Secure virtual sector erasure method and system
First Claim
Patent Images
1. A method comprising:
- presenting a virtual resource in a user interface;
receiving a selection of the virtual resource, the selection indicating that the virtual resource is to be securely erased;
isolating the selected virtual resource, wherein the isolating comprises;
exclusively locking the selected virtual resource,stopping execution of virtual machine processes associated with the selected virtual resource, anddisabling a dynamic redistribution of resources to ensure uninterrupted operation;
obtaining access to the selected virtual resource;
securely erasing the selected virtual resource by overwriting all virtual sectors of the selected virtual resource; and
confirming that all virtual sectors of the selected virtual resource have been overwritten.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for sanitizing physical storage in cloud computing and virtual environments. When logical storage is decommissioned in a virtual environment, the underlying physical storage is logically disassociated. However, the underlying physical data blocks remain intact until they are overwritten. Since there is no control over when, or even if, the physical data is ever overwritten, the remaining data is susceptible to compromise. The present disclosure provides a secure erase application that securely erases physical storage associated with to-be deleted resources, such as virtual data stores, virtual images, snapshots and raw virtual disks.
-
Citations
25 Claims
-
1. A method comprising:
-
presenting a virtual resource in a user interface; receiving a selection of the virtual resource, the selection indicating that the virtual resource is to be securely erased; isolating the selected virtual resource, wherein the isolating comprises; exclusively locking the selected virtual resource, stopping execution of virtual machine processes associated with the selected virtual resource, and disabling a dynamic redistribution of resources to ensure uninterrupted operation; obtaining access to the selected virtual resource; securely erasing the selected virtual resource by overwriting all virtual sectors of the selected virtual resource; and confirming that all virtual sectors of the selected virtual resource have been overwritten. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer readable storage medium programmed with computer readable code that, when executed by a computer processor, causes the processor to:
-
present a virtual resource in a user interface; receive a selection of the virtual resource, the selection indicating that the virtual resource is to be securely erased; isolate the selected virtual resource, wherein to isolate the selected virtual resource, the processor; exclusively locks the selected virtual resource, stops execution of virtual machine processes associated with the selected virtual resource, and disables a dynamic redistribution of resources to ensure uninterrupted operation; obtain access to the selected virtual resource; securely erase the selected virtual resource by overwriting all virtual sectors of the selected virtual resource; and confirm that all virtual sectors of the selected virtual resource have been overwritten. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
-
Specification