Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Security kernel or utility
Reexamination Certificate
2003-05-30
2008-09-23
Moazzami, Nasser (Department: 2136)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Security kernel or utility
C713S193000
Reexamination Certificate
active
07428636
ABSTRACT:
Upon occurrence of a trigger condition, writes of allocation units of data (including code) to a device, such as writes of blocks to a disk, are first encrypted. Each allocation unit is preferably a predetermined integral multiple number of minimum I/O units. A data structure is marked to indicate which units are encrypted. Upon reads from the device, only those allocation units marked as encrypted are decrypted. The disk protected by selective encryption is preferably the virtual disk of a virtual machine (VM). The trigger condition is preferably either that the virtual disk has been initialized or that the VM has been powered on. Mechanisms are also provided for selectively declassifying (storing in unencrypted form) already-encrypted, stored data, and for determining which data units represent public, general-use data units that do not need to be encrypted. The “encrypt-on-write” feature of the invention may be used in conjunction with a “copy-on-write” technique.
REFERENCES:
patent: 4172213 (1979-10-01), Barnes et al.
patent: 4918653 (1990-04-01), Johri et al.
patent: 4937861 (1990-06-01), Cummins
patent: 5224166 (1993-06-01), Hartman, Jr.
patent: 5606613 (1997-02-01), Lee et al.
patent: 5666516 (1997-09-01), Combs
patent: 5784459 (1998-07-01), Devarakonda et al.
patent: 5995623 (1999-11-01), Kawano et al.
patent: 6070245 (2000-05-01), Murphy et al.
patent: 6374266 (2002-04-01), Shnelvar
patent: 6804819 (2004-10-01), Bates et al.
patent: 6922774 (2005-07-01), Meushaw et al.
patent: 6931531 (2005-08-01), Takahashi
patent: 6971018 (2005-11-01), Witt et al.
patent: 6986043 (2006-01-01), Andrew et al.
patent: 7149901 (2006-12-01), Herbert et al.
patent: 7152165 (2006-12-01), Maheshwari et al.
patent: 2001/0018736 (2001-08-01), Hashimoto et al.
patent: 2002/0066038 (2002-05-01), Mattsson et al.
patent: 2002/0087883 (2002-07-01), Wohlgemuth et al.
patent: 2002/0161908 (2002-10-01), Benitez et al.
patent: 2002/0169987 (2002-11-01), Meushaw et al.
patent: 2003/0009538 (2003-01-01), Shah et al.
patent: 2004/0153642 (2004-08-01), Plotkin et al.
patent: 2006/0015718 (2006-01-01), Liu et al.
patent: 2006/0123250 (2006-06-01), Maheshwari et al.
patent: 2006/0136735 (2006-06-01), Plotkin et al.
patent: 2008/0072071 (2008-03-01), Forehand et al.
Eccleston Matthew
Waldspurger Carl A.
Cervetti David Garcia
Moazzami Nasser
Pearce Jeffrey
VMware, Inc.
LandOfFree
Selective encryption system and method for I/O operations does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Selective encryption system and method for I/O operations, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Selective encryption system and method for I/O operations will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3992436