Securing privileged virtualized execution instances from penetrating a virtual host environment
US11222123B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 22, 2019 |
| Grant date | Jan 11, 2022 |
| Priority date | — |
| Expiry date | Apr 22, 2039 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2009/45595
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Disclosed embodiments relate to systems and methods for identifying vulnerabilities for virtualized execution instances to escape their operating environment and threaten a host environment. Techniques include identifying a virtualized execution instance configured for deployment on a host in a virtual computing environment; performing a privileged configuration inspection for the virtualized execution instance, the privileged configuration inspection analyzing whether the virtualized execution instance has been configured with one or more attributes that can permit operation of the virtualized execution instance to perform operations, beyond an environment of the virtualized execution instance, on an environment of the host; and implementing, based on the privileged configuration inspection, a control action for controlling the virtualized execution instance's ability to perform operations on the environment of the host.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.