公开(公告)号：GB2594225B

公开(公告)日：2022-03-02

申请号：GB202112113

申请日：2020-01-31

Applicant: IBM

Inventor： UTZ BACHER ,  REINHARD BUENDGEN ,  PETER MORJAN ,  JANOSCH FRANK

IPC: G06F9/455 ,  G06F21/53

Abstract: A computer-implemented method for creating a secure software container. The method comprises providing a first layered software container image, transforming all files, except corresponding metadata, of each layer of the first layered software container image into a volume, the volume comprises a set of blocks, wherein each layer comprises an incremental difference to a next lower layer, encrypting each block of the set of blocks of a portion of the layers, and storing each encrypted set of the blocks as a layer of an encrypted container image along with unencrypted metadata for rebuilding an order of the set of blocks equal to an order of the first layered software container image, so that a secure encrypted software container is created.

公开(公告)号：IL284973D0

公开(公告)日：2021-09-30

申请号：IL28497321

申请日：2021-07-19

Applicant: IBM ,  LISA CRANTON HELLER ,  FADI Y BUSABA ,  JONATHAN D BRADBURY ,  CHRISTIAN BORNTRAEGER ,  UTZ BACHER ,  REINHARD T BUENDGEN

Inventor： LISA CRANTON HELLER ,  FADI Y BUSABA ,  JONATHAN D BRADBURY ,  CHRISTIAN BORNTRAEGER ,  UTZ BACHER ,  REINHARD T BUENDGEN

IPC: G06F9/455 ,  G06F21/74

Abstract: A method is provided. The method is implemented by a communication interface of a secure interface control executing between the secure interface control of a computer and hardware of the computer/In this regard, the communication interface receives an instruction and determines whether the instruction is a millicoded instruction. Further, the communication interface enters a millimode comprising enabling the secure interface control to engage millicode of the hardware through the communication interface based on the instruction being the millicoded instruction. The millicode, then, executes the instruction

公开(公告)号：GB2546609B

公开(公告)日：2019-03-13

申请号：GB201620899

申请日：2016-12-08

Applicant: IBM

Inventor： DOMINIK DINGEL ,  REINHARD THEODOR BUENDGEN ,  CHRISTIAN BORNTRAEGER ,  UTZ BACHER

IPC: G06F9/455 ,  G06F21/53

公开(公告)号：GB2546609A

公开(公告)日：2017-07-26

申请号：GB201620899

申请日：2016-12-08

Applicant: IBM

Inventor： DOMINIK DINGEL ,  REINHARD THEODOR BUENDGEN ,  CHRISTIAN BORNTRAEGER ,  UTZ BACHER

IPC: G06F9/455 ,  G06F21/53

Abstract: A method and system for transparent secure interception handling comprises: deploying a virtual machine (VM) 128 in an environment comprising a hypervisor 112 and a firmware 124; providing a buffer 140, 142, 144 to the firmware in response to deploying the VM; executing VM instructions; intercepting VM instructions which require access to instruction data stored in VM memory 235; copying the VM state into a shadow VM state 140; copying the instruction data to the buffer 142, 144; executing the intercepted VM instruction using the buffer; updating the shadow VM state buffer and the VM data in the VM memory 235 using result data in the buffer in response to the executing of the intercepted VM instruction results; and executing VM instructions following the intercepted VM instruction based on a state stored in the shadow VM state buffer. Firmware and a hypervisor are also provided.