| 发明名称 | Root volume encryption mechanism in para-virtualized virtual machine | ||
| 摘要 | Techniques to perform root volume encryption in a para-virtualized virtual machine are described. A disk layout supports the root volume encryption, set key flow, and normal boot flow of the para-virtualized virtual machine. An implementation for performing encryption for a cloud-based service is disclosed. | ||
| 申请公布号 | US9202058(B1) | 申请公布日期 | 2015.12.01 |
| 申请号 | US201414325221 | 申请日期 | 2014.07.07 |
| 申请人 | Trend Micro Inc. | 发明人 | Yen Po-Hsun;Lin Chuan-Hung;Shih Jie-Ren |
| 分类号 | G06F21/57;G06F9/455;G06F21/60 | 主分类号 | G06F21/57 |
| 代理机构 | Beyer Law Group LLP | 代理人 | Beyer Law Group LLP |
| 主权项 | 1. A method of providing security for a memory accessible by a cloud-based web service, comprising: providing a disk layout including a root file system section to support a mini-OS to perform pre-boot encryption; performing boot volume encryption in a para-virtualized (PV) virtual machine (VM) wherein the boot volume encryption is for a disk of a system accessible by the cloud-based web service; wherein the mini OS is installed; and wherein the mini OS performs pre-boot encryption; wherein a booting process includes a hypervisor accessing a para-virtualized Grub and loading a kernel; and wherein the performing boot volume encryption includes a pre-boot image installation flow in the para-virtualized VM, wherein the pre-boot image installation flow comprises: creating a profile for an installer; injecting an installer into initrd; rebooting the VM, resizing a root file system, creating a dummy MBR, installing a pre-boot image, initializing a scratch space, patching initrd, shutting down the VM, and changing a pv-grub setting. | ||
| 地址 | Tokyo JP | ||