METHODS AND SYSTEMS FOR SECURING APPLIANCES FOR USE IN A CLOUD COMPUTING ENVIRONMENT

US 20100132016A1
Filed: 11/26/2008
Published: 05/27/2010
Est. Priority Date: 11/26/2008
Status: Active Grant

First Claim

Patent Images

1. A method of providing security independent of a cloud computing environment, comprising:

identifying an appliance to be instantiated in the cloud computing environment, the appliance comprising at least one application;

securing access to the at least one application of the appliance; and

determining an access level for each user in a set of users, the access level representing an ability of each user to access the at least one application of the appliance.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An originator of an appliance can independently secure the appliance for instantiation in the cloud, separate from the security level of the cloud. The originator can secure the appliance utilizing a secure rights application. The secure rights application can be configured to “wrap” an appliance in a security container. The security container can limit access to the applications and operating systems contained in the appliance, but allow the appliance to operate normally once instantiated in the cloud. The secure rights application can be configured to cryptographically secure the appliance in order limit the ability of unauthorized parties from accessing the components of the appliance while maintaining the functionality of the appliance.

311 Citations

23 Claims

1. A method of providing security independent of a cloud computing environment, comprising:
- identifying an appliance to be instantiated in the cloud computing environment, the appliance comprising at least one application;
  
  securing access to the at least one application of the appliance; and
  
  determining an access level for each user in a set of users, the access level representing an ability of each user to access the at least one application of the appliance.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, the method further comprising:
    - providing the appliance to the cloud computing environment.
  - 3. The method of claim 1, the method further comprising:
    - storing the access level for each user in the set of users in an access record.
  - 4. The method of claim 3, the method further comprising:
    - providing the access record to an authentication server, wherein the authentication server is configured to determine access to the appliance based on the access record.
  - 5. The method of claim 1, wherein securing access to the at least one application of the appliance, comprises:
    - applying an authentication scheme to the at least one application of the appliance; and
      
      applying an access module to the appliance, wherein the access module is configured to provide access to the at least one application of the appliance and wherein the access module is configured to allow functionality of the at least one application.
  - 6. The method of claim 5, wherein applying the access module comprises configuring the access module with a location of an access record storing the access level for each user in the set of users.
  - 7. The method of claim 6, wherein applying the access module comprises configuring the access module to communicate securely with an authentication server maintaining the access record.
  - 8. The method of claim 1, wherein the appliance comprises portions of an operating system necessary to provide an execution platform for the at least one application

9. A system for providing security independent of a cloud computing environment, comprising:
- a network interface to at least one cloud computing environment; and
  
  a secure rights application, executing on a computer processing system and communicating with the network interface, the secure rights application being configured toidentify an appliance to be instantiated in the cloud computing environment, the appliance comprising at least one application;
  
  secure access to the at least one application of the appliance; and
  
  determine an access level for each user in a set of users, the access level representing an ability of each user to access the at least one application of the appliance.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The system of claim 9, wherein the secure rights application is further configured toprovide the appliance to the cloud computing environment.
  - 11. The system of claim 9, wherein the secure rights application is further configured tostore the access level for each user in the set of users in an access record.
  - 12. The system of claim 11, wherein the secure rights application is further configured toprovide the access record to an authentication server, wherein the authentication server is configured to determine access to the appliance based on the access record.
  - 13. The system of claim 9, wherein securing access to the at least one application of the appliance, comprises:
    - applying an authentication scheme to the at least one application of the appliance; and
      
      applying an access module to the appliance, wherein the access module is configured to provide access to the at least one application of the appliance and wherein the access module is configured to allow functionality of the at least one application.
  - 14. The system of claim 13, wherein applying the access module comprises configuring the access module with a location of an access record storing the access level for each user in the set of users.
  - 15. The system of claim 14, wherein applying the access module comprises configuring the access module to communicate securely with an authentication server maintaining the access record.

16. A secure rights application, the secure rights application being embodied in a computer readable storage medium on a computer processing system and comprising instructions for causing the computer processing system to perform a method comprising:
- identifying an appliance to be instantiated in the cloud computing environment, the appliance comprising at least one application;
  
  securing access to the at least one application of the appliance; and
  
  determining an access level for each user in a set of users, the access level representing an ability of each user to access the at least one application of the appliance.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
- - 17. The secure rights application of claim 16, the method further comprising:
    - providing the appliance to the cloud computing environment.
  - 18. The secure rights application of claim 16, the method further comprising:
    - storing the access level for each user in the set of users in an access record.
  - 19. The secure rights application of claim 18, the method further comprising:
    - providing the access record to an authentication server, wherein the authentication server is configured to determine access to the appliance based on the access record.
  - 20. The secure rights application of claim 16, wherein securing access to the at least one application of the appliance, comprises:
    - applying an authentication scheme to the at least one application of the appliance; and
      
      applying an access module to the appliance, wherein the access module is configured to provide access to the at least one application of the appliance and wherein the access module is configured to allow functionality of the at one least application.
  - 21. The secure rights application of claim 20, wherein applying the access module comprises configuring the access module with a location of an access record storing the access level for each user in the set of users.
  - 22. The secure rights application of claim 21, wherein applying the access module comprises configuring the access module to communicate securely with an authentication server maintaining the access record.
  - 23. The secure rights application of claim 22, wherein the secure rights application comprises the authentication server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
FERRIS, James Michael

Granted Patent

US 9,210,173 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

G06F 21/6218   to a system of files or obj...

H04L 63/101   Access control lists [ACL]

H04L 63/105   Multiple levels of security

H04L 65/1063   Application servers providi...

METHODS AND SYSTEMS FOR SECURING APPLIANCES FOR USE IN A CLOUD COMPUTING ENVIRONMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

311 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

METHODS AND SYSTEMS FOR SECURING APPLIANCES FOR USE IN A CLOUD COMPUTING ENVIRONMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

311 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links