Abstract: A processor may generate one or more encrypted policies associated with a policy creator. A processor may generate token metadata associated with a user utilizing the one or more encrypted policies. A processor may encrypt the token metadata to form encrypted token metadata. A processor may send the one or more encrypted policies and the encrypted token metadata to a policy evaluator. The policy evaluator may evaluate the one or more encrypted policies and the encrypted token metadata. The processor may return a response. The response may be based on the evaluation by the policy evaluator.

Abstract: Techniques regarding the use of digital identity tokens describing a computer application to obtain authorization to confidential data based on one or more policies are provided. For example, one or more embodiments described herein can comprise a system, which can comprise a memory that can store computer executable components. The system can also comprise a processor, operably coupled to the memory, and that can execute the computer executable components stored in the memory. The computer executable components can comprise a trusted platform module component that can generate a digital identity token that is bound to a computer application process. The computer executable components can also comprise a key authenticity component that can compare the digital identity token to a security key to retrieve a security credential.

Abstract: A processor may generate one or more encrypted policies associated with a policy creator. A processor may generate token metadata associated with a user utilizing the one or more encrypted policies. A processor may encrypt the token metadata to form encrypted token metadata. A processor may send the one or more encrypted policies and the encrypted token metadata to a policy evaluator. The policy evaluator may evaluate the one or more encrypted policies and the encrypted token metadata. The processor may return a response. The response may be based on the evaluation by the policy evaluator.

Abstract: Techniques facilitating security hardening systems that host containers are provided. In one example, a system comprises: a memory that stores computer executable components; and a processor that executes computer executable components stored in the memory. The computer executable components comprise: a boot component performs a portion of a trusted boot sequence to securely boot the system to a defined secure state wherein one or more types of administrative access to a container memory are deactivated. The computer executable components also comprise: a core service component started as a part of the trusted boot sequence and that securely obtains one or more decryption keys for use with the container memory; and a runtime decryption component that uses the one or more decryption keys to perform runtime decryption of one or more files accessed by a container associated with the container memory.

Abstract: Verifying authenticity of software updates is provided. An update executable and an update behavior profile corresponding to a software update are hashed using a cryptographic hash function. A hash of the update executable and the update behavior profile is signed using a private key to form a hashed update digital signature.

Abstract: Aspects of the invention include creating and starting fast-start container images. A preview image of a container is received at a host computer. The preview image includes a subset of an original image of the container. The preview image of the container is executed, at the host computer, for a workload. Based at least in part on detecting a fault during the executing of the preview image of the container, one of the original image of the container and a portion of the original image not included in the preview image of the container is accessed for continuing execution of the workload.

Abstract: An apparatus receives a signal to perform secure erasure of a storage medium. The apparatus, responsive to reception of the signal, erases the storage medium by performing at least the following operations. An encryption key is erased. The encryption key is stored on the storage medium and is used to encrypt data on the storage medium. The apparatus generates a fake encryption key that is different from the encryption key and stores storing the fake encryption key on the storage medium. The encryption key and/or fake encryption key may be stored on the medium in multiple parts. The encryption key may be generated using random data from the medium. The apparatus may be the storage medium or a computer system that access the storage medium. The erasure can be performed in response to a request by a user. The medium may be an erasure-resistant storage medium.

Abstract: Aspects of the invention include selecting a node for an infrastructure update. The selected node is included in a cluster of nodes executing workloads that include containers. A future workload is prevented from being scheduled on the selected node. A workload currently executing on the selected node is migrated to another node included in the cluster of nodes. Infrastructure code on the selected node is updated, and in response to the updating, the ability to schedule a future workload on the selected node is enabled.

Abstract: Techniques facilitating security hardening systems that host containers are provided. In one example, a system comprises: a memory that stores computer executable components; and a processor that executes computer executable components stored in the memory. The computer executable components comprise: a boot component performs a portion of a trusted boot sequence to securely boot the system to a defined secure state wherein one or more types of administrative access to a container memory are deactivated. The computer executable components also comprise: a core service component started as a part of the trusted boot sequence and that securely obtains one or more decryption keys for use with the container memory; and a runtime decryption component that uses the one or more decryption keys to perform runtime decryption of one or more files accessed by a container associated with the container memory.

Abstract: Techniques regarding the use of digital identity tokens describing a computer application to obtain authorization to confidential data based on one or more policies are provided. For example, one or more embodiments described herein can comprise a system, which can comprise a memory that can store computer executable components. The system can also comprise a processor, operably coupled to the memory, and that can execute the computer executable components stored in the memory. The computer executable components can comprise a trusted platform module component that can generate a digital identity token that is bound to a computer application process. The computer executable components can also comprise a key authenticity component that can compare the digital identity token to a security key to retrieve a security credential.

Abstract: Verifying authenticity of software updates is provided. An update executable and an update behavior profile corresponding to a software update are hashed using a cryptographic hash function. A hash of the update executable and the update behavior profile is signed using a private key to form a hashed update digital signature.

Abstract: A secure filesystem provides write-only access with limited read. The filesystem stores data as an encrypted block on a user machine using a symmetric (active) key, along with metadata including a read condition. While the read condition is valid, local applications can read the data using the active key. When the read condition becomes invalid, the active key is deleted so local applications no longer have access. However, the filesystem encrypts the active key to yield an inactive key, using an RSA public key. The corresponding private key is sent to an authorized party machine, but deleted from the user machine. Thus the user machine is unable to decrypt the inactive key, but the authorized party machine can still read the data by first decrypting the inactive key using the private key to regenerate the active key, and then decrypting the encrypted block using the regenerated active key.

Abstract: Aspects of the invention include selecting a node for an infrastructure update. The selected node is included in a cluster of nodes executing workloads that include containers. A future workload is prevented from being scheduled on the selected node. A workload currently executing on the selected node is migrated to another node included in the cluster of nodes. Infrastructure code on the selected node is updated, and in response to the updating, the ability to schedule a future workload on the selected node is enabled.

Abstract: Aspects of the invention include creating and starting fast-start container images. A preview image of a container is received at a host computer. The preview image includes a subset of an original image of the container. The preview image of the container is executed, at the host computer, for a workload. Based at least in part on detecting a fault during the executing of the preview image of the container, one of the original image of the container and a portion of the original image not included in the preview image of the container is accessed for continuing execution of the workload.

Abstract: A secure filesystem provides write-only access with limited read. The filesystem stores data as an encrypted block on a user machine using a symmetric (active) key, along with metadata including a read condition. While the read condition is valid, local applications can read the data using the active key. When the read condition becomes invalid, the active key is deleted so local applications no longer have access. However, the filesystem encrypts the active key to yield an inactive key, using an RSA public key. The corresponding private key is sent to an authorized party machine, but deleted from the user machine. Thus the user machine is unable to decrypt the inactive key, but the authorized party machine can still read the data by first decrypting the inactive key using the private key to regenerate the active key, and then decrypting the encrypted block using the regenerated active key.

Abstract: An apparatus receives a signal to perform secure erasure of a storage medium. The apparatus, responsive to reception of the signal, erases the storage medium by performing at least the following operations. An encryption key is erased. The encryption key is stored on the storage medium and is used to encrypt data on the storage medium. The apparatus generates a fake encryption key that is different from the encryption key and stores storing the fake encryption key on the storage medium. The encryption key and/or fake encryption key may be stored on the medium in multiple parts. The encryption key may be generated using random data from the medium. The apparatus may be the storage medium or a computer system that access the storage medium. The erasure can be performed in response to a request by a user. The medium may be an erasure-resistant storage medium.