发明名称 |
METHOD AND APPARATUS FOR APPLYING APPLICATION CONTEXT SECURITY CONTROLS FOR SOFTWARE CONTAINERS |
摘要 |
According to one aspect of the present disclosure, resource requests between software containers are accepted or rejected based on whether the software containers are part of a same logical software application. According to another aspect of the present disclosure, a request to start a software container is accepted or rejected based on whether the software container is digitally signed. According to another aspect of the present disclosure, a request to perform a container operational action for a first software container is accepted or rejected based on whether a security registry includes a rule governing the requested container operational action for the first software container, and if the software container is already running, based also on what entity started the software container. |
申请公布号 |
US2016342786(A1) |
申请公布日期 |
2016.11.24 |
申请号 |
US201615083972 |
申请日期 |
2016.03.29 |
申请人 |
Gerebe Amir |
发明人 |
Gerebe Amir |
分类号 |
G06F21/52;H04L9/32 |
主分类号 |
G06F21/52 |
代理机构 |
|
代理人 |
|
主权项 |
1. A method of sharing a resource between software containers, the method implemented by a host computing device and comprising:
detecting a request from a first software container to access a resource of a different, second software container, an operational state of the second software container being controlled by a container engine running on the host computing device; and instructing the host computing device to accept or reject the request based on whether the first and second software containers, which each contain a respective software application, are part of a same logical software application. |
地址 |
Givatayim IL |