Authenticated service virtualization

US 20090150988A1
Filed: 12/10/2007
Published: 06/11/2009
Est. Priority Date: 12/10/2007
Status: Active Grant

First Claim

Patent Images

1. A service virtualization device, comprising:

a communication interface; and

a processor configured to;

receive from a client via the communication interface a request to access a service from a first server;

use a secret data associated with the first server to process the received request; and

send a processed request to a second server;

wherein the first and second servers are associated with a virtualization;

and wherein the processed request can be used by the second server to authenticate the client.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Virtualizing a service is disclosed. A request to access a service from a first server is received from a client. A secret data associated with the first server is used to process the received request. The processed request is sent to a second server. The first and second servers are associated with a virtualization; and wherein the processed request can be used by the second server to authenticate the client.

Citations

20 Claims

1. A service virtualization device, comprising:
- a communication interface; and
  
  a processor configured to;
  
  receive from a client via the communication interface a request to access a service from a first server;
  
  use a secret data associated with the first server to process the received request; and
  
  send a processed request to a second server;
  
  wherein the first and second servers are associated with a virtualization;
  
  and wherein the processed request can be used by the second server to authenticate the client.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The service virtualization device of claim 1 wherein the processed request comprises a new request generated based at least in part on information obtained by processing the received request.
  - 3. The service virtualization device of claim 1 wherein the request includes a session ticket, the secret data associated with the first server is a secret key, and the session ticket is encrypted with the secret key.
  - 4. The service virtualization device of claim 1 wherein the secret data associated with the first server is received from the first server.
  - 5. The service virtualization device of claim 1 wherein the secret data associated with the first server is provided to the service virtualization device by an administrator or other authorized user.
  - 6. The service virtualization device of claim 1 wherein the secret data associated with the first server includes a key generated as part of the Kerberos protocol.
  - 7. The service virtualization device of claim 1 wherein processing includes using the secret data associated with the first server to decrypt at least a portion of the received request.
  - 8. The service virtualization device of claim 1 wherein at least a portion of the processed request is encrypted with a secret key associated with second server.
  - 9. The service virtualization device of claim 1 wherein the processor is further configured to bridge communications between the client and the first server.
  - 10. The service virtualization device of claim 1 wherein the processor is further configured to bridge communications between the client and the second server.
  - 11. The service virtualization device of claim 1 wherein the processor is further configured to redirect traffic related to the service from the first server to the second server.
  - 12. The service virtualization device of claim 1 wherein the processor is further configured to initiate redirection of traffic related to the service from the first server to the second server.
  - 13. The service virtualization device of claim 1 wherein the processor is further configured to manage relocation from the first server to the second server of one or more of the service and a resource accessible via the service.

14. A method for virtualizing a service including:
- receiving from a client a request to access a service from a first server;
  
  using a secret data associated with the first server to process the received request; and
  
  sending a processed request to a second server;
  
  wherein the first and second servers are associated with a virtualization;
  
  and wherein the processed request can be used by the second server to authenticate the client.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The method of claim 14 wherein the processed request comprises a new request generated based at least in part on information obtained by processing the received request.
  - 16. The method of claim 14 wherein the request includes a session ticket, the secret data associated with the first server is a secret key, and the session ticket is encrypted with the secret key.
  - 17. The method of claim 14 wherein the secret data associated with the first server includes a key generated as part of the Kerberos protocol.
  - 18. The method of claim 14 wherein processing includes using the secret data associated with the first server to decrypt at least a portion of the received request.
  - 19. The method of claim 14 further comprising managing relocation from the first server to the second server of one or more of the service and a resource accessible via the service.

20. A computer program product for virtualizing a service, the computer program product being embodied in a computer readable medium and comprising computer instructions for:
- receiving from a client a request to access a service from a first server;
  
  using a secret data associated with the first server to process the received request; and
  
  sending a processed request to a second server;
  
  wherein the first and second servers are associated with a virtualization; and
  
  wherein the processed request can be used by the second server to authenticate the client.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Love, Philip C., Aji, Srinivas Mandayam, Guo, Zhaohui

Granted Patent

US 8,387,130 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/10
CPC Class Codes

G06F 21/33 using certificates

H04L 9/3213 using tickets or tokens, e....

Authenticated service virtualization

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authenticated service virtualization

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links