[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2012100092A3 - System and method for a cloud computing abstraction layer with security zone facilities - Google Patents

System and method for a cloud computing abstraction layer with security zone facilities Download PDF

Info

Publication number
WO2012100092A3
WO2012100092A3 PCT/US2012/021921 US2012021921W WO2012100092A3 WO 2012100092 A3 WO2012100092 A3 WO 2012100092A3 US 2012021921 W US2012021921 W US 2012021921W WO 2012100092 A3 WO2012100092 A3 WO 2012100092A3
Authority
WO
WIPO (PCT)
Prior art keywords
security zone
policy
software workload
workload
security
Prior art date
Application number
PCT/US2012/021921
Other languages
French (fr)
Other versions
WO2012100092A2 (en
Inventor
Frank R MARTINEZ
Eric Pulier
Original Assignee
Servicemesh, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US13/009,774 external-priority patent/US8931038B2/en
Application filed by Servicemesh, Inc. filed Critical Servicemesh, Inc.
Publication of WO2012100092A2 publication Critical patent/WO2012100092A2/en
Publication of WO2012100092A3 publication Critical patent/WO2012100092A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • H04L63/0218Distributed architectures, e.g. distributed firewalls
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1004Server selection for load balancing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Stored Programmes (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

In embodiments of the present invention improved capabilities are described for a virtualization environment adapted for development and deployment of at least one software workload, the virtualization environment having a metamodel framework that allows the association of a policy to the software workload upon development of the workload that is applied upon deployment of the software workload. This allows a developer to define a security zone and to apply at least one type of security policy with respect to the security zone including the type of security zone policy in the metamodel framework such that the type of security zone policy can be associated with the software workload upon development of the software workload, and if the type of security zone policy is associated with the software workload, automatically applying the security policy to the software workload when the software workload is deployed within the security zone.
PCT/US2012/021921 2011-01-19 2012-01-19 System and method for a cloud computing abstraction layer with security zone facilities WO2012100092A2 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201161434396P 2011-01-19 2011-01-19
US13/009,774 US8931038B2 (en) 2009-06-19 2011-01-19 System and method for a cloud computing abstraction layer
US13/009,774 2011-01-19
US61/434,396 2011-01-19

Publications (2)

Publication Number Publication Date
WO2012100092A2 WO2012100092A2 (en) 2012-07-26
WO2012100092A3 true WO2012100092A3 (en) 2012-09-27

Family

ID=46516385

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2012/021921 WO2012100092A2 (en) 2011-01-19 2012-01-19 System and method for a cloud computing abstraction layer with security zone facilities

Country Status (1)

Country Link
WO (1) WO2012100092A2 (en)

Families Citing this family (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10235205B2 (en) 2012-05-24 2019-03-19 Citrix Systems, Inc. Remote management of distributed datacenters
WO2013188665A1 (en) 2012-06-14 2013-12-19 Tekelec, Inc. Methods, systems, and computer readable media for providing policy and charging rules function (pcrf) with integrated openflow controller
US8935764B2 (en) * 2012-08-31 2015-01-13 Hewlett-Packard Development Company, L.P. Network system for implementing a cloud platform
US9571564B2 (en) 2012-08-31 2017-02-14 Hewlett Packard Enterprise Development Lp Network system for implementing a cloud platform
US10122596B2 (en) 2012-09-07 2018-11-06 Oracle International Corporation System and method for providing a service management engine for use with a cloud computing environment
US9201639B2 (en) * 2012-09-07 2015-12-01 Oracle International Corporation System and method for service definition packages for use with a cloud computing environment
US9357034B2 (en) * 2012-09-07 2016-05-31 Oracle International Corporation System and method for orchestration of services for use with a cloud computing environment
US9424024B2 (en) 2012-09-07 2016-08-23 Oracle International Corporation System and method for elasticity management of services with a cloud computing environment
US9323517B2 (en) * 2012-09-07 2016-04-26 Oracle International Corporation System and method for dynamic modification of service definition packages with a cloud computing environment
CN103019938B (en) * 2012-12-26 2016-12-28 北京搜狐新媒体信息技术有限公司 A kind of method and device in the application of local test cloud platform
EP2957068B1 (en) 2013-02-18 2018-08-22 Tekelec, Inc. Methods, systems, and computer readable media for providing a virtualized diameter network architecture and for routing traffic to dynamically instantiated diameter resource instances
US9369390B2 (en) 2013-02-18 2016-06-14 Tekelec, Inc. Methods, systems, and computer readable media for providing a thinking diameter network architecture
US20140236745A1 (en) * 2013-02-20 2014-08-21 Airvm Inc. Virtualized distribution system offering virtual products or services
CN103152415A (en) * 2013-03-04 2013-06-12 浪潮电子信息产业股份有限公司 Resource approval process design method based on cloud data center
US10142173B2 (en) * 2013-04-29 2018-11-27 Amazon Technologies, Inc. Automated creation of private virtual networks in a service provider network
US9391897B2 (en) 2013-07-31 2016-07-12 Oracle International Corporation Methods, systems, and computer readable media for mitigating traffic storms
US9537775B2 (en) 2013-09-23 2017-01-03 Oracle International Corporation Methods, systems, and computer readable media for diameter load and overload information and virtualization
US9838483B2 (en) 2013-11-21 2017-12-05 Oracle International Corporation Methods, systems, and computer readable media for a network function virtualization information concentrator
US11388082B2 (en) 2013-11-27 2022-07-12 Oracle International Corporation Methods, systems, and computer readable media for diameter routing using software defined network (SDN) functionality
EP3202085A4 (en) * 2014-09-30 2018-04-18 Hewlett-Packard Enterprise Development LP Topology based management of second day operations
US9917729B2 (en) 2015-04-21 2018-03-13 Oracle International Corporation Methods, systems, and computer readable media for multi-layer orchestration in software defined networks (SDNs)
US10484460B2 (en) 2016-07-22 2019-11-19 Microsoft Technology Licensing, Llc Access services in hybrid cloud computing systems
JP2023544073A (en) * 2019-03-26 2023-10-20 ヒューマニタス ソリューションズ インコーポレイテッド Systems and methods that enable execution of multiple tasks in a heterogeneous dynamic environment
WO2020217096A1 (en) * 2019-04-23 2020-10-29 Zebware Ab Method and devices for enabling portability of data and client between cloud service providers
WO2022103882A1 (en) * 2020-11-11 2022-05-19 Tehama Inc. Virtual room directory service
CN113359625B (en) * 2021-05-19 2024-03-12 华电电力科学研究院有限公司 Heat supply management and control integrated platform system with network safety protection function and application

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7506357B1 (en) * 1998-10-28 2009-03-17 Bea Systems, Inc. System and method for maintaining security in a distributed computer network
US20090178108A1 (en) * 2008-01-08 2009-07-09 Microsoft Corporation Enterprise security assessment sharing for off-premise users using globally distributed infrastructure
US20100071024A1 (en) * 2008-09-12 2010-03-18 Juniper Networks, Inc. Hierarchical application of security services within a computer network
US20100223385A1 (en) * 2007-02-02 2010-09-02 The Mathworks, Inc. Scalable architecture

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7506357B1 (en) * 1998-10-28 2009-03-17 Bea Systems, Inc. System and method for maintaining security in a distributed computer network
US20100223385A1 (en) * 2007-02-02 2010-09-02 The Mathworks, Inc. Scalable architecture
US20090178108A1 (en) * 2008-01-08 2009-07-09 Microsoft Corporation Enterprise security assessment sharing for off-premise users using globally distributed infrastructure
US20100071024A1 (en) * 2008-09-12 2010-03-18 Juniper Networks, Inc. Hierarchical application of security services within a computer network

Also Published As

Publication number Publication date
WO2012100092A2 (en) 2012-07-26

Similar Documents

Publication Publication Date Title
WO2012100092A3 (en) System and method for a cloud computing abstraction layer with security zone facilities
WO2011112347A3 (en) System and method for malware detection
EP3688652A4 (en) Device and method for data security with trusted execution environment
GB2505804A8 (en) Multi-domain information sharing
EP3332332A4 (en) System and method for network function virtualization resource management
EP3617983A4 (en) Method and device for virtual resource allocation, model establishment and data prediction
EP3462311A4 (en) Virtual network function deployment method, device and system adopting network edge computing
WO2012027701A3 (en) Parallel processing development environment and associated methods
EP3407534A4 (en) In-car computer system, vehicle, key generation device, management method, key generation method, and computer program
EP3467663A4 (en) Resource access method applied to computer, and computer
AU2014386583A8 (en) Inter-process communication method based on application layer of android and basic application communication system
GB201209473D0 (en) Detecting stored cross-site scripting vulnerabilities in web applications
WO2013153441A8 (en) Secure zone for digital communications
WO2012022835A3 (en) Method and apparatus for managing application resources via policy rules
EP3198788A4 (en) Trusted execution environment and transport layer security key pair for e-commerce and card not present transactions
EP3427149A4 (en) Systems and methods for management of cloud computing resources for information systems
AU2014235181A8 (en) Certificate based profile confirmation
WO2014078585A3 (en) Methods, systems and computer readable media for detecting command injection attacks
EP3249860A4 (en) Method, device, and program for management and orchestration of network functions virtualization
WO2014046888A3 (en) Controlling distribution of resources on a network
EP3252607A4 (en) Network function virtualization management and orchestration device, system, management method, and program
GB201015283D0 (en) Data security in a cloud computing environment
WO2013033824A3 (en) System and methods for developing component-based computing applications
WO2012092113A3 (en) Policy-based access to virtualized applications
EP3074872A4 (en) System and method for a security asset manager

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12736238

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12736238

Country of ref document: EP

Kind code of ref document: A2