The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Mar. 05, 2024
Filed:
Jun. 07, 2021
International Business Machines Corporation, Armonk, NY (US);
Michael Vu Le, Danbury, CT (US);
Md Salman Ahmed, Blacksburg, VA (US);
Hani Talal Jamjoom, Cos Cob, CT (US);
International Business Machines Corporation, Armonk, NY (US);
Abstract
A method, apparatus and computer program product for scheduling placement of containers in association with a set of hosts. The technique utilizes metrics that characterize container-specific risks. A first metric is a host interface risk for a container that quantifies how similar or dissimilar the container is relative to other containers running on a host. Preferably, host interface risk is derived with respect to a system call interface comprising a set of system calls, and the metric is based at least in part on a measure of dissimilarity among system calls. A second metric is a data sensitivity score that quantifies a degree to which sensitive data accesses are associated to the container. Based at least in part on the host interface risk scores and the data sensitivity scores, one or more containers are automatically scheduled for placement on the set of hosts to minimize security risk for the set of hosts.