The present disclosure relates generally to virtual computing systems, and more particularly, encryption mechanisms used by virtual computing systems.
A host machine (e.g., computer or server) is a computing system that is typically enabled to simultaneously run one or more virtual machines, where each virtual machine may be used by a local or remote client. The host machine allocates a certain amount of execution time from the host's physical processors to each of the virtual machines. Each virtual machine may use the allocated resources to execute applications, including operating systems known as guest operating systems.
A virtual machine is a piece of software that, when executed on appropriate hardware, creates an environment allowing the virtualization of an actual physical computer system. Each virtual machine running on the physical system may function as a self-contained platform, running its own operating system (OS) and software applications (processes) on one or more virtual processors.
Various computing systems use encryption technology that encrypts data to be stored in memory. Such encryption may be selectively applied to specific portions of memory, as specified by the operating system. Thus, even if that memory is compromised, it is incomprehensible without the corresponding encryption key used to encrypt it. Virtual machines that run on a single host machine typically store data on the same physical media that is used by other virtual machines running on the host machine.