PL20707425T PL3935537T3 PL 3935537 T3 PL3935537 T3 PL 3935537T3 PL 20707425 T PL20707425 T PL 20707425T PL 3935537 T3 PL3935537 T3 PL 3935537T3
Authority
PL
Poland
Prior art keywords
secure execution
guest owner
environmental drivers
drivers
environmental
Prior art date
Application number
PL20707425.3T
Other languages
English (en)
Inventor
Reinhard Buendgen
Jonathan Bradbury
Lisa Heller
Original Assignee
International Business Machines Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corporation filed Critical International Business Machines Corporation
Publication of PL3935537T3 publication Critical patent/PL3935537T3/pl

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45562Creating, deleting, cloning virtual machine instances
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)
PL20707425.3T 2019-03-08 2020-02-27 Środowiskowe sterowniki właściciela gościa bezpiecznego wykonania PL3935537T3 (pl)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US16/296,498 US11443040B2 (en) 2019-03-08 2019-03-08 Secure execution guest owner environmental controls
PCT/EP2020/055155 WO2020182482A1 (en) 2019-03-08 2020-02-27 Secure execution guest owner environmental controls

Publications (1)

Publication Number Publication Date
PL3935537T3 true PL3935537T3 (pl) 2024-04-08

Family

ID=69714051

Family Applications (1)

Application Number Title Priority Date Filing Date
PL20707425.3T PL3935537T3 (pl) 2019-03-08 2020-02-27 Środowiskowe sterowniki właściciela gościa bezpiecznego wykonania

Country Status (11)

Country Link
US (2) US11443040B2 (pl)
EP (1) EP3935537B1 (pl)
JP (1) JP7397557B2 (pl)
KR (1) KR102527949B1 (pl)
CN (1) CN113544675B (pl)
ES (1) ES2966019T3 (pl)
HU (1) HUE064478T2 (pl)
PL (1) PL3935537T3 (pl)
SG (1) SG11202105432WA (pl)
WO (1) WO2020182482A1 (pl)
ZA (1) ZA202106318B (pl)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11443040B2 (en) 2019-03-08 2022-09-13 International Business Machines Corporation Secure execution guest owner environmental controls
US11374902B2 (en) * 2019-11-06 2022-06-28 Fisher-Rosemount Systems, Inc. Field device loop warning parameter change smart notification
US11475167B2 (en) 2020-01-29 2022-10-18 International Business Machines Corporation Reserving one or more security modules for a secure guest
US11829495B2 (en) 2021-08-05 2023-11-28 International Business Machines Corporation Confidential data provided to a secure guest via metadata
US11809607B2 (en) * 2021-08-05 2023-11-07 International Business Machines Corporation Customization of multi-part metadata of a secure guest
CN113986089A (zh) * 2021-10-25 2022-01-28 北京有竹居网络技术有限公司 禁止页面跳转方法及设备
US12321475B2 (en) 2022-01-26 2025-06-03 Samsung Electronics Co., Ltd. Storage device for performing access authority control and operating method thereof
KR102560696B1 (ko) * 2022-01-26 2023-07-28 삼성전자주식회사 접근 권한 제어를 수행하는 스토리지 장치 및 그 동작방법
GB2624693A (en) * 2022-11-28 2024-05-29 Ibm Updating secure guest metadata of a specific guest instance
GB2624868A (en) * 2022-11-29 2024-06-05 Ibm Updating secure guest metadata of a specific guest instance
GB2624862A (en) 2022-11-29 2024-06-05 Ibm Extending secure guest metadata to bind the secure guest to an HSM

Family Cites Families (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4494189A (en) 1982-04-26 1985-01-15 International Business Machines Corporation Method and means for switching system control of CPUs
EP0610677A3 (en) 1993-02-12 1995-08-02 Ibm Communication device management module operating in two modes.
US6453392B1 (en) 1998-11-10 2002-09-17 International Business Machines Corporation Method of and apparatus for sharing dedicated devices between virtual machine guests
US7424543B2 (en) 1999-09-08 2008-09-09 Rice Iii James L System and method of permissive data flow and application transfer
US8479264B2 (en) * 2006-09-29 2013-07-02 Micron Technology, Inc. Architecture for virtual security module
US20120054486A1 (en) 2010-08-31 2012-03-01 MindTree Limited Securing A Virtual Environment And Virtual Machines
US9292149B2 (en) 2010-10-22 2016-03-22 Litl Llc Method and apparatus for public computing
US9209976B2 (en) 2010-10-29 2015-12-08 Code Systems Corporation Method and system for restricting execution of virtual applications to a managed process environment
US8769622B2 (en) 2011-06-30 2014-07-01 International Business Machines Corporation Authentication and authorization methods for cloud computing security
US8863109B2 (en) 2011-07-28 2014-10-14 International Business Machines Corporation Updating secure pre-boot firmware in a computing system in real-time
CN103378971B (zh) 2012-04-27 2017-10-13 厦门雅迅网络股份有限公司 一种数据加密系统及方法
US9038148B1 (en) 2012-08-23 2015-05-19 Amazon Technologies, Inc. Secret variation for network sessions
US9071587B2 (en) * 2012-08-27 2015-06-30 International Business Machines Corporation Optimizing deployment of virtual machines by pre-generating a virtual machine's first-boot metadata by cloud controller
GB2515536A (en) * 2013-06-27 2014-12-31 Ibm Processing a guest event in a hypervisor-controlled system
US9418229B2 (en) 2013-10-28 2016-08-16 Disney Enterprises, Inc. Firmware security
US9519498B2 (en) * 2013-12-24 2016-12-13 Microsoft Technology Licensing, Llc Virtual machine assurances
RU2581552C2 (ru) 2014-09-10 2016-04-20 Закрытое Акционерное Общество "Научно-Производственное Объединение "Эшелон" (ЗАО "НПО "Эшелон") Способ доверенной загрузки в виртуализированных средах
US9652276B2 (en) 2014-09-17 2017-05-16 International Business Machines Corporation Hypervisor and virtual machine protection
US9928080B2 (en) 2014-09-30 2018-03-27 International Business Machines Corporation Hardware security module access management in a cloud computing environment
US9858140B2 (en) 2014-11-03 2018-01-02 Intel Corporation Memory corruption detection
GB2532415A (en) * 2014-11-11 2016-05-25 Ibm Processing a guest event in a hypervisor-controlled system
US10230528B2 (en) 2015-05-04 2019-03-12 Intel Corporation Tree-less integrity and replay memory protection for trusted execution environment
MX368137B (es) 2015-05-06 2019-09-20 Ericsson Telefon Ab L M Un nodo de red, un dispositivo inalambrico y metodos en el mismo para manipular informacion de contexto de red de acceso de radio en una red de comunicaciones inalambricas.
US20180075259A1 (en) 2015-09-17 2018-03-15 Cavium, Inc. Systems and methods for secure machine for hardware security module (hsm) adapter
GB201603469D0 (en) 2016-02-29 2016-04-13 Ibm Securely removing system capabilities from a logical partition
US10218696B2 (en) 2016-06-30 2019-02-26 Microsoft Technology Licensing, Llc Targeted secure software deployment
US10237245B2 (en) 2016-07-15 2019-03-19 International Business Machines Corporation Restricting guest instances in a shared environment
US11443040B2 (en) 2019-03-08 2022-09-13 International Business Machines Corporation Secure execution guest owner environmental controls
US11475167B2 (en) 2020-01-29 2022-10-18 International Business Machines Corporation Reserving one or more security modules for a secure guest

Also Published As

Publication number Publication date
SG11202105432WA (en) 2021-06-29
WO2020182482A1 (en) 2020-09-17
US20220382869A1 (en) 2022-12-01
KR102527949B1 (ko) 2023-05-03
US11687655B2 (en) 2023-06-27
ZA202106318B (en) 2024-01-31
HUE064478T2 (hu) 2024-03-28
JP2022522678A (ja) 2022-04-20
US11443040B2 (en) 2022-09-13
KR20210121170A (ko) 2021-10-07
EP3935537B1 (en) 2023-11-15
EP3935537A1 (en) 2022-01-12
EP3935537C0 (en) 2023-11-15
ES2966019T3 (es) 2024-04-17
CN113544675A (zh) 2021-10-22
US20200285748A1 (en) 2020-09-10
CN113544675B (zh) 2025-03-28
JP7397557B2 (ja) 2023-12-13

Similar Documents

Publication Publication Date Title
PL3935537T3 (pl) Środowiskowe sterowniki właściciela gościa bezpiecznego wykonania
EP3849150A4 (en) VEHICLE
JP1634112S (ja) 車両用アンテナ
JP1640203S (ja) 車両用ドア
EP3815965A4 (en) COMMERCIAL VEHICLE
EP3808967A4 (en) COMMERCIAL VEHICLE
EP3822153A4 (en) VEHICLE
EP3988413A4 (en) VEHICLE
EP4083962A4 (en) Vehicle
EP3925843A4 (en) VEHICLE
EP3835491A4 (en) COMMERCIAL VEHICLE
EP3812516A4 (en) COMMERCIAL VEHICLE
CL2018002250S1 (es) Vehículo
EP4001036A4 (en) VEHICLE
EP3882093A4 (en) VEHICLE
EP3766764A4 (en) COMMERCIAL VEHICLE
EP4003819C0 (de) Fahrzeug
HUE064722T2 (hu) Jármû
CL2018002228S1 (es) Vehículo
EP4053004A4 (en) VEHICLE
EP3838633C0 (en) TRAILER
EP3953244C0 (de) Fahrzeug
UA40873S (uk) Емблема
CL2018003745S1 (es) Vehículo
UA40853S (uk) Емблема