METHODS AND SYSTEMS FOR SECURING SENSITIVE INFORMATION USING A HYPERVISOR-TRUSTED CLIENT
First Claim
1. In a computing device executing a hypervisor hosting a control virtual machine and a non-trusted virtual machine, a method for securing sensitive information using a hypervisor-trusted client, comprising:
- requesting, by a user of a non-trusted virtual machine executed by a processor of a computing device, to establish a connection to a remote computing device;
launching, by a control virtual machine executed by the processor of the computing device, a client agent, responsive to the request;
assigning, by a graphics manager executed by the processor of the computing device, a secure section of a memory of a graphics processing unit of the computing device to the client agent; and
rendering, by the graphics manager, graphical data generated by the client agent to the secure section of the graphics processing unit memory.
8 Assignments
0 Petitions
Accused Products
Abstract
The methods and systems described herein provide for securing sensitive information using a hypervisor-trusted client, in a computing device executing a hypervisor hosting a control virtual machine and a non-trusted virtual machine. A user of a non-trusted virtual machine requests to establish a connection to a remote computing device. Responsive to the request, a control virtual machine launches a client agent. A graphics manager executed by the processor of the computing device assigns a secure section of a memory of a graphics processing unit of the computing device to the client agent. The graphics manager renders graphical data generated by the client agent to the secure section of the graphics processing unit memory.
-
Citations
16 Claims
-
1. In a computing device executing a hypervisor hosting a control virtual machine and a non-trusted virtual machine, a method for securing sensitive information using a hypervisor-trusted client, comprising:
-
requesting, by a user of a non-trusted virtual machine executed by a processor of a computing device, to establish a connection to a remote computing device; launching, by a control virtual machine executed by the processor of the computing device, a client agent, responsive to the request; assigning, by a graphics manager executed by the processor of the computing device, a secure section of a memory of a graphics processing unit of the computing device to the client agent; and rendering, by the graphics manager, graphical data generated by the client agent to the secure section of the graphics processing unit memory. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. In a computing device executing a hypervisor hosting a control virtual machine and a non-trusted virtual machine, a system for securing sensitive information using a hypervisor-trusted client, comprising:
-
a remote computing device; and a local computing device comprising; a graphics processing unit comprising a memory, and a processor executing a graphics manager and a hypervisor hosting a non-trusted virtual machine and a control virtual machine; wherein the control virtual machine is configured to launch a client agent, responsive to receiving a request by a user of the non-trusted virtual machine to establish a connection to the remote computing device; and wherein the graphics manager is configured to assign a secure section of the memory of the graphics processing unit to the client agent, and render graphical data generated by the client agent to the secure section of the graphics processing unit memory. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification