Method and system for identity-based authentication of virtual machines
First Claim
Patent Images
1. A cloud computing system, the system comprising:
- a resource having configuration information;
a virtual machine instance operably coupled to the resource, wherein the virtual machine instance has an identity; and
an authentication manager configured to authenticate the virtual machine instance based on the identity of the virtual machine instance, without storing credentials for authentication of the virtual machine instance with the virtual machine instance.
7 Assignments
0 Petitions
Accused Products
Abstract
A cloud computing system configured to run virtual machine instances is disclosed. The cloud computing system assigns an identity to each virtual machine instance. When the virtual machine instance accesses initial configuration resources, it provides this identity to the resources to authenticate itself. This allows for flexible and extensible initial configuration of virtual machine instances.
-
Citations
20 Claims
-
1. A cloud computing system, the system comprising:
-
a resource having configuration information; a virtual machine instance operably coupled to the resource, wherein the virtual machine instance has an identity; and an authentication manager configured to authenticate the virtual machine instance based on the identity of the virtual machine instance, without storing credentials for authentication of the virtual machine instance with the virtual machine instance. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for controlling access to a resource, the method comprising:
-
instantiating a virtual machine instance; assigning an identity to the virtual machine instance; receiving a request for access to the resource from the virtual machine instance, the request including the identity of the virtual machine instance; determining whether to authenticate the virtual machine instance based on the identity in the request, and authenticating, based on the determining, the virtual machine instance, without storing credentials for authentication of the virtual machine instance with the virtual machine instance. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method for controlling access of virtual machines to resources in a cloud computing system, the method comprising:
-
receiving a request to instantiate a virtual machine instance; instantiating the virtual machine instance; assigning the virtual machine instance a unique, immutable attribute; performing an initial boot of the virtual machine instance; receiving a request from the virtual machine instance to access a resource, the request including the unique, immutable attribute; determining whether to authenticate the virtual machine instance based on permissions configured for the unique, immutable attribute assigned to the virtual machine instance; authenticating, based on the determining, the virtual machine instance without storing credentials for authentication of the virtual machine instance with the virtual machine instance; if the virtual machine is authenticated, transmitting a response to the virtual machine instance; and if the virtual machine is not authenticated, transmitting an error response to the virtual machine instance. - View Dependent Claims (17, 18, 19, 20)
-
Specification