Profiling of spawned processes in container images and enforcing security policies respective thereof
US11640472B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 8, 2021 |
| Grant date | May 2, 2023 |
| Priority date | — |
| Expiry date | Apr 11, 2041 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Execution of software containers is secured using security profiles. A security profile is generated for a container image, wherein the container image includes resources utilized to execute a corresponding application container, wherein the generated security profile includes at least a spawned processes profile, wherein the spawned processes profile includes, for each spawned process executed at runtime by the application container, a signature of an executable file of the spawned process. The operation of a runtime execution of the application container is monitored. A violation of the spawned processes profile is detected based on the monitored operation.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.