专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20140096134A1 SYSTEM AND METHOD FOR ENFORCEMENT OF SECURITY CONTROLS ON VIRTUAL MACHINES THROUGHOUT LIFE CYCLE STATE CHANGES 有权
标题翻译：虚拟机安全控制系统和方法，通过寿命周期更改
公开(公告)号：US20140096134A1
公开(公告)日：2014-04-03
申请号：US13633487
申请日：2012-10-02
申请人： Nir Barak , Amir Jerbi , Eitan Hadar , Michael Kletskin
发明人： Nir Barak , Amir Jerbi , Eitan Hadar , Michael Kletskin
IPC分类号： G06F21/00 , G06F9/455
CPC分类号： G06F9/45558 , G06F21/554 , G06F21/56 , G06F21/566 , G06F2009/45562 , G06F2009/45587 , G06F2221/034
摘要： Systems and methods associated with virtual machine security are described herein. One example method includes instantiating a guest virtual machine in a virtual computing environment. The method also includes installing a life cycle agent on the guest virtual machine, assigning an identifying certificate, a set of policies, and an encryption key to the guest virtual machine, and providing the certificate, policies, and encryption key to the guest virtual machine. The certificate, policies, and encryption key may then be used by the guest virtual machine to authenticate itself within the virtual computing environment and to protect data stored on the guest virtual machine.
摘要翻译：这里描述了与虚拟机安全性相关联的系统和方法。一个示例性方法包括在虚拟计算环境中实例化虚拟机。该方法还包括在客户虚拟机上安装生命周期代理，向客户虚拟机分配识别证书，一组策略和加密密钥，以及向客户虚拟机提供证书，策略和加密密钥。客户虚拟机可以使用证书，策略和加密密钥在虚拟计算环境内对其进行身份验证，并保护存储在客户虚拟机上的数据。

2. 发明授权

US09626526B2 Trusted public infrastructure grid cloud 有权
公开(公告)号：US09626526B2
公开(公告)日：2017-04-18
申请号：US13459593
申请日：2012-04-30
申请人： Eitan Hadar , Michael Kletskin , Nir Barak , Amir Jerbi , Yaacov Bezalel
发明人： Eitan Hadar , Michael Kletskin , Nir Barak , Amir Jerbi , Yaacov Bezalel
IPC分类号： G06F17/00 , H04L29/06 , G06F21/62 , H04L29/08
CPC分类号： G06F21/6218 , G06F2221/2113 , H04L63/10 , H04L63/20 , H04L67/10
摘要： Systems and methods of implementing a secured cloud environment allow for design and instantiation of a security policy at the infrastructure level. An example system may comprise a first module to facilitate selecting at least two cloud computing component templates from a cloud computing component catalog. The system may comprise a second module to facilitate defining a connection between the at least two selected cloud computing component templates. The system may comprise a third module to facilitate assigning a security level and a policy to at least one of the at least two selected cloud computing component templates. The system may comprise a fourth module to facilitate building a cloud computing component blueprint.

3. 发明授权

US09389898B2 System and method for enforcement of security controls on virtual machines throughout life cycle state changes 有权
标题翻译：在整个生命周期状态变化中执行虚拟机上的安全控制的系统和方法
公开(公告)号：US09389898B2
公开(公告)日：2016-07-12
申请号：US13633487
申请日：2012-10-02
申请人： Nir Barak , Amir Jerbi , Eitan Hadar , Michael Kletskin
发明人： Nir Barak , Amir Jerbi , Eitan Hadar , Michael Kletskin
IPC分类号： G06F9/455 , G06F21/55 , G06F21/56
CPC分类号： G06F9/45558 , G06F21/554 , G06F21/56 , G06F21/566 , G06F2009/45562 , G06F2009/45587 , G06F2221/034
摘要： Systems and methods associated with virtual machine security are described herein. One example method includes instantiating a guest virtual machine in a virtual computing environment. The method also includes installing a life cycle agent on the guest virtual machine, assigning an identifying certificate, a set of policies, and an encryption key to the guest virtual machine, and providing the certificate, policies, and encryption key to the guest virtual machine. The certificate, policies, and encryption key may then be used by the guest virtual machine to authenticate itself within the virtual computing environment and to protect data stored on the guest virtual machine.
摘要翻译：这里描述了与虚拟机安全性相关联的系统和方法。一个示例性方法包括在虚拟计算环境中实例化虚拟机。该方法还包括在客户虚拟机上安装生命周期代理，向客户虚拟机分配识别证书，一组策略和加密密钥，以及向客户虚拟机提供证书，策略和加密密钥。客户虚拟机可以使用证书，策略和加密密钥在虚拟计算环境内对其进行身份验证，并保护存储在客户虚拟机上的数据。

4. 发明申请

US20130291052A1 TRUSTED PUBLIC INFRASTRUCTURE GRID CLOUD 有权
标题翻译：信托公共基础设施网球
公开(公告)号：US20130291052A1
公开(公告)日：2013-10-31
申请号：US13459593
申请日：2012-04-30
申请人： Eitan Hadar , Michael Kletskin , Nir Barak , Amir Jerbi , Yaacov Bezalel
发明人： Eitan Hadar , Michael Kletskin , Nir Barak , Amir Jerbi , Yaacov Bezalel
IPC分类号： G06F21/00
CPC分类号： G06F21/6218 , G06F2221/2113 , H04L63/10 , H04L63/20 , H04L67/10
摘要： Systems and methods of implementing a secured cloud environment allow for design and instantiation of a security policy at the infrastructure level. An example system may comprise a first module to facilitate selecting at least two cloud computing component templates from a cloud computing component catalog. The system may comprise a second module to facilitate defining a connection between the at least two selected cloud computing component templates. The system may comprise a third module to facilitate assigning a security level and a policy to at least one of the at least two selected cloud computing component templates. The system may comprise a fourth module to facilitate building a cloud computing component blueprint.
摘要翻译：实施安全云环境的系统和方法允许在基础架构级别设计和实例化安全策略。示例系统可以包括第一模块，以便于从云计算组件目录中选择至少两个云计算组件模板。该系统可以包括第二模块以便于定义所述至少两个所选择的云计算组件模板之间的连接。该系统可以包括第三模块，以便于向至少两个所选择的云计算组件模板中的至少一个分配安全级别和策略。该系统可以包括第四模块以便于构建云计算组件蓝图。

5. 发明申请

US20130061219A1 System and Method for Self-Aware Virtual Machine Image Deployment Enforcement 有权
标题翻译：自觉虚拟机映像部署执行的系统和方法
公开(公告)号：US20130061219A1
公开(公告)日：2013-03-07
申请号：US13223651
申请日：2011-09-01
申请人： Amir Jerbi , Michael Kletskin , Eitan Hadar
发明人： Amir Jerbi , Michael Kletskin , Eitan Hadar
IPC分类号： G06F9/455
CPC分类号： G06F9/468 , G06F21/577
摘要： According to one embodiment of the present disclosure, a method includes receiving a request to instantiate a virtual machine image in a virtualization environment. The method also includes sending a request for verification of the virtualization environment. The method further includes receiving information from the enforcement module in response to the request for verification of the virtualization environment. The method further includes determining whether the virtualization environment is verified based on the information received.
摘要翻译：根据本公开的一个实施例，一种方法包括在虚拟化环境中接收实例化虚拟机映像的请求。该方法还包括发送虚拟化环境的验证请求。该方法还包括响应于虚拟化环境的验证请求从执行模块接收信息。该方法还包括基于所接收的信息确定虚拟化环境是否被验证。

6. 发明授权

US08826275B2 System and method for self-aware virtual machine image deployment enforcement 有权
标题翻译：用于自觉识别虚拟机映像部署实施的系统和方法
公开(公告)号：US08826275B2
公开(公告)日：2014-09-02
申请号：US13223651
申请日：2011-09-01
申请人： Amir Jerbi , Michael Kletskin , Eitan Hadar
发明人： Amir Jerbi , Michael Kletskin , Eitan Hadar
IPC分类号： G06F9/455 , G06F9/46 , G06F21/57
CPC分类号： G06F9/468 , G06F21/577
摘要： According to one embodiment of the present disclosure, a method includes receiving a request to instantiate a virtual machine image in a virtualization environment. The method also includes sending a request for verification of the virtualization environment. The method further includes receiving information from the enforcement module in response to the request for verification of the virtualization environment. The method further includes determining whether the virtualization environment is verified based on the information received.
摘要翻译：根据本公开的一个实施例，一种方法包括在虚拟化环境中接收实例化虚拟机映像的请求。该方法还包括发送虚拟化环境的验证请求。该方法还包括响应于虚拟化环境的验证请求从执行模块接收信息。该方法还包括基于所接收的信息确定虚拟化环境是否被验证。

7. 发明申请

US20110072486A1 System, Method, and Software for Enforcing Access Control Policy Rules on Utility Computing Virtualization in Cloud Computing Systems 有权
标题翻译：系统，方法和软件，用于实施云计算系统中实用计算虚拟化的访问控制策略规则
公开(公告)号：US20110072486A1
公开(公告)日：2011-03-24
申请号：US12565318
申请日：2009-09-23
申请人： Ethan Hadar , Nimrod Vax , Amir Jerbi , Michael Kletskin
发明人： Ethan Hadar , Nimrod Vax , Amir Jerbi , Michael Kletskin
IPC分类号： G06F21/00 , G06F9/455
CPC分类号： H04L63/20 , G06F9/45558 , G06F21/6218 , G06F2009/45587
摘要： According to one embodiment, a system comprises one or more processors coupled to a memory and executing logic. A policy life cycle component is configured to maintain a repository of security policies. The repository of security policies comprises policies governing access to a virtual host and to a plurality of virtual machines running on the virtual host. The policy life cycle component is also configured to issue a compound policy for an identified virtual operating system running on the virtual host. The compound policy provides a virtual host policy and access rules for each of the plurality of virtual machines running on the virtual host. A topology manager is configured to receive the compound policy from the policy life cycle component, assign the compound to an access control agent, and maintain a security policy topology. The security policy topology stores associations between access control agents and compound policies.
摘要翻译：根据一个实施例，系统包括耦合到存储器和执行逻辑的一个或多个处理器。策略生命周期组件配置为维护安全策略的存储库。安全策略的存储库包括管理对虚拟主机和虚拟主机上运行的多个虚拟机的访问的策略。策略生命周期组件还被配置为为在虚拟主机上运行的标识的虚拟操作系统发出复合策略。复合策略为虚拟主机上运行的多个虚拟机中的每一个提供虚拟主机策略和访问规则。拓扑管理器被配置为从策略生命周期组件接收复合策略，将化合物分配给访问控制代理，并维护安全策略拓扑。安全策略拓扑存储访问控制代理和复合策略之间的关联。

8. 发明授权

US08490150B2 System, method, and software for enforcing access control policy rules on utility computing virtualization in cloud computing systems 有权
标题翻译：用于实施云计算系统中实用程序计算虚拟化的访问控制策略规则的系统，方法和软件
公开(公告)号：US08490150B2
公开(公告)日：2013-07-16
申请号：US12565318
申请日：2009-09-23
申请人： Ethan Hadar , Nimrod Vax , Amir Jerbi , Michael Kletskin
发明人： Ethan Hadar , Nimrod Vax , Amir Jerbi , Michael Kletskin
IPC分类号： G06F17/00 , H04L29/06
CPC分类号： H04L63/20 , G06F9/45558 , G06F21/6218 , G06F2009/45587
摘要： According to one embodiment, a system comprises one or more processors coupled to a memory and executing logic. A policy life cycle component is configured to maintain a repository of security policies. The repository of security policies comprises policies governing access to a virtual host and to a plurality of virtual machines running on the virtual host. The policy life cycle component is also configured to issue a compound policy for an identified virtual operating system running on the virtual host. The compound policy provides a virtual host policy and access rules for each of the plurality of virtual machines running on the virtual host. A topology manager is configured to receive the compound policy from the policy life cycle component, assign the compound to an access control agent, and maintain a security policy topology. The security policy topology stores associations between access control agents and compound policies.
摘要翻译：根据一个实施例，系统包括耦合到存储器和执行逻辑的一个或多个处理器。策略生命周期组件配置为维护安全策略的存储库。安全策略的存储库包括管理对虚拟主机和虚拟主机上运行的多个虚拟机的访问的策略。策略生命周期组件还被配置为为在虚拟主机上运行的标识的虚拟操作系统发出复合策略。复合策略为虚拟主机上运行的多个虚拟机中的每一个提供虚拟主机策略和访问规则。拓扑管理器被配置为从策略生命周期组件接收复合策略，将化合物分配给访问控制代理，并维护安全策略拓扑。安全策略拓扑存储访问控制代理和复合策略之间的关联。

9. 发明申请

US20110072487A1 System, Method, and Software for Providing Access Control Enforcement Capabilities in Cloud Computing Systems 审中-公开
标题翻译：在云计算系统中提供访问控制执行能力的系统，方法和软件
公开(公告)号：US20110072487A1
公开(公告)日：2011-03-24
申请号：US12565474
申请日：2009-09-23
申请人： Ethan Hadar , Nimrod Vax , Amir Jerbi , Michael Kletskin
发明人： Ethan Hadar , Nimrod Vax , Amir Jerbi , Michael Kletskin
IPC分类号： G06F21/20 , G06F15/16
CPC分类号： H04L63/10 , G06F9/5072 , G06F2209/505 , H04L63/20
摘要： According to one embodiment, a system comprises one or more processors coupled to a memory. The one or more processors when executing logic encoded in the memory provide a topology manager. The topology manager is configured to maintain a security topology of a plurality of hosts. The security topology associates one or more virtual hosts policies with a plurality of virtual hosts in a cloud computing deployment. The topology manager is also configured to request a query for one or more hosts that are candidates to be enforced. A portability manager is configured to receive a request to deploy an access control agent on the one or more candidate hosts, determine an optimal agent to be deployed from a list of available agents, and deploy the optimal agent on the one or more candidate hosts.
摘要翻译：根据一个实施例，系统包括耦合到存储器的一个或多个处理器。当执行在存储器中编码的逻辑时，一个或多个处理器提供拓扑管理器。拓扑管理器被配置为维护多个主机的安全拓扑。安全拓扑将一个或多个虚拟主机策略与云计算部署中的多个虚拟主机相关联。拓扑管理器还被配置为请求对要被强制执行的候选人的一个或多个主机的查询。便携式管理器被配置为接收在一个或多个候选主机上部署访问控制代理的请求，从可用代理的列表确定要部署的最佳代理，并且在一个或多个候选主机上部署最佳代理。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式