Secure access to a virtual machine
First Claim
Patent Images
1. A remote server comprising:
- a hypervisor to support a number of virtual machines on the remote server; and
a number of virtual machines dispensed to the remote server by a separate management appliance that communicates with the remote server via a computer network, wherein, during instantiation, a first of the virtual machines is cryptographically associated with the management appliance that dispensed that first virtual machine to the remote server, the cryptographic association creating a trusted relationship between the first virtual machine and the management appliance from which the first virtual machine was dispensed;
wherein, because of this trusted relationship, a user who has access to the management appliance and is using the management appliance for remotely accessing the first virtual machine on the remote server is granted access to the first virtual machine based on the trusted relationship between the management appliance and the virtual machine; and
wherein any user with access to the management appliance will have access to the first virtual machine based on the trusted relationship between the management appliance and the virtual machine such that the user accessing the first virtual machine on the remote server via the management appliance can vary.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for providing secure access to a virtual machine includes dispensing an image corresponding to a virtual machine from a management appliance to a distributed computing system such that the virtual machine is implemented by at least one of a plurality of interconnected physical computing devices in the distributed computing system; establishing a trusted relationship between the management appliance and the virtual machine; and providing a user with access to the virtual machine from the management appliance without further authentication credentials from the user.
60 Citations
18 Claims
-
1. A remote server comprising:
-
a hypervisor to support a number of virtual machines on the remote server; and a number of virtual machines dispensed to the remote server by a separate management appliance that communicates with the remote server via a computer network, wherein, during instantiation, a first of the virtual machines is cryptographically associated with the management appliance that dispensed that first virtual machine to the remote server, the cryptographic association creating a trusted relationship between the first virtual machine and the management appliance from which the first virtual machine was dispensed; wherein, because of this trusted relationship, a user who has access to the management appliance and is using the management appliance for remotely accessing the first virtual machine on the remote server is granted access to the first virtual machine based on the trusted relationship between the management appliance and the virtual machine; and wherein any user with access to the management appliance will have access to the first virtual machine based on the trusted relationship between the management appliance and the virtual machine such that the user accessing the first virtual machine on the remote server via the management appliance can vary. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A management appliance, the management appliance comprising:
-
a processor; and
a memory communicatively coupled to the processor, the memory comprising executable code stored thereon such that the processor, upon executing the executable code;dispenses an image corresponding to a virtual machine to a remote server separate from the management appliance, the remote server having a hypervisor, the hypervisor to support the virtual machine on the remote server, wherein, during instantiation, the virtual machine is cryptographically associated with the management appliance that dispensed that virtual machine to the remote server, the cryptographic association creating a trusted relationship between the virtual machine and the management appliance from which the virtual machine was dispensed; establishes the trusted relationship with the virtual machine implemented on the remote server, the trusted relationship being based on the cryptographic association between the virtual machine and the management appliance as the source of the virtual machine; and
,using this trusted relationship, provides a user who has access to the management appliance and is using the management appliance for remotely accessing the virtual machine on the remote server with access to the virtual machine based on the trusted relationship without authentication credentials specifically for the virtual machine from the user, wherein any user with access to the management appliance will have access to the virtual machine based on the trusted relationship between the management appliance and the virtual machine such that the user accessing the virtual machine can vary. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A computer-implemented method (CIM) comprising:
-
sending, from a management appliance, over a communication network and to a remote physical server computer, a first virtual machine image; instantiating a first virtual machine instantiation from the first virtual machine image on the remote physical server; creating a trusted relationship between the first virtual machine instantiation and the management appliance by cryptographic association between the first virtual machine instantiation and the management appliance; determining that a first user who is using the management appliance may be granted access to the first virtual machine instantiation through the management appliance and over the communication network based, at least in part, on the trusted relationship between the management appliance and the first virtual machine instantiation; and responsive to the determination that the first user may be granted access, granting access to the first user to use the first virtual machine instantiation. - View Dependent Claims (17, 18)
-
Specification