Securely identifying host systems
First Claim
1. A method for securely identifying host systems, comprising:
- receiving a request for an instance, the instance comprising a virtual machine;
identifying a template corresponding to the request, the template comprising an image; and
provisioning the instance from the template, the instance being provisioned to include a security key.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present invention allow for “end-user” provisioned instances to securely identify themselves beyond a simple user ID and password. Specifically, embodiments of the present invention use a multi-part security approach that includes (among other things): an identifying key (e.g., a shared private key) known by the cloud security system and the instance; and at least one additional security factor such as an identifier found in TCP/IP packets (e.g., an internet protocol address). In a typical embodiment, a request for an instance (e.g., a virtual machine) is received, and a template (e.g., an image) corresponding to the requested instance is identified. From this template, the instance is provisioned. Under the embodiments of the present invention, the instance will be provisioned to include a security key. When a request is thereafter received from the instance, the request is validated using the security key and the additional security factor(s).
37 Citations
20 Claims
-
1. A method for securely identifying host systems, comprising:
-
receiving a request for an instance, the instance comprising a virtual machine; identifying a template corresponding to the request, the template comprising an image; and provisioning the instance from the template, the instance being provisioned to include a security key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for securely identifying host systems, comprising:
-
a bus; a processor coupled to the bus; and a memory medium coupled to the bus, the memory medium comprising instructions to; receive a request for an instance, the instance comprising a virtual machine; identify a template corresponding to the request, the template comprising an image; and provision the instance from the template, the instance being provisioned to include a security key. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer program product for securely identifying host systems, the computer program product comprising a computer readable hardware storage device, and program instructions stored on the computer readable storage media, to:
-
receive a request for an instance, the instance comprising a virtual machine; identify a template corresponding to the request, the template comprising an image; and provision the instance from the template, the instance being provisioned to include a security key. - View Dependent Claims (17, 18, 19, 20)
-
Specification