公开(公告)号：GB2607794A

公开(公告)日：2022-12-14

申请号：GB202212344

申请日：2020-12-10

Applicant: IBM

Inventor： REINHARD BUENDGEN ,  VOLKER URBAN ,  RICHARD KISLEY

IPC: G06F21/57

Abstract: At least one secure object of a security module is bound to a secure guest. A trusted component determines whether metadata of the secure guest includes a confidential binding attribute for the security module. Based on determining that the metadata includes the confidential binding attribute, the trusted component configures the security module for the secure guest in a select mode. The select mode prevents certain operations from being intercepted by a hypervisor associated with the secure guest. The trusted component intercepts a security module communication and performs a cryptographic operation on one or more secure objects of the security module communication using the confidential binding attribute to provide a cryptographic result. An outcome of the security module communication, which includes the cryptographic result, is provided to a receiver.

公开(公告)号：GB2607793A

公开(公告)日：2022-12-14

申请号：GB202212343

申请日：2020-12-10

Applicant: IBM

Inventor： REINHARD BUENDGEN ,  VOLKER URBAN ,  RICHARD KISLEY ,  JONATHAN BRADBURY ,  TORSTEN HENDEL ,  HARALD FREUDENBERGER ,  BENEDIKT KLOTZ ,  KLAUS WERNER ,  MARKUS SELVE

IPC: G06F21/60

Abstract: A security module, such as a cryptographic adapter, is reserved for a secure guest of a computing environment. The reserving includes binding one or more queues of the security module to the secure guest. The one or more queues are then managed based on one or more actions relating to the reservation.