×

Authorizing communications between computing nodes

  • US 9,705,792 B2
  • Filed: 11/30/2012
  • Issued: 07/11/2017
  • Est. Priority Date: 03/31/2008
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method comprising:

  • storing, on a computer system, mapping information that associates a virtual Internet Protocol (IP) address of a first node with a substrate IP address of the first node, wherein the computer system provides a second node that is part of a virtual computer network overlaid on a substrate network, and wherein the substrate IP address is for use within the substrate network;

    modifying, by a second computer system that provides the first node and for an outgoing communication from the first node to the second node that includes the virtual IP address for the first node, the outgoing communication to include the substrate IP address of the first node by using mapping information stored on the second computer system, wherein the modifying is performed before forwarding the modified outgoing communication over the substrate network;

    retrieving, by the computer system and from information included in a received communication after the communication is forwarded over the substrate network from the first node to the second node, the virtual IP address for the first node and the substrate IP address for the first node, wherein the received communication is the modified outgoing communication;

    determining, by the computer system, that the received communication is authorized for the second node by using the stored mapping information to match the retrieved virtual IP address for the first node with the retrieved substrate IP address for the first node; and

    initiating, by the computer system and based on the determining that the received communication is authorized, providing of the received communication to the second node.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×