| 发明名称 |
PRIVILEGED CRYPTOGRAPHIC SERVICES IN A VIRTUALIZED ENVIRONMENT |
| 摘要 |
A privileged cryptographic service is described, such as a service running in system management mode (SMM). The privileged service is operable to store and manage cryptographic keys and/or other security resources in a multitenant remote program execution environment. The privileged service can receive requests to use the cryptographic keys and issue responses to these requests. In addition, the privileged service can measure the hypervisor at runtime (e.g., either periodically or in response to the requests) in an attempt to detect evidence of tampering with the hypervisor. Because the privileged service is operating in system management mode that is more privileged than the hypervisor, the privileged service can be robust against virtual machine escape and other hypervisor attacks. |
| 申请公布号 |
WO2014116740(A3) |
申请公布日期 |
2014.10.09 |
| 申请号 |
WO2014US12600 |
申请日期 |
2014.01.22 |
| 申请人 |
AMAZON TECHNOLOGIES, INC. |
发明人 |
ROTH, GREGORY BRANCHEK;POTLAPALLY, NACHIKETH RAO |
| 分类号 |
H04L9/32 |
主分类号 |
H04L9/32 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
