International Business Machines Corporation
Virtual machine allocation and migration between hardware devices by destroying and generating enclaves using transmitted datafiles and cryptographic keys

Abstract:

A method and system for improving virtual machine allocation and migration is provided. The method includes initiating a migration process for migrating database files of a virtual machine from a first hardware device to a second hardware device. A checkpoint and restart command is transmitted to a first hypervisor of the first hardware device and a request for a cryptographic key from a memory encryption engine is received. The cryptographic key is transmitted to a first enclave and the first enclave is encrypted resulting in an encrypted enclave. A resulting a data file comprising the database files is generated and the encrypted enclave is disconnected from the first hardware device. The encrypted enclave is destroyed and checkpoint and restart code is executed for restarting the first hardware device.