Patent · US Active

Unified workload runtime protection

US11966466B2 · kind B2 · utility

0Cited by

2References

20Claims

0Family size

Assignee

CHECK POINT SERVERLESS SECURITY LTD. · IL

Inventors

Ohad Tanami · Jerusalem, IL
Itay Harush · Jerusalem, IL
Piyush Anand Deshpande · Pune, IN
Devdatta Krishna Deshpande · Pune, IN

Key dates

Filing date	Jan 10, 2022
Grant date	Apr 23, 2024
Priority date	—
Expiry date	Dec 24, 2042

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/604
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A protection system is provided for delivering runtime security to a task including a workload container. The protection system uses a sidecar to limit access of the workload container to a standard library of the operating system running the workload container by modifying the task so that the sidecar is executed before the workload container. The sidecar places a guard loader into a shared volume and binds the workload container, such that calls to the workload container are passed to an agent binary. The agent binary compares requested calls from the workload container to a policy to approve and/or deny the requested calls. If the requested call is approved, then the requested call is passed to the standard library.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.