Virtual environment type verification for policy enforcement
A type and environment of technology, applied in the direction of program control design, instrumentation, program/content distribution protection, etc., can solve problems such as increasing user costs, inability to use user licenses or other strategies
Pending Publication Date: 2022-06-21
MICROSOFT TECH LICENSING LLC
View PDF0 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0003] Unfortunately, because a container is perceived by the computer-executable instructions executing within it as a computing environment distinct and distinct from the user's primary computing environment, executing an application within a container may require another permission, or may not take advantage of the Permissions or other policies established within the host computing environment
Such additional licensing requirements may unnecessarily increase user costs, or may otherwise prevent users from utilizing their applications within container environments
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0014] The following description relates to tamper-resistant environment type detection to enable policy (including application permissions) to be shared between the host computing environment and the container virtual computing environment, while preventing such policy from being shared for malicious purposes, such as by deception by computing hardware or A computing environment hosted directly by a virtual machine so that it appears as a container virtual computing environment to improperly gain access to an application or specific functionality provided by it. Environment-type verification can provide tamper-resistant verification of the computing environment within which the environment-type verification is being performed. Such information can then be utilized to perform policy management, which can include omitting authentication to facilitate sharing of policies, such as application permissions, from the host computing environment to the container virtual computing envir...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The environment type verification may provide tamper-proof verification of the computing environment within which the environment type verification is being performed. Policy management may then be performed utilizing such information, which may include omitting verification in order to facilitate sharing of policies, such as application permissions, from the host computing environment to the container virtual computing environment. The environment type verification may perform a plurality of checks, included are verification of an encrypted infrastructure of a computing environment, verification of a code integrity mechanism of the computing environment, a check for the presence of functionality proving a hypervisor, a check for the presence or absence of predetermined system drivers or other similar operating system components or functionalities, and a method for verifying the presence or absence of functionality proving the presence or absence of functionality proving the presence or absence of functionality proving the presence or absence of functionality. Checking for activation or deactivation of the resource management stack, and checking for the presence or absence of a predetermined value in the firmware.
Description
Background technique [0001] Traditional virtual computing environments (often referred to as "virtual machines") virtualize most or all aspects of the computing environment, and thus can present a computing environment that is very different from the host computing device hardware and operating system. However, conventional virtual computing environments can consume large amounts of memory, require significant processing resources, and otherwise be inefficient due to the need to virtualize most or all aspects of the host computing environment. In some instances, lightweight virtual computing environments, often referred to as "containers," can provide many of the isolation benefits of traditional virtual computing environments in a more efficient manner, such as by leveraging aspects of the host computing device hardware and operating system, without These aspects of the computing environment are not virtualized. As such, containers can be used to provide isolated computing e...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/53G06F21/57G06F21/10
CPCG06F21/57G06F21/53G06F21/105H04L2209/127G06F21/51H04L9/3263G06F9/45558G06F2009/4557H04L9/3236G06F21/10
Inventor T·S·苏甘迪A·T·郭B·巴拉苏布拉曼延A·辛格A·S·卡拉德米尔B·M·舒尔茨H·R·普拉帕卡G·舒巴姆C·托马斯C·E·P·拉米雷斯
Owner MICROSOFT TECH LICENSING LLC