System and method for secure storage of virtual machines

Assignee

• HyTrust, Inc. · US

Inventors

• Stephen D. Pate · Grand Rapids, US
• Tushar Y. Tambay · Sunnyvale, US
• Kelvin J. Pryse · معلمی نژاد, US
• Lynn F. Kerby · San Martin, US
• Blaine T. Cuykendall · San Jose, US
• Thomas J. Satterlee · Felton, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0876
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A virtual file system is described that is implemented in a virtualization platform as a stackable file system layer that intercepts file operations between a hypervisor and a physical file system. The virtual file system encrypts (at least in part) VM files to be stored, organizes the encrypted VM files into VM sets, and then maps and stores the encrypted VM sets into storage pools. Storage and access to files within the VM sets is controlled through the use of administrator-determined policies governing storage, security, access control, authentication, and auditing. The system and method described herein allow a seamless integration between a data center (e.g., a private cloud) and computing resources served across the internet and supported by cloud service providers (e.g., public clouds) while ensuring that the security needs of customers and cloud service providers are met.