US Patent No. 10,461,937


Patent No. 10,461,937
Issue Date October 29, 2019
Title Hypervisor Supported Secrets Compartment
Inventorship Nicholas Alexander Allen, Seattle, WA (US)
Assignee Amazon Technologies, Inc., Seattle, WA (US)

Claim of US Patent No. 10,461,937

1. A system, comprising: memory to store instructions that, if executed by one or more processors of the system, cause the system to: identify, by a hypervisor, secured data stored in a first virtual machine, the secured data being accessible by the first virtual machine, without support from a guest operating system, using a key; generate, by the hypervisor, a communication channel between the first virtual machine and a second virtual machine, wherein the second virtual machine is generated with metadata selected based on at least in part on an application instantiated on the first virtual machine, wherein the second virtual machine has access to a repository of keys; store, by the hypervisor, the key to the second virtual machine; receive, by the hypervisor, a request to access the secured data; and provide, by the hypervisor through the communication channel, in response to the request, the key for access to the secured data.