PROTECTED DEVICE MANAGEMENT
First Claim
Patent Images
1. A computer-implemented method comprising:
- identifying an auditable event being performed in a secure partition of a system, wherein the secure partition is isolated from a host operating system of the system;
generating an audit event record for the auditable event; and
writing the audit event record to an audit log, wherein the audit log is isolated from the host operating system.
0 Assignments
0 Petitions
Accused Products
Abstract
A method, apparatus, system, and computer program product for management of storage devices protected by encryption, user authentication, and password protection and auditing schemes in virtualized and non-virtualized environments.
-
Citations
16 Claims
-
1. A computer-implemented method comprising:
-
identifying an auditable event being performed in a secure partition of a system, wherein the secure partition is isolated from a host operating system of the system; generating an audit event record for the auditable event; and writing the audit event record to an audit log, wherein the audit log is isolated from the host operating system. - View Dependent Claims (3, 4, 5, 6, 7)
-
-
2. The method of claim 2 wherein
the audit log is a first audit log of a plurality of audit logs, the plurality of audit logs is accessible only from within the secure partition, and each audit log of the plurality of audit logs is isolated from the host operating system; - and the method further comprises;
determining whether the first audit log is available; sending the audit event record to a first audit subsystem associated with the first audit log if the first audit log is available, wherein the first audit subsystem performs writing the audit event record to the first audit log; and sending the audit event record to a second audit subsystem associated with a second audit log of the plurality of audit logs if the first audit log is not available, wherein the second audit subsystem performs writing the audit event record to the second audit log.
- and the method further comprises;
-
8. A computer-implemented method comprising:
-
receiving a request to service an audit log from a secure partition of a requesting system, wherein the secure partition is isolated from a host operating system of the requesting system, the audit log contains an audit event record of an auditable event performed in the secure partition, and the audit log is isolated from the host operating system of the requesting system; establishing a secure communication channel with the secure partition; and servicing the audit log via the secure communication channel. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
Specification