公开(公告)号：US20240126883A1

公开(公告)日：2024-04-18

申请号：US18539533

申请日：2023-12-14

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Francisco Plinio Oliveira Silveira ,  Nigel John Edwards ,  Ludovic Emmanuel Paul Noel Jacquin ,  Guilherme de Campos Magalhaes ,  Leandro Augusto Penna dos Santos ,  Rodrigo Jose da Rosa Antunes

IPC: G06F21/57

CPC classification number: G06F21/57 ,  G06F21/577 ,  G06F2221/033

Abstract: A process includes, in a computer system, acquiring a first measurement that corresponds to a software container. Acquiring the measurement includes a hardware processor of the computer system measuring a given layer of a plurality of layers of layered file system structure corresponding to the software container. The given layer includes a plurality of files, and the first measurement includes a measurement of the plurality of files. The process includes storing the first measurement in a secure memory of the computer system. A content of the secure memory is used to verify an integrity of the software container.

公开(公告)号：US11874926B2

公开(公告)日：2024-01-16

申请号：US17113161

申请日：2020-12-07

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Francisco Plinio Oliveira Silveira ,  Nigel John Edwards ,  Ludovic Emmanuel Paul Noel Jacquin ,  Guilherme de Campos Magalhaes ,  Leandro Augusto Penna dos Santos ,  Rodrigo Jose da Rosa Antunes

IPC: G06F21/00 ,  G06F21/57

CPC classification number: G06F21/57 ,  G06F21/577 ,  G06F2221/033

Abstract: A process includes, in a computer system, acquiring a first measurement that corresponds to a software container. Acquiring the measurement includes a hardware processor of the computer system measuring a given layer of a plurality of layers of layered file system structure corresponding to the software container. The given layer includes a plurality of files, and the first measurement includes a measurement of the plurality of files. The process includes storing the first measurement in a secure memory of the computer system. A content of the secure memory is used to verify an integrity of the software container.

公开(公告)号：US20220179959A1

公开(公告)日：2022-06-09

申请号：US17113161

申请日：2020-12-07

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Francisco Plinio Oliveira Silveira ,  Nigel John Edwards ,  Ludovic Emmanuel Paul Noel Jacquin ,  Guilherme de Campos Magalhaes ,  Leandro Augusto Penna dos Santos ,  Rodrigo Jose da Rosa Antunes

IPC: G06F21/57

Abstract: A process includes, in a computer system, acquiring a first measurement that corresponds to a software container. Acquiring the measurement includes a hardware processor of the computer system measuring a given layer of a plurality of layers of layered file system structure corresponding to the software container. The given layer includes a plurality of files, and the first measurement includes a measurement of the plurality of files. The process includes storing the first measurement in a secure memory of the computer system. A content of the secure memory is used to verify an integrity of the software container.

公开(公告)号：US12020010B2

公开(公告)日：2024-06-25

申请号：US17444774

申请日：2021-08-10

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Nigel John Edwards ,  Guilherme de Campos Magalhaes

IPC: G06F21/56 ,  G06F8/60 ,  G06F11/07 ,  G06F21/53 ,  G06F21/64 ,  H04L9/32

CPC classification number: G06F8/60 ,  G06F11/0751 ,  G06F21/53 ,  G06F21/563 ,  G06F21/64 ,  H04L9/3236 ,  H04L9/3247 ,  G06F2221/033

Abstract: In some examples, a system receives first measurements of data items used by a build server in building an executable program, the data items copied from a data repository to a storage partition that is separate from the data repository, and the storage partition to store the data items relating to building the executable program by the build server. The system determines, based on the first measurements and according to a policy specified for the storage partition, whether a corruption of the data items used by the build server in building the executable program has occurred.

公开(公告)号：US20190227810A1

公开(公告)日：2019-07-25

申请号：US15876370

申请日：2018-01-22

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Ludovic Emmanuel Paul Noel Jacquin ,  Hamza Attak ,  Nigel Edwards ,  Guilherme de Campos Magalhaes

IPC: G06F9/445 ,  H04L29/08 ,  G06F21/57 ,  G06F9/30

Abstract: Examples relate to integrity reports. In an implementation, an entity for executing a function is launched, the entity operating one or more files for executing the function. In response to the entity being launched, an entity image integrity report is generated comprising, for one or more files operated by the entity, a reference to the file measurement in a first integrity report the first integrity report containing measurements of a plurality of files operable in one or more entities. Alternatively, in response to the entity being launched, an entity integrity report is generated comprising a file measurement for each of the files operated by the entity.

公开(公告)号：US20230049131A1

公开(公告)日：2023-02-16

申请号：US17444774

申请日：2021-08-10

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Nigel John Edwards ,  Guilherme de Campos Magalhaes

IPC: G06F11/07 ,  G06F21/56 ,  G06F21/53 ,  H04L9/32 ,  G06F21/64

Abstract: In some examples, a system receives first measurements of data items used by a build server in building an executable program, the data items copied from a data repository to a storage partition that is separate from the data repository, and the storage partition to store the data items relating to building the executable program by the build server. The system determines, based on the first measurements and according to a policy specified for the storage partition, whether a corruption of the data items used by the build server in building the executable program has occurred.

公开(公告)号：US10853090B2

公开(公告)日：2020-12-01

申请号：US15876370

申请日：2018-01-22

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Ludovic Emmanuel Paul Noel Jacquin ,  Hamza Attak ,  Nigel Edwards ,  Guilherme de Campos Magalhaes

IPC: G06F9/445 ,  G06F9/30 ,  G06F21/57 ,  H04L29/08 ,  G06F21/44

Abstract: Examples relate to integrity reports. In an implementation, an entity for executing a function is launched, the entity operating one or more files for executing the function. In response to the entity being launched, an entity image integrity report is generated comprising, for one or more files operated by the entity, a reference to the file measurement in a first integrity report the first integrity report containing measurements of a plurality of files operable in one or more entities. Alternatively, in response to the entity being launched, an entity integrity report is generated comprising a file measurement for each of the files operated by the entity.