VIRTUAL GATEWAYS FOR ISOLATING VIRTUAL MACHINES
First Claim
1. A method, comprising:
- receiving, by a virtual gateway, a message destined for a target virtual machine of a plurality of virtual machines;
identifying a community-of-interest corresponding to the target virtual machine;
encrypting the message with a key assigned to the identified community-of-interest; and
transmitting the encrypted message to the target virtual machine.
9 Assignments
0 Petitions
Accused Products
Abstract
Virtual machines in a network may be isolated by encrypting transmissions between the virtual machines with keys possessed only by an intended recipient. Within a network, the virtual machines may be logically organized into a number of community-of-interest (COI) groups. Each COI may use an encryption key to secure communications within the COI, such that only other virtual machines in the COI may decrypt the message. Virtual machines may further be isolated through a virtual gateway assigned to handle all communications between a virtual machine and a device outside of the virtual machine'"'"'s COI. The virtual gateway may be a separate virtual machine for handling decrypting and encrypting messages for transmission between virtual machines and other devices.
-
Citations
20 Claims
-
1. A method, comprising:
-
receiving, by a virtual gateway, a message destined for a target virtual machine of a plurality of virtual machines; identifying a community-of-interest corresponding to the target virtual machine; encrypting the message with a key assigned to the identified community-of-interest; and transmitting the encrypted message to the target virtual machine. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product, comprising:
a non-transitory computer readable medium comprising; code to receive, by a virtual gateway, a message destined for a target virtual machine of a plurality of virtual machines; code to identify a community-of-interest corresponding to the target virtual machine; code to encrypt the message with a key assigned to the identified community-of-interest; and code to transmit the encrypted message to the target virtual machine. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
15. An apparatus, comprising:
-
a memory; a network interface; and a processor coupled to the memory and to the network interface, in which the processor is configured; to receive, by a virtual gateway, a message destined for a target virtual machine of a plurality of virtual machines; to identify a community-of-interest corresponding to the target virtual machine; to encrypt the message with a key assigned to the identified community-of-interest; and to transmit the encrypted message to the target virtual machine through the network interface. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification