WO2014207581A3 - Processing guest event in hypervisor-controlled system - Google Patents
Processing guest event in hypervisor-controlled system Download PDFInfo
- Publication number
- WO2014207581A3 WO2014207581A3 PCT/IB2014/059780 IB2014059780W WO2014207581A3 WO 2014207581 A3 WO2014207581 A3 WO 2014207581A3 IB 2014059780 W IB2014059780 W IB 2014059780W WO 2014207581 A3 WO2014207581 A3 WO 2014207581A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- guest
- hypervisor
- event
- memory
- firmware
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/542—Event management; Broadcasting; Multicasting; Notifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
Abstract
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2016522898A JP6347831B2 (en) | 2013-06-27 | 2014-03-14 | Method, data processing program, computer program product, and data processing system for handling guest events in a system controlled by a hypervisor |
CN201480036373.2A CN105453034B (en) | 2013-06-27 | 2014-03-14 | Customer event is handled in the system of manager control |
GB1600172.9A GB2530225B (en) | 2013-06-27 | 2014-03-14 | Processing a guest event in a hypervisor-controlled system |
US14/899,166 US9690947B2 (en) | 2013-06-27 | 2014-03-14 | Processing a guest event in a hypervisor-controlled system |
DE112014000965.2T DE112014000965T5 (en) | 2013-06-27 | 2014-03-14 | Processing a guest event in a hypervisor-driven system |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB1311430.1 | 2013-06-27 | ||
GB1311430.1A GB2515536A (en) | 2013-06-27 | 2013-06-27 | Processing a guest event in a hypervisor-controlled system |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2014207581A2 WO2014207581A2 (en) | 2014-12-31 |
WO2014207581A3 true WO2014207581A3 (en) | 2015-04-09 |
Family
ID=48999042
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IB2014/059780 WO2014207581A2 (en) | 2013-06-27 | 2014-03-14 | Processing a guest event in a hypervisor-controlled system |
Country Status (6)
Country | Link |
---|---|
US (1) | US9690947B2 (en) |
JP (1) | JP6347831B2 (en) |
CN (1) | CN105453034B (en) |
DE (1) | DE112014000965T5 (en) |
GB (2) | GB2515536A (en) |
WO (1) | WO2014207581A2 (en) |
Families Citing this family (30)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2015026336A1 (en) * | 2013-08-21 | 2015-02-26 | Intel Corporation | Processing data privately in the cloud |
GB2532415A (en) * | 2014-11-11 | 2016-05-25 | Ibm | Processing a guest event in a hypervisor-controlled system |
US9875047B2 (en) * | 2015-05-27 | 2018-01-23 | Red Hat Israel, Ltd. | Exit-less host memory locking in a virtualized environment |
GB2539428B (en) | 2015-06-16 | 2020-09-09 | Advanced Risc Mach Ltd | Data processing apparatus and method with ownership table |
GB2539429B (en) | 2015-06-16 | 2017-09-06 | Advanced Risc Mach Ltd | Address translation |
GB2539435B8 (en) | 2015-06-16 | 2018-02-21 | Advanced Risc Mach Ltd | Data processing memory access control, in which an owning process for a region of memory is specified independently of privilege level |
GB2539433B8 (en) * | 2015-06-16 | 2018-02-21 | Advanced Risc Mach Ltd | Protected exception handling |
US9767318B1 (en) * | 2015-08-28 | 2017-09-19 | Frank Dropps | Secure controller systems and associated methods thereof |
CN105184154B (en) * | 2015-09-15 | 2017-06-20 | 中国科学院信息工程研究所 | A kind of system and method that crypto-operation service is provided in virtualized environment |
US9894061B2 (en) | 2015-10-16 | 2018-02-13 | International Business Machines Corporation | Method for booting and dumping a confidential image on a trusted computer system |
US10102151B2 (en) | 2015-11-06 | 2018-10-16 | International Business Machines Corporation | Protecting a memory from unauthorized access |
US9841987B2 (en) | 2015-12-17 | 2017-12-12 | International Business Machines Corporation | Transparent secure interception handling |
US10019279B2 (en) | 2015-12-17 | 2018-07-10 | International Business Machines Corporation | Transparent secure interception handling |
US9898326B2 (en) * | 2016-02-23 | 2018-02-20 | Red Hat Israel, Ltd. | Securing code loading in a virtual environment |
US11188651B2 (en) * | 2016-03-07 | 2021-11-30 | Crowdstrike, Inc. | Hypervisor-based interception of memory accesses |
US10348500B2 (en) * | 2016-05-05 | 2019-07-09 | Adventium Enterprises, Llc | Key material management |
US10243746B2 (en) * | 2017-02-27 | 2019-03-26 | Red Hat, Inc. | Systems and methods for providing I/O state protections in a virtualized environment |
CN107240408B (en) * | 2017-05-11 | 2019-05-10 | 中国科学院信息工程研究所 | For the read-write managing and control system of CD-ROM CD media |
GB2563886B (en) | 2017-06-28 | 2019-12-25 | Advanced Risc Mach Ltd | Realm management unit-private memory regions |
US10686605B2 (en) * | 2017-09-29 | 2020-06-16 | Intel Corporation | Technologies for implementing mutually distrusting domains |
US10757082B2 (en) * | 2018-02-22 | 2020-08-25 | International Business Machines Corporation | Transforming a wrapped key into a protected key |
US10949547B2 (en) * | 2018-10-05 | 2021-03-16 | Google Llc | Enclave fork support |
US11403409B2 (en) | 2019-03-08 | 2022-08-02 | International Business Machines Corporation | Program interruptions for page importing/exporting |
US10956188B2 (en) | 2019-03-08 | 2021-03-23 | International Business Machines Corporation | Transparent interpretation of guest instructions in secure virtual machine environment |
US11443040B2 (en) * | 2019-03-08 | 2022-09-13 | International Business Machines Corporation | Secure execution guest owner environmental controls |
US11308215B2 (en) | 2019-03-08 | 2022-04-19 | International Business Machines Corporation | Secure interface control high-level instruction interception for interruption enablement |
US11354421B2 (en) | 2019-03-08 | 2022-06-07 | International Business Machines Corporation | Secure execution guest owner controls for secure interface control |
WO2021167659A1 (en) * | 2019-11-14 | 2021-08-26 | Trideum Corporation | Systems and methods of monitoring and controlling remote assets |
US11475167B2 (en) | 2020-01-29 | 2022-10-18 | International Business Machines Corporation | Reserving one or more security modules for a secure guest |
CN111833108A (en) * | 2020-07-17 | 2020-10-27 | 上海国际技贸联合有限公司 | Information acquisition, analysis and processing system, method and storage medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101179379A (en) * | 2007-12-11 | 2008-05-14 | 中兴通讯股份有限公司 | Firmware security management method for microwave access global intercommunication system |
US20080178171A1 (en) * | 2007-01-23 | 2008-07-24 | Masahiro Sueyoshi | Management System, Management Method, Terminal Device, Management Server and Program |
CN101470783A (en) * | 2007-12-25 | 2009-07-01 | 中国长城计算机深圳股份有限公司 | Identity recognition method and device based on trusted platform module |
Family Cites Families (51)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5404563A (en) * | 1991-08-28 | 1995-04-04 | International Business Machines Corporation | Scheduling normally interchangeable facilities in multiprocessor computer systems |
US5371867A (en) * | 1992-11-10 | 1994-12-06 | International Business Machines Corporation | Method of using small addresses to access any guest zone in a large memory |
JP2003051819A (en) * | 2001-08-08 | 2003-02-21 | Toshiba Corp | Microprocessor |
US7024555B2 (en) * | 2001-11-01 | 2006-04-04 | Intel Corporation | Apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment |
CN100447736C (en) * | 2004-05-08 | 2008-12-31 | 英特尔公司 | Firmware interface runtime environment protection field |
US8627315B2 (en) * | 2004-12-31 | 2014-01-07 | Intel Corporation | Apparatus and method for cooperative guest firmware |
US7299337B2 (en) * | 2005-05-12 | 2007-11-20 | Traut Eric P | Enhanced shadow page table algorithms |
US20080059556A1 (en) * | 2006-08-31 | 2008-03-06 | Egenera, Inc. | Providing virtual machine technology as an embedded layer within a processing platform |
US8615643B2 (en) * | 2006-12-05 | 2013-12-24 | Microsoft Corporation | Operational efficiency of virtual TLBs |
US7788464B2 (en) * | 2006-12-22 | 2010-08-31 | Microsoft Corporation | Scalability of virtual TLBs for multi-processor virtual machines |
US8688920B2 (en) * | 2007-05-14 | 2014-04-01 | International Business Machines Corporation | Computing system with guest code support of transactional memory |
US8127292B1 (en) * | 2007-06-22 | 2012-02-28 | Parallels Holdings, Ltd. | Virtualization system with hypervisor embedded in bios or using extensible firmware interface |
JP4678396B2 (en) * | 2007-09-25 | 2011-04-27 | 日本電気株式会社 | Computer and method for monitoring virtual machine monitor, and virtual machine monitor monitor program |
US8156298B1 (en) * | 2007-10-24 | 2012-04-10 | Adam Stubblefield | Virtualization-based security apparatuses, methods, and systems |
US20090113111A1 (en) * | 2007-10-30 | 2009-04-30 | Vmware, Inc. | Secure identification of execution contexts |
US8261028B2 (en) * | 2007-12-31 | 2012-09-04 | Intel Corporation | Cached dirty bits for context switch consistency checks |
US8364983B2 (en) * | 2008-05-08 | 2013-01-29 | Microsoft Corporation | Corralling virtual machines with encryption keys |
US8381032B2 (en) * | 2008-08-06 | 2013-02-19 | O'shantel Software L.L.C. | System-directed checkpointing implementation using a hypervisor layer |
JP4643702B2 (en) * | 2008-10-27 | 2011-03-02 | 株式会社東芝 | Microprocessor |
US20100146267A1 (en) * | 2008-12-10 | 2010-06-10 | David Konetski | Systems and methods for providing secure platform services |
US8738932B2 (en) * | 2009-01-16 | 2014-05-27 | Teleputers, Llc | System and method for processor-based security |
US10496670B1 (en) * | 2009-01-21 | 2019-12-03 | Vmware, Inc. | Computer storage deduplication |
US8538919B1 (en) * | 2009-05-16 | 2013-09-17 | Eric H. Nielsen | System, method, and computer program for real time remote recovery of virtual computing machines |
US20110041126A1 (en) * | 2009-08-13 | 2011-02-17 | Levy Roger P | Managing workloads in a virtual computing environment |
US20110202765A1 (en) * | 2010-02-17 | 2011-08-18 | Microsoft Corporation | Securely move virtual machines between host servers |
JP5484117B2 (en) * | 2010-02-17 | 2014-05-07 | 株式会社日立製作所 | Hypervisor and server device |
US9703586B2 (en) * | 2010-02-17 | 2017-07-11 | Microsoft Technology Licensing, Llc | Distribution control and tracking mechanism of virtual machine appliances |
WO2011101972A1 (en) * | 2010-02-18 | 2011-08-25 | 株式会社東芝 | Program |
US8793439B2 (en) * | 2010-03-18 | 2014-07-29 | Oracle International Corporation | Accelerating memory operations using virtualization information |
US8375437B2 (en) * | 2010-03-30 | 2013-02-12 | Microsoft Corporation | Hardware supported virtualized cryptographic service |
US8671405B2 (en) * | 2010-03-31 | 2014-03-11 | Microsoft Corporation | Virtual machine crash file generation techniques |
JP5574230B2 (en) * | 2010-04-28 | 2014-08-20 | 株式会社日立製作所 | Fault handling method and computer |
US8555377B2 (en) * | 2010-04-29 | 2013-10-08 | High Cloud Security | Secure virtual machine |
US8812871B2 (en) * | 2010-05-27 | 2014-08-19 | Cisco Technology, Inc. | Method and apparatus for trusted execution in infrastructure as a service cloud environments |
US8566613B2 (en) * | 2010-06-11 | 2013-10-22 | Intel Corporation | Multi-owner deployment of firmware images |
US9183023B2 (en) * | 2010-07-01 | 2015-11-10 | Hewlett-Packard Development Company, L.P. | Proactive distribution of virtual environment user credentials in a single sign-on system |
US8239620B2 (en) * | 2010-09-27 | 2012-08-07 | Mips Technologies, Inc. | Microprocessor with dual-level address translation |
CA2825811A1 (en) * | 2011-01-27 | 2012-08-02 | L-3 Communications Corporation | Internet isolation for avoiding internet security threats |
WO2012157019A1 (en) * | 2011-05-16 | 2012-11-22 | 株式会社日立製作所 | Computer system and node search method |
JP5365664B2 (en) * | 2011-06-20 | 2013-12-11 | 富士通セミコンダクター株式会社 | Secure processor |
US8984478B2 (en) * | 2011-10-03 | 2015-03-17 | Cisco Technology, Inc. | Reorganization of virtualized computer programs |
US9256552B2 (en) * | 2011-11-21 | 2016-02-09 | Cisco Technology, Inc. | Selective access to executable memory |
US9146847B2 (en) * | 2011-12-14 | 2015-09-29 | Vmware, Inc. | Optimizing for page sharing in virtualized java virtual machines |
US8918608B2 (en) * | 2012-01-09 | 2014-12-23 | Ravello Systems Ltd. | Techniques for handling memory accesses by processor-independent executable code in a multi-processor environment |
US8959577B2 (en) * | 2012-04-13 | 2015-02-17 | Cisco Technology, Inc. | Automatic curation and modification of virtualized computer programs |
US10152409B2 (en) * | 2012-04-30 | 2018-12-11 | Vmware, Inc. | Hybrid in-heap out-of-heap ballooning for java virtual machines |
US10063380B2 (en) * | 2013-01-22 | 2018-08-28 | Amazon Technologies, Inc. | Secure interface for invoking privileged operations |
US9503268B2 (en) * | 2013-01-22 | 2016-11-22 | Amazon Technologies, Inc. | Securing results of privileged computing operations |
US20150363220A1 (en) * | 2013-02-01 | 2015-12-17 | Hitachi, Ltd. | Virtual computer system and data transfer control method for virtual computer system |
US9606818B2 (en) * | 2013-03-14 | 2017-03-28 | Qualcomm Incorporated | Systems and methods of executing multiple hypervisors using multiple sets of processors |
US9880773B2 (en) * | 2013-03-27 | 2018-01-30 | Vmware, Inc. | Non-homogeneous disk abstraction for data oriented applications |
-
2013
- 2013-06-27 GB GB1311430.1A patent/GB2515536A/en not_active Withdrawn
-
2014
- 2014-03-14 WO PCT/IB2014/059780 patent/WO2014207581A2/en active Application Filing
- 2014-03-14 CN CN201480036373.2A patent/CN105453034B/en not_active Expired - Fee Related
- 2014-03-14 GB GB1600172.9A patent/GB2530225B/en active Active
- 2014-03-14 DE DE112014000965.2T patent/DE112014000965T5/en active Pending
- 2014-03-14 US US14/899,166 patent/US9690947B2/en not_active Expired - Fee Related
- 2014-03-14 JP JP2016522898A patent/JP6347831B2/en not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080178171A1 (en) * | 2007-01-23 | 2008-07-24 | Masahiro Sueyoshi | Management System, Management Method, Terminal Device, Management Server and Program |
CN101179379A (en) * | 2007-12-11 | 2008-05-14 | 中兴通讯股份有限公司 | Firmware security management method for microwave access global intercommunication system |
CN101470783A (en) * | 2007-12-25 | 2009-07-01 | 中国长城计算机深圳股份有限公司 | Identity recognition method and device based on trusted platform module |
Also Published As
Publication number | Publication date |
---|---|
JP2016523421A (en) | 2016-08-08 |
US20160148001A1 (en) | 2016-05-26 |
GB201311430D0 (en) | 2013-08-14 |
GB2530225A (en) | 2016-03-16 |
CN105453034B (en) | 2018-11-16 |
US9690947B2 (en) | 2017-06-27 |
GB2530225B (en) | 2016-10-19 |
WO2014207581A2 (en) | 2014-12-31 |
GB2515536A (en) | 2014-12-31 |
CN105453034A (en) | 2016-03-30 |
DE112014000965T5 (en) | 2015-12-03 |
JP6347831B2 (en) | 2018-06-27 |
GB201600172D0 (en) | 2016-02-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2014207581A3 (en) | Processing guest event in hypervisor-controlled system | |
GB2548268A (en) | Processing guest event in hypervisor-controlled system | |
NZ746653A (en) | Access control for encrypted data in machine-readable identifiers | |
WO2014116528A3 (en) | Providing an encrypted account credential from a first device to a second device | |
WO2018229549A3 (en) | System and method for digital environment reconstruction | |
EP3627843A3 (en) | Systems and methods for performing transport i/o | |
EP3407534A4 (en) | In-car computer system, vehicle, key generation device, management method, key generation method, and computer program | |
GB2545838A (en) | Hypervisor and virtual machine protection | |
AU2012225621A8 (en) | Secure file sharing method and system | |
EP3602954A4 (en) | Method and system for hierarchical cryptographic key management | |
NZ701459A (en) | Systems and methods for secure processing with embedded cryptographic unit | |
WO2013068843A8 (en) | Multi-key cryptography for encrypting file system acceleration | |
MX2017005313A (en) | Transaction messaging. | |
EP3334085A4 (en) | Management device, management system, key generation device, key generation system, key management system, vehicle, management method, key generation method, and computer program | |
EP3598714A4 (en) | Method, device, and system for encrypting secret key | |
AU2017269280B2 (en) | Executable logic for processing keyed data in networks | |
UA100829C2 (en) | Systems, methods, and apparatuses for ciphering error detection and recovery | |
MX2016002467A (en) | Format preservation based masking system and method. | |
IN2015CH03249A (en) | ||
MX362756B (en) | Systems and methods for a credential including multiple access privileges. | |
WO2013106798A3 (en) | Method and apparatus for generating a privilege-based key | |
PH12016500612A1 (en) | Relevance based visual media item modification | |
IN2014MU00771A (en) | ||
WO2016144258A3 (en) | Methods and systems for facilitating secured access to storage devices | |
WO2015066209A3 (en) | Opt-in and time limited bi-directional real-time location sharing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 201480036373.2 Country of ref document: CN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 112014000965 Country of ref document: DE Ref document number: 1120140009652 Country of ref document: DE |
|
ENP | Entry into the national phase |
Ref document number: 2016522898 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 14899166 Country of ref document: US |
|
ENP | Entry into the national phase |
Ref document number: 1600172 Country of ref document: GB Kind code of ref document: A Free format text: PCT FILING DATE = 20140314 |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 14817597 Country of ref document: EP Kind code of ref document: A2 |