PROTECTION OF INTERPRETED SOURCE CODE IN VIRTUAL APPLIANCES
First Claim
1. A computer program product for protecting interpreted code in a virtual appliance, the computer program product comprising a computer readable storage medium having computer readable program code embodied therewith, the computer readable program code being configured to:
- compress a file to be protected into a compressed filesystem file;
encrypt an interpreted programming language code filesystem file, wherein the interpreted programming language code filesystem file includes the file to be protected;
initiate a startup script employing the encrypted interpreted programming language code filesystem file with the compressed filesystem file;
decrypt the interpreted programming language code filesystem file; and
run the decrypted interpreted programming language code filesystem file.
2 Assignments
0 Petitions
Accused Products
Abstract
Protection of interpreted programming language code filesystem files from access and alteration may be provided by encrypting a file to be protected in a boot sequence. Run-time examination of a virtual appliance may be deterred by hiding the boot sequence in a restricted virtual appliance platform. No shell or filesystem access may be provided. Thus, permissions on a read-only filesystem (for example) may be kept from being altered. The permissions may be set along with filesystem access control lists to prevent unauthorized examination of the source files.
-
Citations
20 Claims
-
1. A computer program product for protecting interpreted code in a virtual appliance, the computer program product comprising a computer readable storage medium having computer readable program code embodied therewith, the computer readable program code being configured to:
-
compress a file to be protected into a compressed filesystem file; encrypt an interpreted programming language code filesystem file, wherein the interpreted programming language code filesystem file includes the file to be protected; initiate a startup script employing the encrypted interpreted programming language code filesystem file with the compressed filesystem file; decrypt the interpreted programming language code filesystem file; and run the decrypted interpreted programming language code filesystem file. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8-15. -15. (canceled)
-
16. A computing appliance, comprising:
-
a storage module; a memory module; and a processor, wherein the processor is configured to compress a file to be protected into a compressed filesystem file stored in the storage module, encrypt the file to be protected with an interpreted programming language code filesystem file, initiate, in the memory, a startup script employing the interpreted programming language code filesystem file with the compressed filesystem file, decrypt the interpreted programming language code filesystem file, and run the decrypted interpreted programming language code filesystem file while preventing access to the compressed file system. - View Dependent Claims (17, 18, 19, 20)
-
Specification
-
- Resources
-
Current AssigneeKyndryl Incorporated (Kyndryl Holdings, Inc.)
-
Original AssigneeInternational Business Machines Corporation
-
InventorsBUSWELL, JOHN I.
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current713/190
-
CPC Class CodesG06F 21/00 Security arrangements for p...G06F 21/575 Secure bootG06F 21/6209 to a single file or object,...G06F 21/6281 at program execution time, ...
