公开(公告)号：US09740637B2

公开(公告)日：2017-08-22

申请号：US14048515

申请日：2013-10-08

Applicant: VMware, Inc.

Inventor： Xiaoxin Chen ,  Carl A. Waldspurger ,  Pratap Subrahmanyam ,  Tal Garfinkel ,  Dan Boneh

IPC: G06F12/00 ,  G06F12/14 ,  G06F21/62

CPC classification number: G06F12/1408 ,  G06F12/1491 ,  G06F21/6218 ,  G06F2212/151

Abstract: A virtual-machine-based system that may protect the privacy and integrity of application data, even in the event of a total operating system compromise. An application is presented with a normal view of its resources, but the operating system is presented with an encrypted view. This allows the operating system to carry out the complex task of managing an application's resources, without allowing it to read or modify them. Different views of “physical” memory are presented, depending on a context performing the access. An additional dimension of protection beyond the hierarchical protection domains implemented by traditional operating systems and processors is provided.

公开(公告)号：US10169253B2

公开(公告)日：2019-01-01

申请号：US15682056

申请日：2017-08-21

Applicant: VMware, Inc.

Inventor： Xiaoxin Chen ,  Carl A. Waldspurger ,  Pratap Subrahmanyam ,  Tal Garfinkel ,  Dan Boneh

IPC: G06F12/14 ,  G06F21/62

Abstract: A virtual-machine-based system that may protect the privacy and integrity of application data, even in the event of a total operating system compromise. An application is presented with a normal view of its resources, but the operating system is presented with an encrypted view. This allows the operating system to carry out the complex task of managing an application's resources, without allowing it to read or modify them. Different views of “physical” memory are presented, depending on a context performing the access. An additional dimension of protection beyond the hierarchical protection domains implemented by traditional operating systems and processors is provided.