Life Cycle Management for Cloud-Based Application Executors with Key-Based Access to Other Devices

US 20200133700A1
Filed: 10/25/2018
Published: 04/30/2020
Est. Priority Date: 10/25/2018
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

determining that a retention time for a first cloud-based application executor has elapsed, wherein the first cloud-based application executor has key-based access to at least one other device using a first key;

in response to the determining, performing the following steps, using at least one processing device;

creating a second cloud-based application executor; and

determining a second key for the second cloud-based application executor that is different than the first key,wherein the second cloud-based application executor uses the first key to add the second key to one or more trusted keys of the at least one other device and deactivates the first key from the one or more trusted keys.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Life cycle management techniques are provided for cloud-based application executors with key-based access to other devices. An exemplary method comprises determining that a retention time for a first cloud-based application executor (e.g., a virtual machine or a container) has elapsed, wherein the first cloud-based application executor has key-based access to at least one other device using a first key; in response to the determining, performing the following steps: creating a second cloud-based application executor; and determining a second key for the second cloud-based application executor that is different than the first key, wherein the second cloud-based application executor uses the first key to add the second key to one or more trusted keys of the at least one other device and deactivates the first key from the one or more trusted keys.

Citations

20 Claims

1. A method, comprising:
- determining that a retention time for a first cloud-based application executor has elapsed, wherein the first cloud-based application executor has key-based access to at least one other device using a first key;
  
  in response to the determining, performing the following steps, using at least one processing device;
  
  creating a second cloud-based application executor; and
  
  determining a second key for the second cloud-based application executor that is different than the first key,wherein the second cloud-based application executor uses the first key to add the second key to one or more trusted keys of the at least one other device and deactivates the first key from the one or more trusted keys.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the first cloud-based application executor comprises a configuration manager that uses the first key to control the at least one other device.
  - 3. The method of claim 1, wherein the first cloud-based application executor is associated with a first Internet Protocol (IP) address and a first media access control (MAC) address, and wherein the second cloud-based application executor is associated with at least one of a different IP address and a different MAC address.
  - 4. The method of claim 1, wherein the first cloud-based application executor and the second cloud-based application executor are associated with a same application type.
  - 5. The method of claim 1, further comprising the step of suspending new communications to the first cloud-based application executor.
  - 6. The method of claim 1, wherein a user communicates with one or more of the first cloud-based application executor and the second cloud-based application executor using a reverse proxy and wherein the reverse proxy sends communications from the user to an active one of the first cloud-based application executor and the second cloud-based application executor.
  - 7. The method of claim 1, wherein the second key is not provided to the first cloud-based application executor.
  - 8. The method of claim 1, wherein one or more of the first cloud-based application executor and the second cloud-based application executor comprise one or more of a virtual machine and a container.
  - 9. The method of claim 1, wherein one or more of the first key and the second key are provided by a trusted container orchestration system from a pool of available keys managed by a resource manager.

10. A system, comprising:
- a memory; and
  
  at least one processing device, coupled to the memory, operative to implement the following steps;
  
  determining that a retention time for a first cloud-based application executor has elapsed, wherein the first cloud-based application executor has key-based access to at least one other device using a first key;
  
  in response to the determining, performing the following steps;
  
  creating a second cloud-based application executor; and
  
  determining a second key for the second cloud-based application executor that is different than the first key,wherein the second cloud-based application executor uses the first key to add the second key to one or more trusted keys of the at least one other device and deactivates the first key from the one or more trusted keys.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The system of claim 10, wherein the first cloud-based application executor comprises a configuration manager that uses the first key to control the at least one other device.
  - 12. The system of claim 10, wherein a user communicates with one or more of the first cloud-based application executor and the second cloud-based application executor using a reverse proxy and wherein the reverse proxy sends communications from the user to an active one of the first cloud-based application executor and the second cloud-based application executor.
  - 13. The system of claim 10, wherein the second key is not provided to the first cloud-based application executor.
  - 14. The system of claim 10, wherein one or more of the first cloud-based application executor and the second cloud-based application executor comprise one or more of a virtual machine and a container.
  - 15. The system of claim 10, wherein one or more of the first key and the second key are provided by a trusted container orchestration system from a pool of available keys managed by a resource manager.

16. A computer program product, comprising a tangible machine-readable storage medium having encoded therein executable code of one or more software programs, wherein the one or more software programs when executed by at least one processing device perform the following steps:
- determining that a retention time for a first cloud-based application executor has elapsed, wherein the first cloud-based application executor has key-based access to at least one other device using a first key;
  
  in response to the determining, performing the following steps;
  
  creating a second cloud-based application executor; and
  
  determining a second key for the second cloud-based application executor that is different than the first key,wherein the second cloud-based application executor uses the first key to add the second key to one or more trusted keys of the at least one other device and deactivates the first key from the one or more trusted keys.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The computer program product of claim 16, wherein a user communicates with one or more of the first cloud-based application executor and the second cloud-based application executor using a reverse proxy and wherein the reverse proxy sends communications from the user to an active one of the first cloud-based application executor and the second cloud-based application executor.
  - 18. The computer program product of claim 16, wherein the second key is not provided to the first cloud-based application executor.
  - 19. The computer program product of claim 16, wherein one or more of the first cloud-based application executor and the second cloud-based application executor comprise one or more of a virtual machine and a container.
  - 20. The computer program product of claim 16, wherein one or more of the first key and the second key are provided by a trusted container orchestration system from a pool of available keys managed by a resource manager.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Inventors
Savir, Amihai, Golan, Oron, Fireberger, Aviram, Saffar, Or Herman, Eliyahu, Roie Ben

Granted Patent

US 11,080,077 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 2009/45575   Starting, stopping, suspend...

G06F 21/53   by executing in a restricte...

G06F 21/57   Certifying or maintaining t...

G06F 21/606   by securing the transmissio...

G06F 9/45558   Hypervisor-specific managem...

G06F 9/485   Task life-cycle, e.g. stopp...

G06F 9/5077   Logical partitioning of res...

H04L 2101/622   Layer-2 addresses, e.g. med...

H04L 61/5007   Internet protocol [IP] addr...

H04L 61/5038   for local use, e.g. in LAN ...

H04L 63/0281   Proxies

H04L 63/062   for key distribution, e.g. ...

H04L 63/068   using time-dependent keys, ...

H04L 9/14   using a plurality of keys o...

Life Cycle Management for Cloud-Based Application Executors with Key-Based Access to Other Devices

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Life Cycle Management for Cloud-Based Application Executors with Key-Based Access to Other Devices

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links