SG11201510761PA - Cryptographically attested resources for hosting virtual machines - Google Patents
Cryptographically attested resources for hosting virtual machinesInfo
- Publication number
- SG11201510761PA SG11201510761PA SG11201510761PA SG11201510761PA SG11201510761PA SG 11201510761P A SG11201510761P A SG 11201510761PA SG 11201510761P A SG11201510761P A SG 11201510761PA SG 11201510761P A SG11201510761P A SG 11201510761PA SG 11201510761P A SG11201510761P A SG 11201510761PA
- Authority
- SG
- Singapore
- Prior art keywords
- virtual machines
- hosting virtual
- resources
- cryptographically
- cryptographically attested
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
- G06F12/145—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being virtual, e.g. for virtual blocks or segments before a translation mechanism
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5061—Partitioning or combining of resources
- G06F9/5077—Logical partitioning of resources; Management or configuration of virtualized resources
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45562—Creating, deleting, cloning virtual machine instances
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2212/00—Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
- G06F2212/10—Providing a specific technical effect
- G06F2212/1052—Security improvement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Debugging And Monitoring (AREA)
- Stored Programmes (AREA)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/932,828 US9367339B2 (en) | 2013-07-01 | 2013-07-01 | Cryptographically attested resources for hosting virtual machines |
PCT/US2014/045125 WO2015002992A1 (en) | 2013-07-01 | 2014-07-01 | Cryptographically attested resources for hosting virtual machines |
Publications (1)
Publication Number | Publication Date |
---|---|
SG11201510761PA true SG11201510761PA (en) | 2016-01-28 |
Family
ID=52117025
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
SG11201510761PA SG11201510761PA (en) | 2013-07-01 | 2014-07-01 | Cryptographically attested resources for hosting virtual machines |
Country Status (7)
Country | Link |
---|---|
US (2) | US9367339B2 (ja) |
EP (1) | EP3017397B1 (ja) |
JP (1) | JP6556710B2 (ja) |
CN (1) | CN105493099B (ja) |
CA (1) | CA2916966C (ja) |
SG (1) | SG11201510761PA (ja) |
WO (1) | WO2015002992A1 (ja) |
Families Citing this family (31)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9367339B2 (en) | 2013-07-01 | 2016-06-14 | Amazon Technologies, Inc. | Cryptographically attested resources for hosting virtual machines |
US9065854B2 (en) * | 2013-10-28 | 2015-06-23 | Citrix Systems, Inc. | Systems and methods for managing a guest virtual machine executing within a virtualized environment |
EP3066567A1 (en) * | 2013-11-07 | 2016-09-14 | Telefonaktiebolaget LM Ericsson (publ) | Setting up a virtual machine for an ip device |
US9734325B1 (en) * | 2013-12-09 | 2017-08-15 | Forcepoint Federal Llc | Hypervisor-based binding of data to cloud environment for improved security |
US9641385B1 (en) * | 2013-12-16 | 2017-05-02 | Amazon Technologies, Inc. | Dynamic system configuration in a virtual environment |
US10044695B1 (en) | 2014-09-02 | 2018-08-07 | Amazon Technologies, Inc. | Application instances authenticated by secure measurements |
US9577829B1 (en) | 2014-09-03 | 2017-02-21 | Amazon Technologies, Inc. | Multi-party computation services |
US9442752B1 (en) * | 2014-09-03 | 2016-09-13 | Amazon Technologies, Inc. | Virtual secure execution environments |
US9584517B1 (en) | 2014-09-03 | 2017-02-28 | Amazon Technologies, Inc. | Transforms within secure execution environments |
US10061915B1 (en) | 2014-09-03 | 2018-08-28 | Amazon Technologies, Inc. | Posture assessment in a secure execution environment |
US9754116B1 (en) | 2014-09-03 | 2017-09-05 | Amazon Technologies, Inc. | Web services in secure execution environments |
US9491111B1 (en) | 2014-09-03 | 2016-11-08 | Amazon Technologies, Inc. | Securing service control on third party hardware |
US9246690B1 (en) | 2014-09-03 | 2016-01-26 | Amazon Technologies, Inc. | Secure execution environment services |
US10079681B1 (en) | 2014-09-03 | 2018-09-18 | Amazon Technologies, Inc. | Securing service layer on third party hardware |
US10303879B1 (en) * | 2014-11-06 | 2019-05-28 | Amazon Technologies, Inc. | Multi-tenant trusted platform modules |
EP3032453B1 (en) * | 2014-12-08 | 2019-11-13 | eperi GmbH | Storing data in a server computer with deployable encryption/decryption infrastructure |
CN105049257A (zh) * | 2015-08-12 | 2015-11-11 | 北京因特信安软件科技有限公司 | 基于可信地理位置信息的云平台调度方法 |
US10310885B2 (en) * | 2016-10-25 | 2019-06-04 | Microsoft Technology Licensing, Llc | Secure service hosted in a virtual security environment |
US10404470B2 (en) * | 2017-01-13 | 2019-09-03 | Microsoft Technology Licensing, Llc | Signature verification of field-programmable gate array programs |
US20180341768A1 (en) * | 2017-05-26 | 2018-11-29 | Microsoft Technology Licensing, Llc | Virtual machine attestation |
US10757082B2 (en) * | 2018-02-22 | 2020-08-25 | International Business Machines Corporation | Transforming a wrapped key into a protected key |
US20190386895A1 (en) * | 2018-06-13 | 2019-12-19 | At&T Intellectual Property I, L.P. | East-west traffic monitoring solutions for the microservice virtualized data center lan |
US11609845B2 (en) * | 2019-05-28 | 2023-03-21 | Oracle International Corporation | Configurable memory device connected to a microprocessor |
CN110308917B (zh) * | 2019-06-26 | 2024-02-23 | 深圳前海微众银行股份有限公司 | 小程序发布方法、装置、设备及计算机存储介质 |
IL295659A (en) * | 2020-02-18 | 2022-10-01 | Dymensa Pty Ltd | System and method for implementing a personal virtual data network (pvdn) |
US11645390B2 (en) * | 2020-03-16 | 2023-05-09 | Vmware, Inc. | Cloud-based method to increase integrity of a next generation antivirus (NGAV) security solution in a virtualized computing environment |
KR102179185B1 (ko) * | 2020-07-02 | 2020-11-17 | 굿모닝아이텍(주) | 서버 관리 시스템 |
KR102175317B1 (ko) * | 2020-07-02 | 2020-11-06 | 굿모닝아이텍(주) | 데스크톱 가상화 |
US11283882B1 (en) * | 2020-09-08 | 2022-03-22 | Sailpoint Technologies, Inc. | System and method for software services platform architecture for supporting standalone services or development environments |
US11954181B2 (en) * | 2020-12-16 | 2024-04-09 | Dell Products L.P. | System and method for managing virtual hardware licenses of hardware resources accessed via application instances |
US20230252172A1 (en) * | 2022-02-09 | 2023-08-10 | Dell Products L.P. | Systems and methods for isolated and protected file system and data restoration |
Family Cites Families (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7392534B2 (en) | 2003-09-29 | 2008-06-24 | Gemalto, Inc | System and method for preventing identity theft using a secure computing device |
US8090919B2 (en) * | 2007-12-31 | 2012-01-03 | Intel Corporation | System and method for high performance secure access to a trusted platform module on a hardware virtualization platform |
EA012918B1 (ru) * | 2005-10-18 | 2010-02-26 | Интертраст Текнолоджиз Корпорейшн | Системы и способы на основе механизма управления цифровыми правами |
KR100823738B1 (ko) | 2006-09-29 | 2008-04-21 | 한국전자통신연구원 | 컴퓨팅 플랫폼의 설정 정보를 은닉하면서 무결성 보증을제공하는 방법 |
EP2377033A4 (en) | 2008-12-12 | 2013-05-22 | Boxsentry Pte Ltd | ELECTRONIC MESSAGING INTEGRITY ENGINE |
TWI435584B (zh) * | 2009-04-20 | 2014-04-21 | Interdigital Patent Holdings | 多網域及網域所有權系統 |
US8745747B2 (en) * | 2009-12-31 | 2014-06-03 | Fujitsu Limited | Data protecting device |
US20110202765A1 (en) * | 2010-02-17 | 2011-08-18 | Microsoft Corporation | Securely move virtual machines between host servers |
JP5552343B2 (ja) * | 2010-03-16 | 2014-07-16 | 株式会社日本総合研究所 | 管理装置、管理方法およびプログラム |
TW201241662A (en) * | 2010-12-21 | 2012-10-16 | Ibm | Virtual machine validation |
US20120179904A1 (en) | 2011-01-11 | 2012-07-12 | Safenet, Inc. | Remote Pre-Boot Authentication |
JP5501276B2 (ja) * | 2011-03-18 | 2014-05-21 | 株式会社エヌ・ティ・ティ・データ | 仮想マシン配置装置、仮想マシン配置方法、仮想マシン配置プログラム |
JP5577283B2 (ja) * | 2011-03-29 | 2014-08-20 | 株式会社エヌ・ティ・ティ・データ | 仮想マシン起動装置、仮想マシン起動方法、仮想マシン起動プログラム |
EP2702724B1 (en) * | 2011-04-26 | 2017-03-29 | Telefonaktiebolaget LM Ericsson (publ) | Secure virtual machine provisioning |
US20130061293A1 (en) * | 2011-09-02 | 2013-03-07 | Wenbo Mao | Method and apparatus for securing the full lifecycle of a virtual machine |
US20130097660A1 (en) | 2011-10-17 | 2013-04-18 | Mcafee, Inc. | System and method for whitelisting applications in a mobile network environment |
JP5945512B2 (ja) * | 2013-02-13 | 2016-07-05 | 株式会社日立製作所 | 計算機システム、及び仮想計算機管理方法 |
US9367339B2 (en) | 2013-07-01 | 2016-06-14 | Amazon Technologies, Inc. | Cryptographically attested resources for hosting virtual machines |
-
2013
- 2013-07-01 US US13/932,828 patent/US9367339B2/en active Active
-
2014
- 2014-07-01 SG SG11201510761PA patent/SG11201510761PA/en unknown
- 2014-07-01 EP EP14819365.9A patent/EP3017397B1/en active Active
- 2014-07-01 CA CA2916966A patent/CA2916966C/en active Active
- 2014-07-01 CN CN201480047807.9A patent/CN105493099B/zh active Active
- 2014-07-01 JP JP2016524325A patent/JP6556710B2/ja active Active
- 2014-07-01 WO PCT/US2014/045125 patent/WO2015002992A1/en active Application Filing
-
2016
- 2016-06-09 US US15/178,016 patent/US9880866B2/en active Active
Also Published As
Publication number | Publication date |
---|---|
US20150007175A1 (en) | 2015-01-01 |
CA2916966C (en) | 2017-12-19 |
US20160291992A1 (en) | 2016-10-06 |
WO2015002992A1 (en) | 2015-01-08 |
JP2016526734A (ja) | 2016-09-05 |
CN105493099B (zh) | 2018-09-25 |
CN105493099A (zh) | 2016-04-13 |
EP3017397B1 (en) | 2021-11-17 |
EP3017397A4 (en) | 2016-12-28 |
US9880866B2 (en) | 2018-01-30 |
CA2916966A1 (en) | 2015-01-08 |
JP6556710B2 (ja) | 2019-08-07 |
EP3017397A1 (en) | 2016-05-11 |
US9367339B2 (en) | 2016-06-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
SG11201510761PA (en) | Cryptographically attested resources for hosting virtual machines | |
HK1226212A1 (zh) | 無需緩衝存儲器的虛擬路由 | |
SG11201505652UA (en) | Secure virtual machine migration | |
EP3063624A4 (en) | Virtual machine introspection facilities | |
EP2987282A4 (en) | MIGRATION OF VIRTUAL MACHINE | |
SG11201508971UA (en) | User-influenced placement of virtual machine instances | |
GB201312422D0 (en) | Virtual Machine Backup | |
EP3027800A4 (en) | Laundry machine | |
GB2584232B (en) | A method of operating a virtual machine cluster | |
GB201316412D0 (en) | Dunmage Machine | |
EP2982832A4 (en) | ROTARY MACHINE | |
PL3003376T3 (pl) | Terapie kardiomiopatii | |
EP3026996B8 (en) | Component mounting machine | |
GB201320537D0 (en) | Virtual machine backup | |
EP3021650A4 (en) | COMPONENT ASSEMBLY MACHINE | |
GB201307791D0 (en) | Packaging machine | |
EP2998728A4 (en) | COMPONENT ASSEMBLY MACHINE | |
EP3079057A4 (en) | Method and device for realizing virtual machine introspection | |
EP3063692A4 (en) | Virtual machine introspection | |
TWI560109B (en) | Auto-packing machine | |
GB2511082B (en) | Reluctance machines | |
EP3009557A4 (en) | Washing machine | |
GB201312417D0 (en) | Virtual Machine Backup | |
EP3016490A4 (en) | Component mounting machine | |
EP2978294A4 (en) | COMPONENT MOUNTING MACHINE |