Container data offline and online scan in a cloud environment
US9961098B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Aug 18, 2015 |
| Grant date | May 1, 2018 |
| Priority date | — |
| Expiry date | Sep 18, 2035 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2009/45587
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Techniques for security scanning of containers executing within VMs. A virtualization system maintains container disk files that store data for containers. The container disk files are stored separate from, and not included within, virtual machine disk files that store data for the virtual machines. To scan data for any particular container, a scanning module scans the container disk file associated with the container. If a threat is found, a container scan catalog is updated to indicate this fact. A container may be disconnected from the network if identified security threats cannot be removed from the container. An entire VM may be disconnected from the network if all containers within the VM have threats that cannot be cleaned. The use of container disk files for security threat scanning allows for data for individual containers to be scanned.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.