Secure provisioning of resources in cloud infrastructure

US 8,260,931 B2
Filed: 02/02/2011
Issued: 09/04/2012
Est. Priority Date: 10/02/2010
Status: Active Grant

First Claim

Patent Images

1. A method of provisioning computing resources in public computing infrastructure, comprising:

receiving a request to provision computing resources in public computing infrastructure for a computing operation from a user, wherein the computing operation comprises an electronic design automation (EDA) operation;

generating a command to provision the computing resources in the public computing infrastructure;

sending the command to the public computing infrastructure using a provisioning credential for retention by an EDA tool developer;

associating the provisioned computing resources with an access credential for retention by the user and distinct from the provisioning credential; and

sending identification of the provisioned computing resources to the user for the user to access the provisioned resources based on the access credential and the identification.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provisioning resources in public cloud infrastructure to perform at least part of electronic design automation (EDA) tasks on the public cloud infrastructure. The provisioning of resources is handled by a cloud provisioning system that is generally operated and maintained by an EDA tool developer using a provisioning credential. After the resources are provisioned, the cloud provisioning system places user key on the provisioned resources. Once the user key is placed on the provisioned resources, the cloud provisioning system has only limited access or no access to the provisioned resources. Instead, a user client device takes over the control of the provisioned resources by using a user'"'"'s access credential. The provisioning credential is retained by the EDA tool developer and is not released to the user. Similarly, the access credential is retained by the user and not released to the EDA tool developer. In this way, the EDA tool developer can retain control of the resources deployed for the EDA tasks while ensuring that the user'"'"'s information associated with the EDA tasks is secure.

31 Citations

View as Search Results

15 Claims

1. A method of provisioning computing resources in public computing infrastructure, comprising:
- receiving a request to provision computing resources in public computing infrastructure for a computing operation from a user, wherein the computing operation comprises an electronic design automation (EDA) operation;
  
  generating a command to provision the computing resources in the public computing infrastructure;
  
  sending the command to the public computing infrastructure using a provisioning credential for retention by an EDA tool developer;
  
  associating the provisioned computing resources with an access credential for retention by the user and distinct from the provisioning credential; and
  
  sending identification of the provisioned computing resources to the user for the user to access the provisioned resources based on the access credential and the identification.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising storing a public key associated with the user in the provisioned computing resources.
  - 3. The method of claim 1, wherein the provisioned computing resources comprise at least one gateway server for storing a user key, the gateway server allowing the user responsive to determining that the user key corresponds to an access credential retained by the user.
  - 4. The method of claim 1, further comprising:
    - storing a user key associated with the user; and
      
      sending the user key for storage in at least one of the provisioned computing resources, access to upload information and process information using the provisioned computing resources restricted to the user with an access credential corresponding to the user key.
  - 5. The method of claim 1, further comprising determining the computing resources to be provisioned responsive to receiving the request to provision.
  - 6. The method of claim 5, wherein the computing resources to be provisioned is based on an instance template defining default parameters for provisioning the computing resources.
  - 7. The method of claim 1, further comprising:
    - storing provisioning credential for the user; and
      
      authorizing provisioning of the computing resources responsive to receiving a provisioning credential from the user matching the stored provisioning credential.

8. A provisioning system for provisioning computing resources in public computing infrastructure, comprising:
- a communication module configured to receive a request to provision computing resources in public computing infrastructure for a computing operation from a user and send identification of provisioned computing resources to the user, wherein the computing operation comprises an electronic design automation (EDA) operation; and
  
  a provision handler configured to generate a command to provision the computing resources in the public computing infrastructure responsive to receiving the request, send the command to the public computing infrastructure using a provisioning credential for retention by an EDA tool developer, and associate the provisioned computing resources with an access credential for retention by the user and distinct from the provisioning credential, the user accessing the provisioned computing resources based on the access credential and the identification.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The provisioning system of claim 8, further comprising a database for storing a public key associated with the user in the provisioned computing resources.
  - 10. The provisioning system of claim 8, wherein the provisioned computing resources comprise at least one gateway server for storing a user key, the gateway server allowing the user responsive to determining that the user key corresponds to an access credential retained by the user.
  - 11. The provisioning system of claim 8, further comprising a database for storing a user key associated with the user, the user key sent to at least one of the provisioned computing resources to associate the provisioned computing resource with the access credential.
  - 12. The provisioning system of claim 8, wherein the provision handler is further configured to determine the computing resources to be provisioned responsive to receiving the request to provision.
  - 13. The provisioning system of claim 12, wherein the provisioning handler is configured to provision the computing resources based on an instance template defining default parameters for provisioning the computing resources.
  - 14. The provision system of claim 8, further comprising a database for storing provisioning credential for the user, provisioning of the computing resources authorized responsive to receiving a provisioning credential from the user matching the stored provisioning credential.

15. A non-transitory computer-readable storage medium storing instructions when executed by a process in a provision system for provisioning computing resources in public computing infrastructure, cause the processor to:
- receive a request to provision computing resources in public computing infrastructure for a computing operation from a user, wherein the computing operation comprises an electronic design automation (EDA) operation;
  
  generate a command to provision the computing resources in the public computing infrastructure;
  
  send the command to the public computing infrastructure using a provisioning credential for retention by an EDA tool developer;
  
  associate the provisioned computing resources with an access credential for retention by the user and distinct from the provisioning credential; and
  
  send identification of the provisioned computing resources to the user for the user to access the provisioned resources based on the access credential and the identification.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Synopsys Incorporated
Original Assignee
Synopsys Incorporated
Inventors
Balasubramanian, Ramakrishnan, Chakravartula, Suman
Primary Examiner(s)
SHINGLES, KRISTIE D

Application Number

US13/019,902
Publication Number

US 20120084847A1
Time in Patent Office

580 Days
Field of Search

709/226, 709/225, 709/229
US Class Current

709/226
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 2221/2117   User registration

G06F 2221/2143   Clearing memory, e.g. to pr...

H04L 63/06   for supporting key manageme...

H04L 63/08   for authentication of entit...

Secure provisioning of resources in cloud infrastructure

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

31 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

Secure provisioning of resources in cloud infrastructure

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others