Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2019005327) DE/ENCRYPTING NETWORK COMMUNICATIONS BETWEEN VIRTUAL MACHINES AT TGHE VIRTUALIZATION LAYER BASED ON KEYS SNET AFTER VERIFYING HEALTH DATA FOR A COMPUTER
Latest bibliographic data on file with the International Bureau    Submit observation

Pub. No.: WO/2019/005327 International Application No.: PCT/US2018/033992
Publication Date: 03.01.2019 International Filing Date: 23.05.2018
IPC:
G06F 9/455 (2018.01) ,G06F 21/44 (2013.01)
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
9
Arrangements for programme control, e.g. control unit
06
using stored programme, i.e. using internal store of processing equipment to receive and retain programme
44
Arrangements for executing specific programmes
455
Emulation; Software simulation
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
30
Authentication, i.e. establishing the identity or authorisation of security principals
44
Program or device authentication
Applicants:
MICROSOFT TECHNOLOGY LICENSING, LLC [US/US]; One Microsoft Way Redmond, Washington 98052-6399, US
Inventors:
JOWETT, Alan Thomas Gavin; US
RAO, Ravi T.; US
CUSANZA, Gregory M.; US
BEN-ZVI, Nir; US
WELLS, Dean A.; US
Agent:
MINHAS, Sandip S.; US
CHEN, Wei-Chen Nicholas; US
DRAKOS, Katherine J.; US
HINOJOSA, Brianna L.; US
HOLMES, Danielle J.; US
SWAIN, Cassandra T.; US
WONG, Thomas S.; US
CHOI, Daniel; US
HWANG, William C.; US
WIGHT, Stephen A.; US
CHATTERJEE, Aaron C.; US
Priority Data:
15/635,19928.06.2017US
Title (EN) DE/ENCRYPTING NETWORK COMMUNICATIONS BETWEEN VIRTUAL MACHINES AT TGHE VIRTUALIZATION LAYER BASED ON KEYS SNET AFTER VERIFYING HEALTH DATA FOR A COMPUTER
(FR) CHIFFREMENT/DÉCHIFFREMENT DE COMMUNICATIONS RÉSEAU ENTRE DES MACHINES VIRTUELLES AU NIVEAU DE LA COUCHE DE VIRTUALISATION SUR LA BASE DE CLÉS APRÈS VÉRIFICATION DE DONNÉES DE SANTÉE POUR UN ORDINATEUR
Abstract:
(EN) A host encrypting network communications of virtual machines (VMs) in ways that minimize exposure of the network communications in cleartext form. The host captures and registers a measure of a secure state of the host. The measure is registered with a guardian service communicable via a network. The guardian service also securely stores keys of the VMs. Each VM's key is associated with authorization information indicating which machines are authorized to obtain the corresponding VM's key. The host obtains access to a VM's key based on a confirmation that its state matches the registered measured state and based on the authorization information of the VM indicating that the host is authorized to access the key. The VM's key is then used to transparently encrypt/decrypt network communications of the VM as they pass through a virtualization layer on the host that executes the VMs.
(FR) L'invention concerne un hôte chiffrant des communications réseau de machines virtuelles (VM) de manière à réduire au minimum l'exposition des communications réseau en clair. L'hôte capture et enregistre une mesure d'un état sécurisé de l'hôte. La mesure est enregistrée avec un service de garde pouvant communiquer par l'intermédiaire d'un réseau. Le service de garde mémorise également de manière sécurisée des clés des VM. Chaque clé de VM est associée à des informations d'autorisation indiquant quelles machines sont autorisées à obtenir la clé de VM correspondante. L'hôte obtient l'accès à une clé de VM sur la base d'une confirmation que son état correspond à l'état mesuré enregistré et sur la base des informations d'autorisation de la VM indiquant que l'hôte est autorisé à accéder à la clé. La clé de VM est ensuite utilisée pour chiffrer/déchiffrer de manière transparente des communications réseau de la VM lorsqu'elles passent à travers une couche de virtualisation sur l'hôte qui exécute les VM.
front page image
Designated States: AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, CA, CH, CL, CN, CO, CR, CU, CZ, DE, DJ, DK, DM, DO, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, HR, HU, ID, IL, IN, IR, IS, JO, JP, KE, KG, KH, KN, KP, KR, KW, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, OM, PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW
African Regional Intellectual Property Organization (ARIPO) (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, UG, ZM, ZW)
Eurasian Patent Office (AM, AZ, BY, KG, KZ, RU, TJ, TM)
European Patent Office (EPO) (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR)
African Intellectual Property Organization (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG)
Publication Language: English (EN)
Filing Language: English (EN)