Patent · US Active

Security driver for hypervisors and operating systems of virtualized datacenters

US8387046B1 · kind B1 · utility

55Cited by

12References

17Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Bruce Montague · Santa Cruz, US
Sanjay Sawhney · Cupertino, US
Matthew Conover · Mountain View, US
Tzi-Cker Chiueh · Taipei, TW

Key dates

Filing date	Mar 26, 2009
Grant date	Feb 26, 2013
Priority date	—
Expiry date	Dec 25, 2031

Classification

Technology area (CPC G)Physics
CPC primaryG06F2009/45587
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A system and method for efficient security protocols in a virtualized datacenter environment are contemplated. In one embodiment, a system is provided comprising a hypervisor coupled to one or more protected virtual machines (VMs) and a security VM. Within a private communication channel, a split kernel loader provides an end-to-end communication between a paravirtualized security device driver, or symbiont, and the security VM. The symbiont monitors kernel-level activities of a corresponding guest OS, and conveys kernel-level metadata to the security VM via the private communication channel. Therefore, the well-known semantic gap problem is solved. The security VM is able to read all of the memory of a protected VM, detect locations of memory compromised by a malicious rootkit, and remediate any detected problems.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.