Processing

Please wait...

Settings

Settings

Goto Application

1. WO2021059125 - OBSCURING INFORMATION IN VIRTUALIZATION ENVIRONMENT

Publication Number WO/2021/059125
Publication Date 01.04.2021
International Application No. PCT/IB2020/058838
International Filing Date 22.09.2020
IPC
G06F 21/62 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
60Protecting data
62Protecting access to data via a platform, e.g. using keys or access control rules
CPC
G06F 2009/45583
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
44Arrangements for executing specific programs
455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
45533Hypervisors; Virtual machine monitors
45558Hypervisor-specific management and integration aspects
45583Memory management, e.g. access or allocation
G06F 9/45558
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
44Arrangements for executing specific programs
455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
45533Hypervisors; Virtual machine monitors
45558Hypervisor-specific management and integration aspects
H04L 9/0869
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
08Key distribution ; or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
0869involving random numbers or seeds
Applicants
  • INTERNATIONAL BUSINESS MACHINES CORPORATION [US]/[US]
  • IBM UNITED KINGDOM LIMITED [GB]/[GB] (MG)
  • IBM (CHINA) INVESTMENT COMPANY LIMITED [CN]/[CN] (MG)
Inventors
  • CHATTERJEE, Debapriya
  • COCKCROFT, Bryant
  • SCHUMANN, John
  • YOKUM, Karen
Agents
  • GRAHAM, Timothy
Priority Data
16/580,06724.09.2019US
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) OBSCURING INFORMATION IN VIRTUALIZATION ENVIRONMENT
(FR) OBSCURCISSEMENT D'INFORMATIONS DANS UN ENVIRONNEMENT DE VIRTUALISATION
Abstract
(EN)
A hardware request of an application is detected. The application executes on a virtualized computer system. It is determined that the hardware request includes a counter. The counter is to be performed by the virtualized computer system. The counter includes a counter value. The hardware request is intercepted before it is processed by a hypervisor that hosts the virtualized computer system. The interception is based on the determining the hardware request includes the counter. The counter value is saved in a secure memory. The secure memory is obscured from the hypervisor. A scrambled counter value is generated. The hardware request is updated with the scrambled counter value. After the hardware request is updated it is provided to the hypervisor.
(FR)
Selon l'invention, une demande de matériel d'une application est détectée. L'application s'exécute sur un système informatique virtualisé. Il est déterminé que la demande de matériel comprend un compteur.Le compteur doit être mis en œuvre par le système informatique virtualisé. Le compteur comprend une valeur de compteur. La demande de matériel est interceptée avant son traitement par un hyperviseur qui héberge le système informatique virtualisé.L'interception est basée sur la détermination du fait que la demande de matériel comprend le compteur.La valeur de compteur est sauvegardée dans une mémoire sécurisée.La mémoire sécurisée est obscurcie à l'hyperviseur.Une valeur de compteur embrouillée est générée.La demande de matériel est mise à jour avec la valeur de compteur embrouillée. Une fois que la demande de matériel a été mise à jour, elle est fournie à l'hyperviseur.
Also published as
Latest bibliographic data on file with the International Bureau