Techniques for establishing a trusted cloud service
First Claim
Patent Images
1. A method, comprising:
- obtaining, by a deployer application that executes on one or more processors of a network, a specification for a target cloud environment that is a set of cooperating processors, storage libraries, and software systems that form a logical computing infrastructure;
configuring, by the deployer application, a package that includes a service image for a service based on the specification for the target cloud environment, wherein configuring further includes providing instructions within the package for generating keys and certificates for security processing by the service once initiated within the target cloud environment;
providing, by the deployer application, the package to the target cloud environment for instantiation of the service on the target cloud environment; and
interacting, by the deployer application, with the service when deployed from the service image within the target cloud environment, and wherein interacting further includes authenticating, by the deployer application, the service and the target cloud environment during initial interactions with the service before the service is permitted to operate within the target cloud environment based on credentials generated by a portion of the service image once deployed in the target cloud environment.
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques for establishing a trusted cloud service are provided. Packages are created for services that include certificates, configuration information, trust information, and images for deploying instances of the services. The packages can be used to deploy the services in trusted environments and authenticated to deploy in sub environments of un-trusted environments. The sub environments are trusted by the trusted environments. Also, clouds are prospected for purposes of identifying desirable clouds and creating the packages for deployment.
28 Citations
7 Claims
-
1. A method, comprising:
-
obtaining, by a deployer application that executes on one or more processors of a network, a specification for a target cloud environment that is a set of cooperating processors, storage libraries, and software systems that form a logical computing infrastructure; configuring, by the deployer application, a package that includes a service image for a service based on the specification for the target cloud environment, wherein configuring further includes providing instructions within the package for generating keys and certificates for security processing by the service once initiated within the target cloud environment; providing, by the deployer application, the package to the target cloud environment for instantiation of the service on the target cloud environment; and interacting, by the deployer application, with the service when deployed from the service image within the target cloud environment, and wherein interacting further includes authenticating, by the deployer application, the service and the target cloud environment during initial interactions with the service before the service is permitted to operate within the target cloud environment based on credentials generated by a portion of the service image once deployed in the target cloud environment. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system, comprising:
-
a hardware processor; and a service deployer application executing on the hardware processor over a network, the service deployer application configured to; obtain a specification for a target cloud environment that is a set of cooperating processors, storage libraries, and software systems that form a logical computing infrastructure; create a package for a service image of a service with the package customized for the target cloud environment based on the specification; configure the package with security to authenticate the service within the target cloud environment and to provide instructions to generate keys and certificates within the package to perform security processing by the service once initiated within the target cloud environment; cause the service to be deployed from the service image of the package within the target cloud environment; and authenticate the service and the target cloud environment before the service is permitted to continue to process within the target cloud environment, based on credentials generated by at least a portion of the service image when deployed to the target cloud environment. - View Dependent Claims (7)
-
Specification