Invention Application
- Patent Title: SECURE DEPLOYMENT OF PROVABLE IDENTITY FOR DYNAMIC APPLICATION ENVIRONMENTS
- Patent Title (中): 确保动态应用环境的可用身份
-
Application No.: US12901445Application Date: 2010-10-08
-
Publication No.: US20120089833A1Publication Date: 2012-04-12
- Inventor: Ian Jirka , Kahren Tevosyan , Corey Sanders , George M. Moore , Mohit Srivastava , Mark Eugene Russinovich
- Applicant: Ian Jirka , Kahren Tevosyan , Corey Sanders , George M. Moore , Mohit Srivastava , Mark Eugene Russinovich
- Applicant Address: US WA Redmond
- Assignee: Microsoft Corporation
- Current Assignee: Microsoft Corporation
- Current Assignee Address: US WA Redmond
- Main IPC: H04L9/32
- IPC: H04L9/32
Abstract:
An invention is described for securely deploying a provable identity for virtual machines (VMs) in a dynamic environment. In an embodiment, a fabric controller instructs a VM host to create a VM and sends that VM a secret. The fabric controller sends that same secret (or a second secret, such as the private key of a public/private key pair) to the security token service along with an instruction to make an account for the VM. The VM presents proof that it possesses the secret to the security token service and in return receives a full token. When a client connects to the deployment, it receives the public key from the security token service, which it trusts, and the full token from the VM. It validates the full token with the public key to determine that the VM has the identity that it purports to have.
Public/Granted literature
- US08990562B2 Secure deployment of provable identity for dynamic application environments Public/Granted day:2015-03-24
Information query
