TECHNIQUES FOR SECURE DATA EXTRACTION IN A VIRTUAL OR CLOUD ENVIRONMENT
First Claim
Patent Images
1. A method implemented in a non-transitory machine-readable storage medium and processed by a device configured to perform the method, comprising:
- acquiring, by the device, an encryption key tailored for a virtual processing environment;
identifying, by the device, selective data to extract from the virtual processing environment; and
encrypting, by the device, the selective data with the encryption key.
12 Assignments
0 Petitions
Accused Products
Abstract
Techniques for secure data extraction in a virtual or cloud environment are presented. Desired data from a Virtual Machine (VM) or an entire VM is extracted and encrypted with a key. This key is sealed to a machine or a group of machines. The encrypted data is then migrated and successfully used on startup for instances of the VM by having the ability to access the sealed key (and unsealing it) to decrypt the encrypted data.
26 Citations
20 Claims
-
1. A method implemented in a non-transitory machine-readable storage medium and processed by a device configured to perform the method, comprising:
-
acquiring, by the device, an encryption key tailored for a virtual processing environment; identifying, by the device, selective data to extract from the virtual processing environment; and encrypting, by the device, the selective data with the encryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method implemented in a non-transitory machine-readable storage medium and processed by a machine configured to perform the method, comprising:
-
transmitting, by the machine, a base image of a virtual processing environment to a target machine; communicating, via the machine, selective encrypted data tied to a given state for the base image to the target machine; and instructing, via the machine, a running image of the virtual processing environment to validate, decrypt, and integrate the selective encrypted data into the running image. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A system, comprising:
-
a machine memory configured with a virtual data extractor that processes on one or more processors of the machine; the machine or a different machine configured with a virtual machine (VM) secure data distributor; wherein the virtual data extractor is configured to selectively identify, extract, and encrypt data associated with a VM, and the VM secure data distributor is configured to deliver the encrypted data to a target machine that is to run an instance of the VM and instruct the target machine to validate, decrypt, and integrate the encrypted data within the instance. - View Dependent Claims (19, 20)
-
Specification