公开(公告)号：US20150278512A1

公开(公告)日：2015-10-01

申请号：US14228994

申请日：2014-03-28

Applicant: Intel Corporation

Inventor： PRASHANT DEWAN ,  UTTAM K. SENGUPTA ,  SIDDHARTHA CHHABRA ,  DAVID M. DURHAM ,  XIAOZHU KANG ,  UDAY R. SAVAGAONKAR ,  ALPA T. NARENDRA TRIVEDI

IPC: G06F21/53 ,  H04L9/32 ,  G06F9/455

CPC classification number: G06F21/53 ,  G06F9/45504 ,  G06F9/45558 ,  G06F9/5011 ,  G06F9/5072 ,  G06F21/554 ,  G06F21/84 ,  G06F2009/45587 ,  G06F2213/0038 ,  H04L9/3247

Abstract: Generally, this disclosure provides systems, devices, methods and computer readable media for virtualization-based intra-block workload isolation. The system may include a virtual machine manager (VMM) module to create a secure virtualization environment or sandbox. The system may also include a processor block to load data into a first region of the sandbox and to generate a workload package based on the data. The workload package is stored in a second region of the sandbox. The system may further include an operational block to fetch and execute instructions from the workload package.

Abstract translation: 通常，本公开提供了用于基于虚拟化的块内工作负载隔离的系统，设备，方法和计算机可读介质。 该系统可以包括用于创建安全虚拟化环境或沙箱的虚拟机管理器（VMM）模块。 该系统还可以包括处理器块，用于将数据加载到沙箱的第一区域中，并且基于该数据生成工作负载包。 工作负载包存储在沙箱的第二个区域。 系统还可以包括用于从工作负载包获取和执行指令的操作块。