Secure Network Cloud Architecture

US 20120266231A1
Filed: 03/16/2012
Published: 10/18/2012
Est. Priority Date: 04/18/2011
Status: Active Grant

First Claim

Patent Images

1. An apparatus comprising:

at least one processor; and

at least one memory storing computer executable instructions that, when executed by the at least one processor, cause the apparatus to at least;

transmit, via a secure channel to a cloud computing system, a request to create a virtual machine in a second computing system, wherein the request includes at least a first token;

receive, from a secure boot server, the first token after the second computing system requests to load components configured to boot the virtual machine;

transmit, to the secure boot server, a second token unique to the request to load components, wherein the second token enables the secure boot server to transmit the requested components and the second token to the virtual machine, wherein the requested components are unique to the request to load components;

receive, from the virtual machine, the second token after the virtual machine has been loaded with the requested components;

transmit, to the virtual machine, a third token and confidential information configured to enable the virtual machine to create a secure connection with the apparatus via a gateway server located in the cloud computing system;

receive, from the gateway server, the third token and a request to establish a secure connection with the virtual machine through the gateway server; and

communicate with the virtual machine over the established secure connection.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Apparatuses, computer readable media, methods, and systems are described for requesting creation of virtual machine (VM) in a cloud environment comprising a virtual private cloud. Through various communications between a cloud DMZ, cloud provider, and/or company'"'"'s network, a VM instance may be securely created, initialized, booted, unlocked, and/or monitored through a series of interactions building, in some examples, upon a root of trust.

211 Citations

30 Claims

1. An apparatus comprising:
- at least one processor; and
  
  at least one memory storing computer executable instructions that, when executed by the at least one processor, cause the apparatus to at least;
  
  transmit, via a secure channel to a cloud computing system, a request to create a virtual machine in a second computing system, wherein the request includes at least a first token;
  
  receive, from a secure boot server, the first token after the second computing system requests to load components configured to boot the virtual machine;
  
  transmit, to the secure boot server, a second token unique to the request to load components, wherein the second token enables the secure boot server to transmit the requested components and the second token to the virtual machine, wherein the requested components are unique to the request to load components;
  
  receive, from the virtual machine, the second token after the virtual machine has been loaded with the requested components;
  
  transmit, to the virtual machine, a third token and confidential information configured to enable the virtual machine to create a secure connection with the apparatus via a gateway server located in the cloud computing system;
  
  receive, from the gateway server, the third token and a request to establish a secure connection with the virtual machine through the gateway server; and
  
  communicate with the virtual machine over the established secure connection.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 21)
- - 2. The apparatus of claim 1, wherein the cloud computing system comprises a virtual private cloud including virtual machines and a cloud DMZ, and the apparatus is located inside an organization'"'"'s network and communicates with the cloud computing system.
  - 3. The apparatus of claim 2, wherein the cloud DMZ comprises:
    - at least one firewall configured to regulate network traffic;
      
      the secure boot server configured to transmit, to the virtual machine, unique operating system components configured to securely network boot the virtual machine; and
      
      the gateway server.
  - 4. The apparatus of claim 1, wherein the apparatus is located partially outside the cloud computing system.
  - 5. The apparatus of claim 1, wherein the virtual machine is a measured virtual machine, and the authenticity of the virtual machine is determined using a quote generated based on a measurement of the measured virtual machine.
  - 6. The apparatus of claim 1, wherein the first token, second token, third token, and confidential information are each randomly generated for one-time use.
  - 7. The apparatus of claim 1, wherein the memory further stores computer executable instructions that, when executed, cause the apparatus at least to:
    - record, in the memory using the processor, the first token in association with the reservation;
      
      compare, using the processor, the received first token with the recorded first token;
      
      record, in the memory using the processor, the second token in association with the reservation;
      
      compare, using the processor, the received second token with the recorded second token;
      
      record, in the computer memory using the processor, the third token in association with the reservation; and
      
      compare, using the processor, the received third token with the recorded third token.
  - 21. The method of claim 1, wherein the first computing system is associated with an organization and the second computing system is associated with a cloud service provider that provides cloud computing services to the organization.

8. A method comprising:
- transmitting, by a first computing system via a secure channel to a second computing system, a request to create a virtual machine in the second computing system, wherein the request includes at least a first token;
  
  recording, in a computer memory using a processor of the first computing system, the first token in association with the request for a virtual machine;
  
  receiving, by the first computing system from a server located in a secure zone in the second computing system, the first token after the second computing system requests to load components configured to boot the virtual machine;
  
  confirming, using the processor of the first computing system, authenticity of the received first token with the recorded first token;
  
  transmitting, by the first computing system to the server located in the secure zone in the second computing system, a second token unique to the request to load components, wherein the second token is configured to enable the server located in the secure zone of the second computing system to transmit the requested components and the second token to the virtual machine, wherein the requested components are unique to the request to load components;
  
  recording, in the computer memory using the processor of the first computing system, the second token in association with the request for the virtual machine;
  
  receiving, by the first computing system from the virtual machine, the second token after the virtual machine has been loaded with the requested components;
  
  confirming, using the processor of the first computing system, authenticity of the received second token with the recorded second token;
  
  transmitting, by the first computing system to the virtual machine, a third token and confidential information configured to enable the virtual machine to create a secure connection with the first computing system via a gateway server located in the secure zone of the second computing system;
  
  recording, in the computer memory using the processor of the first computing system, the third token in association with the request for the virtual machine;
  
  receiving, by the first computing system from the gateway server located in the secure zone of the second computing system, the third token and a request to establish a secure connection through the secure zone with the virtual machine; and
  
  confirming, using the processor of the first computing system, authenticity of the received third token with the recorded third token.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 9. The method of claim 8, wherein a duration of time in a create phase exceeds a predetermined threshold of time, further comprising:
    - recording, using the processor of the first computing system, an entry in a log file stored on the computer memory of the first computing system;
      
      wherein the create phase starts at the recording, by the first computing system, the first token, and the create phase ends with the receiving, by the first computing system, the first token from the server located in the secure zone in the second computing system.
  - 10. The method of claim 9, further comprising:
    - sending, to the second computing system, instructions to abort the request to create the virtual machine.
  - 11. The method of claim 8, further comprising:
    - recording, using the processor of the first computing system, an entry in a log file stored on the computer memory of the first computing system indicating a duration of time in a boot phase exceeds a predetermined threshold of time;
      
      recording, using the processor of the first computing system, an entry in a log file stored on the computer memory of the first computing system indicating a duration of time in a unlock phase exceeds a predetermined threshold of time; and
      
      recording, using the processor of the first computing system, an entry in a log file stored on the computer memory of the first computing system indicating a duration of time in a connect phase exceeds a predetermined threshold of time.
  - 12. The method of claim 8, wherein the virtual machine is a measured virtual machine.
  - 13. The method of claim 12, wherein authenticity of the virtual machine is determined using a quote generated based on a measurement of the measured virtual machine, and wherein the quote comprises a key of a trusted module.
  - 14. The method of claim 8, further comprising:
    - confirming, using the processor of the first computing system, authenticity of the components loaded in the virtual machine.
  - 15. The method of claim 8, wherein the first computing system comprises a cloud orchestrator, and the second computing system comprises a virtual private cloud.
  - 16. The method of claim 8, wherein the components configured to boot the virtual machine comprise an operating system kernel and an initial ramdisk.
  - 17. The method of claim 8, wherein the components further comprise at least one of:
    - communications server software components and host integrity detection software components.
  - 18. The method of claim 8, wherein the first token is recorded in association with a reservation comprising unique data elements.
  - 19. The method of claim 18, wherein the first token is a randomly generated, unique, one-time use token.
  - 20. The method of claim 8, wherein the first token, second token, third token, and confidential information are each randomly generated for one-time use.

22. A non-transitory computer-readable storage medium storing computer-executable instructions, which when executed by an apparatus, cause the apparatus to at least:
- transmit, to a cloud provider of a cloud computing system, a request to create a virtual machine in a second computing system, wherein the request includes at least a first token;
  
  receive, from a secure boot server, the first token in response to the second computing system requesting to load components configured to boot the virtual machine;
  
  transmit, to the secure boot server, unique operating system components and a second token;
  
  receive, from the virtual machine, the second token in response to the virtual machine having been loaded with the unique operating system components;
  
  transmit, to the virtual machine, a third token and confidential information configured to enable the virtual machine to create a secure connection with the apparatus via a gateway server located in the cloud computing system; and
  
  receive, from the gateway server, the third token and a request to establish a secure connection with the virtual machine through the gateway server.
- View Dependent Claims (23, 24)
- - 23. The storage medium of claim 22, further storing computer-executable instructions, which when executed by an apparatus, cause the apparatus to at least:
    - record, in a memory using a processor, the first token in association with a reservation;
      
      confirm, using the processor, authenticity of the received first token with the recorded first token;
      
      record, in the memory using the processor, the second token in association with the reservation;
      
      confirm, using the processor, authenticity of the received second token with the recorded second token;
      
      record, in the computer memory using the processor, the third token in association with the reservation, wherein the reservation is associated with unique data elements; and
      
      confirm, using the processor, authenticity of the received third token with the recorded third token.
  - 24. The storage medium of claim 22, wherein the unique operating system components comprise an operating system kernel and an initial ramdisk, and the first token, second token, third token, and confidential information are each randomly generated for one-time use.

25. A system comprising:
- an organization computer network comprising at least one processor and at least one memory configured to;
  
  using a cloud orchestrator, monitor state of a virtual machine in a virtual private cloud network;
  
  using a database, store a reservation corresponding to the virtual machine, wherein the reservation comprises confidential information and a unique identifier; and
  
  using a firewall, regulate network traffic into the organization computer network;
  
  wherein the organization computer network is located outside of a cloud DMZ network and the virtual private cloud network.
- View Dependent Claims (26, 27, 28, 29, 30)
- - 26. The system of claim 25, further comprising:
    - the cloud DMZ network comprising at least one processor and at least one memory configured to;
      
      using an internal firewall, regulate network traffic between the organization computer network and a cloud gateway;
      
      using an external firewall, regulate network traffic between the cloud DMZ and the virtual private cloud;
      
      using a secure boot server, send unique operating system components to the virtual machine in the virtual private cloud; and
      
      using a gateway server, establish a secure channel between the virtual machine and the organization computer network;
      
      wherein the internal firewall, external firewall, secure boot server, and gateway server are located within the cloud DMZ network; and
      
      the virtual private cloud network comprising at least one processor and at least one memory configured to;
      
      using a virtualization platform, create the virtual machine in the at least one memory of the virtual private cloud network.
  - 27. The system of claim 26, wherein the unique identifier includes a network address.
  - 28. The system of claim 26, wherein the at least one memory of the organization computer network stores computer-executable instructions that, when executed by the at least one processor of the organization computer network, cause the cloud orchestrator at least to:
    - transmit, via a secure channel, a request to create the virtual machine, wherein the request includes at least a first token;
      
      receive, from the secure boot server, the first token;
      
      transmit, to the secure boot server, a second token in response to a request to load the virtual machine with the operating system components;
      
      receive, from the virtual machine, the second token after the virtual machine has been loaded with the requested components;
      
      transmit, to the virtual machine, a third token and confidential information; and
      
      receive, from the gateway server, the third token and a request to establish a secure connection through the cloud DMZ network with the virtual machine.
  - 29. The system of claim 26, wherein the at least one memory of the cloud DMZ network stores computer-executable instructions that, when executed, cause the secure boot server at least to:
    - receive, from the virtual machine, a request to download the operating system components, wherein the request includes at least a first token;
      
      transmit, to the organization computer network, the first token after receiving the request from the virtual machine to download components;
      
      receive, from the organization computer network, a second token indicating authorization to transmit unique components to the virtual machine in response to the request to download components; and
      
      transmit, to the virtual machine, the unique components and the second token;
  - 30. The system of claim 26, wherein the at least one memory of the cloud DMZ network stores computer-executable instructions that, when executed, cause the gateway server at least to:
    - receive, from the virtual machine, a third token and a secret passphrase indicating authorization from the organization computer network to create a secure channel with the virtual machine via the gateway server;
      
      transmit, to the organization computer network, the third token to confirm authenticity of the third token; and
      
      establish the secure channel between the virtual machine and the organization computer network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Spiers, Bradford T., Halas, Miroslav, Schimmel, Richard A., Provencher, Donald P.

Granted Patent

US 8,799,997 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/12
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

G06F 21/575   Secure boot

G06F 9/45533   Hypervisors; Virtual machin...

H04L 63/0218   Distributed architectures, ...

H04L 63/0281   Proxies

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/0876   based on the identity of th...

H04L 63/1441   Countermeasures against mal...

H04L 67/10   in which an application is ...

H04L 9/0897   involving additional device...

H04L 9/3234   involving additional secure...

H04L 9/3247   involving digital signatures

Secure Network Cloud Architecture

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

211 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Secure Network Cloud Architecture

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

211 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links