发明名称 |
System and method for enforcement of security controls on virtual machines throughout life cycle state changes |
摘要 |
Systems and methods associated with virtual machine security are described herein. One example method includes instantiating a guest virtual machine in a virtual computing environment. The method also includes installing a life cycle agent on the guest virtual machine, assigning an identifying certificate, a set of policies, and an encryption key to the guest virtual machine, and providing the certificate, policies, and encryption key to the guest virtual machine. The certificate, policies, and encryption key may then be used by the guest virtual machine to authenticate itself within the virtual computing environment and to protect data stored on the guest virtual machine. |
申请公布号 |
US9389898(B2) |
申请公布日期 |
2016.07.12 |
申请号 |
US201213633487 |
申请日期 |
2012.10.02 |
申请人 |
CA, INC. |
发明人 |
Barak Nir;Jerbi Amir;Hadar Eitan;Kletskin Michael |
分类号 |
G06F9/455;G06F21/55;G06F21/56 |
主分类号 |
G06F9/455 |
代理机构 |
Pillsbury Winthrop Shaw Pittman LLP |
代理人 |
Pillsbury Winthrop Shaw Pittman LLP |
主权项 |
1. A computer program product comprising:
a non-transitory computer readable storage medium having computer readable program code embodied therewith, the computer readable program code comprising: computer readable program code configured to instantiate a guest virtual machine in a virtual computing environment; computer readable program code configured to install a life cycle agent on the guest virtual machine; computer readable program code configured to assign a certificate that identifies the virtual machine, a set of policies, and an encryption key to the guest virtual machine; and computer readable program code configured to provide the identifying certificate, the set of policies, and the encryption key to the guest virtual machine for use of the identifying certificate, the set of policies or the encryption key, in conjunction with the life cycle agent. |
地址 |
New York NY US |