Secure Administration of Virtual Machines
First Claim
1. A method comprising:
- receiving a first request from an unverified entity to instantiate a first instance of a virtual machine, said first request defining a first set of one or more resources to be made available by a virtual machine server device to the first instance of the virtual machine, said first request including first security information;
validating the first request by verifying the unverified entity using the first security information;
accessing an authorization database, said authorization database identifying one or more resources, based on the verified entity, that the first instance of the virtual machine is authorized to use on the virtual machine server device;
responsive to validating the first request;
instantiating the first instance of the virtual machine with access to the subset of the first set of one or more resources.
8 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for performing secure administration of virtual domain resource allocation are provided herein. A cloud service provider (CSP) may provide instances of virtual machines to one or more contracting user entities. The cloud service provider may store an authorization database identifying one or more resources (e.g., storage, CPU, etc.) that each of the different contracting user entities is authorized to use on a virtual machine server device. The CSP may subsequently receive a request from an unverified entity to instantiate a virtual machine with access to one or more resources. The request may include security information. The CSP validates the request by verifying the unverified entity using the first security information (e.g., checking a PKI certificate, requiring a login/password, etc.) and, when the request is validated, provides access to the verified entity to a subset of the requested one or more resources based on the authorization database.
-
Citations
20 Claims
-
1. A method comprising:
-
receiving a first request from an unverified entity to instantiate a first instance of a virtual machine, said first request defining a first set of one or more resources to be made available by a virtual machine server device to the first instance of the virtual machine, said first request including first security information; validating the first request by verifying the unverified entity using the first security information; accessing an authorization database, said authorization database identifying one or more resources, based on the verified entity, that the first instance of the virtual machine is authorized to use on the virtual machine server device; responsive to validating the first request; instantiating the first instance of the virtual machine with access to the subset of the first set of one or more resources. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. One or more nontransitory computer readable media comprising computer readable instructions that, when executed, configure a virtualization server to perform:
-
receiving a first request from an unverified entity to instantiate a first instance of a virtual machine, said first request defining a first set of one or more resources to be made available by the virtualization server to the first instance of the virtual machine, said first request including first security information; validating the first request by verifying the unverified entity using the first security information; responsive to validating the first request; determining a subset of the first set of one or more resources based on an authorization database identifying one or more resources that each of a plurality of entities is authorized to access, and instantiating the first instance of the virtual machine with a subset of the first set of one or more resources. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A virtualization server, comprising:
-
a processor; and memory storing computer readable instructions that, when executed by the processor, configure the virtualization server to perform; receiving a first request from an unverified entity to instantiate a first instance of a virtual machine, said first request defining a first set of one or more resources to be made available by the virtualization server to the first instance of the virtual machine, said first request including first security information; validating the first request by verifying the unverified entity using the first security information; responsive to validating the first request; determining a subset of the first set of one or more resources based on an authorization database identifying one or more resources that each of a plurality of entities is authorized to access, and instantiating the first instance of the virtual machine with a subset of the first set of one or more resources. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification