Implementation of secure communications in a support system
First Claim
1. A computer-implemented method for providing secure communications, comprising:
- receiving, by a hypervisor, a request for a secure connection between a guest operating system and a computing device, the guest operating system being among a set of guest operating systems supported by the hypervisor;
using, by the hypervisor on behalf of the guest operating system, in response to the request for the secure connection, a set of cryptographic credentials associated with the guest operating system to establish the secure connection to the computing device using a secure protocol, the hypervisor acting as a local endpoint of the secure connection using the set of cryptographic credentials;
managing, by the hypervisor, secure communications between the guest operating system and the computing device using the secure protocol and the set of cryptographic credentials; and
sending, by the hypervisor, one or more unsecured messages to the guest operating system in response to managing the secure communications between the guest operating system and the computing device.
1 Assignment
0 Petitions
Accused Products
Abstract
A support system negotiates secure connections on behalf of multiple guest systems using a set of credentials associated with the guest systems. The operation of the secure connection may be transparent to the guest system such that guest system may send and receive messages that are encrypted or decrypted by the support system, such as a hypervisor. As the support system is in between the guest system and a destination, the support system may act as a local endpoint to the secure connection. Messages may be altered by the support system to indicate to a guest system which communications were secured. The credentials may be managed by the support system such that the guest system does not require access to the credentials.
-
Citations
20 Claims
-
1. A computer-implemented method for providing secure communications, comprising:
-
receiving, by a hypervisor, a request for a secure connection between a guest operating system and a computing device, the guest operating system being among a set of guest operating systems supported by the hypervisor; using, by the hypervisor on behalf of the guest operating system, in response to the request for the secure connection, a set of cryptographic credentials associated with the guest operating system to establish the secure connection to the computing device using a secure protocol, the hypervisor acting as a local endpoint of the secure connection using the set of cryptographic credentials; managing, by the hypervisor, secure communications between the guest operating system and the computing device using the secure protocol and the set of cryptographic credentials; and sending, by the hypervisor, one or more unsecured messages to the guest operating system in response to managing the secure communications between the guest operating system and the computing device. - View Dependent Claims (2, 3)
-
-
4. A computer system for providing a secure connection, comprising:
-
one or more processors; one or more memories; and a data plane including a support system, wherein the support system includes instructions stored in the one or more memories, the instructions executable by the one or more processors to cause the computer system to at least; receive a set of cryptographic credentials associated with a guest operating system, the guest operating system being among a set of guest operating systems supported by the support system; use, by the support system on behalf of the guest operating system, a set of cryptographic credentials associated with the guest operating system to establish a secure connection to a computing device using a secure protocol, the support system acting as a local endpoint of the secure connection using the set of cryptographic credentials; manage secure communications between the guest operating system and the computing device using the secure protocol and the set of cryptographic credentials; and send one or more messages to the guest operating system in response to managing the secure communications between the guest operating system and the computing device. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable storage medium having stored thereon computer-executable instructions that, when executed with one or more processors, cause a computer system to perform operations comprising, at least:
-
obtaining, by a hypervisor, a set of cryptographic credentials associated with a guest operating system, the guest operating system being among a set of guest operating systems supported by the hypervisor; using, by the hypervisor on behalf of the guest operating system, the set of cryptographic credentials associated with the guest operating system to establish a secure connection between the hypervisor and a computing device using a secure protocol, the hypervisor acting as a local endpoint of the secure connection using the set of cryptographic credentials; managing, by the hypervisor, secure communications between the guest operating system and the computing device using the secure protocol and the set of cryptographic credentials; and sending one or more messages to the guest operating system in response to managing the secure communications between the guest operating system and the computing device. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification