Patent · US Active

System call policies for containers

US10650138B2 · kind B2 · utility

5Cited by

3References

18Claims

0Family size

Assignee

Hewlett Packard Enterprise Development LP · US

Inventors

Michela D'Errico · Bristol, GB
Leon Frank Ehrenhart · Bad Homburg vor der Höhe, DE
Chris I. Dalton · Bristol, GB
Michael John Wray · Bath, GB
Siani Pearson · Bristol, GB
Dennis Heinze · Eppelheim, DE

Key dates

Filing date	Jan 27, 2017
Grant date	May 12, 2020
Priority date	—
Expiry date	Apr 23, 2038

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Examples relate to system call policies for containers. In an example, a method includes receiving, by a container platform, a container for running an application. The container has a metadata record that specifies an application type of the application. The container platform receives a data structure that specifies a set of system call policies for a set of application types and queries the data structure to determine a policy of the set of system call policies to apply to the container based on the application type in the metadata record. A kernel implements the policy for the container to allow or deny permission for a system call by the application running in the container based on a comparison of the system call to the policy.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.