Protecting cognitive code and client data in a public cloud via deployment of data and executables into a stateless secure partition
First Claim
1. A method of protecting client data from unauthorized disclosure comprising:
- loading appliance code in an appliance which includes a secure virtual machine that uses a set of computing resources;
revoking all access to devices from within the appliance except for a shared memory wherein the appliance code includes an application program interface that uses the shared memory and wherein all access to a logical partition of the appliance is revoked when the partition is activated;
receiving commands, operand data and application data at the appliance via the shared memory;
processing the commands, operand data and application data by the appliance code in the appliance to yield results without recording any application data on persistent media; and
communicating the results of said processing to a client of the appliance via the shared memory.
2 Assignments
0 Petitions
Accused Products
Abstract
A secure cloud computing environment protects the confidentiality of application code from a customer while simultaneously protecting the confidentiality of a customer'"'"'s data from intentional or inadvertent leaks by the application code. This result is accomplished without the need to trust the application code and without requiring human surveillance or intervention. A client secure virtual machine (SVM) is accessible by a client who supplies commands, operand data and application data. An appliance SVM has the application code loaded therein and includes an application program interface that accesses a memory area shared by both SVMs. All access to the appliance SVM is initially revoked by an ultravisor, except for the shared memory. The appliance SVM processes the commands without ever saving any persistent state of the application data. The ultravisor manages an SVM by maintaining exclusive control over a device tree used by the operating system of the SVM.
-
Citations
17 Claims
-
1. A method of protecting client data from unauthorized disclosure comprising:
- loading appliance code in an appliance which includes a secure virtual machine that uses a set of computing resources;
revoking all access to devices from within the appliance except for a shared memory wherein the appliance code includes an application program interface that uses the shared memory and wherein all access to a logical partition of the appliance is revoked when the partition is activated;
receiving commands, operand data and application data at the appliance via the shared memory;
processing the commands, operand data and application data by the appliance code in the appliance to yield results without recording any application data on persistent media; and
communicating the results of said processing to a client of the appliance via the shared memory. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- loading appliance code in an appliance which includes a secure virtual machine that uses a set of computing resources;
-
9. A secure computing system comprising:
- an appliance including a secure virtual machine constructed from a set of computing resources;
appliance code residing in the appliance; and
means for revoking all access to devices from within the appliance except for a shared memory wherein the appliance code includes an application program interface that uses the shared memory and wherein all access to a logical partition of the appliance is revoked when the partition is activated;
wherein the appliance processes commands, operand data and application data received via the shared memory using the appliance code to yield results without recording any application data on persistent media, and communicates the results to a client of the appliance via the shared memory. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- an appliance including a secure virtual machine constructed from a set of computing resources;
-
17. A computer program product comprising:
- a computer readable storage medium; and
program instructions residing in said storage medium for protecting client data from unauthorized disclosure by loading appliance code in an appliance which includes a secure virtual machine that uses a set of computing resources, revoking all access to devices from within the appliance except for a shared memory wherein the appliance code includes an application program interface that uses the shared memory and wherein said program instructions revoke all access to a logical partition of the appliance when the partition is activated, receiving commands, operand data and application data at the appliance via the shared memory, processing the commands, operand data and application data by the appliance code in the appliance to yield results without recording any application data on persistent media, and communicating the results to a client of the appliance via the shared memory.
- a computer readable storage medium; and
Specification