-
公开(公告)号:US10116645B1
公开(公告)日:2018-10-30
申请号:US15299183
申请日:2016-10-20
Applicant: Amazon Technologies, Inc.
Inventor: Derek Del Miller , Nachiketh Rao Potlapally , Rahul Gautam Patel
Abstract: A computing device includes a processor and a persistent memory for storing information about a first public key associated with a first asymmetric key pair for authenticating the source of a digital certificate. The computing device also includes a second memory for storing one or more current key version indicators. Each of the current key version indicators is associated with a corresponding secondary public key, and the one or more current key version indicators are used by the processor to determine the trust of the corresponding secondary public key.
-
公开(公告)号:US09792143B1
公开(公告)日:2017-10-17
申请号:US14921555
申请日:2015-10-23
Applicant: Amazon Technologies, Inc.
Inventor: Nachiketh Rao Potlapally , Derek Del Miller , Mark Bradley Davis , Matthew Shawn Wilson , Eric Jason Brandwine , Anthony Nicholas Liguori , Rahul Gautam Patel
CPC classification number: G06F9/45558 , G06F21/53 , G06F21/6218 , G06F21/72 , G06F21/74 , G06F2009/45587
Abstract: The performing of virtual machine (VM)-based secure operations is enabled using a trusted co-processor that is able to operate in a secure mode to perform operations in a multi-tenant environment that are protected from other VMs and DOM-0, among other domains and components. A customer VM can contact a VM manager (VMM) to perform an operation with respect to sensitive data. The VMM can trigger secure mode operation, whereby memory pages are marked and access blocked to entities outside a trusted enclave. The trusted co-processer can measure the VMM and compare the result against an earlier result to ensure that the VMM has not been compromised. Once the operations are performed, the trusted co-processor can return the results, and the VMM can exit the secure mode such that access to the marked pages and customer data is restored.
-
Search Results
12
records
(took 0.013 seconds)
