Abstract: A method for protecting an OS disk of a computing device without block encrypting the OS disk. The method identifies one or more files that store configuration data associated with OS binaries executed on the computing device. The method encrypts the configuration data stored in the one or more files using an encryption key and seals the encryption key to a TPM of the computing device. The method then boots the computing device by attempting to unseal the encryption key by authenticating one or more of the OS binaries with the TPM. When authenticating the one or more of the OS binaries is successful, the method completes boot of the computing device by decrypting the configuration data using the encryption key. If authentication of the one or more of the OS binaries is not successful, however, the method aborts boot of the computing device.

Abstract: An example method of secure attestation of a workload deployed in a virtualized computing system is described. The virtualized computing system includes a host cluster and a virtualization management server, the host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts. The method includes storing, in a trust authority, a pre-defined attestation report for a workload executing in a virtual machine (VM) managed by the virtualization layer, the pre-defined attestation report including a hash of at least a portion of an image of the VM; receiving, at the trust authority from a security module of a host in which the VM executes, an attestation report generated by measuring memory of the VM; comparing the attestation report with the pre-defined attestation report; and generating an indication of validity for the workload based on a result of the comparison.

Abstract: In one set of embodiments, confidential data needed by a workload component running within a worker VM can be placed on an encrypted virtual disk that is attached to the worker VM and hardware-based attestation can be used to validate the worker VM's software and isolate its guest memory from its hypervisor. Upon successful completion of this attestation process, a data decryption key can be delivered to the worker VM via a secure channel established via the attestation, such that the hypervisor cannot read or alter the key. The worker VM can then decrypt the contents of the encrypted virtual disk using the data decryption key, thereby granting the workload component access to the confidential data.

Abstract: A framework is provided that assigns a digital certificate to each VM-based control plane element and computing node (i.e., worker VM) of a workload orchestration platform implemented in a virtualized environment, where the digital certificate is signed by a trusted entity and provides cryptographic proof that the control plane element/worker VM has been successfully attested by that trusted entity using hardware-based attestation. Each control plane element/worker VM is configured to verify the digital certificates of other platform components prior to communicating with those components. With these digital certificates in place, when an end-user submits to the platform's front-end control plane element a new workload for deployment, the end-user can verify the digital certificate of the front-end control plane element in order to be assured that the workload will be deployed and executed by the platform in a secure manner.

Abstract: An example method of secure attestation of a workload deployed in a virtualized computing system is described. The virtualized computing system includes a host cluster and a virtualization management server, the host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts. The method includes: launching, in cooperation with a security module of a host, a guest as a virtual machine (VM) managed by the virtualization layer, the security module generating an attestation report from at least a portion of the VM loaded into memory of the host; sending the attestation report from the security module to a trust authority; receiving, in response to verification of the attestation report by the trust authority, a secret from the trust authority at the security module; and providing the secret from the security module to the guest.

Abstract: A method of attestation of a host machine based on runtime configuration of the host machine is provided. The method receives, at an attestation machine, a request from the host machine for attestation of a software executing on the host machine, the request including at least one security-related configuration of the software at launch time and a corresponding runtime behavior of the software when the security-related configuration changes. The method then generates a claim based on evaluating a value associated with the at least one security-related configuration and the corresponding runtime behavior of the software when the value changes. The method also generates an attestation token after a successful attestation of the software and include in the attestation token the generated claim. The method further transmits the attestation token to the host machine.

Abstract: An example method of secure attestation of a workload deployed in a virtualized computing system is described. The virtualized computing system includes a host cluster and a virtualization management server, the host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts. The method includes: launching, in cooperation with a security module of a host, a guest as a virtual machine (VM) managed by the virtualization layer, the security module generating an attestation report from at least a portion of the VM loaded into memory of the host; sending the attestation report from the security module to a trust authority; receiving, in response to verification of the attestation report by the trust authority, a secret from the trust authority at the security module; and providing the secret from the security module to the guest.

Abstract: An example method of secure attestation of a workload deployed in a virtualized computing system is described. The virtualized computing system includes a host cluster and a virtualization management server, the host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts. The method includes storing, in a trust authority, a pre-defined attestation report for a workload executing in a virtual machine (VM) managed by the virtualization layer, the pre-defined attestation report including a hash of at least a portion of an image of the VM; receiving, at the trust authority from a security module of a host in which the VM executes, an attestation report generated by measuring memory of the VM; comparing the attestation report with the pre-defined attestation report; and generating an indication of validity for the workload based on a result of the comparison.

Abstract: An example method of secure attestation of a workload deployed in a virtualized computing system is described. The virtualized computing system includes a host cluster and a virtualization management server, the host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts.

Abstract: A method for protecting an OS disk of a computing device without block encrypting the OS disk. The method identifies one or more files that store configuration data associated with OS binaries executed on the computing device. The method encrypts the configuration data stored in the one or more files using an encryption key and seals the encryption key to a TPM of the computing device. The method then boots the computing device by attempting to unseal the encryption key by authenticating one or more of the OS binaries with the TPM. When authenticating the one or more of the OS binaries is successful, the method completes boot of the computing device by decrypting the configuration data using the encryption key. If authentication of the one or more of the OS binaries is not successful, however, the method aborts boot of the computing device.

Abstract: In one set of embodiments, confidential data needed by a workload component running within a worker VM can be placed on an encrypted virtual disk that is attached to the worker VM and hardware-based attestation can be used to validate the worker VM's software and isolate its guest memory from its hypervisor. Upon successful completion of this attestation process, a data decryption key can be delivered to the worker VM via a secure channel established via the attestation, such that the hypervisor cannot read or alter the key. The worker VM can then decrypt the contents of the encrypted virtual disk using the data decryption key, thereby granting the workload component access to the confidential data.

Abstract: A framework is provided that assigns a digital certificate to each VM-based control plane element and computing node (i.e., worker VM) of a workload orchestration platform implemented in a virtualized environment, where the digital certificate is signed by a trusted entity and provides cryptographic proof that the control plane element/worker VM has been successfully attested by that trusted entity using hardware-based attestation. Each control plane element/worker VM is configured to verify the digital certificates of other platform components prior to communicating with those components. With these digital certificates in place, when an end-user submits to the platform's front-end control plane element a new workload for deployment, the end-user can verify the digital certificate of the front-end control plane element in order to be assured that the workload will be deployed and executed by the platform in a secure manner.

Abstract: A method for placing a workload on one or more resources based on security requirements of the workload, a declared security policy, and security capabilities of the resources, includes determining the security requirements of the workload and the declared security policy, searching for and finding a resource that meets the security requirements of the workload and the declared security policy, and deploying the workload onto the resource. The method further includes, after deploying the workload onto the resource, discovering that the resource does not meet the security requirements of the workload and the declared security policy, determining that a new environment has a resource having security capabilities that meet the security requirements of the workload and the declared security policy, and deploying the workload onto the resource in the new environment.

Abstract: A method of attestation of a host machine based on runtime configuration of the host machine is provided. The method receives, at an attestation machine, a request from the host machine for attestation of a software executing on the host machine, the request including at least one security-related configuration of the software at launch time and a corresponding runtime behavior of the software when the security-related configuration changes. The method then generates a claim based on evaluating a value associated with the at least one security-related configuration and the corresponding runtime behavior of the software when the value changes. The method also generates an attestation token after a successful attestation of the software and include in the attestation token the generated claim. The method further transmits the attestation token to the host machine.

Abstract: A method for an attestation machine to attest a software executing on a remote machine is provided. The method receives, at the attestation machine, a request from the remote machine for attestation of the software executing on the remote machine. The method then determines, by the attestation machine, whether metadata associated with the software is stored at a remote server. The remote server includes several software packages for at least one of installation or upgrade and metadata associated with each of the several software packages. When the metadata associated with the software is stored at the remote server, the method sends, from the attestation machine, an attestation confirmation message to the remote machine.

Abstract: A method and system are disclosed in which a secure computing infrastructure is established and maintained. The method requires that upon any attestation event, a component to be added or newly activated (i.e., used the first time) be checked for its trustworthiness, where the checking includes cryptographic proof of the trustworthiness of the component. If the component is not trustworthy, then security precautions are taken to protect the secure computing infrastructure. Those precautions include refusing to accept the component, quarantining the component, encrypting and decrypting all traffic to and from the component, or allowing the component to perform only non-secure operations.

Abstract: To create a backup of a live (running) virtual machine, a backup agent may take a snapshot of the virtual machine, backup the virtual machine from the snapshot disk, and delete the snapshot. Deleting the snapshot initiates a snapshot consolidation process where delta disks of the virtual machine are collapsed. A virtual disk layer sets up a mirror driver between a current virtual disk and a target virtual disk. Data sectors of the delta disk are copied over to the target virtual disk in a single pass, while the mirror driver mirrors write request for the current virtual disk to the target virtual disk.

Abstract: One or more embodiments provide techniques for accessing a memory page of a virtual machine for which loading might have been deferred, according to an embodiment of the invention, includes the steps of examining metadata of the memory page and determining that a flag in the metadata for indicating that the contents of the memory page needs to be updated is set, and updating the contents of the memory page.

Abstract: One or more embodiments provide techniques for promoting a linked clone virtual machine to a full clone virtual machine. In one embodiment, a method includes receiving an instruction to promote the linked clone virtual machine to a full clone virtual machine. The method also includes creating a second base disk for the linked clone virtual machine. The method includes installing a mirror driver between the first delta disk and the second base disk. The method includes copying the contents of the first delta disk to the second base disk with the mirror driver. After the contents of the first delta disk have been copied to the second base disk, the method includes removing the mirror driver and operating the linked clone virtual machine as a full clone virtual machine on the second base disk.

Abstract: One or more embodiments provide techniques for promoting a linked clone virtual machine to a full clone virtual machine. In one embodiment, a method includes receiving an instruction to promote the linked clone virtual machine to a full clone virtual machine. The method also includes creating a second base disk for the linked clone virtual machine. The method includes installing a mirror driver between the first delta disk and the second base disk. The method includes copying the contents of the first delta disk to the second base disk with the mirror driver. After the contents of the first delta disk have been copied to the second base disk, the method includes removing the mirror driver and operating the linked clone virtual machine as a full clone virtual machine on the second base disk.