Automated response to detection of threat to cloud virtual machine
First Claim
1. A method for responding to a threat in a networked computing environment, the method comprising the computer-implemented processes of:
- establishing a set of associations to a virtual machine (VM) instance, each association of the set of associations indicating a relationship between the VM instance and a related VM instance;
assigning a strength attribute to each association of the set of associations, wherein a first association corresponding to a first related VM instance is assigned a first strength attribute and a second association corresponding to a second related VM instance is assigned a second strength attribute and wherein the first strength attribute is relatively higher than the second strength attribute;
performing, in response to a detection of a threat, a first preventative measure on the first related VM instance, a strength of the first preventative measure being relatively stronger based on the first strength attribute; and
performing, in response to the detection of the threat, a second preventative measure on the second related VM instance, a strength of the second preventative measure being relatively weaker that the first preventative measure based on the second strength attribute.
2 Assignments
0 Petitions
Accused Products
Abstract
An approach for responding to a threat in a networked computing environment (e.g., a cloud computing environment) is provided. In an embodiment, a set of associations to a virtual machine (VM) instance are established, each association indicating a relationship between the VM instance and a related VM instance. Each of the associations in the set of associations is assigned a strength attribute. When a threat is detected in a VM instance, a first preventative measure is performed on a first related VM instance, the strength of which is determined based on the strength attribute that corresponds to the association between the VM instance and the first related VM instance. A second preventative measure is performed on a second related VM instance, the strength of which is based on the strength attribute that corresponds to the association between the VM instance and the second related VM instance.
18 Citations
20 Claims
-
1. A method for responding to a threat in a networked computing environment, the method comprising the computer-implemented processes of:
-
establishing a set of associations to a virtual machine (VM) instance, each association of the set of associations indicating a relationship between the VM instance and a related VM instance; assigning a strength attribute to each association of the set of associations, wherein a first association corresponding to a first related VM instance is assigned a first strength attribute and a second association corresponding to a second related VM instance is assigned a second strength attribute and wherein the first strength attribute is relatively higher than the second strength attribute; performing, in response to a detection of a threat, a first preventative measure on the first related VM instance, a strength of the first preventative measure being relatively stronger based on the first strength attribute; and performing, in response to the detection of the threat, a second preventative measure on the second related VM instance, a strength of the second preventative measure being relatively weaker that the first preventative measure based on the second strength attribute. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for responding to a threat in a networked computing environment, comprising:
-
a memory medium comprising instructions; a bus coupled to the memory medium; and a processor coupled to the bus that when executing the instructions causes the system to; establish a set of associations to a virtual machine (VM) instance, each association of the set of associations indicating a relationship between the VM instance and a related VM instance; assign a strength attribute to each association in the set of associations wherein a first association corresponding to a first related VM instance is assigned a first strength attribute and a second association corresponding to a second related VM instance is assigned a second strength attribute and wherein the first strength attribute is relatively higher than the second strength attribute; perform, in response to a detection of a threat, a first preventative measure on the first related VM instance, a strength of the first preventative measure being relatively stronger based on the first strength attribute; and perform, in response to the detection of the threat, a second preventative measure on the second related VM instance, a strength of the second preventative measure being relatively weaker that the first preventative measure on the second strength attribute. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer program product for responding to a threat in a cloud computing environment, the computer program product comprising a computer readable storage device, and program instructions stored on the computer readable storage device, that cause at least one computer device to:
-
establish a set of associations to a virtual machine (VM) instance, each association of the set of associations indicating a relationship between the VM instance and a related VM instance; assign a strength attribute to each association in the set of associations, wherein a first association corresponding to a first related VM instance is assigned a first strength attribute and a second association corresponding to a second related VM instance is assigned a second strength attribute and wherein the first strength attribute is relatively higher than the second strength attribute; perform, in response to a detection of a threat, a first preventative measure on the first related VM instance, a strength of the first preventative measure being relatively stronger based on the first strength attribute; and perform, in response to the detection of the threat, a second preventative measure on the second related VM instance, a strength of the second preventative measure being relatively weaker that the first preventative measure based on the strength attribute. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification