Enhanced Secure Virtual Machine Provisioning
    1.
    发明申请
    Enhanced Secure Virtual Machine Provisioning 审中-公开
    增强的安全虚拟机配置

    公开(公告)号:US20150134965A1

    公开(公告)日:2015-05-14

    申请号:US14399393

    申请日:2012-05-24

    IPC分类号: H04L29/06 G06F9/455

    摘要: In a method of provisioning a virtual machine (VM) to a computing network (401), a VM manager or provisioner (403, 408) encrypts a virtual machine using a key bound to at least one security profile indicative of one or more security requirements that a computing resource (402) of the computing network (401) must satisfy in order to be able to decrypt the VM. A key for use in decrypting the VM has previously been sealed into multiple (and preferably into all) computing resources (402) in the network into which the VM is to be provisioned, and has been sealed such that a computing resource can obtain the key only if it is in a state that satisfies the security profile, or at least one security profile, to which the key is bound The VM manager or provisioner (403, 408) creates a VM launch package that includes the encrypted VM and that also includes a key that may be used in decrypting the encrypted VM. When the VM launch package is received at a computing resource (402), the computing resource will not be able to recover the key for use in decrypting the VM—and hence will be unable to decrypt the VM—unless the computing resource satisfies the security requirements indicated by the security profile. The VM manager or provisioner can thus be sure that the VM will not be launched on a computing resource that does not meet the desired security profile. Alternatively the VM manager or provisioner (403, 408) may send a token corresponding to a desired security profile with an encrypted VM. A computing resource uses the token to obtain a key to decrypt the VM but the computing resource will not be able to recover the key unless the computing resource satisfies the security requirements indicated by the token.

    摘要翻译: 在将虚拟机(VM)配置到计算网络(401)的方法中,VM管理器或供应器(403,408)使用绑定到指示一个或多个安全要求的至少一个安全简档的密钥来加密虚拟机 计算网络(401)的计算资源(402)必须满足以便能够解密VM。 用于解密VM的密钥先前已经被密封成虚拟机要被提供的网络中的多个(并且优选地到所有的)计算资源(402),并且已经被密封,使得计算资源可以获得密钥 只有当它处于满足密钥被绑定的安全简档或至少一个安全简档的状态时,VM管理器或供应器(403,408)创建包括加密的VM的VM启动包,并且还包括 可用于解密加密的VM的密钥。 当在计算资源(402)处接收到VM启动包时,计算资源将无法恢复用于解密VM的密钥,因此将不能对VM进行解密,除非计算资源满足安全性 要求由安全性配置文件表示。 因此,VM管理器或配置器可以确保不会在不满足期望的安全配置文件的计算资源上启动VM。 或者,VM管理器或供应器(403,408)可以向加密的VM发送与期望的安全简档对应的令牌。 计算资源使用令牌来获取解密VM的密钥,但计算资源将无法恢复密钥,除非计算资源满足令牌所指示的安全性要求。