Virtual machine perfect forward secrecy

Assignee

• International Business Machines Corporation · US

Inventors

• Matthew Green · Gold Coast, AU
• Narayana Aditya Madineni · Dover, AU
• Michael W. Gray · Canungra, AU
• Leigh S. McLean · Gold Coast, AU

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2009/45587
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Provided is a method, a computer program product, and a system for providing perfect forward secrecy in virtual machines. The method includes receiving a secure memory allocation function from an application, including a connection secret to be stored in memory. The method further includes allocating memory for the connection secret according to the memory size parameter and storing an entry relating to the connection secret in a secure database. The memory information includes a memory location and a memory size of the memory. The method also includes monitoring an operation state relating to the virtual machine. The method further includes receiving, from the application, a secure deallocation function relating to the connection secret and retrieving the memory information from the secure database. The method also includes deleting the connection from the memory and sanitizing the memory location logged by the memory information.