TW201737059A - 使用虛擬資源視圖之資料保護 - Google Patents

使用虛擬資源視圖之資料保護 Download PDF

Info

Publication number
TW201737059A
TW201737059A TW106106713A TW106106713A TW201737059A TW 201737059 A TW201737059 A TW 201737059A TW 106106713 A TW106106713 A TW 106106713A TW 106106713 A TW106106713 A TW 106106713A TW 201737059 A TW201737059 A TW 201737059A
Authority
TW
Taiwan
Prior art keywords
computing device
resource
owner
requesting entity
virtual
Prior art date
Application number
TW106106713A
Other languages
English (en)
Chinese (zh)
Inventor
米哈 克里斯托鐸雷斯古
迪那卡 胡爾賈堤
纳伊姆 伊斯蘭
Original Assignee
高通公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 高通公司 filed Critical 高通公司
Publication of TW201737059A publication Critical patent/TW201737059A/zh

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • G06F12/1433Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a module or a part of a module
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1483Protection against unauthorised use of memory or access to memory by checking the subject access rights using an access-table, e.g. matrix or list
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45591Monitoring or debugging support

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Mathematical Physics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)
TW106106713A 2016-03-22 2017-03-01 使用虛擬資源視圖之資料保護 TW201737059A (zh)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US15/076,936 US20170277903A1 (en) 2016-03-22 2016-03-22 Data Protection Using Virtual Resource Views

Publications (1)

Publication Number Publication Date
TW201737059A true TW201737059A (zh) 2017-10-16

Family

ID=58264630

Family Applications (1)

Application Number Title Priority Date Filing Date
TW106106713A TW201737059A (zh) 2016-03-22 2017-03-01 使用虛擬資源視圖之資料保護

Country Status (9)

Country Link
US (1) US20170277903A1 (enExample)
EP (1) EP3433748A1 (enExample)
JP (1) JP6903682B2 (enExample)
KR (1) KR20180124048A (enExample)
CN (1) CN108713194A (enExample)
BR (1) BR112018069030A2 (enExample)
CA (1) CA3014917A1 (enExample)
TW (1) TW201737059A (enExample)
WO (1) WO2017165073A1 (enExample)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI684108B (zh) * 2017-10-31 2020-02-01 香港商阿里巴巴集團服務有限公司 資料統計方法和裝置

Families Citing this family (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3140734B1 (en) 2014-05-09 2020-04-08 Nutanix, Inc. Mechanism for providing external access to a secured networked virtualization environment
CN105184154B (zh) * 2015-09-15 2017-06-20 中国科学院信息工程研究所 一种在虚拟化环境中提供密码运算服务的系统和方法
US11550558B2 (en) 2016-02-12 2023-01-10 Nutanix, Inc. Virtualized file server deployment
US11218418B2 (en) 2016-05-20 2022-01-04 Nutanix, Inc. Scalable leadership election in a multi-processing computing environment
US11568073B2 (en) 2016-12-02 2023-01-31 Nutanix, Inc. Handling permissions for virtualized file servers
US10824455B2 (en) * 2016-12-02 2020-11-03 Nutanix, Inc. Virtualized server systems and methods including load balancing for virtualized file servers
US10728090B2 (en) 2016-12-02 2020-07-28 Nutanix, Inc. Configuring network segmentation for a virtualization environment
US11562034B2 (en) 2016-12-02 2023-01-24 Nutanix, Inc. Transparent referrals for distributed file servers
US11294777B2 (en) 2016-12-05 2022-04-05 Nutanix, Inc. Disaster recovery for distributed file servers, including metadata fixers
US11281484B2 (en) 2016-12-06 2022-03-22 Nutanix, Inc. Virtualized server systems and methods including scaling of file system virtual machines
US11288239B2 (en) 2016-12-06 2022-03-29 Nutanix, Inc. Cloning virtualized file servers
US10558250B2 (en) * 2016-12-23 2020-02-11 Oracle International Corporation System and method for coordinated link up handling following switch reset in a high performance computing network
GB2563885B (en) * 2017-06-28 2019-10-23 Advanced Risc Mach Ltd Interrupting export of memory regions
CN110019475B (zh) * 2017-12-21 2021-07-20 华为技术有限公司 数据持久化处理方法、装置及系统
US11086826B2 (en) 2018-04-30 2021-08-10 Nutanix, Inc. Virtualized server systems and methods including domain joining techniques
US11194680B2 (en) 2018-07-20 2021-12-07 Nutanix, Inc. Two node clusters recovery on a failure
US11770447B2 (en) 2018-10-31 2023-09-26 Nutanix, Inc. Managing high-availability file servers
US11768809B2 (en) 2020-05-08 2023-09-26 Nutanix, Inc. Managing incremental snapshots for fast leader node bring-up
US12248435B2 (en) 2021-03-31 2025-03-11 Nutanix, Inc. File analytics systems and methods
US12131192B2 (en) 2021-03-18 2024-10-29 Nutanix, Inc. Scope-based distributed lock infrastructure for virtualized file server
US12197398B2 (en) 2021-03-31 2025-01-14 Nutanix, Inc. Virtualized file servers and methods to persistently store file system event data
US12248434B2 (en) 2021-03-31 2025-03-11 Nutanix, Inc. File analytics systems including examples providing metrics adjusted for application operation
US12242455B2 (en) 2021-03-31 2025-03-04 Nutanix, Inc. File analytics systems and methods including receiving and processing file system event data in order
US12367108B2 (en) 2021-03-31 2025-07-22 Nutanix, Inc. File analytics systems and methods including retrieving metadata from file system snapshots
US12164383B2 (en) 2021-08-19 2024-12-10 Nutanix, Inc. Failover and failback of distributed file servers
US12117972B2 (en) 2021-08-19 2024-10-15 Nutanix, Inc. File server managers and systems for managing virtualized file servers
CN113992425B (zh) * 2021-11-12 2022-09-23 北京天融信网络安全技术有限公司 一种收发网络数据包的方法、网络设备以及通信系统
US12153690B2 (en) 2022-01-24 2024-11-26 Nutanix, Inc. Consistent access control lists across file servers for local users in a distributed file server environment
US12182264B2 (en) 2022-03-11 2024-12-31 Nutanix, Inc. Malicious activity detection, validation, and remediation in virtualized file servers
US12184791B2 (en) * 2022-06-02 2024-12-31 Sap Se Client secure connections for database host
US12189499B2 (en) 2022-07-29 2025-01-07 Nutanix, Inc. Self-service restore (SSR) snapshot replication with share-level file system disaster recovery on virtualized file servers
US12461832B2 (en) 2023-09-27 2025-11-04 Nutanix, Inc. Durable handle management for failover in distributed file servers

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6772350B1 (en) * 1998-05-15 2004-08-03 E.Piphany, Inc. System and method for controlling access to resources in a distributed environment
US8453142B2 (en) * 2007-04-26 2013-05-28 Hewlett-Packard Development Company, L.P. Virtual machine control
US8819676B2 (en) * 2007-10-30 2014-08-26 Vmware, Inc. Transparent memory-mapped emulation of I/O calls
GB2460393B (en) * 2008-02-29 2012-03-28 Advanced Risc Mach Ltd A data processing apparatus and method for controlling access to secure memory by virtual machines executing on processing circuitry
WO2011081935A2 (en) * 2009-12-14 2011-07-07 Citrix Systems, Inc. Methods and systems for communicating between trusted and non-trusted virtual machines
EP2569698B1 (en) * 2010-05-10 2019-07-10 Citrix Systems, Inc. Redirection of information from secure virtual machines to unsecure virtual machines
US8856504B2 (en) * 2010-06-07 2014-10-07 Cisco Technology, Inc. Secure virtual machine bootstrap in untrusted cloud infrastructures
US20130097417A1 (en) * 2011-10-13 2013-04-18 Microsoft Corporation Secure private computation services
US9038083B2 (en) * 2012-02-09 2015-05-19 Citrix Systems, Inc. Virtual machine provisioning based on tagged physical resources in a cloud computing environment
US9122780B2 (en) * 2012-06-20 2015-09-01 Intel Corporation Monitoring resource usage by a virtual machine
US9275223B2 (en) * 2012-10-19 2016-03-01 Mcafee, Inc. Real-time module protection
US9503268B2 (en) * 2013-01-22 2016-11-22 Amazon Technologies, Inc. Securing results of privileged computing operations
US9396011B2 (en) * 2013-03-12 2016-07-19 Qualcomm Incorporated Algorithm and apparatus to deploy virtual machine monitor on demand
US9792448B2 (en) * 2014-02-28 2017-10-17 Advanced Micro Devices, Inc. Cryptographic protection of information in a processing system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI684108B (zh) * 2017-10-31 2020-02-01 香港商阿里巴巴集團服務有限公司 資料統計方法和裝置
US10749666B2 (en) 2017-10-31 2020-08-18 Alibaba Group Holding Limited Data statistics method and apparatus

Also Published As

Publication number Publication date
EP3433748A1 (en) 2019-01-30
US20170277903A1 (en) 2017-09-28
BR112018069030A2 (pt) 2019-01-29
KR20180124048A (ko) 2018-11-20
CN108713194A (zh) 2018-10-26
JP6903682B2 (ja) 2021-07-14
WO2017165073A1 (en) 2017-09-28
CA3014917A1 (en) 2017-09-28
JP2019512811A (ja) 2019-05-16

Similar Documents

Publication Publication Date Title
JP6903682B2 (ja) 仮想リソースビューを使用するデータ保護
US11847225B2 (en) Blocking access to firmware by units of system on chip
KR102318740B1 (ko) 보호 영역에서의 메모리 초기화
CN109587106B (zh) 密码分区的云中的跨域安全性
US10013554B2 (en) Time varying address space layout randomization
CN107408096B (zh) 对硬件块的适应性存取控制
CN103890852A (zh) 对包括机密信息的存储器区域的访问
WO2016137579A1 (en) Return oriented programming attack detection via memory monitoring
JP2012089108A (ja) プロセッサメインメモリのメモリコンテンツのセキュリティ保護
US20120272073A1 (en) Encrypting data in volatile memory
US20130275479A1 (en) Systems and methods for providing dynamic file system awareness on storage devices
CN107430555B (zh) 用于存储器保护的高速缓存和数据组织
TWI608378B (zh) 裝置與安全處理環境之間的介面
JP2021507362A (ja) 間接アクセスメモリコントローラ向けの保護機能を追加するための機器
US20150227755A1 (en) Encryption and decryption methods of a mobile storage on a file-by-file basis
CN112825041A (zh) 一种内存隔离的装置、内存隔离方法和相关设备
US10019574B2 (en) Systems and methods for providing dynamic file system awareness on storage devices
KR20140127124A (ko) 시스템 자원에 대한 접근을 관리하는 전자 장치
CN121002501A (zh) 有效保护硬件管理的集成密码引擎密钥的同时防止静态数据攻击的新颖方法
CN120813926A (zh) 检测意外存储器读取
TW202418133A (zh) 用於容許安全通訊之積體電路、方法及電腦系統