Secure storage of workload attestation reports in a virtualized and clustered computer system
US11893410B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jan 13, 2021 |
| Grant date | Feb 6, 2024 |
| Priority date | — |
| Expiry date | Mar 15, 2042 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2009/45595
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An example method of secure attestation of a workload deployed in a virtualized computing system is described. The virtualized computing system includes a host cluster and a virtualization management server, the host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts. The method includes storing, in a trust authority, a pre-defined attestation report for a workload executing in a virtual machine (VM) managed by the virtualization layer, the pre-defined attestation report including a hash of at least a portion of an image of the VM; receiving, at the trust authority from a security module of a host in which the VM executes, an attestation report generated by measuring memory of the VM; comparing the attestation report with the pre-defined attestation report; and generating an indication of validity for the workload based on a result of the comparison.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.