Secure computing mechanism

Assignee

• MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

• Sylvan Clebsch · Cambridge, GB
• Stavros Volos · Bellevue, US
• Sean ALLEN · Boiceville, US
• Antonio Nino Diaz · Cambridge, GB
• John A. Starks · Seattle, US
• Kenneth Gordon · London, GB
• Manuel Costa · Cambridge, GB

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2009/45587
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A system comprising a hosting service configured to perform: providing, to a trusted entity on a central processing unit, a command for a launch of a virtual machine (VM); assigning, to the VM, at least a portion of memory for the guest operating system; submitting, to the trusted entity, a request to measure an address space of the VM to provide a measurement digest of the address space of the guest operating system; including, in a configuration object, a policy provided by the user for the service logic, wherein the policy defines one or more rules for the service logic, wherein the one or more rules include at least one rule for which containers may run in the guest operating system; hashing the policy to provide a hash digest of the policy; submitting, to the trusted entity, the hash digest of the policy; and completing the launch of the VM.