Invention Grant
US08387046B1 Security driver for hypervisors and operating systems of virtualized datacenters
有权
虚拟化管理程序的安全驱动程序和虚拟化数据中心的操作系统
- Patent Title: Security driver for hypervisors and operating systems of virtualized datacenters
- Patent Title (中): 虚拟化管理程序的安全驱动程序和虚拟化数据中心的操作系统
-
Application No.: US12411628Application Date: 2009-03-26
-
Publication No.: US08387046B1Publication Date: 2013-02-26
- Inventor: Bruce Montague , Sanjay Sawhney , Matthew Conover , Tzi-cker Chiueh
- Applicant: Bruce Montague , Sanjay Sawhney , Matthew Conover , Tzi-cker Chiueh
- Applicant Address: US CA Mountain View
- Assignee: Symantec Corporation
- Current Assignee: Symantec Corporation
- Current Assignee Address: US CA Mountain View
- Agency: Meyertons, Hood, Kivlin, Kowert & Goetzel, P.C.
- Agent Rory D. Rankin
- Main IPC: G06F9/00
- IPC: G06F9/00
Abstract:
A system and method for efficient security protocols in a virtualized datacenter environment are contemplated. In one embodiment, a system is provided comprising a hypervisor coupled to one or more protected virtual machines (VMs) and a security VM. Within a private communication channel, a split kernel loader provides an end-to-end communication between a paravirtualized security device driver, or symbiont, and the security VM. The symbiont monitors kernel-level activities of a corresponding guest OS, and conveys kernel-level metadata to the security VM via the private communication channel. Therefore, the well-known semantic gap problem is solved. The security VM is able to read all of the memory of a protected VM, detect locations of memory compromised by a malicious rootkit, and remediate any detected problems.
Information query
