MANAGING SECURITY FOR COMPUTER SERVICES

US 20130117567A1
Filed: 04/29/2012
Published: 05/09/2013
Est. Priority Date: 11/04/2011
Status: Active Grant

First Claim

Patent Images

1. A method of providing security for a business application comprising:

receiving a request from a server including a server public key and a security token;

deploying a virtual node implementing the business application in response to the request;

using the security token in a bootstrap process by the virtual node to provide authentication to the server; and

authenticating a message from the server using a server public key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for providing security for a business application including receiving a request from a server including a server public key and a security token, deploying a virtual node implementing the business application in response to the request, using the security token in a bootstrap process by the virtual node to provide authentication to the server, and authenticating a message from the server using a server public key.

60 Citations

View as Search Results

25 Claims

1. A method of providing security for a business application comprising:
- receiving a request from a server including a server public key and a security token;
  
  deploying a virtual node implementing the business application in response to the request;
  
  using the security token in a bootstrap process by the virtual node to provide authentication to the server; and
  
  authenticating a message from the server using a server public key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein the virtual node uses the server public key in the bootstrap process to provide authentication of the server.
  - 3. The method of claim 1 wherein the request includes a virtual node private key and the virtual node uses the virtual node private key in the bootstrap process to provide authentication to the server.
  - 4. The method of claim 3 wherein the virtual node uses the virtual node private key to sign a set of data in the bootstrap process.
  - 5. The method of claim 4 wherein the virtual node uses the virtual node private key to sign a predetermined set of data.
  - 6. The method of claim 1 wherein the security token contains two RSA public key identifiers.
  - 7. The method of claim 1 wherein the virtual node opens an SSL connection to the server by accepting a server X.509 certificate without authentication.
  - 8. The method of claim 7 wherein the virtual node first accepts the server X.509 certificate in the bootstrap process after the virtual node verifies the server signature using the server public key.
  - 9. The method of claim 1 wherein the server identifies the virtual node using a virtual node identity in the security token.

10-20. -20. (canceled)

21. A method of providing security for a business application comprising:
- providing a server public key, a security token, and a virtual node private key to a virtual node implementing the business application;
  
  using the security token in a bootstrap process by the virtual node to provide authentication to the server; and
  
  in response to the bootstrap process, the server using a server private key to sign a message to provide authentication to the virtual node.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The method of claim 21 wherein the virtual node uses the server public key in the bootstrap process to obtain authentication of the server.
  - 23. The method of claim 21 wherein the virtual node uses the virtual node private key in the bootstrap process to provide authentication to the server.
  - 24. The method of claim 23 wherein the virtual node uses the virtual node private key to sign a set of data in the bootstrap process.
  - 25. The method of claim 24 wherein the virtual node uses the virtual node private key to sign a predetermined set of data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Chang, John Y., Chao, Ching Y., Chung, Hyen V.

Granted Patent

US 8,943,319 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/170
CPC Class Codes

G06F 2009/45587   Isolation or security of vi...

G06F 21/00   Security arrangements for p...

G06F 21/445   by mutual authentication, e...

G06F 21/575   Secure boot

G06F 9/45558   Hypervisor-specific managem...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0823   using certificates cryptogr...

H04L 9/3234   involving additional secure...

H04L 9/3268   using certificate validatio...

MANAGING SECURITY FOR COMPUTER SERVICES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

60 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

MANAGING SECURITY FOR COMPUTER SERVICES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

60 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links