Protection of sensitive data from unauthorized access

Assignee

• International Business Machines Corporation · US

Inventors

• Boas Betzler · Poughkeepsie, US
• Vinod S. Chavan · Tampa, US
• Ingo Dressler · Wiesloch, DE
• Holger Karn · Aidlingen, DE

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04W12/02
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method and associated computing system. A first computing environment receives data that includes first sensitive data. The first computing environment includes a hypervisor, a virtual machine running on the hypervisor, and a compliance gateway coupled to the virtual machine and the hypervisor. The compliance gateway intercepts the request. The compliance gateway inspects the intercepted request, does not find sensitive data in the request from inspecting the intercepted request, and forwards the request directly to the virtual machine in response to not finding sensitive data in the request. The virtual machine receives the request from the compliance gateway and in response. The virtual machine initiates performance of an operation indicated in the request. The hypervisor determines that the performance of the request requires the first sensitive data that is sensitive, and in response the hypervisor prevents the virtual machine from completing performance of the operation, by intercepting the operation.