SYSTEM FOR SECURING VIRTUAL MACHINE DISKS ON A REMOTE SHARED STORAGE SUBSYSTEM
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention provide a method, data processing system and computer program product for secure distribution of virtualized storage. In an embodiment of the invention, a method for secure distribution of virtualized storage in a host in a cloud computing can include composing at least one virtual machine (VM) disk in a secure container and configured to deploy VM images into a cloud computing environment, encrypting the composed at least one VM disk, transmitting the encrypted VM disk to a hypervisor in the cloud computing environment receiving a request to activate a VM instance and generating a bootloader in the secure container, transmitting the bootloader to the hypervisor in the cloud computing environment and providing a key to the bootloader to unlock the at least one VM disk.
41 Citations
13 Claims
-
1-5. -5. (canceled)
-
6. A cloud computing data processing system comprising:
-
a secure container executing on a hardware appliance with at least one processor and memory and configured for communicative coupling to different hypervisors, each of the different hypervisors supporting VM storage in a cloud computing environment; a data store of VM images for storage in at least one of the different hypervisors; and
,a secure distribution module executing in the memory of the hardware appliance, the module comprising program code enabled upon execution in the hardware appliance to compose at least one machine (VM) disk in a secure container, which is configured to deploy VM images into the cloud computing environment, to encrypt the composed at least one VM disk, to transmit the at least one encrypted VM disk to a hypervisor in the cloud computing environment, to receive a request to activate a VM instance and generate a bootloader in the secure container, to transmit the bootloader to the hypervisor in the cloud computing environment and to provide a key to the bootloader to unlock the at least one VM disk. - View Dependent Claims (7, 8)
-
-
9. A computer program product for secure distribution of virtualized storage in a cloud computing environment, the computer program product comprising:
-
a computer readable storage medium having computer readable program code embodied therewith, the computer readable program code comprising; computer readable program code for composing at least one machine (VM) disk in a secure container and configured to deploy VM images into a cloud computing environment; computer readable program code for encrypting the composed VM disk; computer readable program code for transmitting the encrypted VM disk to a hypervisor in the cloud computing environment; computer readable program code for receiving a request to activate a VM instance and generating a bootloader in the secure container; and
,computer readable program code for transmitting the bootloader to the hypervisor in the cloud computing environment and providing a key to the bootloader to unlock the at least one VM disk - View Dependent Claims (10, 11, 12, 13)
-
Specification
-
- Resources
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsAshok, Rohith, Whalley, Ian N., Hogstrom, Matthew R.
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current713/150
-
CPC Class CodesG06F 2009/4557 Distribution of virtual mac...G06F 2009/45575 Starting, stopping, suspend...G06F 21/575 Secure bootG06F 9/45558 Hypervisor-specific managem...H04L 63/045 wherein the sending and rec...H04L 63/166 at the transport layer
