VIRTUAL MACHINE MIGRATION

US 20120159634A1
Filed: 12/15/2011
Published: 06/21/2012
Est. Priority Date: 12/15/2010
Status: Abandoned Application

First Claim

Patent Images

1. A method of attesting a virtual machine migrating from a first environment to a second environment comprising:

in response to initiation of migration of the virtual machine from the first environment to the second environment;

accessing one or more stored trust values generated during trusted boot of the virtual machine in the first environment;

determining that the accessed trust values define a security setting that is not sufficient for the second environment; and

in response to the determination that the accessed trust values define the security setting that is not sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Attesting a virtual machine that is migrating from a first environment to a second environment includes in response to initiation of migration of the virtual machine from the first environment to the second environment, accessing one or more stored trust values generated during the trusted boot of the virtual machine in the first environment, determining if the accessed trust values define a security setting sufficient for the second environment, and if the accessed trust values do not define a security setting sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.

Citations

12 Claims

1. A method of attesting a virtual machine migrating from a first environment to a second environment comprising:
- in response to initiation of migration of the virtual machine from the first environment to the second environment;
  
  accessing one or more stored trust values generated during trusted boot of the virtual machine in the first environment;
  
  determining that the accessed trust values define a security setting that is not sufficient for the second environment; and
  
  in response to the determination that the accessed trust values define the security setting that is not sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein performing the predetermined action in relation to the migration of the virtual machine to the second environment comprises preventing the migration of the virtual machine.
  - 3. The method of claim 1, wherein performing the predetermined action in relation to the migration of the virtual machine to the second environment comprises completing the migration of the virtual machine and placing limits on the operation of the virtual machine in the second environment.
  - 4. The method of claim 1 further comprising transferring the stored trust values to a trusted management unit for the second environment.

5. A system for attesting a virtual machine migrating from a first environment to a second environment comprising:
- a computer processor; and
  
  a computer readable storage medium comprising a trusted management unit executable by the computer processor to;
  
  responsive to initiation of migration of the virtual machine from the first environment to the second environment;
  
  accessing one or more stored trust values generated during trusted boot of the virtual machine in the first environment;
  
  determining that the accessed trust values define a security setting that is not sufficient for the second environment; and
  
  in response to the determination that the accessed trust values define the security setting that is not sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.
- View Dependent Claims (6, 7, 8)
- - 6. The system of claim 5, wherein performing the predetermined action in relation to the migration of the virtual machine to the second environment comprises preventing the migration of the virtual machine.
  - 7. The system of claim 5, wherein performing the predetermined action in relation to the migration of the virtual machine to the second environment comprises completing the migration of the virtual machine and place limits on the operation of the virtual machine in the second environment.
  - 8. The system of claim 5, wherein the trusted management unit is further executable by the computer processor to transfer the stored trust values to a trusted management unit for the second environment.

9. A computer program product on a tangible computer readable storage medium for attesting a virtual machine migrating from a first environment to a second environment, the product comprising instructions executable by a computer to cause the computer to perform:
- responsive to initiation of migration of the virtual machine from the first environment to the second environment;
  
  accessing one or more stored trust values generated during trusted boot of the virtual machine in the first environment;
  
  determining that the accessed trust values define a security setting that is not sufficient for the second environment; and
  
  in response to the determination that the accessed trust values define the security setting that is not sufficient for the second environment, performing a predetermined action in relation to the migration of the virtual machine to the second environment.
- View Dependent Claims (10, 11, 12)
- - 10. The computer program product of claim 9, wherein the instructions for performing the predetermined action in relation to the migration of the virtual machine to the second environment comprise instructions for preventing the migration of the virtual machine.
  - 11. The computer program product of claim 9, wherein the instructions for performing the predetermined action in relation to the migration of the virtual machine to the second environment comprise instructions for completing the migration of the virtual machine and placing limits on the operation of the virtual machine in the second environment.
  - 12. The computer program product of claim 9, further comprising instructions for transferring the stored trust values generated during the trusted boot of the virtual machine to a trusted management unit for the second environment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Haikney, David, Mullen, Shawn P., Walker, James

Application Number

US13/327,488
Publication Number

US 20120159634A1
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/57   Certifying or maintaining t...

G06F 9/4856   resumption being on a diffe...

VIRTUAL MACHINE MIGRATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

VIRTUAL MACHINE MIGRATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links