Method and apparatus for trusted execution in infrastructure as a service cloud environments
US8812871B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 27, 2010 |
| Grant date | Aug 19, 2014 |
| Priority date | — |
| Expiry date | Jul 6, 2031 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2009/45587
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
The present disclosure presents a method and apparatus configured to provide for the trusted execution of virtual machines (VMs) on a virtualization server, e.g., for executing VMs on a virtualization server provided within Infrastructure as a Service (IaaS) cloud environment. A physical multi-core CPU may be configured with a hardware trust anchor. The trust anchor itself may be configured to manage session keys used to encrypt/decrypt instructions and data when a VM (or hypervisor) is executed on one of the CPU cores. When a context switch occurs due to an exception, the trust anchor swaps the session key used to encrypt/decrypt the contents of memory and cache allocated to a VM (or hypervisor).
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.