Method and system to securely migrate and provision virtual machine images and content
US9252946B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 21, 2014 |
| Grant date | Feb 2, 2016 |
| Priority date | — |
| Expiry date | Nov 21, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/062
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method, device, and system for securely migrating and provisioning a virtual machine image to a host device of a cloud service provider environment (CSPE) is disclosed. A customer device encrypts a virtual machine image (VMI) and stores the VMI in the CSPE. The host device retrieves the encrypted VMI from the object store and sends host trust data (including a symmetric key extracted from the encrypted VMI, the symmetric key being encrypted with the customer public key) to a key management server for trust attestation. If the key management server successfully attests the host device, the key management server decrypts the encrypted symmetric key using the customer private key and re-encrypts the symmetric key using the host public key. The host device receives the re-encrypted symmetric key from the key management server, decrypts it using the host private key, and decrypts the encrypted VMI using the symmetric key.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.