ASYNCHRONOUS ENCRYPTION AND DECRYPTION OF VIRTUAL MACHINE MEMORY FOR LIVE MIGRATION
First Claim
Patent Images
1. A system comprising:
- a memory area associated with a computing device, said memory area storing memory blocks; and
a processor programmed to;
encrypt, at a first host, one or more memory blocks associated with a source virtual machine (VM);
transfer the one or more encrypted memory blocks to the one or more second hosts; and
decrypt, on-demand and opportunistically, at the one or more second hosts, the one or more encrypted memory blocks.
2 Assignments
0 Petitions
Accused Products
Abstract
Examples perform asynchronous encrypted live migration of virtual machines (VM) from a source host to a destination host. The encryption of the memory blocks of the VM is performed optionally before a request for live migration is received or after said request. The more resource intensive decryption of the memory blocks of the VM is performed by the destination host in a resource efficient manner, reducing the downtime apparent to users. Some examples contemplate decrypting memory blocks of the transmitted VM on-demand and opportunistically, according to a pre-determined rate, or in accordance with parameters established by a user.
53 Citations
20 Claims
-
1. A system comprising:
-
a memory area associated with a computing device, said memory area storing memory blocks; and a processor programmed to; encrypt, at a first host, one or more memory blocks associated with a source virtual machine (VM); transfer the one or more encrypted memory blocks to the one or more second hosts; and decrypt, on-demand and opportunistically, at the one or more second hosts, the one or more encrypted memory blocks. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for encrypting memory blocks, said method comprising:
-
encrypting one or more memory blocks associated with a source host with a first parameter; transferring the one or more encrypted memory blocks to one or more destination hosts; and decrypting the one or more encrypted memory blocks on-demand and opportunistically. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. One or more computer-readable storage media including computer-executable instructions that, when executed, cause at least one processor to:
-
encrypt, at a first host, one or more memory blocks associated with a first parameter; transfer the one or more encrypted memory blocks to one or more destination hosts; and decrypt, at one or more second hosts, the one or more encrypted memory blocks on-demand and opportunistically. - View Dependent Claims (18, 19, 20)
-
Specification