Protected application stack and method and system of utilizing

摘要

A secure appliance for use within a multi-tenant cloud computing environment which comprises: a) a policy enforcement point (PEP); b) a hardened Operating System (OS) capable of deploying applications; and c) at least one application capable of hosting services and application program interfaces (APIs).

主权项

1. A server computer, comprising:
a memory, the memory stores a set of policy constraints; and a set of hardware processors in communication with the memory, the set of hardware processors executes a hypervisor, the hypervisor executes a first virtual policy enforcement point appliance, the first virtual policy enforcement point appliance runs a first operating system that includes a firewall, the first operating system runs a first application and a first policy enforcement point, the first virtual policy enforcement point appliance restricts all application layer communication to and from the first application to pass through the first policy enforcement point, the first policy enforcement point controls all application layer communication to and from the first application based on the set of policy constraints.