-
公开(公告)号:GB2603710B
公开(公告)日:2022-11-23
申请号:GB202205814
申请日:2020-09-04
Applicant: IBM
Inventor: ANGEL NUNEZ MENCIAS , PETER MORJAN , DIRK HERRENDOERFER , PREETHI POLEPALLI YESHWANTH
Abstract: Aspects of the invention include obtaining, via a processor, an original docker image from a customer, encrypting a disk image using content from the original docker image and encrypting a bootloader. A re-packaged image is created using the encrypted disk image and the secure encrypted bootloader. The re-packaged image is deployed by inserting the re-package image into a pod container and by means of using a mutating webhook, granting elevated privileges to said container and creating a secured Kubernetes pod for protecting workloads, wherein the secured Kubernetes pod has at least one virtual machine containing the pod container.
-
公开(公告)号:GB2594225A
公开(公告)日:2021-10-20
申请号:GB202112113
申请日:2020-01-31
Applicant: IBM
Inventor: UTZ BACHER , REINHARD BUENDGEN , PETER MORJAN , JANOSCH FRANK
Abstract: A computer-implemented method for creating a secure software container may be provided. The method comprises providing a first layered software container image,transforming all files, except corresponding metadata, of each layer of the first layered software container image into a volume, the volume comprises a set of blocks, wherein each layer comprises an incremental difference to a next lower layer, encrypting each block of the set of blocks of a portion of the layers, and storing each encrypted set of the blocks as a layer of an encrypted container image along with unencrypted metadata for rebuilding an order of the set of blocks equal to an order of the first layered software container image, so that a secure encrypted software container is created.
-
公开(公告)号:GB2594225B
公开(公告)日:2022-03-02
申请号:GB202112113
申请日:2020-01-31
Applicant: IBM
Inventor: UTZ BACHER , REINHARD BUENDGEN , PETER MORJAN , JANOSCH FRANK
Abstract: A computer-implemented method for creating a secure software container. The method comprises providing a first layered software container image, transforming all files, except corresponding metadata, of each layer of the first layered software container image into a volume, the volume comprises a set of blocks, wherein each layer comprises an incremental difference to a next lower layer, encrypting each block of the set of blocks of a portion of the layers, and storing each encrypted set of the blocks as a layer of an encrypted container image along with unencrypted metadata for rebuilding an order of the set of blocks equal to an order of the first layered software container image, so that a secure encrypted software container is created.
-
公开(公告)号:GB2603710A
公开(公告)日:2022-08-10
申请号:GB202205814
申请日:2020-09-04
Applicant: IBM
Inventor: ANGEL NUNEZ MENCIAS , PETER MORJAN , DIRK HERRENDOERFER , PREETHI POLEPALLI YESHWANTH
IPC: G06F21/53
Abstract: Aspects of the invention include obtaining, via a processor, an original docker image from a customer, encrypting a disk image using content from the original docker image and encrypting a bootloader. A re-packaged image is created using the encrypted disk image and the secure encrypted bootloader. The re-packaged image is deployed by inserting the re-package image into a pod container and by means of using a mutating webhook, granting elevated privileges to said container and creating a secured Kubernetes pod for protecting workloads, wherein the secured Kubernetes pod has at least one virtual machine containing the pod container.
-
-
-
Search Results
4
records
(took 0.016 seconds)
