Secure deployment of provable identity for dynamic application environments

US 8,990,562 B2
Filed: 10/08/2010
Issued: 03/24/2015
Est. Priority Date: 10/08/2010
Status: Active Grant

First Claim

Patent Images

1. A method for establishing a provable identity for a virtual machine, comprising:

launching the virtual machine;

creating an account for the virtual machine on a second computer;

in response to creating the account for the virtual machine on the second computer, sending the virtual machine first data, and sending the second computer the first data;

sending, by the virtual machine, the first data to the second computer and the second computer verifying the first data as received from the virtual machine against the first data already possessed by the second computer;

in response to the second computer verifying the first data as received from the virtual machine against the first data already possessed by the second computer, creating a full token that comprises an assertion of an identity of the virtual machine, and sending the full token to the virtual machine;

sending a public key to a third computer; and

sending, by the virtual machine, the full token to the third computer, the third computer confirming the identity of the virtual machine based on determining that combining the full token of the virtual machine and the public key produces a result consistent with the identity of the virtual machine.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An invention is described for securely deploying a provable identity for virtual machines (VMs) in a dynamic environment. In an embodiment, a fabric controller instructs a VM host to create a VM and sends that VM a secret. The fabric controller sends that same secret (or a second secret, such as the private key of a public/private key pair) to the security token service along with an instruction to make an account for the VM. The VM presents proof that it possesses the secret to the security token service and in return receives a full token. When a client connects to the deployment, it receives the public key from the security token service, which it trusts, and the full token from the VM. It validates the full token with the public key to determine that the VM has the identity that it purports to have.

11 Citations

View as Search Results

20 Claims

1. A method for establishing a provable identity for a virtual machine, comprising:
- launching the virtual machine;
  
  creating an account for the virtual machine on a second computer;
  
  in response to creating the account for the virtual machine on the second computer, sending the virtual machine first data, and sending the second computer the first data;
  
  sending, by the virtual machine, the first data to the second computer and the second computer verifying the first data as received from the virtual machine against the first data already possessed by the second computer;
  
  in response to the second computer verifying the first data as received from the virtual machine against the first data already possessed by the second computer, creating a full token that comprises an assertion of an identity of the virtual machine, and sending the full token to the virtual machine;
  
  sending a public key to a third computer; and
  
  sending, by the virtual machine, the full token to the third computer, the third computer confirming the identity of the virtual machine based on determining that combining the full token of the virtual machine and the public key produces a result consistent with the identity of the virtual machine.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein creating the account for the virtual machine on the second computer is performed by a fourth computer, and wherein the fourth computer has an account on the second computer and authority to create an account for the virtual machine, and further comprising:
    - instructing the second computer, by the fourth computer, to create the account for the virtual machine.
  - 3. The method of claim 2, wherein sending the virtual machine the full token is performed by the second computer.
  - 4. The method of claim 1, wherein sending the public key to the third computer, wherein the third computer confirms the identity of the virtual machine based on determining that combining the full token of the virtual machine and the public key produces a result consistent with the identity of the virtual machine, further comprises:
    - the third computer determining to trust the full token because it was issued by the second computer, the third computer having validated an identity of the second computer through querying a domain name system with a network address of the second computer to receive a uniform resource locator (URL) of the second computer, and comparing the URL of the second computer with a URL stored in a certificate for the second computer.
  - 5. The method of claim 1, wherein the third computer has validated an identity of the second computer by determining that a domain name system name for the second computer matches a name in a certificate for the second computer.
  - 6. The method of claim 1, wherein sending the virtual machine the full token created by the second computer comprises:
    - sending to the virtual machine, by the second computer, the full token, in response to receiving a credential from the virtual machine corresponding to a credential stored in an account for the virtual machine on the second computer.
  - 7. The method of claim 1, wherein creating the account for the virtual machine on the second computer is performed by a fourth computer, and further comprising:
    - creating, by a fifth computer, an account for a sixth computer, on the second computer;
      
      sending the sixth computer a second full token that comprises an assertion of an identity of the sixth computer, the second full token being created by the second computer based on the account for the second computer; and
      
      wherein sending the public key to the third computer comprises;
      
      sending the public key to the third computer, wherein the third computer confirms the identity of the sixth computer based on determining that combining the full token of the sixth computer and the public key produces a result consistent with the identity of the sixth computer.
  - 8. The method of claim 1, further comprising:
    - sending the public key to a seventh computer, such that the seventh computer confirms the identity of the virtual machine based on processing the full token as presented by the virtual machine with the public key to produce a known result.
  - 9. The method of claim 1, further comprising:
    - creating an account for an eighth computer on the second computer;
      
      sending the eighth computer a second full token that comprises an assertion of an identity of the eighth computer, the second full token being token created by the second computer based on the account for the eighth computer; and
      
      wherein sending the public key to the third computer comprises;
      
      sending the public key to the third computer, wherein the third computer confirms the identity of the eighth computer based on determining that combining the second full token of the eighth computer and the public key produces a result consistent with the identity of the eighth computer.

10. A system for establishing a provable identity for a virtual machine, comprising:
- a memory bearing instructions that, upon execution by a processor, cause the system to at least;
  
  launch the virtual machine;
  
  create an account for the virtual machine on a second computer;
  
  in response to creating the account for the virtual machine on the second computer, send the virtual machine first data, and sending the second computer the first data;
  
  send, by the virtual machine, the first data to the second computer and the second computer verifying the first data as received from the virtual machine against the first data already possessed by the second computer;
  
  in response to the second computer verifying the first data as received from the virtual machine against the first data already possessed by the second computer, create a full token that comprises an assertion of an identity of the virtual machine, and sending the full token to the virtual machine;
  
  send a public key to a third computer; and
  
  send, by the virtual machine, the full token to the third computer, the third computer confirming the identity of the virtual machine based on determining that combining the full token of the virtual machine and the public key produces a result consistent with the identity of the virtual machine.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 11. The system of claim 10, wherein the instructions that, upon execution by the processor, cause the system at least to create the account for the virtual machine on the second computer is performed by a fourth computer, and wherein the fourth computer has an account on the second computer and authority to create an account for the virtual machine, further cause the system at least to:
    - instruct the second computer, by the fourth computer, to create the account for the virtual machine.
  - 12. The system of claim 11, wherein sending the virtual machine the full token is performed by the second computer.
  - 13. The system of claim 10, wherein the instructions that, upon execution by the processor, cause the system at least to send the public key to the third computer, wherein the third computer confirms the identity of the virtual machine based on determining that combining the full token of the virtual machine and the public key produces a result consistent with the identity of the virtual machine, further cause the system at least to:
    - determine, by the third computer, to trust the full token because it was issued by the second computer, the third computer having validated an identity of the second computer through querying a domain name system with a network address of the second computer to receive a uniform resource locator (URL) of the second computer, and comparing the URL of the second computer with a URL stored in a certificate for the second computer.
  - 14. The system of claim 10, wherein the third computer has validated an identity of the second computer by determining that a domain name system name for the second computer matches a name in a certificate for the second computer.
  - 15. The system of claim 14, wherein the certificate was issued by a certificate authority trusted by the third computer.
  - 16. The system of claim 10, wherein the instructions that, upon execution by the processor, cause the system at least to send the virtual machine the full token created by the second computer further cause the system at least to:
    - send to the virtual machine, by the second computer, the full token, in response to receiving a credential from the virtual machine corresponding to a credential stored in an account for the virtual machine on the second computer.
  - 17. The system of claim 10, wherein the instructions that, upon execution by the processor, cause the system at least to create the account for the virtual machine on the second computer, is performed by a fourth computer, and wherein the memory further bears instructions that, upon execution by the processor, cause the system at least to:
    - create, by a fifth computer, an account for a sixth computer, on the second computer;
      
      send the sixth computer a second full token that comprises an assertion of an identity of the sixth computer, the second full token being created by the second computer based on the account for the second computer; and
      
      wherein the instructions that, upon execution by the processor, cause the system at least to send the public key to the third computer further cause the system at least to;
      
      send the public key to the third computer, wherein the third computer confirms the identity of the sixth computer based on determining that combining the full token of the sixth computer and the public key produces a result consistent with the identity of the sixth computer.
  - 18. The system of claim 10, wherein the memory further bears instructions that, upon execution by the processor, cause the system at least to:
    - send the public key to a seventh computer, such that the seventh computer confirms the identity of the virtual machine based on processing the full token as presented by the virtual machine with the public key to produce a known result.
  - 19. The system of claim 10, wherein the memory further bears instructions that, upon execution by the processor, cause the system at least to:
    - create an account for an eighth computer on the second computer;
      
      send the eighth computer a second full token that comprises an assertion of an identity of the eighth computer, the second full token being token created by the second computer based on the account for the eighth computer; and
      
      wherein the instructions that, upon execution by the processor, cause the system at least to send the public key to the third computer further cause the system at least to;
      
      send the public key to the third computer, wherein the third computer confirms the identity of the eighth computer based on determining that combining the second full token of the eighth computer and the public key produces a result consistent with the identity of the eighth computer.

20. A computer-readable storage device for establishing a provable identity for a virtual machine, bearing computer-readable instructions that, upon execution by a computer, cause the computer to perform operations comprising:
- launching the virtual machine;
  
  creating an account for the virtual machine on a second computer;
  
  in response to creating the account for the virtual machine on the second computer, sending the virtual machine first data, and sending the second computer the first data;
  
  sending, by the virtual machine, the first data to the second computer and the second computer verifying the first data as received from the virtual machine against the first data already possessed by the second computer;
  
  in response to the second computer verifying the first data as received from the virtual machine against the first data already possessed by the second computer, creating a full token that comprises an assertion of an identity of the virtual machine, and sending the full token to the virtual machine;
  
  sending a public key to a third computer; and
  
  sending, by the virtual machine, the full token to the third computer, the third computer confirming the identity of the virtual machine based on determining that combining the full token of the virtual machine and the public key produces a result consistent with the identity of the virtual machine.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Jirka, Ian, Tevosyan, Kahren, Sanders, Corey, Moore, George M., Srivastava, Mohit, Russinovich, Mark Eugene
Primary Examiner(s)
MOORTHY, ARAVIND K

Application Number

US12/901,445
Publication Number

US 20120089833A1
Time in Patent Office

1,628 Days
Field of Search

713/193, 713/168, 713/170, 713/182, 726/4
US Class Current

713/168
CPC Class Codes

G06F 2009/45562   Creating, deleting, cloning...

G06F 2009/45595   Network integration; Enabli...

G06F 21/33   using certificates

G06F 21/57   Certifying or maintaining t...

G06F 9/45558   Hypervisor-specific managem...

H04L 63/0823   using certificates cryptogr...

H04L 9/3228   One-time or temporary data,...

Secure deployment of provable identity for dynamic application environments

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

11 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure deployment of provable identity for dynamic application environments

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links