SECURING AN INJECTION OF A WORKLOAD INTO A VIRTUAL NETWORK HOSTED BY A CLOUD-BASED PLATFORM

SECURING AN INJECTION OF A WORKLOAD INTO A VIRTUAL NETWORK HOSTED BY A CLOUD-BASED PLATFORM

The disclosed system implements techniques to secure communications for injecting a workload (e.g., a container) into a virtual network hosted by a cloud-based platform. Based on a delegation instruction received from a tenant, a virtual network of the tenant can connect to and execute a workload vi...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: TEWARI, Rishabh, SREENATH, Abhishek Ellore, KUMAR, Abhijeet, KUMARAN, Jayesh, BRUMLEY, David Michael, RAMACHANDRAN, Aanand, BANSAL, Deepak, SHARMA, Sushant, SHUKLA, Abhishek, SRIVASTAVA, Nisheeth, SHARMA, Parag, GUPTA, Avijit
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The disclosed system implements techniques to secure communications for injecting a workload (e.g., a container) into a virtual network hosted by a cloud-based platform. Based on a delegation instruction received from a tenant, a virtual network of the tenant can connect to and execute a workload via a virtual machine that is part of a virtual network that belongs to a resource provider. To secure calls and authorize access to the tenant's virtual network, authentication information provided with a call from the virtual network of the resource provider may need to match authorization information made available via a publication service of the cloud-based platform. Additionally or alternatively, an identifier of a NIC used to make a call may need to correspond to a registered name of the resource provider for the call to be authorized. These checks provide increased security by preventing unauthorized calls to the tenant's virtual network.