Systems and methods for securing and restoring virtual machines
First Claim
Patent Images
1. A method for securing a virtual machine, comprising:
- executing a virtual machine on a host device, the virtual machine comprising virtual machine files;
generating data parsing information, wherein the data parsing information is usable to (1) specify a substantially random technique for determining into which of a plurality of shares a portion of the virtual machine files will be placed and (2) select from two or more data encryption techniques a data encryption technique to be used to encrypt the portion; and
in response to receiving a command to stop the virtual machine;
generating the plurality of shares based on the data parsing information; and
causing each of the plurality of shares to be stored in respective separate storage locations, wherein the respective separate storage locations include one or more directories located on the host device, the one or more directories designated to store files associated with a non-virtual machine application;
wherein the virtual machine files are restorable by accessing a threshold number of the plurality of shares.
4 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for securing a virtual machine by causing a plurality of shares of virtual machine files to be separately stored in response to a stop command. Systems and methods are also provided for restoring a data set with a cryptographic restoration application in response to a series of user inputs received when no visual indicator of the cryptographic restoration algorithm is displayed, and for restoring a data set with data shares received from another computer device in response to detecting a communication link with the device.
98 Citations
54 Claims
-
1. A method for securing a virtual machine, comprising:
-
executing a virtual machine on a host device, the virtual machine comprising virtual machine files; generating data parsing information, wherein the data parsing information is usable to (1) specify a substantially random technique for determining into which of a plurality of shares a portion of the virtual machine files will be placed and (2) select from two or more data encryption techniques a data encryption technique to be used to encrypt the portion; and in response to receiving a command to stop the virtual machine; generating the plurality of shares based on the data parsing information; and causing each of the plurality of shares to be stored in respective separate storage locations, wherein the respective separate storage locations include one or more directories located on the host device, the one or more directories designated to store files associated with a non-virtual machine application; wherein the virtual machine files are restorable by accessing a threshold number of the plurality of shares. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 51)
-
-
26. A computer system for securing a virtual machine, comprising:
-
processing circuitry in communication with one or more storage locations, the processing circuitry being associated with communications circuitry for receiving communications, the processing circuitry being configured to; execute a virtual machine on a host device, the virtual machine comprising virtual machine files; generate data parsing information, wherein the data parsing information is usable to (1) specify a substantially random technique for determining into which of a plurality of shares a portion of the virtual machine files will be placed and (2) select from two or more data encryption techniques a data encryption technique to be used to encrypt the portion; and in response to receiving a command to stop the virtual machine; generate the plurality of shares based on the data parsing information; and cause each of the plurality of shares to be stored in respective separate storage locations, wherein the respective separate storage locations include one or more directories located on the host device, the one or more directories designated to store files associated with a non-virtual machine application; wherein the virtual machine files are restorable by accessing a threshold number of the plurality of shares. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 53)
-
-
52. A method for securing a virtual machine, comprising:
-
executing a virtual machine on a host device, the virtual machine comprising virtual machine files; generating data parsing information, wherein the data parsing information is usable to specify a substantially random technique for determining into which of a plurality of shares a portion of the virtual machine files will be placed and how the portion will be encrypted; and in response to receiving a command to stop the virtual machine; generating the plurality of shares based on the data parsing information; and causing each of the plurality of shares to be stored in respective separate storage locations, wherein the respective separate storage locations include one or more directories located on the host device, the one or more directories designated to store files associated with a non-virtual machine application, wherein the one or more directories being designated to store files associated with the non-virtual machine application is named based on a name of the non-virtual machine application; wherein the virtual machine files are restorable by accessing a threshold number of the plurality of shares.
-
-
54. A computer system for securing a virtual machine, comprising:
-
processing circuitry in communication with one or more storage locations, the processing circuitry being associated with communications circuitry for receiving communications, the processing circuitry being configured to; execute a virtual machine on a host device, the virtual machine comprising virtual machine files; generate data parsing information, wherein the data parsing information is usable to specify a substantially random technique for determining into which of a plurality of shares a portion of the virtual machine files will be placed and how the portion will be encrypted; and in response to receiving a command to stop the virtual machine; generate the plurality of shares based on the data parsing information; and cause each of the plurality of shares to be stored in respective separate storage locations, wherein the respective separate storage locations include one or more directories located on the host device, the one or more directories designated to store files associated with a non-virtual machine application, wherein the one or more directories being designated to store files associated with the non-virtual machine application is named based on a name of the non-virtual machine application; wherein the virtual machine files are restorable by accessing a threshold number of the plurality of shares.
-
Specification