Virtual image management
First Claim
Patent Images
1. A method comprising:
- creating, by a server computing device, a virtual image configured for execution by a hypervisor on a client computing device;
obtaining, by the server computing device, usage privileges defining access to the virtual image;
storing, by the server computing device, the usage privileges in a description file;
generating an encrypted version of the description file;
deriving a first coded summary from the encrypted version of the description file, wherein the first coded summary identifies a valid encrypted version of the description file; and
transmitting the virtual image, the encrypted version of the description file, and the first coded summary from the server computing device to the client computing device, wherein the hypervisor, in response to obtaining the virtual image;
derives a second coded summary from the encrypted version of the description file;
authenticates the encrypted version by determining that the first coded summary matches the second coded summary;
obtains, in response to the authentication, the description file by decrypting the encrypted version of the description file;
executes the virtual image according to the usage privileges in the description file; and
restricts access to the virtual image based on the usage privileges in the description file.
3 Assignments
0 Petitions
Accused Products
Abstract
Apparatus, systems, and methods may operate to create a virtual image, define usage privileges associated with the virtual image in a description file, and associate a coded summary of an encrypted version of the description file with the virtual image. Other activities may include receiving a request to access the virtual image, authenticating a transmitted version of the coded summary to determine validity of the encrypted version, and processing the encrypted version to determine whether the request to access will be granted. Additional apparatus, systems, and methods are disclosed.
-
Citations
13 Claims
-
1. A method comprising:
-
creating, by a server computing device, a virtual image configured for execution by a hypervisor on a client computing device; obtaining, by the server computing device, usage privileges defining access to the virtual image; storing, by the server computing device, the usage privileges in a description file; generating an encrypted version of the description file; deriving a first coded summary from the encrypted version of the description file, wherein the first coded summary identifies a valid encrypted version of the description file; and transmitting the virtual image, the encrypted version of the description file, and the first coded summary from the server computing device to the client computing device, wherein the hypervisor, in response to obtaining the virtual image; derives a second coded summary from the encrypted version of the description file; authenticates the encrypted version by determining that the first coded summary matches the second coded summary; obtains, in response to the authentication, the description file by decrypting the encrypted version of the description file; executes the virtual image according to the usage privileges in the description file; and restricts access to the virtual image based on the usage privileges in the description file. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method comprising:
-
receiving, by a hypervisor on a client computing device, a request to access a virtual image; obtaining, by the client computing device from a server computing device, the virtual image, an encrypted version of a description file defining access to the virtual image, and a first coded summary derived from the encrypted version; deriving, by the client computing device, a second coded summary from the encrypted version of the description file; authenticating, by the client computing device, the encrypted version of the description file by determining that the first coded summary matches the second coded summary; obtaining, in response to the authentication, the description file by decrypting the encrypted version; determining, based on usage privileges defined in the description file, that the request to access the virtual image will be granted; and executing, by the hypervisor after granting access to the virtual image, the virtual image according to the usage privileges in the description file. - View Dependent Claims (7, 8, 9)
-
-
10. An apparatus comprising:
-
one or more processors; a memory to store instructions which, when executed by the one or more processors, results in the one or more processors operating to; create a virtual image configured for execution by a hypervisor on a client computing device; obtain usage privileges defining access to the virtual image; store the usage privileges in a description file; generate an encrypted version of the description file; derive a first coded summary from the encrypted version of the description file, wherein the first coded summary identifies a valid encrypted version of the description file; and transmit the virtual image, the encrypted version of the description file, and the first coded summary to a client computing device comprising a hypervisor, wherein the hypervisor, in response to obtaining the virtual image; derives a second coded summary from the encrypted version of the description file; authenticates the encrypted version of the description file by determining that the first coded summary matches the second coded summary; obtains, in response to the authentication, the description file by decrypting the encrypted version of the description file; executes the virtual image according to the usage privileges in the description file; and restricts access to the virtual image based on the usage privileges in the description file; and a module to receive indications from a user input device to provide a selection of the usage privileges. - View Dependent Claims (11, 12)
-
-
13. A non-transitory machine-readable storage medium storing instructions that, when executed by a machine, cause the machine to perform a method comprising:
-
receiving, by a hypervisor on a client computing device, a request to access a virtual image; obtaining, by the client computing device from a server computing device, the virtual image, an encrypted version of a description file defining access to the virtual image, and a first coded summary derived from the encrypted version; deriving, by the client computing device, a second coded summary from the encrypted version of the description file; authenticating, by the client computing device, the encrypted version of the description file by determining that the first coded summary matches the second coded summary; obtaining, in response to the authentication, the description file by decrypting the encrypted version of the description file; determining, based on usage privileges defined in the description file, that the request to access the virtual image will be granted; and executing, by the hypervisor after granting access to the virtual image, the virtual image according to the usage privileges in the description file.
-
Specification