SYSTEM AND METHOD FOR CREATING A TRUSTED CLOUD SECURITY ARCHITECTURE

US 20160080323A1
Filed: 09/10/2015
Published: 03/17/2016
Est. Priority Date: 09/11/2014
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method for creating a trusted cloud security architecture comprising the following steps:

a primary agent communicating with two or more secondary agents creating a trust ring, the primary agent operating on a primary guest OS and two or more secondary agents operating on two or more secondary guest OSs;

implementing a latency based topology for the trust ring comprising a network of links between disparate IP addresses, the disparate IP addresses corresponding with the primary agent and two or more secondary agents;

the primary agent and two or more secondary agents exchanging data packets between the latency based topology within the trust ring; and

outputting the exchanged data packets to a processing engine, the processing engine determining a trust status for the trust ring, the trust status based on the data packets between the latency based topology.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a method for providing a computer implemented method and system for creating a trusted cloud security architecture having the following steps: a primary agent communicating with two or more secondary agents creating a trust ring or other shape of agent communications, the primary agent operating on a primary guest OS and two or more secondary agents operating on two or more secondary guest OSs; implementing a latency based topology for the trust ring having a network of links between disparate IP addresses, the disparate IP addresses corresponding with the primary agent and two or more secondary agents; the primary agent and two or more secondary agents exchanging data packets between the latency based topology within the trust ring; and outputting the exchanged data packets to a processing engine, the processing engine determining a trust status for the trust ring, the trust status based on the data packets between the latency based topology.

Citations

20 Claims

1. A computer implemented method for creating a trusted cloud security architecture comprising the following steps:
- a primary agent communicating with two or more secondary agents creating a trust ring, the primary agent operating on a primary guest OS and two or more secondary agents operating on two or more secondary guest OSs;
  
  implementing a latency based topology for the trust ring comprising a network of links between disparate IP addresses, the disparate IP addresses corresponding with the primary agent and two or more secondary agents;
  
  the primary agent and two or more secondary agents exchanging data packets between the latency based topology within the trust ring; and
  
  outputting the exchanged data packets to a processing engine, the processing engine determining a trust status for the trust ring, the trust status based on the data packets between the latency based topology.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1 wherein each of the primary agent and each of the two or more secondary agents may simultaneously serve as an agent for one or more other trust rings, the one or more other trust rings having its own respective latency based topology.
  - 3. The method of claim 1 wherein the data packets between the latency based topology comprise ping data or alternate round trip based protocol, having latency measurements of distance travelled between source and destination.
  - 4. The method of claim 1 wherein each of the primary agent and each two or more secondary agents provides for authentication prior to communication.
  - 5. The method of claim 4 wherein authentication further comprises each of the primary agent and each two or more secondary agents to synchronize with a network time protocol source.
  - 6. The method of claim 1 wherein communication and data packet exchange includes encryption.
  - 7. The method of claim 1 wherein the latency based topology is selected by an assignment methodology.
  - 8. The method of claim 7 wherein the assignment methodology comprises Ethernet mac address priority, IP address hash, and similar latency based priority schemes.
  - 9. The method of claim 1 wherein the latency based topology is determined by a system administrator, wherein the system administrator determines the shape, number of agents and latency between agents.
  - 10. The method of claim 1 wherein the primary guest OS and two or more secondary guest OSs implement TXT TPM enabled hosts.

11. A computer implemented system for creating a trusted cloud security architecture for a primary agent with two or more secondary agents comprising:
- a communication module configured to allow communication between the primary agent with the two or more secondary agents to create a trust ring, the primary agent and two or more secondary agents configured to operate on a primary guest OS and two or more secondary guest OSs respectively;
  
  a topology module configured to implement a latency based topology for the trust ring comprising a network of links between disparate IP addresses, the disparate IP addresses corresponding with the primary agent and two or more secondary agents, and wherein the topology module is further configured such that the primary agent and two or more secondary agents exchange data packets between the latency based topology within the trust ring;
  
  a processing engine configured to determine a trust status for the trust ring, the trust status based on the data packets between the latency based topology; and
  
  an interface to a communication means allowing communication between the communication module, topology module, processing engine, primary agent, and two or more secondary agents.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The system of claim 11 wherein each of the primary agent and each of the two or more secondary agents may simultaneously serve as an agent for one or more other trust rings, the one or more other trust rings having its own respective latency based topology.
  - 13. The system of claim 11 wherein the data packets between the latency based topology comprise ping data having latency measurements of distance travelled between source and destination.
  - 14. The system of claim 11 wherein each of the primary agent and each two or more secondary agents provides for authentication prior to communication.
  - 15. The system of claim 14 wherein authentication further comprises each of the primary agent and each two or more secondary agents to synchronize with a network time protocol source.
  - 16. The system of claim 11 wherein communication and data packet exchange includes encryption.
  - 17. The system of claim 11 wherein the latency based topology is selected by an assignment methodology.
  - 18. The system of claim 17 wherein the assignment methodology comprises eth0 mac address priority, IP address hash, and similar latency based priority schemes.
  - 19. The system of claim 11 wherein the latency based topology is determined by a system administrator.
  - 20. The system of claim 11 wherein the primary guest OS and two or more secondary guest OSs implement TXT TPM enabled hosts.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Superna Incorporated
Original Assignee
Superna Business Consulting, Inc.
Inventors
Fransham, Kyle, MacKAY, Andrew E.S.

Granted Patent

US 9,794,224 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

H04L 41/12   Discovery or management of ...

H04L 43/0864   Round trip delays

H04L 43/10   Active monitoring, e.g. hea...

H04L 63/0245   Filtering by information in...

H04L 63/20   for managing network securi...

SYSTEM AND METHOD FOR CREATING A TRUSTED CLOUD SECURITY ARCHITECTURE

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR CREATING A TRUSTED CLOUD SECURITY ARCHITECTURE

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links