SG11201510761PA - Cryptographically attested resources for hosting virtual machines - Google Patents
Cryptographically attested resources for hosting virtual machinesInfo
- Publication number
- SG11201510761PA SG11201510761PA SG11201510761PA SG11201510761PA SG11201510761PA SG 11201510761P A SG11201510761P A SG 11201510761PA SG 11201510761P A SG11201510761P A SG 11201510761PA SG 11201510761P A SG11201510761P A SG 11201510761PA SG 11201510761P A SG11201510761P A SG 11201510761PA
- Authority
- SG
- Singapore
- Prior art keywords
- virtual machines
- hosting virtual
- resources
- cryptographically
- cryptographically attested
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
- G06F12/145—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being virtual, e.g. for virtual blocks or segments before a translation mechanism
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5061—Partitioning or combining of resources
- G06F9/5077—Logical partitioning of resources; Management or configuration of virtualized resources
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45562—Creating, deleting, cloning virtual machine instances
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2212/00—Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
- G06F2212/10—Providing a specific technical effect
- G06F2212/1052—Security improvement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/932,828 US9367339B2 (en) | 2013-07-01 | 2013-07-01 | Cryptographically attested resources for hosting virtual machines |
PCT/US2014/045125 WO2015002992A1 (fr) | 2013-07-01 | 2014-07-01 | Ressources authentifiées par cryptage pour l'hébergement de machines virtuelles |
Publications (1)
Publication Number | Publication Date |
---|---|
SG11201510761PA true SG11201510761PA (en) | 2016-01-28 |
Family
ID=52117025
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
SG11201510761PA SG11201510761PA (en) | 2013-07-01 | 2014-07-01 | Cryptographically attested resources for hosting virtual machines |
Country Status (7)
Country | Link |
---|---|
US (2) | US9367339B2 (fr) |
EP (1) | EP3017397B1 (fr) |
JP (1) | JP6556710B2 (fr) |
CN (1) | CN105493099B (fr) |
CA (1) | CA2916966C (fr) |
SG (1) | SG11201510761PA (fr) |
WO (1) | WO2015002992A1 (fr) |
Families Citing this family (31)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9367339B2 (en) | 2013-07-01 | 2016-06-14 | Amazon Technologies, Inc. | Cryptographically attested resources for hosting virtual machines |
US9065854B2 (en) * | 2013-10-28 | 2015-06-23 | Citrix Systems, Inc. | Systems and methods for managing a guest virtual machine executing within a virtualized environment |
WO2015069157A1 (fr) * | 2013-11-07 | 2015-05-14 | Telefonaktiebolaget L M Ericsson (Publ) | Mise en place d'une machine virtuelle pour un dispositif ip |
US9734325B1 (en) * | 2013-12-09 | 2017-08-15 | Forcepoint Federal Llc | Hypervisor-based binding of data to cloud environment for improved security |
US9641385B1 (en) * | 2013-12-16 | 2017-05-02 | Amazon Technologies, Inc. | Dynamic system configuration in a virtual environment |
US10044695B1 (en) | 2014-09-02 | 2018-08-07 | Amazon Technologies, Inc. | Application instances authenticated by secure measurements |
US10079681B1 (en) | 2014-09-03 | 2018-09-18 | Amazon Technologies, Inc. | Securing service layer on third party hardware |
US9577829B1 (en) | 2014-09-03 | 2017-02-21 | Amazon Technologies, Inc. | Multi-party computation services |
US10061915B1 (en) | 2014-09-03 | 2018-08-28 | Amazon Technologies, Inc. | Posture assessment in a secure execution environment |
US9754116B1 (en) | 2014-09-03 | 2017-09-05 | Amazon Technologies, Inc. | Web services in secure execution environments |
US9491111B1 (en) | 2014-09-03 | 2016-11-08 | Amazon Technologies, Inc. | Securing service control on third party hardware |
US9246690B1 (en) | 2014-09-03 | 2016-01-26 | Amazon Technologies, Inc. | Secure execution environment services |
US9442752B1 (en) * | 2014-09-03 | 2016-09-13 | Amazon Technologies, Inc. | Virtual secure execution environments |
US9584517B1 (en) | 2014-09-03 | 2017-02-28 | Amazon Technologies, Inc. | Transforms within secure execution environments |
US10303879B1 (en) * | 2014-11-06 | 2019-05-28 | Amazon Technologies, Inc. | Multi-tenant trusted platform modules |
EP3032453B1 (fr) * | 2014-12-08 | 2019-11-13 | eperi GmbH | Stockage de données dans un ordinateur serveur avec une infrastructure de cryptage/décryptage déployable |
CN105049257A (zh) * | 2015-08-12 | 2015-11-11 | 北京因特信安软件科技有限公司 | 基于可信地理位置信息的云平台调度方法 |
US10310885B2 (en) * | 2016-10-25 | 2019-06-04 | Microsoft Technology Licensing, Llc | Secure service hosted in a virtual security environment |
US10404470B2 (en) * | 2017-01-13 | 2019-09-03 | Microsoft Technology Licensing, Llc | Signature verification of field-programmable gate array programs |
US20180341768A1 (en) * | 2017-05-26 | 2018-11-29 | Microsoft Technology Licensing, Llc | Virtual machine attestation |
US10757082B2 (en) * | 2018-02-22 | 2020-08-25 | International Business Machines Corporation | Transforming a wrapped key into a protected key |
US20190386895A1 (en) * | 2018-06-13 | 2019-12-19 | At&T Intellectual Property I, L.P. | East-west traffic monitoring solutions for the microservice virtualized data center lan |
US11609845B2 (en) | 2019-05-28 | 2023-03-21 | Oracle International Corporation | Configurable memory device connected to a microprocessor |
CN110308917B (zh) * | 2019-06-26 | 2024-02-23 | 深圳前海微众银行股份有限公司 | 小程序发布方法、装置、设备及计算机存储介质 |
CA3168147A1 (fr) * | 2020-02-18 | 2021-08-26 | David Ian Gault | Systeme et procede pour mettre en ?uvre un reseau de donnees virtuelles personnelles (pvdn) |
US11645390B2 (en) * | 2020-03-16 | 2023-05-09 | Vmware, Inc. | Cloud-based method to increase integrity of a next generation antivirus (NGAV) security solution in a virtualized computing environment |
KR102175317B1 (ko) * | 2020-07-02 | 2020-11-06 | 굿모닝아이텍(주) | 데스크톱 가상화 |
KR102179185B1 (ko) * | 2020-07-02 | 2020-11-17 | 굿모닝아이텍(주) | 서버 관리 시스템 |
US11283882B1 (en) * | 2020-09-08 | 2022-03-22 | Sailpoint Technologies, Inc. | System and method for software services platform architecture for supporting standalone services or development environments |
US11954181B2 (en) * | 2020-12-16 | 2024-04-09 | Dell Products L.P. | System and method for managing virtual hardware licenses of hardware resources accessed via application instances |
US20230252172A1 (en) * | 2022-02-09 | 2023-08-10 | Dell Products L.P. | Systems and methods for isolated and protected file system and data restoration |
Family Cites Families (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7392534B2 (en) | 2003-09-29 | 2008-06-24 | Gemalto, Inc | System and method for preventing identity theft using a secure computing device |
US8090919B2 (en) * | 2007-12-31 | 2012-01-03 | Intel Corporation | System and method for high performance secure access to a trusted platform module on a hardware virtualization platform |
JP2009512096A (ja) * | 2005-10-18 | 2009-03-19 | インタートラスト テクノロジーズ コーポレイション | デジタル著作権管理エンジンのシステムおよび方法 |
KR100823738B1 (ko) * | 2006-09-29 | 2008-04-21 | 한국전자통신연구원 | 컴퓨팅 플랫폼의 설정 정보를 은닉하면서 무결성 보증을제공하는 방법 |
AU2009326869A1 (en) | 2008-12-12 | 2011-07-14 | Boxsentry Pte Ltd | Electronic messaging integrity engine |
US9807608B2 (en) * | 2009-04-20 | 2017-10-31 | Interdigital Patent Holdings, Inc. | System of multiple domains and domain ownership |
US8745747B2 (en) * | 2009-12-31 | 2014-06-03 | Fujitsu Limited | Data protecting device |
US20110202765A1 (en) * | 2010-02-17 | 2011-08-18 | Microsoft Corporation | Securely move virtual machines between host servers |
JP5552343B2 (ja) * | 2010-03-16 | 2014-07-16 | 株式会社日本総合研究所 | 管理装置、管理方法およびプログラム |
TW201241662A (en) * | 2010-12-21 | 2012-10-16 | Ibm | Virtual machine validation |
US20120179904A1 (en) | 2011-01-11 | 2012-07-12 | Safenet, Inc. | Remote Pre-Boot Authentication |
JP5501276B2 (ja) * | 2011-03-18 | 2014-05-21 | 株式会社エヌ・ティ・ティ・データ | 仮想マシン配置装置、仮想マシン配置方法、仮想マシン配置プログラム |
JP5577283B2 (ja) * | 2011-03-29 | 2014-08-20 | 株式会社エヌ・ティ・ティ・データ | 仮想マシン起動装置、仮想マシン起動方法、仮想マシン起動プログラム |
US9264220B2 (en) * | 2011-04-26 | 2016-02-16 | Telefonaktiebolaget L M Ericsson (Publ) | Secure virtual machine provisioning |
US20130061293A1 (en) * | 2011-09-02 | 2013-03-07 | Wenbo Mao | Method and apparatus for securing the full lifecycle of a virtual machine |
US20130097660A1 (en) | 2011-10-17 | 2013-04-18 | Mcafee, Inc. | System and method for whitelisting applications in a mobile network environment |
JP5945512B2 (ja) * | 2013-02-13 | 2016-07-05 | 株式会社日立製作所 | 計算機システム、及び仮想計算機管理方法 |
US9367339B2 (en) | 2013-07-01 | 2016-06-14 | Amazon Technologies, Inc. | Cryptographically attested resources for hosting virtual machines |
-
2013
- 2013-07-01 US US13/932,828 patent/US9367339B2/en active Active
-
2014
- 2014-07-01 SG SG11201510761PA patent/SG11201510761PA/en unknown
- 2014-07-01 CA CA2916966A patent/CA2916966C/fr active Active
- 2014-07-01 JP JP2016524325A patent/JP6556710B2/ja active Active
- 2014-07-01 EP EP14819365.9A patent/EP3017397B1/fr active Active
- 2014-07-01 WO PCT/US2014/045125 patent/WO2015002992A1/fr active Application Filing
- 2014-07-01 CN CN201480047807.9A patent/CN105493099B/zh active Active
-
2016
- 2016-06-09 US US15/178,016 patent/US9880866B2/en active Active
Also Published As
Publication number | Publication date |
---|---|
CA2916966A1 (fr) | 2015-01-08 |
WO2015002992A1 (fr) | 2015-01-08 |
US20160291992A1 (en) | 2016-10-06 |
EP3017397A1 (fr) | 2016-05-11 |
US9880866B2 (en) | 2018-01-30 |
CA2916966C (fr) | 2017-12-19 |
CN105493099B (zh) | 2018-09-25 |
JP6556710B2 (ja) | 2019-08-07 |
JP2016526734A (ja) | 2016-09-05 |
EP3017397A4 (fr) | 2016-12-28 |
EP3017397B1 (fr) | 2021-11-17 |
US20150007175A1 (en) | 2015-01-01 |
CN105493099A (zh) | 2016-04-13 |
US9367339B2 (en) | 2016-06-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
SG11201510761PA (en) | Cryptographically attested resources for hosting virtual machines | |
HK1226212A1 (zh) | 無需緩衝存儲器的虛擬路由 | |
SG11201505652UA (en) | Secure virtual machine migration | |
EP3063624A4 (fr) | Infrastructure d'introspection d'une machine virtuelle | |
EP2987282A4 (fr) | Migration de machine virtuelle | |
SG11201508971UA (en) | User-influenced placement of virtual machine instances | |
GB201312422D0 (en) | Virtual Machine Backup | |
EP3027800A4 (fr) | Machine à laver | |
EP2982832A4 (fr) | Machine rotative | |
GB2584232B (en) | A method of operating a virtual machine cluster | |
GB201316412D0 (en) | Dunmage Machine | |
EP3026996B8 (fr) | Machine de montage d'éléments | |
GB201320537D0 (en) | Virtual machine backup | |
EP3021650A4 (fr) | Machine de montage de composants | |
GB201307791D0 (en) | Packaging machine | |
PL3003376T3 (pl) | Terapie kardiomiopatii | |
EP3079057A4 (fr) | Procédé et dispositif pour réaliser une introspection de machine virtuelle | |
EP3063692A4 (fr) | Introspection de machine virtuelle | |
TWI560109B (en) | Auto-packing machine | |
GB2511082B (en) | Reluctance machines | |
EP2998728A4 (fr) | Machine de montage de composants | |
EP3009557A4 (fr) | Lave-linge | |
GB201312417D0 (en) | Virtual Machine Backup | |
EP3016490A4 (fr) | Machine de montage de composants | |
GB201318104D0 (en) | Rotational machine |