Data protection using virtual-machine-specific stable system values

摘要

A virtual machine on a physical host computer provides controlled access to protected data by creating and storing a “stored system fingerprint” from stable system values (SSVs) as existing when creating the stored system fingerprint. The SSVs include virtual-machine-specific values that change upon cloning the virtual machine (VM) but do not change upon migration of the VM. Upon a request for access to the protected data, a current system fingerprint is calculated from the SSVs as existing when processing the request, the current system fingerprint is compared to the stored system fingerprint to determine whether there is a predetermined degree of matching, and the requested access to the protected data is permitted only if there is the predetermined degree of matching.

主权项

1. A method by which a virtual machine executing on a physical host computer provides controlled access to protected data stored by the virtual machine, comprising:
executing a data security component on the virtual machine, the data security component including the protected data and an access control function providing secure access to the protected data by a client application executing on the virtual machine; creating and storing a stored system fingerprint from stable system values as existing at a time of creating the stored system fingerprint, the stable system values including at least a predetermined number of virtual-machine-specific values that change in the event of cloning the virtual machine but do not change in the event of moving the virtual machine from one physical machine to another physical machine; and by the access control function at a later time of processing a request from the client application to access the protected data, controlling access to the protected data based on the stored system fingerprint by (1) calculating a current system fingerprint created from the stable system values as existing at the later time of processing the request, (2) comparing the current system fingerprint to the stored system fingerprint to determine whether there is a predetermined degree of matching therebetween, and (3) if the comparing indicates that there is the predetermined degree of matching between the current system fingerprint and the stored system fingerprint, then permitting the requested access to the protected data, and otherwise denying the requested access to the protected data.