×

Securing customer virtual machines in a multi-tenant cloud

  • US 8,909,928 B2
  • Filed: 03/10/2011
  • Issued: 12/09/2014
  • Est. Priority Date: 06/02/2010
  • Status: Active Grant
First Claim
Patent Images

1. A method of securing virtual machines in a multi-tenant data center including a plurality of server computers and persistent data stores, comprising:

  • configuring a server computer with an attestation module;

    installing a software stack on the server computer;

    measuring, with the attestation module, a static property of the software stack and storing the measurement in the attestation module;

    receiving a request to start a virtual machine using the software stack on the server computer;

    in response to receiving the request to start the virtual machine, transmitting the measurement stored in the attestation module to an external entity and, in response to a verification that the measurement matches an expected value at the external entity, receiving from the external entity a key for running the virtual machine using the software stack;

    running the virtual machine on top of the software stack using the key;

    receiving a request to execute a management operation on the virtual machine; and

    creating an audit trail by sending the management operation to the external entity.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×