Virtualized Host ID Key Sharing

US 20150007270A1
Filed: 06/28/2013
Published: 01/01/2015
Est. Priority Date: 06/28/2013
Status: Active Grant

First Claim

Patent Images

1. A method of sharing a virtualized host access key, comprising:

having a first host, operable to access a resource upon being authorized and whereby the authorization includes determining that a first host key associated with the identity of the host is associated with a license repository;

creating a second host with a second host key;

copying the first host key and license repository to a second host;

receiving by the second host a request to access the resource;

denying the request to access the resource by the second host until the second host has been authorized; and

authorizing the second host to access the resource upon (a) determining that the second host key is associated with a known system identifier of the second host, (b) determining that the second host has the first host key, and (c) determining the first host key is associated with the license repository copied to the second host.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In virtualized environments a method of determining authorization to a resource cannot use a hardware specific identifier, such as a MAC address. As a result upgrading a virtual host may cause licenses associated with that host to be invalid, even though the upgraded virtual host should be authorized. Authentication methods and systems are disclosed such that a key may be shared with a second host along with a license file and, provided at least the second host has a key associated with its system identifier and a key associated with a license file, access to a licensed resource may be authorized.

15 Citations

View as Search Results

20 Claims

1. A method of sharing a virtualized host access key, comprising:
- having a first host, operable to access a resource upon being authorized and whereby the authorization includes determining that a first host key associated with the identity of the host is associated with a license repository;
  
  creating a second host with a second host key;
  
  copying the first host key and license repository to a second host;
  
  receiving by the second host a request to access the resource;
  
  denying the request to access the resource by the second host until the second host has been authorized; and
  
  authorizing the second host to access the resource upon (a) determining that the second host key is associated with a known system identifier of the second host, (b) determining that the second host has the first host key, and (c) determining the first host key is associated with the license repository copied to the second host.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the step of authorizing further includes (d) determining the first host key is not associated with a blacklisted license.
  - 3. The method of claim 1, wherein the step of authorizing further includes (d) determining the second host key is not associated with a blacklisted license.
  - 4. The method of claim 1, wherein at least one of the first host key and the second host key comprise a universally unique identifier and an IP address.
  - 5. The method of claim 4, wherein at least one of the first host key and the second host key, further comprises, a timestamp.
  - 6. The method of claim 1, wherein at least one of the first host key and the second host key is encrypted.
  - 7. The method of claim 1, further comprising, generating the second host key from a system identifier of the second host.
  - 8. The method of claim 1, further comprising, upon determining the second host key and the known system identifier of the second host do not match (a) not authorizing access to the resource;
    - (b) copying the first host key, the second host key, and any additional host keys to the blacklist;
      
      (c) deleting all keys, and (d) updating the second host key to be associated with the known system identifier of the second host.
  - 9. The method of claim 1, further comprising:
    - generating the second host key from, at least, indicia of the first and second host; and
      
      upon generating the second host key, the first host key is disassociated with the license repository on the first host.
  - 10. The method of claim 1, wherein determining further comprises, determining at least one of (a) determining equality of values, (b) determining equality of hashed values, and (c) determining equality of decrypted values.

11. A system, comprising:
- a first host image, further comprising;
  
  a first host system identifier;
  
  a first host key;
  
  a first license repository; and
  
  a resource, accessible to the first host with authorization;
  
  a second host, further comprising;
  
  a second host system identifier; and
  
  a second host key;
  
  a copying mechanism, operable to;
  
  access the first host image and the second host;
  
  copy the first host key, from the first host image, to the second host; and
  
  copy the first license repository, from the first host image, to the second host; and
  
  an access controller, operable to authorize access to at least one of the first host and second host.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The system of claim 11, whereby:
    - the access controller grants access to the second host to the resource upon determining (a) the second host key and the second host system identifier agree;
      
      (b) the second host has the first host key; and
      
      (c) the first license repository on the second host contains a record in agreement with the first host key of the second host.
  - 13. The system of claim 12 further comprising:
    - a blacklist, comprising a number of records of banned host identifiers; and
      
      wherein the access controller granting access upon (d) determining the second host key is not associated with any record of the blacklist.
  - 14. The system of claim 12 further comprising:
    - a whitelist, comprising a number of records of permitted host identifiers; and
      
      wherein the access controller granting access upon (d) determining the second host key is associated with a record of the whitelist.
  - 15. The system of claim 11, further comprising:
    - a key generator, operable to create the second host key from the first host image and the second host; and
      
      expiring the first host key.
  - 16. The system of claim 11, wherein the first host image resides on a backup.
  - 17. The system of claim 11, wherein the first host image resides on an active host.

18. A method of managing access to a resource in a computing system, comprising:
- receiving a request to access the resource on a host; and
  
  granting access to the resource by the host upon determining, (a) the host has a first key in accord with a record in a license repository and (b) the host has a second key in accord with a system identifier of the host.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, further comprising:
    - granting access to the resource by the host upon determining, (c) the host does not have an associated entry in a blacklisted license repository.
  - 20. The method of claim 18, further comprising:
    - placing an entry associated with the host in a blacklisted license repository upon determining the second key is not in accord with the system identifier of the host.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Extreme Networks, Inc.
Original Assignee
Avaya Incorporated
Inventors
Walker, William T., Biyani, Aabha

Granted Patent

US 9,961,052 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

G06F 2009/45562   Creating, deleting, cloning...

G06F 21/10   Protecting distributed prog...

G06F 9/45558   Hypervisor-specific managem...

H04L 63/06   for supporting key manageme...

H04L 63/10   for controlling access to d...

Virtualized Host ID Key Sharing

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Virtualized Host ID Key Sharing

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links