PREVENTING PERSISTENT STORAGE OF CRYPTOGRAPHIC INFORMATION USING SIGNALING

摘要

Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. Signaling methods are used to notify virtual machine instances of serialization events in order to prevent keying material from being stored persistently.

主权项

1. A non-transitory computer-readable storage medium having stored thereon executable instructions that, as a result of being executed by one or more processors of a computer system, cause the computer system to at least:
execute a hypervisor that controls interaction between a computer system instances and physical hardware of the system; expose two functions to the computer system instances, the two functions including at least:
a first function that causes one or more cryptographic keys maintained by the computer system instances to be unavailable for inclusion in serialization data; anda second function that restores the one or more cryptographic keys to the computer system instances; determine that a serialization event is to occur; cause the hypervisor to signal the computer system instance that the serialization event is scheduled to occur by at least calling the first function, prior to the serialization event such that one or more cryptographic keys contained in the computer system instance is made unavailable for inclusion in serialization data; and generate serialization data lacking the one or more cryptographic keys as a result of the first function having been called.