Verifying Applications in Virtual Environments Using a Trusted Security Zone
First Claim
1. A method of transmitting information between virtual environments comprising:
- copying a first virtual environment, wherein the first virtual environment comprises a plurality of original applications, a first clock, and a first trusted security zone, wherein the first trusted security zone comprises a verification application and a nonce application;
subsequently, creating a second virtual environment, wherein the second virtual environment comprises a copy of at least some applications of the plurality of original applications, a second clock, and a second trusted security zone;
receiving, by the verification application residing in the first trusted security zone, from a copied application, a request for a transmission with an original application of the plurality of the original applications;
determining, by the verification application residing in the first trusted security zone, if a nonce associated with the copied application is a verified nonce, wherein the nonce comprises a clock value of the second clock and a time stamp, and wherein determining if the nonce is a verified nonce comprises;
comparing, by the verification application residing in the first trusted security zone, at least the clock value of the nonce to a clock value of the first clock; and
determining, by the first trusted security zone, if the clock value of the nonce correlates sufficiently to the clock value of the first clock; and
at least one of;
granting, in response to a determination that the clock value of the nonce correlates sufficiently to the clock value of the first clock, the request, and sending the requested transmission from the first trusted security zone to the second trusted security zone;
ordenying, in response to a determination that the clock value of the nonce does not correlate sufficiently to the clock value of the first clock, the request.
6 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for transmitting information between virtual environments comprising: copying a first virtual environment, wherein the first virtual environment comprises a plurality of original applications, a first clock, and a first trusted security zone to create a second virtual environment, wherein the second virtual environment comprises a copy of at least some applications of the plurality of original applications, a second clock, and a second trusted security zone. The first trusted security zone may receive a request from a copied application to engage in a transmission with an original application. The first trusted security zone may then determine if a nonce associated with the copied application is a verified nonce, wherein determining if the nonce is a verified nonce comprises comparing, by the first trusted security zone, the nonce associated with the copied application to a nonce associated with the at least one original application.
416 Citations
18 Claims
-
1. A method of transmitting information between virtual environments comprising:
-
copying a first virtual environment, wherein the first virtual environment comprises a plurality of original applications, a first clock, and a first trusted security zone, wherein the first trusted security zone comprises a verification application and a nonce application; subsequently, creating a second virtual environment, wherein the second virtual environment comprises a copy of at least some applications of the plurality of original applications, a second clock, and a second trusted security zone; receiving, by the verification application residing in the first trusted security zone, from a copied application, a request for a transmission with an original application of the plurality of the original applications; determining, by the verification application residing in the first trusted security zone, if a nonce associated with the copied application is a verified nonce, wherein the nonce comprises a clock value of the second clock and a time stamp, and wherein determining if the nonce is a verified nonce comprises; comparing, by the verification application residing in the first trusted security zone, at least the clock value of the nonce to a clock value of the first clock; and determining, by the first trusted security zone, if the clock value of the nonce correlates sufficiently to the clock value of the first clock; and at least one of; granting, in response to a determination that the clock value of the nonce correlates sufficiently to the clock value of the first clock, the request, and sending the requested transmission from the first trusted security zone to the second trusted security zone;
ordenying, in response to a determination that the clock value of the nonce does not correlate sufficiently to the clock value of the first clock, the request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for transmitting data between applications in a virtual environment comprising:
-
receiving, by a first application in a first virtual environment, at least one of a request to send information to a second application or a request to receive information from the second application, wherein the first virtual environment comprises a trusted security zone, a plurality of applications, and a clock, and wherein the second application comprises a nonce; sending, by the first application, a request for verification of the second application to the trusted security zone in the first virtual environment, wherein the trusted security zone comprises a verification application; and receiving, by the first application, from the verification application, a confirmation of verification of the second application, wherein the confirmation is sent based on; comparing, by the verification application, a nonce associated with the second application with an assigned nonce of a plurality of assigned nonces stored in the trusted security zone, wherein the nonce comprises a clock value and a time stamp; comparing the time stamp to a time the nonce was assigned, wherein the nonce application comprises stored data, wherein the stored data comprises a plurality of information about nonces including the time the nonce was assigned; and determining, by the verification application, that the clock value correlates sufficiently to a current clock value on the clock in the first virtual environment. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A system for transmitting information between applications comprising:
-
a first virtual environment stored in a non-transitory memory of a computing device, wherein the first virtual environment comprises a clock, a first application of a plurality of applications, and a trusted security zone; wherein the trusted security zone comprises a verification application and a nonce application; a second application stored in a non-transitory memory, wherein the trusted security zone receives a request from the first application to verify the second application; wherein the first application resides in the trusted security zone and verifies that a nonce that comprises a clock value and a time stamp and is associated with the second application is verifiable based at least on a comparison of the clock value of the nonce and a clock value of the clock; and wherein the second application, in response to the verification that the clock value of the nonce correlates sufficiently to the clock value of the clock, at least one of receives a transmission from the first application or sends a transmission to the first application. - View Dependent Claims (16, 17, 18)
-
Specification