Reshetova et al., 2014 - Google Patents

Classifications

• • G—PHYSICS
  • G06—COMPUTING; CALCULATING; COUNTING
  • G06F—ELECTRICAL DIGITAL DATA PROCESSING
  • G06F9/00—Arrangements for programme control, e.g. control unit
  • G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
  • G06F9/44—Arrangements for executing specific programmes
  • G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
  • G06F9/45533—Hypervisors; Virtual machine monitors
  • G06F9/45558—Hypervisor-specific management and integration aspects
  • G06F2009/45562—Creating, deleting, cloning virtual machine instances
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING; COUNTING
  • G06F—ELECTRICAL DIGITAL DATA PROCESSING
  • G06F9/00—Arrangements for programme control, e.g. control unit
  • G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
  • G06F9/44—Arrangements for executing specific programmes
  • G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
  • G06F9/45533—Hypervisors; Virtual machine monitors
  • G06F9/45558—Hypervisor-specific management and integration aspects
  • G06F2009/45587—Isolation or security of virtual machine instances
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING; COUNTING
  • G06F—ELECTRICAL DIGITAL DATA PROCESSING
  • G06F9/00—Arrangements for programme control, e.g. control unit
  • G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
  • G06F9/46—Multiprogramming arrangements
  • G06F9/468—Specific access rights for resources, e.g. using capability register
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING; COUNTING
  • G06F—ELECTRICAL DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/60—Protecting data
  • G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
  • G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING; COUNTING
  • G06F—ELECTRICAL DIGITAL DATA PROCESSING
  • G06F9/00—Arrangements for programme control, e.g. control unit
  • G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
  • G06F9/46—Multiprogramming arrangements
  • G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
  • G06F9/5061—Partitioning or combining of resources
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING; COUNTING
  • G06F—ELECTRICAL DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
  • G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
  • G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING; COUNTING
  • G06F—ELECTRICAL DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
  • G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
  • G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING; COUNTING
  • G06F—ELECTRICAL DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
  • G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING; COUNTING
  • G06F—ELECTRICAL DIGITAL DATA PROCESSING
  • G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F2221/2149—Restricted operating environment
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING; COUNTING
  • G06F—ELECTRICAL DIGITAL DATA PROCESSING
  • G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING; COUNTING
  • G06F—ELECTRICAL DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
  • G06F21/12—Protecting executable software
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING; COUNTING
  • G06F—ELECTRICAL DIGITAL DATA PROCESSING
  • G06F12/00—Accessing, addressing or allocating within memory systems or architectures
  • G06F12/14—Protection against unauthorised use of memory or access to memory
  • G06F12/1458—Protection against unauthorised use of memory or access to memory by checking the subject access rights
  • G06F12/1491—Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING; COUNTING
  • G06F—ELECTRICAL DIGITAL DATA PROCESSING
  • G06F11/00—Error detection; Error correction; Monitoring
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources

Similar Documents