| CPC G06F 21/606 (2013.01) [G06F 21/64 (2013.01); G06F 21/78 (2013.01)] | 20 Claims |
|
1. A system comprising:
a virtual machine engine for generating one or more virtual machines, each virtual machine being generated having a virtual machine confidentiality level, the virtual machine confidentiality level being selected from at least a higher confidentiality level and a lower confidentiality level, a first virtual machine with the higher confidentiality level being configured to require a stronger confidentiality process than a second virtual machine with the lower confidentiality level;
a first program;
a second program;
a first datastore or data set associated with a first data confidentiality level;
a second datastore or data set associated with a second data confidentiality level;
at least one hardware processor configured to:
receive a request to use the first program;
execute a particular virtual machine with a particular virtual machine confidentiality level;
use a particular confidentiality process before or while operating the first program by the particular virtual machine, the particular confidentiality process being associated with the particular virtual machine confidentiality level; and
allow the first program to write to the first datastore or data set, only if the first data confidentiality level is equal to or higher than the particular virtual machine confidentiality level.
|