The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Mar. 01, 2022
Filed:
Oct. 31, 2019
Microsoft Technology Licensing, Llc, Redmond, WA (US);
Md Nazmus Sakib, Seattle, WA (US);
Jeffrey A. Sutherland, Seattle, WA (US);
Deven Robert Desai, Bellevue, WA (US);
Jaskaran Singh Khurana, Bellevue, WA (US);
Scott Randall Shell, Bellevue, WA (US);
Jessica M. Krynitsky, Manassas, VA (US);
MICROSOFT TECHNOLOGY LICENSING, LLC, Redmond, WA (US);
Abstract
Integrity verification of a containerized application using a block device signature is described. For example, a container deployed to a host system is signed with a single block device signature. The operating system of the host system implements an integrity policy to verify the integrity of the container when the container is loaded into memory and when its program code executes. During such events, the operating system verifies whether the block device signature is valid. If the block device signature is determined to be valid, the operating system enables the program code to successfully execute. Otherwise, the program code is prevented from being executed. By doing so, certain program code or processes that are not properly signed are prevented from executing, thereby protecting the host system from such processes. Moreover, by using a single block device signature for a container, the enforcement of the integrity policy is greatly simplified.