Processing guest event in hypervisor-controlled system

A technology for managers and customers, applied in the direction of program control design, program control devices, electrical digital data processing, etc., can solve problems such as technical elimination and failure to solve managers, and achieve the effect of preventing unauthorized access

Active Publication Date: 2016-03-30
IBM CORP
View PDF5 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] All of these techniques, even if used, do not solve the problem that the manager can always fully monitor the client and read the memory contents with potentially sensitive data using the image running on the client, which usually can be under the manager's control virtual machines on the system
The problems mentioned above cannot be eliminated by these techniques

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Processing guest event in hypervisor-controlled system
  • Processing guest event in hypervisor-controlled system
  • Processing guest event in hypervisor-controlled system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] In the figures, the same elements are referred to with the same reference numerals. The drawings are merely schematic representations, not intended to portray specific parameters of the invention. Moreover, the drawings are intended to depict only typical embodiments of the invention and therefore should not be considered as limiting the scope of the invention.

[0048] Figure 1 shows a stack of components in a hypervisor controlled system according to the prior art. The different components include one or more clients 20 implemented as a virtual machine, running as a virtual server system on a system controlled by a hypervisor, including firmware 70, hardware 72 such as one or more CPUs, memory, storage network I / O device74. Manager 30 manages hardware 72 and I / O device 74 resources and allocates appropriate portions of these resources to clients 20 . In a cloud environment, the client virtual machine 20 is operated by the client or client, while the manager 30 is o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method for processing a guest event in a hypervisor-controlled system (10), comprising the steps: (i) the guest event triggering a first firmware service being specific for the guest event in a firmware (70), the guest event being associated with a guest (20) and with a guest state (52) and a guest memory (22) encrypted with a guest key (24); (ii) the firmware (70) processing information associated with the guest event, comprising information of the guest state (52) and the guest memory (22), and presenting only a subset of the information of the guest state (52) and the guest memory (22) in decrypted form to a hypervisor (30), wherein the subset of the information is selected to suffice for the hypervisor (30) to process the guest event; (iii) the firmware (70) retaining a part of the information of the guest state (52) and the guest memory (22) that is not being sent to the hypervisor (30); (iv) the hypervisor (30) processing the guest event based on the received subset of the information of the guest state (52) and the guest memory (22) and sending a process result to the firmware (70) triggering a second firmware service being specific for the guest event; (v) the firmware (70) processing the received process result together with the part of the information of the guest state (52) and the guest memory (22) that was not sent to the hypervisor (30), generating a state and / or memory modification;(vi) the firmware (70) performing the state and / or memory modification associated with the guest event at the guest memory (22) in encrypted form.

Description

technical field [0001] The present invention relates generally to data processing systems, and more particularly to methods and systems for processing customer events in a manager-controlled system. Background technique [0002] Customer acceptance of the public cloud has been limited to non-mission-critical data. Core business data is often an important asset of customers, and the confidentiality of data is crucial to the success of an enterprise. As long as customers don't trust cloud environments, cloud acceptance for these business-sensitive environments will remain minimal. One of the main concerns of customers is the lack of trust in the cloud provider and the security of the cloud. [0003] Trust in the cloud provider is critical because the provider's administrators are able to fully monitor the customer's load and data. This possible default for spying is the reason many customers are reluctant. [0004] Trust in cloud security involves the threat of a hyperviso...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F9/44
CPCG06F9/45558G06F2009/45587G06F21/57G06F9/45533G06F21/71G06F9/542G06F21/602
Inventor U·巴切R·布恩德根E·吕克
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap