公开(公告)号：IL285225D0

公开(公告)日：2021-09-30

申请号：IL28522521

申请日：2021-07-29

Applicant: IBM ,  VIKTOR MIHAJLOVSKI ,  CLAUDIO IMBRENDA

Inventor： VIKTOR MIHAJLOVSKI ,  CLAUDIO IMBRENDA

IPC: G06F9/455 ,  G06F21/53

Abstract: A method for starting a secure guest includes receiving, by a hypervisor that is executing on a host server, a request to dispatch a virtual machine (VM) on the host server. The VM is dispatched on the host server by the hypervisor. The VM includes a reboot instruction. The reboot instruction is triggered by the hypervisor to restart the VM in a secure mode.

公开(公告)号：IL285161D0

公开(公告)日：2021-09-30

申请号：IL28516121

申请日：2021-07-27

Applicant: IBM ,  REINHARD T BUENDGEN ,  CHRISTIAN BORNTRAEGER ,  JONATHAN D BRADBURY ,  FADI Y BUSABA ,  LISA CRANTON HELLER ,  VIKTOR MIHAJLOVSKI

Inventor： REINHARD T BUENDGEN ,  CHRISTIAN BORNTRAEGER ,  JONATHAN D BRADBURY ,  FADI Y BUSABA ,  LISA CRANTON HELLER ,  VIKTOR MIHAJLOVSKI

IPC: G06F9/4401 ,  G06F9/455 ,  G06F21/57

Abstract: Secure processing within a computing environment is provided by incrementally decrypting a secure operating system image, including receiving, for a page of the secure operating system image, a page address and a tweak value used during encryption of the page. Processing determines that the tweak value has not previously been used during decryption of another page of the secure operating system image, and decrypts memory page content at the page address using an image encryption key and the tweak value to facilitate obtaining a decrypted secure operating system image. Further, integrity of the secure operating system image is verified, and based on verifying integrity of the secure operating system image, execution of the decrypted secure operating system image is started.

公开(公告)号：BR112021017782B1

公开(公告)日：2022-08-30

申请号：BR112021017782

申请日：2020-03-06

Applicant: IBM

Inventor： VIKTOR MIHAJLOVSKI ,  CLAUDIO IMBRENDA

IPC: G06F9/455 ,  G06F21/53 ,  G06F21/62 ,  H04L9/32

Abstract: INICIANDO UM CONVIDADO SEGURO USANDO UM MECANISMO DE CARGA DE PROGRAMA INICIAL. Um método para iniciar um convidado seguro inclui receber, por um hipervisor que está executando em um servidor host, uma solicitação para despachar uma máquina virtual (VM) no servidor host. A VM é despachada no servidor host pelo hipervisor. A VM inclui uma instrução de reinicialização. A instrução de reinicialização é acionada pelo hipervisor para reiniciar a VM em um modo seguro.