System and Method for Secure Client Hosted Virtualization in an Information Handling System
First Claim
1. A client hosted virtualization system (CHVS) comprising:
- a processor operable to execute code; and
a non-volatile memory including first code to implement a basic input/output system for the CHVS, and second code to implement a virtualization manager operable to;
initialize the CHVS;
authenticate a first virtual machine image associated with a first virtual machine; and
launch the first virtual machine on the CHVS based on the first virtual machine image;
wherein the CHVS is configurable to execute the first code and not the second code, or to execute the second code and not the first code.
14 Assignments
0 Petitions
Accused Products
Abstract
A client hosted virtualization system (CHVS) includes a processor and non-volatile memory with BIOS code and virtualization manager code. The virtualization manager initializes the CHVS, authenticates a virtual machine image and launches the virtual machine based on the image. The CHVS is configurable to execute the BIOS or the virtualization manager. A client system update network includes a client update system and a CHVS with a processor, a security processor, and non-volatile memory with BIOS code and virtualization manager code that initializes the CHVS, authenticates a virtual machine image and launches a virtual machine based on the image. The CHVS is configurable to execute the BIOS or the virtualization manager. The client update system receives updates and sends them to the CHVS. The CHVS authenticates the updates with the security processor, and overwrites the non-volatile memory with the updates.
-
Citations
20 Claims
-
1. A client hosted virtualization system (CHVS) comprising:
-
a processor operable to execute code; and a non-volatile memory including first code to implement a basic input/output system for the CHVS, and second code to implement a virtualization manager operable to; initialize the CHVS; authenticate a first virtual machine image associated with a first virtual machine; and launch the first virtual machine on the CHVS based on the first virtual machine image; wherein the CHVS is configurable to execute the first code and not the second code, or to execute the second code and not the first code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A client system update network comprising:
-
a client hosted virtualization system (CHVS) having; a processor operable to execute code; a security processor; and a non-volatile memory including; first code to implement a basic input/output system for the CHVS; and second code to implement a virtualization manager operable to initialize the CHVS, authenticate a virtual machine image associated with a first virtual machine, and launch the virtual machine on the CHVS based on the virtual machine image; wherein the CHVS is configurable to execute the first code and not the second code, or to execute the second code and not the first code; and a client update system coupled to the network interface and operable to; receive third code including an update to the second code; encode the third code; and send the third code to the CHVS; wherein the CHVS is operable to; receive the third code; decode and authenticate the third code with the security processor; and in response to determining that the third code is authentic, overwrite the non-volatile memory such that the second code is replaced with the third code. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A method of providing a client hosted virtualization system (CHVS), comprising:
-
storing first code in a non-volatile memory of the CHVS to implement a basic input/output system for the CHVS; storing second code in the non-volatile memory, the second code being operable to; initialize the CHVS; authenticate a first virtual machine image associated with a first virtual machine; launch the first virtual machine on the CHVS based on the first virtual machine image; authenticate a second virtual machine image associated with a second virtual machine; and launch the second virtual machine on the CHVS based on the second virtual machine image; determining to execute the second code to the exclusion of the first code; and in response to determining to execute the second code, executing the second code. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification