Secure virtualized servers
First Claim
1. A method for providing secure access to physical resources via a partitionable virtual input/output server in a virtualized environment, wherein the physical resources are partitioned using Kerberos security, the method comprising:
- receiving, from an administrator, a request to access the physical resources, wherein the administrator is a user of a cloud tenant, and wherein the tenant is assigned to a particular working load partition (WPAR) of a plurality of WPARs hosted on a virtualized server in the virtualized environment, and wherein the physical resources are assigned to the particular WPAR;
accessing, in response to the request, a remote Kerberos server, the remote Kerberos server is hosted in a private domain, and the remote Kerberos server is able to authenticate access to the physical resource;
receiving, from the Kerberos server, a valid ticket,granting, to the administrator, based on the valid ticket, and for a lifetime of the ticket, access to the physical resources via access to the WPAR, wherein the granting access to the physical resources further comprises granting access to clients assigned to the physical resources.
1 Assignment
0 Petitions
Accused Products
Abstract
A system may be configured to provide secure access to a physical resource through the use of a partitionable virtual input/output server in a virtualized environment. A server may receive a request to access the physical resources from a cloud tenant administrator. The cloud tenant may be assigned to a particular working load partition (WPAR), and the physical resources may be assigned to the particular WPAR. A remote Kerberos server may be accessed in response to the request. The Kerberos server may be hosted in a private domain, and it may be used to authenticate access to the physical resource. The server may receive a valid ticket from the Kerberos server. The administrator may be granted access to the physical resources via access to the WPAR, based on the valid ticket and for the lifetime of the ticket.
15 Citations
18 Claims
-
1. A method for providing secure access to physical resources via a partitionable virtual input/output server in a virtualized environment, wherein the physical resources are partitioned using Kerberos security, the method comprising:
-
receiving, from an administrator, a request to access the physical resources, wherein the administrator is a user of a cloud tenant, and wherein the tenant is assigned to a particular working load partition (WPAR) of a plurality of WPARs hosted on a virtualized server in the virtualized environment, and wherein the physical resources are assigned to the particular WPAR; accessing, in response to the request, a remote Kerberos server, the remote Kerberos server is hosted in a private domain, and the remote Kerberos server is able to authenticate access to the physical resource; receiving, from the Kerberos server, a valid ticket, granting, to the administrator, based on the valid ticket, and for a lifetime of the ticket, access to the physical resources via access to the WPAR, wherein the granting access to the physical resources further comprises granting access to clients assigned to the physical resources. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for providing secure access to physical resources via a partitionable virtual input/output server in a virtualized environment, wherein the physical resources are partitioned using Kerberos security, the system comprising:
-
a computer readable storage medium with program instructions stored thereon; and one or more processors configured to execute the program instructions to perform a method comprising; receiving, from an administrator, a request to access the physical resources, wherein the administrator is a user of a cloud tenant, and wherein the tenant is assigned to a particular working load partition (WPAR) of a plurality of WPARs hosted on a virtualized server in the virtualized environment, and wherein the physical resource are assigned to the particular WPAR; accessing, in response to the request, a remote Kerberos server, the remote Kerberos server is hosted in a private domain, and the remote Kerberos server is able to authenticate access to the physical resource; receiving, from the Kerberos server, a valid ticket, granting, to the administrator, based on the valid ticket, and for a lifetime of the ticket, access to the physical resources via access to the WPAR, wherein the granting access to the physical resources further comprises granting access to clients assigned to the physical resources. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer program product for providing secure access to physical resources via a partitionable input/output server in a virtualized environment, wherein the physical resources are partitioned using Kerberos security, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, wherein the computer readable storage medium is not a transitory signal per se, the program instructions executable by a computer processing circuit to cause the circuit to perform the method comprising:
-
receiving, from an administrator, a request to access the physical resources, wherein the administrator is a user of a cloud tenant, and wherein the tenant is assigned to a particular working load partition (WPAR) of a plurality of WPARs hosted on a virtualized server in the virtualized environment, and wherein the physical resources are assigned to the particular WPAR; accessing, in response to the request, a remote Kerberos server, the remote Kerberos server is hosted in a private domain, and the remote Kerberos server is able to authenticate access to the physical resource; receiving, from the Kerberos server, a valid ticket, granting, to the administrator, based on the valid ticket, and for a lifetime of the ticket, access to the physical resources via access to the WPAR, wherein the granting access to the physical resources further comprises granting access to clients assigned to the physical resources. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification