The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Dec. 27, 2022
Filed:
Jun. 07, 2019
Amazon Technologies, Inc., Seattle, WA (US);
Marc John Brooker, Seattle, WA (US);
Ajay Nair, Bothell, WA (US);
Amazon Technologies, Inc., Seattle, WA (US);
Abstract
Computer systems and methods are disclosed to implement a virtual machine monitor (VMM) that stores cryptographic keys for guest virtual machines (VMs) and securely executes cryptographic operations on the VMs' behalf using the stored cryptographic keys. The cryptographic keys are maintained in a key store that is accessible to the VMM but not accessible to the guest VMs. The cryptographic operations are executed in a manner that does not reveal the cryptographic keys to the guest VMs. In embodiments, the guest VMs may invoke the cryptographic operations via a device driver, a memory access interface, or some other mechanism. Advantageously, the guest VMs cannot obtain the cryptographic keys in their own memory space, so that the keys cannot be exfiltrated from the guest VMs. Embodiments of the VMM may be used to implement cryptographic operations such as request signing and verification, data encryption and decryption, and others.