US20120159634A1 - Virtual machine migration - Google Patents
Virtual machine migration Download PDFInfo
- Publication number
- US20120159634A1 US20120159634A1 US13/327,488 US201113327488A US2012159634A1 US 20120159634 A1 US20120159634 A1 US 20120159634A1 US 201113327488 A US201113327488 A US 201113327488A US 2012159634 A1 US2012159634 A1 US 2012159634A1
- Authority
- US
- United States
- Prior art keywords
- environment
- virtual machine
- migration
- trust values
- relation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
- G06F9/4806—Task transfer initiation or dispatching
- G06F9/4843—Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
- G06F9/485—Task life-cycle, e.g. stopping, restarting, resuming execution
- G06F9/4856—Task life-cycle, e.g. stopping, restarting, resuming execution resumption being on a different machine, e.g. task migration, virtual machine migration
Definitions
- This invention relates to a method of and system for, attesting a virtual machine migrating from a first environment to a second environment. More specifically, the invention provides the re-attestation of migrated virtual machines.
- a virtual machine provides a complete system platform which supports the execution of an operating system.
- An essential characteristic of a virtual machine is that the software run by the virtual machine is limited to the resources and abstractions provided by the virtual machine.
- virtual machine migration the entire memory contents of the running system is moved over the network as it migrates from a source physical system to a target physical system. When the memory pages are moved over the network, they are more vulnerable to a particular type of cyber attach.
- security zones can be used within a private cloud which has a test zone and a release zone. These operational zones would have different security policies based on the sensitivity of the data being processed and the criticality of the systems operating within the perspective zones.
- the separate security policies governing these zones could include trusted boot requirements, security configuration, firewall and anti-virus software, for example.
- test zone The virtual machines in the test zone are instantiated and removed frequently, as is the nature of test systems. Once a test system is approved for release for general availability, it would be migrated out to the release zone. However the release zone would have stricter security requirements. The enterprise would want this migration to proceed with the same automation and ease of migration, and with the (re)attesting to a higher security level integrated into this process.
- a method of attesting a virtual machine migrating from a first environment to a second environment comprising in response to initiation of migration of the virtual machine from the first environment to the second environment, accessing one or more stored trust values generated during the trusted boot of the virtual machine in the first environment; determining if the accessed trust values define a security setting sufficient for the second environment, and if the accessed trust values do not define a security setting sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.
- a system for attesting a virtual machine migrating from a first environment to a second environment comprising in response to initiation of migration of the virtual machine from the first environment to the second environment, accessing one or more stored trust values generated during the trusted hoot of the virtual machine in the first environment; determining if the accessed trust values define a security setting sufficient for the second environment, and if the accessed trust values do not define a security setting sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.
- a computer program product on a computer readable storage medium for attesting a virtual machine migrating from a first environment to a second environment.
- the computer program product includes instructions for, responsive to initiating the migration of the virtual machine to the second environment, accessing one or more stored trust values generated during trusted boot of the virtual machine in the first environment, determining that the accessed trust values define a security setting that is not sufficient for the second environment, and in response to the determination that the accessed trust values define the security setting that is not sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.
- FIG. 1 is a schematic diagram of a virtual machine migrating between two zones.
- FIG. 2 is a schematic diagram similar to FIG. 1 , showing more detail.
- FIG. 3 is a flowchart of a method of migrating a virtual machine.
- FIG. 4 is a further schematic diagram similar to FIG. 1 .
- TCG Trusted Computing Group
- a system is remotely attested and allowed to connect to a network.
- Remote attestation is the action of an external trusted security management unit requesting security parameters or measurements from the computer system under inspection.
- this process of attestation and connection is called a TNC (Trusted Network Connect).
- TNC Trusted Network Connect
- the TNC attestation process only occurs during the system's initial connection to the network.
- the invention provides the capability that a virtual machine that has been TNC attested for one vLAN or security zone, once it is being migrated to a different vLAN and security zone with different security requirements will be checked before the virtual machine migration can go ahead.
- the predetermined action in relation to the migration of the virtual machine to the second environment comprises preventing the migration of the virtual machine. If the stored trust values are not sufficient for the security settings of the new environment, then one way of dealing with this situation is to prevent the virtual machine from migrating to the new environment. This will ensure that if there is any way that the virtual machine is compromised with respect to the second environment, then the virtual machine will not be able to operate in that environment. The migration process will be halted and will not complete.
- the predetermined action in relation to the migration of the virtual machine to the second environment comprises completing the migration of the virtual machine and placing limits on the operation of the virtual machine in the second environment.
- the migration can still be allowed to go ahead, but with reduced options for the virtual machine in the new environment.
- the virtual machine may be limited in the nature of the operations that it can execute, or the communication channel that the virtual machine will use in the new environment will have limits placed on it. Specific monitoring of the virtual machine may also take place, to ensure that nothing is compromised as a result of the migration and operation of the virtual machine in the target environment.
- the method further comprises, following the initiation of the migration of the virtual machine to the second environment, transferring the stored trust values generated during the trusted boot of the virtual machine to a trusted management unit for the second environment.
- the stored trust values for the virtual machine that is being migrated can be bound to the virtual machine and will always be transferred whenever the virtual machine is migrated to a new environment. This is useful, as the component that originally authenticated the virtual machine through the trusted boot process may not be the same component that needs to authenticate the virtual machine when it is migrated to the new environment.
- a trusted management unit for the second environment can then access the stored trust values for the virtual machine and compare these to the security setting required for the second environment.
- a virtual machine 10 is shown in FIG. 1 .
- the virtual machine 10 is located in a first environment (or zone) 12 and is being migrated to a second environment (or zone) 14 .
- Virtual machines allow the sharing of the underlying physical hardware resources between different virtual machines 10 , each running its own operating system.
- multiple operating system environments can co-exist on the same hardware, in isolation from each other, and the virtual machine 10 can provide an instruction set architecture that is somewhat different from that of the real hardware underlying the virtual machine 10 .
- the use of a virtual machine 10 provides the user with direct access to the operating system and applications of the virtual machine 10 .
- the migration of the virtual machine 10 can occur for a number of reasons.
- the first environment 12 may be a specific server that is becoming overloaded because multiple virtual machines are being run on the server and they are using an increasingly large amount of resources.
- the management unit will organize the wholesale copying of the memory allocated to the virtual machine 10 to the new server represented by the second environment 14 .
- the two environments 12 and 14 may be located on the same physical machine, but have different settings.
- the first environment 12 may be a test zone and the second environment 14 may be a production zone, for example.
- Different security settings will apply to the different zones 12 and 14 , even though they are located on the same physical hardware.
- a virtual machine 10 that is located in the test zone 12 may be migrated to the production zone 14 , for example, under the instruction of an administrator of the server that is running the two zones 12 and 14 .
- the virtual machine 10 being moved between zones on the same physical computer, it is unlikely that the entire memory contents would be copied, as there is no need since the physical memory may be used by a virtual machine 10 in both zones. It is more likely that the underlying virtualization system will change configuration to move to the new zone, e.g., network settings may be changed to execute the migration.
- the migrated virtual machine 10 may reside in a different physical system, or may just be configured to run on a different VLAN (Virtual Local Area Network).
- the virtual machine 10 may move under the management of a separate virtual manager such as IBM Director or HMC (Hardware Management Console) or may remain under the control of the same virtual manager, but require a higher level of security requirements.
- the security of a virtual machine 10 is checked when it is first loaded, in a so-called “trusted boot”. When the virtual machine 10 is booted certain trust values are captured during the boot process.
- the one or more servers providing the virtual machines 10 will implement a trusted boot and remote attestation by allowing an initial enrollment where the virtual machine 10 sets the trust values for the system.
- a virtual machine 10 is booted and all of its boot and bring-up trust measurements are established by a vTPM (virtual Trusted Platform Module) process and stored in platform configuration registers 16 , known as PCRs, shown in FIG. 2 .
- PCRs platform configuration registers 16
- the virtual machine 10 will report these PCR values to a director unit 18 , which will in turn store these values as the virtual machine's base trust values.
- the director unit 18 may ask the virtual machine 10 for its current PCR values.
- the unit 18 will then compare some or all of these PCR values to the initial base trust values. If they do not match, then a security alert is asserted.
- the director unit 18 may obtain the original trust values in other ways besides during the enrollment process, which is one representative technique by which the director unit 18 can acquire the trust values.
- This model is extended to solve the issue of migration of a virtual machine 10 when crossing security zones.
- the director unit 18 Prior to moving the virtual machine 10 into its target security zone 14 , the director unit 18 will transfer the VMs Base Trust Values. These values will be transferred to a trusted management unit 20 in the new zone 14 .
- the management unit 20 is a separate component specific to the target zone 14 .
- the method of performing the migration is summarized in FIG. 3 .
- This method provides a way of attesting a virtual machine that is migrating from a first environment to a second environment.
- the method first comprises step S 1 , which is the step of performing a trusted boot of the virtual machine in the first environment, and second, a step S 2 of storing one or more trust values generated during the trusted boot of the virtual machine.
- step S 1 is the step of performing a trusted boot of the virtual machine in the first environment
- step S 2 of storing one or more trust values generated during the trusted boot of the virtual machine.
- the next step in the process comprises step S 3 , which is the step of initiating the migration of the virtual machine to the second environment. It is not material why the virtual machine is being migrated, only that a component has decided to attempt to migrate the virtual machine to the new zone.
- the next step is step S 4 of accessing one or more stored trust values generated during the trusted boot of the virtual machine, which is followed by the step S 5 of determining if the accessed trust values define a security setting sufficient for the second environment.
- the trust values generated during the trusted boot provide information about the virtual machine being run, such as the nature of the operating system and any updates applied.
- a predetermined action is performed in relation to the migration of the virtual machine to the second environment.
- this predetermined action is the prevention of the migration from taking place, but other actions are also possible.
- the trust values provide information about the virtual machine, then these trust values can be said to define a security setting in the context of a security requirement of the new zone.
- the new zone may specify that any virtual machine operating in the zone has a specific update applied to it. This can be determined from the trust values generated during the original trusted boot.
- the migration of the virtual machine 10 from a first zone 12 to a second zone 14 can be organized around a comparison of the security policies of the two different zones 12 and 14 .
- the source attestation authority Prior to virtual machine migration from a source security zone 12 or vLAN to different target security zone 14 or vLAN, the source attestation authority will report the PCR values, event logs, and dated history of attestations, including previous PCR values and event logs, to the target attestation authority. Also prior to the virtual machine migration, the source attestation authority will also report its security attestation policy to the target attestation authority in the new zone 14 .
- the target attestation authority will compare its own security attestation policy with the received policy. It will determine if the source policy is equivalent or better than the target policy. The target attestation authority will also examine the attestation log history. If the log history meets the target's policy on minimal attestation failures, remediations, attestation frequency and concerns about other security zones or VLANs, then no immediate attestation is needed and a typical migration is allow. Finally, if the above criteria is not met, then the migration is permitted to occur, but the target virtualization mechanism confines the virtual machine to a separate vLAN until a new attestation and security check can be performed and verify that the migrating VM meets the security requirements of the target.
- Post-migration re-attestation of a migrating VM is illustrated in FIG. 4 .
- the director unit 18 that relates to the first environment has a log history 22 for the specific virtual machine 10 and also its own policy 24 in relation to the security settings that are relevant for virtual machines that are booted in the first zone.
- the management unit 20 for the second zone 14 also has its own policy 26 .
- the director unit 18 passes the log history 22 and the security policy 24 to the management unit 20 . This information enables the unit 20 , which is responsible for allowing the migration of the virtual machine 10 to proceed or to be restricted in some way, to determine whether the trust values of the virtual machine 10 are sufficient for the new zone 14 .
Abstract
Attesting a virtual machine that is migrating from a first environment to a second environment includes in response to initiation of migration of the virtual machine from the first environment to the second environment, accessing one or more stored trust values generated during the trusted boot of the virtual machine in the first environment, determining if the accessed trust values define a security setting sufficient for the second environment, and if the accessed trust values do not define a security setting sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.
Description
- The present application claims priority under 35 U.S.C. §119(a) to European Patent Application No. EP10195218.2, entitled “Virtual Machine Migration,” filed on Dec. 15, 2010, the disclosure of which is hereby incorporated by reference in its entirety.
- 1. Technical Field
- This invention relates to a method of and system for, attesting a virtual machine migrating from a first environment to a second environment. More specifically, the invention provides the re-attestation of migrated virtual machines.
- 2. Description of the Related Art
- A virtual machine provides a complete system platform which supports the execution of an operating system. An essential characteristic of a virtual machine is that the software run by the virtual machine is limited to the resources and abstractions provided by the virtual machine. In the case of virtual machine migration, the entire memory contents of the running system is moved over the network as it migrates from a source physical system to a target physical system. When the memory pages are moved over the network, they are more vulnerable to a particular type of cyber attach.
- It is the case in virtual machine migration that the attestation on the original physical system may have been less stringent than what is required by the security level of the target system. For example security zones can be used within a private cloud which has a test zone and a release zone. These operational zones would have different security policies based on the sensitivity of the data being processed and the criticality of the systems operating within the perspective zones. The separate security policies governing these zones could include trusted boot requirements, security configuration, firewall and anti-virus software, for example.
- The virtual machines in the test zone are instantiated and removed frequently, as is the nature of test systems. Once a test system is approved for release for general availability, it would be migrated out to the release zone. However the release zone would have stricter security requirements. The enterprise would want this migration to proceed with the same automation and ease of migration, and with the (re)attesting to a higher security level integrated into this process.
- According to a first aspect of the present invention, there is provided a method of attesting a virtual machine migrating from a first environment to a second environment comprising in response to initiation of migration of the virtual machine from the first environment to the second environment, accessing one or more stored trust values generated during the trusted boot of the virtual machine in the first environment; determining if the accessed trust values define a security setting sufficient for the second environment, and if the accessed trust values do not define a security setting sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.
- According to a second aspect of the present invention, there is provided a system for attesting a virtual machine migrating from a first environment to a second environment comprising in response to initiation of migration of the virtual machine from the first environment to the second environment, accessing one or more stored trust values generated during the trusted hoot of the virtual machine in the first environment; determining if the accessed trust values define a security setting sufficient for the second environment, and if the accessed trust values do not define a security setting sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.
- According to a third aspect of the present invention, there is provided a computer program product on a computer readable storage medium for attesting a virtual machine migrating from a first environment to a second environment. The computer program product includes instructions for, responsive to initiating the migration of the virtual machine to the second environment, accessing one or more stored trust values generated during trusted boot of the virtual machine in the first environment, determining that the accessed trust values define a security setting that is not sufficient for the second environment, and in response to the determination that the accessed trust values define the security setting that is not sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.
- Embodiments of the present invention will now be described, by way of example only, with reference to the accompanying drawings, in which:
-
FIG. 1 is a schematic diagram of a virtual machine migrating between two zones. -
FIG. 2 is a schematic diagram similar toFIG. 1 , showing more detail. -
FIG. 3 is a flowchart of a method of migrating a virtual machine. -
FIG. 4 is a further schematic diagram similar toFIG. 1 . - Owing to the invention, it is possible to automate, within a migration process, the re-attesting to a higher or different security level during virtual machine migration. Currently as part of the TCG (Trusted Computing Group) standardized architecture, a system is remotely attested and allowed to connect to a network. Remote attestation is the action of an external trusted security management unit requesting security parameters or measurements from the computer system under inspection. Within the TCG architecture, this process of attestation and connection is called a TNC (Trusted Network Connect). Currently the TNC attestation process only occurs during the system's initial connection to the network. The invention provides the capability that a virtual machine that has been TNC attested for one vLAN or security zone, once it is being migrated to a different vLAN and security zone with different security requirements will be checked before the virtual machine migration can go ahead.
- In one embodiment, the predetermined action in relation to the migration of the virtual machine to the second environment comprises preventing the migration of the virtual machine. If the stored trust values are not sufficient for the security settings of the new environment, then one way of dealing with this situation is to prevent the virtual machine from migrating to the new environment. This will ensure that if there is any way that the virtual machine is compromised with respect to the second environment, then the virtual machine will not be able to operate in that environment. The migration process will be halted and will not complete.
- In a different embodiment, the predetermined action in relation to the migration of the virtual machine to the second environment comprises completing the migration of the virtual machine and placing limits on the operation of the virtual machine in the second environment. In this embodiment, if the stored trust values are not sufficient for the security settings of the new environment, then the migration can still be allowed to go ahead, but with reduced options for the virtual machine in the new environment. For example, the virtual machine may be limited in the nature of the operations that it can execute, or the communication channel that the virtual machine will use in the new environment will have limits placed on it. Specific monitoring of the virtual machine may also take place, to ensure that nothing is compromised as a result of the migration and operation of the virtual machine in the target environment.
- Preferably, the method further comprises, following the initiation of the migration of the virtual machine to the second environment, transferring the stored trust values generated during the trusted boot of the virtual machine to a trusted management unit for the second environment. The stored trust values for the virtual machine that is being migrated can be bound to the virtual machine and will always be transferred whenever the virtual machine is migrated to a new environment. This is useful, as the component that originally authenticated the virtual machine through the trusted boot process may not be the same component that needs to authenticate the virtual machine when it is migrated to the new environment. A trusted management unit for the second environment can then access the stored trust values for the virtual machine and compare these to the security setting required for the second environment.
- A
virtual machine 10 is shown inFIG. 1 . Thevirtual machine 10 is located in a first environment (or zone) 12 and is being migrated to a second environment (or zone) 14. Virtual machines allow the sharing of the underlying physical hardware resources between differentvirtual machines 10, each running its own operating system. As a result of the use of virtual machines, multiple operating system environments can co-exist on the same hardware, in isolation from each other, and thevirtual machine 10 can provide an instruction set architecture that is somewhat different from that of the real hardware underlying thevirtual machine 10. The use of avirtual machine 10 provides the user with direct access to the operating system and applications of thevirtual machine 10. - The migration of the
virtual machine 10 can occur for a number of reasons. Thefirst environment 12 may be a specific server that is becoming overloaded because multiple virtual machines are being run on the server and they are using an increasingly large amount of resources. There will be a management unit present that manages the load on the server and it may be decided that maximum capacity is being approached and it is therefore desirable to migrate thevirtual machine 10 to a different server. The management unit will organize the wholesale copying of the memory allocated to thevirtual machine 10 to the new server represented by thesecond environment 14. - Alternatively, the two
environments first environment 12 may be a test zone and thesecond environment 14 may be a production zone, for example. Different security settings will apply to thedifferent zones virtual machine 10 that is located in thetest zone 12 may be migrated to theproduction zone 14, for example, under the instruction of an administrator of the server that is running the twozones virtual machine 10 being moved between zones on the same physical computer, it is unlikely that the entire memory contents would be copied, as there is no need since the physical memory may be used by avirtual machine 10 in both zones. It is more likely that the underlying virtualization system will change configuration to move to the new zone, e.g., network settings may be changed to execute the migration. - When a system is moved from one
zone 12 to anotherzone 14, the migratedvirtual machine 10 may reside in a different physical system, or may just be configured to run on a different VLAN (Virtual Local Area Network). Thevirtual machine 10 may move under the management of a separate virtual manager such as IBM Director or HMC (Hardware Management Console) or may remain under the control of the same virtual manager, but require a higher level of security requirements. The security of avirtual machine 10 is checked when it is first loaded, in a so-called “trusted boot”. When thevirtual machine 10 is booted certain trust values are captured during the boot process. - The one or more servers providing the
virtual machines 10 will implement a trusted boot and remote attestation by allowing an initial enrollment where thevirtual machine 10 sets the trust values for the system. Avirtual machine 10 is booted and all of its boot and bring-up trust measurements are established by a vTPM (virtual Trusted Platform Module) process and stored in platform configuration registers 16, known as PCRs, shown inFIG. 2 . During the initial enrollment, thevirtual machine 10 will report these PCR values to adirector unit 18, which will in turn store these values as the virtual machine's base trust values. At any time moving forward, thedirector unit 18 may ask thevirtual machine 10 for its current PCR values. Theunit 18 will then compare some or all of these PCR values to the initial base trust values. If they do not match, then a security alert is asserted. Thedirector unit 18 may obtain the original trust values in other ways besides during the enrollment process, which is one representative technique by which thedirector unit 18 can acquire the trust values. - This model is extended to solve the issue of migration of a
virtual machine 10 when crossing security zones. Prior to moving thevirtual machine 10 into itstarget security zone 14, thedirector unit 18 will transfer the VMs Base Trust Values. These values will be transferred to a trustedmanagement unit 20 in thenew zone 14. This could be the IBM Director controlling thetarget security zone 14, a third party trusted boot authority for thetarget security zone 14, or a component within the same director managing thetarget security zone 14. In the embodiment shown inFIG. 2 , themanagement unit 20 is a separate component specific to thetarget zone 14. - The method of performing the migration is summarized in
FIG. 3 . This method provides a way of attesting a virtual machine that is migrating from a first environment to a second environment. The method first comprises step S1, which is the step of performing a trusted boot of the virtual machine in the first environment, and second, a step S2 of storing one or more trust values generated during the trusted boot of the virtual machine. As detailed above, when a virtual machine is first booted in the first zone, then a trusted boot is performed and the trust values generated during that boot process are recorded in a way that binds them to the specific virtual machine. - The next step in the process comprises step S3, which is the step of initiating the migration of the virtual machine to the second environment. It is not material why the virtual machine is being migrated, only that a component has decided to attempt to migrate the virtual machine to the new zone. The next step is step S4 of accessing one or more stored trust values generated during the trusted boot of the virtual machine, which is followed by the step S5 of determining if the accessed trust values define a security setting sufficient for the second environment. The trust values generated during the trusted boot provide information about the virtual machine being run, such as the nature of the operating system and any updates applied.
- Finally at step S6, if the accessed trust values do not define a security setting sufficient for the second environment, then a predetermined action is performed in relation to the migration of the virtual machine to the second environment. In one embodiment, this predetermined action is the prevention of the migration from taking place, but other actions are also possible. Since the trust values provide information about the virtual machine, then these trust values can be said to define a security setting in the context of a security requirement of the new zone. For example, the new zone may specify that any virtual machine operating in the zone has a specific update applied to it. This can be determined from the trust values generated during the original trusted boot.
- The migration of the
virtual machine 10 from afirst zone 12 to asecond zone 14 can be organized around a comparison of the security policies of the twodifferent zones source security zone 12 or vLAN to differenttarget security zone 14 or vLAN, the source attestation authority will report the PCR values, event logs, and dated history of attestations, including previous PCR values and event logs, to the target attestation authority. Also prior to the virtual machine migration, the source attestation authority will also report its security attestation policy to the target attestation authority in thenew zone 14. - The target attestation authority will compare its own security attestation policy with the received policy. It will determine if the source policy is equivalent or better than the target policy. The target attestation authority will also examine the attestation log history. If the log history meets the target's policy on minimal attestation failures, remediations, attestation frequency and concerns about other security zones or VLANs, then no immediate attestation is needed and a typical migration is allow. Finally, if the above criteria is not met, then the migration is permitted to occur, but the target virtualization mechanism confines the virtual machine to a separate vLAN until a new attestation and security check can be performed and verify that the migrating VM meets the security requirements of the target.
- Post-migration re-attestation of a migrating VM is illustrated in
FIG. 4 . Thedirector unit 18 that relates to the first environment has alog history 22 for the specificvirtual machine 10 and also itsown policy 24 in relation to the security settings that are relevant for virtual machines that are booted in the first zone. Themanagement unit 20 for thesecond zone 14 also has itsown policy 26. Thedirector unit 18 passes thelog history 22 and thesecurity policy 24 to themanagement unit 20. This information enables theunit 20, which is responsible for allowing the migration of thevirtual machine 10 to proceed or to be restricted in some way, to determine whether the trust values of thevirtual machine 10 are sufficient for thenew zone 14.
Claims (12)
1. A method of attesting a virtual machine migrating from a first environment to a second environment comprising:
in response to initiation of migration of the virtual machine from the first environment to the second environment:
accessing one or more stored trust values generated during trusted boot of the virtual machine in the first environment;
determining that the accessed trust values define a security setting that is not sufficient for the second environment; and
in response to the determination that the accessed trust values define the security setting that is not sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.
2. The method of claim 1 , wherein performing the predetermined action in relation to the migration of the virtual machine to the second environment comprises preventing the migration of the virtual machine.
3. The method of claim 1 , wherein performing the predetermined action in relation to the migration of the virtual machine to the second environment comprises completing the migration of the virtual machine and placing limits on the operation of the virtual machine in the second environment.
4. The method of claim 1 further comprising transferring the stored trust values to a trusted management unit for the second environment.
5. A system for attesting a virtual machine migrating from a first environment to a second environment comprising:
a computer processor; and
a computer readable storage medium comprising a trusted management unit executable by the computer processor to:
responsive to initiation of migration of the virtual machine from the first environment to the second environment:
accessing one or more stored trust values generated during trusted boot of the virtual machine in the first environment;
determining that the accessed trust values define a security setting that is not sufficient for the second environment; and
in response to the determination that the accessed trust values define the security setting that is not sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.
6. The system of claim 5 , wherein performing the predetermined action in relation to the migration of the virtual machine to the second environment comprises preventing the migration of the virtual machine.
7. The system of claim 5 , wherein performing the predetermined action in relation to the migration of the virtual machine to the second environment comprises completing the migration of the virtual machine and place limits on the operation of the virtual machine in the second environment.
8. The system of claim 5 , wherein the trusted management unit is further executable by the computer processor to transfer the stored trust values to a trusted management unit for the second environment.
9. A computer program product on a tangible computer readable storage medium for attesting a virtual machine migrating from a first environment to a second environment, the product comprising instructions executable by a computer to cause the computer to perform:
responsive to initiation of migration of the virtual machine from the first environment to the second environment:
accessing one or more stored trust values generated during trusted boot of the virtual machine in the first environment;
determining that the accessed trust values define a security setting that is not sufficient for the second environment; and
in response to the determination that the accessed trust values define the security setting that is not sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.
10. The computer program product of claim 9 , wherein the instructions for performing the predetermined action in relation to the migration of the virtual machine to the second environment comprise instructions for preventing the migration of the virtual machine.
11. The computer program product of claim 9 , wherein the instructions for performing the predetermined action in relation to the migration of the virtual machine to the second environment comprise instructions for completing the migration of the virtual machine and placing limits on the operation of the virtual machine in the second environment.
12. The computer program product of claim 9 , further comprising instructions for transferring the stored trust values generated during the trusted boot of the virtual machine to a trusted management unit for the second environment.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/781,581 US9251349B2 (en) | 2010-12-15 | 2013-02-28 | Virtual machine migration |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP10195218.2 | 2010-12-15 | ||
EP10195218 | 2010-12-15 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/781,581 Continuation US9251349B2 (en) | 2010-12-15 | 2013-02-28 | Virtual machine migration |
Publications (1)
Publication Number | Publication Date |
---|---|
US20120159634A1 true US20120159634A1 (en) | 2012-06-21 |
Family
ID=46236342
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/327,488 Abandoned US20120159634A1 (en) | 2010-12-15 | 2011-12-15 | Virtual machine migration |
US13/781,581 Expired - Fee Related US9251349B2 (en) | 2010-12-15 | 2013-02-28 | Virtual machine migration |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/781,581 Expired - Fee Related US9251349B2 (en) | 2010-12-15 | 2013-02-28 | Virtual machine migration |
Country Status (1)
Country | Link |
---|---|
US (2) | US20120159634A1 (en) |
Cited By (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110302415A1 (en) * | 2010-06-02 | 2011-12-08 | Vmware, Inc. | Securing customer virtual machines in a multi-tenant cloud |
US20130219384A1 (en) * | 2012-02-18 | 2013-08-22 | Cisco Technology, Inc. | System and method for verifying layer 2 connectivity in a virtual environment |
US20140040886A1 (en) * | 2012-07-31 | 2014-02-06 | Alistair Coles | Secure operations for virtual machines |
US20140101655A1 (en) * | 2012-10-10 | 2014-04-10 | International Business Machines Corporation | Enforcing Machine Deployment Zoning Rules in an Automatic Provisioning Environment |
US20140201732A1 (en) * | 2013-01-14 | 2014-07-17 | Cisco Technology, Inc. | Detection of Unauthorized Use of Virtual Resources |
US8800009B1 (en) | 2011-12-30 | 2014-08-05 | Google Inc. | Virtual machine service access |
US8813240B1 (en) * | 2012-05-30 | 2014-08-19 | Google Inc. | Defensive techniques to increase computer security |
JP2014183347A (en) * | 2013-03-18 | 2014-09-29 | Fujitsu Ltd | Virtual machine management device, method, and program |
US8874888B1 (en) | 2011-01-13 | 2014-10-28 | Google Inc. | Managed boot in a cloud system |
US8949431B2 (en) | 2011-08-24 | 2015-02-03 | Radware, Ltd. | Method for live migration of virtual machines |
US8958293B1 (en) | 2011-12-06 | 2015-02-17 | Google Inc. | Transparent load-balancing for cloud computing services |
US8966198B1 (en) | 2011-09-01 | 2015-02-24 | Google Inc. | Providing snapshots of virtual storage devices |
US9015838B1 (en) | 2012-05-30 | 2015-04-21 | Google Inc. | Defensive techniques to increase computer security |
US9075979B1 (en) | 2011-08-11 | 2015-07-07 | Google Inc. | Authentication based on proximity to mobile device |
US20150237066A1 (en) * | 2012-06-27 | 2015-08-20 | Qatar Foundation | Arrangement configured to migrate a virtual machine in the event of an attack |
US9231933B1 (en) | 2011-03-16 | 2016-01-05 | Google Inc. | Providing application programs with access to secured resources |
US9237087B1 (en) | 2011-03-16 | 2016-01-12 | Google Inc. | Virtual machine name resolution |
US9317311B2 (en) | 2013-06-17 | 2016-04-19 | International Business Machines Corporation | Generating a deployment pattern for reuse in a networked computing environment |
US9450981B2 (en) | 2013-03-14 | 2016-09-20 | Radware, Ltd. | System and method thereof for mitigating denial of service attacks in virtual networks |
WO2016180433A1 (en) * | 2015-05-08 | 2016-11-17 | Telefonaktiebolaget Lm Ericsson (Publ) | Migration service method and module for software modules |
US20160381072A1 (en) * | 2015-06-23 | 2016-12-29 | Emc Corporation | Trust overlays for disaggregated infrastructures |
US20170024261A1 (en) * | 2015-07-24 | 2017-01-26 | International Business Machines Corporation | Reducing redundant validations for live operating system migration |
US9740516B1 (en) | 2011-01-13 | 2017-08-22 | Google Inc. | Virtual network protocol |
US10630719B2 (en) * | 2015-03-24 | 2020-04-21 | Huawei Technologies Co., Ltd. | SDN-based DDOS attack prevention method, apparatus, and system |
US11025703B1 (en) * | 2013-03-07 | 2021-06-01 | Amazon Technologies, Inc. | Scheduled execution of instances |
US11086648B1 (en) * | 2012-10-22 | 2021-08-10 | Amazon Technologies, Inc. | Trust-based resource allocation |
US11507408B1 (en) * | 2020-01-21 | 2022-11-22 | Amazon Technologies, Inc. | Locked virtual machines for high availability workloads |
US11748520B2 (en) * | 2020-10-28 | 2023-09-05 | Dell Products L.P. | Protection of a secured application in a cluster |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9936019B2 (en) | 2016-03-16 | 2018-04-03 | Google Llc | Efficient live-migration of remotely accessed data |
US10375115B2 (en) * | 2016-07-27 | 2019-08-06 | International Business Machines Corporation | Compliance configuration management |
US10785129B2 (en) | 2018-06-27 | 2020-09-22 | Oracle International Corporation | Computerized methods and systems for maintaining and modifying cloud computer services |
US11190599B2 (en) | 2018-06-27 | 2021-11-30 | Oracle International Corporation | Method and system for cloud service pre-provisioning |
US11115344B2 (en) | 2018-06-27 | 2021-09-07 | Oracle International Corporation | Computerized methods and systems for migrating cloud computer services |
US10911367B2 (en) | 2018-06-27 | 2021-02-02 | Oracle International Corporation | Computerized methods and systems for managing cloud computer services |
US11907743B2 (en) | 2019-05-21 | 2024-02-20 | Oracle International Corporation | System and method for relocating customer virtual machine instances in a multi-tenant cloud service |
US11765204B2 (en) * | 2019-09-27 | 2023-09-19 | Hewlett Packard Enterprise Development Lp | Managing data management policies of resources |
Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050114687A1 (en) * | 2003-11-21 | 2005-05-26 | Zimmer Vincent J. | Methods and apparatus to provide protection for firmware resources |
US20060184653A1 (en) * | 2005-02-16 | 2006-08-17 | Red Hat, Inc. | System and method for creating and managing virtual services |
US20070094719A1 (en) * | 2005-05-13 | 2007-04-26 | Scarlata Vincent R | Method and apparatus for migrating virtual trusted platform modules |
US20070239979A1 (en) * | 2006-03-29 | 2007-10-11 | International Business Machines Corporation | Method and apparatus to protect policy state information during the life-time of virtual machines |
US20080046581A1 (en) * | 2006-08-18 | 2008-02-21 | Fujitsu Limited | Method and System for Implementing a Mobile Trusted Platform Module |
US20080282348A1 (en) * | 2005-03-22 | 2008-11-13 | Graeme John Proudler | Methods, Devices and Data Structures for Trusted Data |
US20090154709A1 (en) * | 2007-12-17 | 2009-06-18 | Microsoft Corporation | Migration of computer secrets |
US20090288167A1 (en) * | 2008-05-19 | 2009-11-19 | Authentium, Inc. | Secure virtualization system software |
US20090287837A1 (en) * | 2000-07-06 | 2009-11-19 | David Paul Felsher | Information record infrastructure, system and method |
US20100011210A1 (en) * | 2005-05-13 | 2010-01-14 | Scarlata Vincent R | Method And Apparatus For Remotely Provisioning Software-Based Security Coprocessors |
US20100082991A1 (en) * | 2008-09-30 | 2010-04-01 | Hewlett-Packard Development Company, L.P. | Trusted key management for virtualized platforms |
US20100299763A1 (en) * | 2009-05-20 | 2010-11-25 | Redcliff Investments, Llc | Secure Workflow and Data Management Facility |
US20120185913A1 (en) * | 2008-06-19 | 2012-07-19 | Servicemesh, Inc. | System and method for a cloud computing abstraction layer with security zone facilities |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2419697A (en) * | 2004-10-29 | 2006-05-03 | Hewlett Packard Development Co | Virtual overlay infrastructures each having an infrastructure controller |
US9450966B2 (en) * | 2004-11-29 | 2016-09-20 | Kip Sign P1 Lp | Method and apparatus for lifecycle integrity verification of virtual machines |
US8468344B2 (en) * | 2009-05-26 | 2013-06-18 | Raytheon Company | Enabling multi-level security in a single-level security computing system |
WO2012033496A1 (en) * | 2010-09-10 | 2012-03-15 | Hewlett-Packard Development Company, L.P. | Unlock a storage device |
US20130097296A1 (en) * | 2011-10-18 | 2013-04-18 | Telefonaktiebolaget L M Ericsson (Publ) | Secure cloud-based virtual machine migration |
-
2011
- 2011-12-15 US US13/327,488 patent/US20120159634A1/en not_active Abandoned
-
2013
- 2013-02-28 US US13/781,581 patent/US9251349B2/en not_active Expired - Fee Related
Patent Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090287837A1 (en) * | 2000-07-06 | 2009-11-19 | David Paul Felsher | Information record infrastructure, system and method |
US20050114687A1 (en) * | 2003-11-21 | 2005-05-26 | Zimmer Vincent J. | Methods and apparatus to provide protection for firmware resources |
US20060184653A1 (en) * | 2005-02-16 | 2006-08-17 | Red Hat, Inc. | System and method for creating and managing virtual services |
US20080282348A1 (en) * | 2005-03-22 | 2008-11-13 | Graeme John Proudler | Methods, Devices and Data Structures for Trusted Data |
US20070094719A1 (en) * | 2005-05-13 | 2007-04-26 | Scarlata Vincent R | Method and apparatus for migrating virtual trusted platform modules |
US20100011210A1 (en) * | 2005-05-13 | 2010-01-14 | Scarlata Vincent R | Method And Apparatus For Remotely Provisioning Software-Based Security Coprocessors |
US20070239979A1 (en) * | 2006-03-29 | 2007-10-11 | International Business Machines Corporation | Method and apparatus to protect policy state information during the life-time of virtual machines |
US20080046581A1 (en) * | 2006-08-18 | 2008-02-21 | Fujitsu Limited | Method and System for Implementing a Mobile Trusted Platform Module |
US20090154709A1 (en) * | 2007-12-17 | 2009-06-18 | Microsoft Corporation | Migration of computer secrets |
US20090288167A1 (en) * | 2008-05-19 | 2009-11-19 | Authentium, Inc. | Secure virtualization system software |
US20120185913A1 (en) * | 2008-06-19 | 2012-07-19 | Servicemesh, Inc. | System and method for a cloud computing abstraction layer with security zone facilities |
US20100082991A1 (en) * | 2008-09-30 | 2010-04-01 | Hewlett-Packard Development Company, L.P. | Trusted key management for virtualized platforms |
US20100299763A1 (en) * | 2009-05-20 | 2010-11-25 | Redcliff Investments, Llc | Secure Workflow and Data Management Facility |
Cited By (50)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110302415A1 (en) * | 2010-06-02 | 2011-12-08 | Vmware, Inc. | Securing customer virtual machines in a multi-tenant cloud |
US8909928B2 (en) * | 2010-06-02 | 2014-12-09 | Vmware, Inc. | Securing customer virtual machines in a multi-tenant cloud |
US9740516B1 (en) | 2011-01-13 | 2017-08-22 | Google Inc. | Virtual network protocol |
US8874888B1 (en) | 2011-01-13 | 2014-10-28 | Google Inc. | Managed boot in a cloud system |
US9237087B1 (en) | 2011-03-16 | 2016-01-12 | Google Inc. | Virtual machine name resolution |
US9231933B1 (en) | 2011-03-16 | 2016-01-05 | Google Inc. | Providing application programs with access to secured resources |
US10212591B1 (en) | 2011-08-11 | 2019-02-19 | Google Llc | Authentication based on proximity to mobile device |
US9769662B1 (en) | 2011-08-11 | 2017-09-19 | Google Inc. | Authentication based on proximity to mobile device |
US9075979B1 (en) | 2011-08-11 | 2015-07-07 | Google Inc. | Authentication based on proximity to mobile device |
US9489222B2 (en) | 2011-08-24 | 2016-11-08 | Radware, Ltd. | Techniques for workload balancing among a plurality of physical machines |
US8949431B2 (en) | 2011-08-24 | 2015-02-03 | Radware, Ltd. | Method for live migration of virtual machines |
US9703585B2 (en) | 2011-08-24 | 2017-07-11 | Radware, Ltd. | Method for live migration of virtual machines |
US8966198B1 (en) | 2011-09-01 | 2015-02-24 | Google Inc. | Providing snapshots of virtual storage devices |
US9251234B1 (en) | 2011-09-01 | 2016-02-02 | Google Inc. | Providing snapshots of virtual storage devices |
US9501233B2 (en) | 2011-09-01 | 2016-11-22 | Google Inc. | Providing snapshots of virtual storage devices |
US8958293B1 (en) | 2011-12-06 | 2015-02-17 | Google Inc. | Transparent load-balancing for cloud computing services |
US8800009B1 (en) | 2011-12-30 | 2014-08-05 | Google Inc. | Virtual machine service access |
US9122507B2 (en) * | 2012-02-18 | 2015-09-01 | Cisco Technology, Inc. | VM migration based on matching the root bridge of the virtual network of the origination host and the destination host |
US20130219384A1 (en) * | 2012-02-18 | 2013-08-22 | Cisco Technology, Inc. | System and method for verifying layer 2 connectivity in a virtual environment |
US9015838B1 (en) | 2012-05-30 | 2015-04-21 | Google Inc. | Defensive techniques to increase computer security |
US8813240B1 (en) * | 2012-05-30 | 2014-08-19 | Google Inc. | Defensive techniques to increase computer security |
US9251341B1 (en) * | 2012-05-30 | 2016-02-02 | Google Inc. | Defensive techniques to increase computer security |
US20150237066A1 (en) * | 2012-06-27 | 2015-08-20 | Qatar Foundation | Arrangement configured to migrate a virtual machine in the event of an attack |
US9819694B2 (en) * | 2012-06-27 | 2017-11-14 | Qatar Foundation | Arrangement configured to migrate a virtual machine in the event of an attack |
US9471355B2 (en) * | 2012-07-31 | 2016-10-18 | Hewlett-Packard Development Company, L.P. | Secure operations for virtual machines |
US10013274B2 (en) | 2012-07-31 | 2018-07-03 | Hewlett-Packard Development Company, L.P. | Migrating virtual machines to perform boot processes |
US20140040886A1 (en) * | 2012-07-31 | 2014-02-06 | Alistair Coles | Secure operations for virtual machines |
US9021479B2 (en) * | 2012-10-10 | 2015-04-28 | International Business Machines Corporation | Enforcing machine deployment zoning rules in an automatic provisioning environment |
US20140101655A1 (en) * | 2012-10-10 | 2014-04-10 | International Business Machines Corporation | Enforcing Machine Deployment Zoning Rules in an Automatic Provisioning Environment |
US11086648B1 (en) * | 2012-10-22 | 2021-08-10 | Amazon Technologies, Inc. | Trust-based resource allocation |
US20140201732A1 (en) * | 2013-01-14 | 2014-07-17 | Cisco Technology, Inc. | Detection of Unauthorized Use of Virtual Resources |
US10180851B2 (en) * | 2013-01-14 | 2019-01-15 | Cisco Technology, Inc. | Detection of unauthorized use of virtual resources |
US11025703B1 (en) * | 2013-03-07 | 2021-06-01 | Amazon Technologies, Inc. | Scheduled execution of instances |
US9450981B2 (en) | 2013-03-14 | 2016-09-20 | Radware, Ltd. | System and method thereof for mitigating denial of service attacks in virtual networks |
JP2014183347A (en) * | 2013-03-18 | 2014-09-29 | Fujitsu Ltd | Virtual machine management device, method, and program |
US9983898B2 (en) | 2013-06-17 | 2018-05-29 | International Business Machines Corporation | Generating a deployment pattern for reuse in a networked computing environment |
US9317311B2 (en) | 2013-06-17 | 2016-04-19 | International Business Machines Corporation | Generating a deployment pattern for reuse in a networked computing environment |
US10630719B2 (en) * | 2015-03-24 | 2020-04-21 | Huawei Technologies Co., Ltd. | SDN-based DDOS attack prevention method, apparatus, and system |
US11394743B2 (en) * | 2015-03-24 | 2022-07-19 | Huawei Technologies Co., Ltd. | SDN-based DDoS attack prevention method, apparatus, and system |
US10169578B2 (en) | 2015-05-08 | 2019-01-01 | Telefonaktiebolaget Lm Ericsson (Publ) | Migration service method and module for software modules |
WO2016180433A1 (en) * | 2015-05-08 | 2016-11-17 | Telefonaktiebolaget Lm Ericsson (Publ) | Migration service method and module for software modules |
US10740460B2 (en) | 2015-05-08 | 2020-08-11 | Telefonaktiebolaget Lm Ericsson (Publ) | Migration service method and module for software modules |
US20160381072A1 (en) * | 2015-06-23 | 2016-12-29 | Emc Corporation | Trust overlays for disaggregated infrastructures |
US9781163B2 (en) * | 2015-06-23 | 2017-10-03 | EMC IP Holding Company LLC | Trust overlays for disaggregated infrastructures |
US20170024261A1 (en) * | 2015-07-24 | 2017-01-26 | International Business Machines Corporation | Reducing redundant validations for live operating system migration |
US10169099B2 (en) * | 2015-07-24 | 2019-01-01 | International Business Machines Corporation | Reducing redundant validations for live operating system migration |
US20170024235A1 (en) * | 2015-07-24 | 2017-01-26 | International Business Machines Corporation | Reducing redundant validations for live operating system migration |
US10162681B2 (en) * | 2015-07-24 | 2018-12-25 | International Business Machines Corporation | Reducing redundant validations for live operating system migration |
US11507408B1 (en) * | 2020-01-21 | 2022-11-22 | Amazon Technologies, Inc. | Locked virtual machines for high availability workloads |
US11748520B2 (en) * | 2020-10-28 | 2023-09-05 | Dell Products L.P. | Protection of a secured application in a cluster |
Also Published As
Publication number | Publication date |
---|---|
US20140173598A1 (en) | 2014-06-19 |
US9251349B2 (en) | 2016-02-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9251349B2 (en) | Virtual machine migration | |
US10956184B2 (en) | On-demand disposable virtual work system | |
US10630643B2 (en) | Dual memory introspection for securing multiple network endpoints | |
US9465652B1 (en) | Hardware-based mechanisms for updating computer systems | |
JP6484255B2 (en) | Host attestation, including trusted execution environment | |
EP3017397B1 (en) | Cryptographically attested resources for hosting virtual machines | |
EP2764434B1 (en) | Security in virtualized computer programs | |
US8464252B2 (en) | Per process virtual machines | |
JP5881835B2 (en) | Web-based interface to access basic input / output system (BIOS) functionality | |
JP6063941B2 (en) | Virtual high privilege mode for system administration requests | |
US20150135311A1 (en) | Virtual machine validation | |
US9904484B2 (en) | Securing protected information based on software designation | |
CN108959916B (en) | Method, device and system for accessing secure world | |
WO2012084837A1 (en) | Virtual machine validation | |
JP5885851B2 (en) | Provision of basic input / output system (BIOS) functions in privileged domains | |
JP2006526219A (en) | Method and apparatus for providing secure firmware storage and service access | |
EP3935494B1 (en) | Inject interrupts and exceptions into secure virtual machine | |
US11645400B2 (en) | Secured interprocess communication | |
US11010479B2 (en) | Cyber security for space-switching program calls | |
GB2568919A (en) | Managing removal and modification of installed programs on a computer device | |
Algawi et al. | Efficient protection for vdi workstations | |
US20230025126A1 (en) | Virtualization layer assisted upgrading of in-guest agents | |
US20120222109A1 (en) | Providing a declaration of security requirements to a security program to use to control application operations |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: INTERNATIONAL BUSINESS MACHINES CORPORATION, NEW Y Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:HAIKNEY, DAVID;MULLEN, SHAWN P.;WALKER, JAMES;SIGNING DATES FROM 20111219 TO 20120822;REEL/FRAME:029123/0430 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |