Securing an Injection of a Workload into a Virtual Network Hosted by a Cloud-Based Platform

The disclosed system implements techniques to secure communications for injecting a workload (e.g., a container) into a virtual network hosted by a cloud-based platform. Based on a delegation instruction received from a tenant, a virtual network of the tenant can connect to and execute a workload vi...

Full description

Saved in:
Bibliographic Details
Main Authors Kumar, Abhijeet, TEWARI, Rishabh, SREENATH, Abhishek Ellore, KUMARAN, Jayesh, BRUMLEY, David Michael, RAMACHANDRAN, Aanand, BANSAL, Deepak, SHARMA, Sushant, SHUKLA, Abhishek, SRIVASTAVA, Nisheeth, SHARMA, Parag, GUPTA, Avijit
Format Patent
LanguageEnglish
Published 30.09.2021
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:The disclosed system implements techniques to secure communications for injecting a workload (e.g., a container) into a virtual network hosted by a cloud-based platform. Based on a delegation instruction received from a tenant, a virtual network of the tenant can connect to and execute a workload via a virtual machine that is part of a virtual network that belongs to a resource provider. To secure calls and authorize access to the tenant's virtual network, authentication information provided with a call from the virtual network of the resource provider may need to match authorization information made available via a publication service of the cloud-based platform. Additionally or alternatively, an identifier of a NIC used to make a call may need to correspond to a registered name of the resource provider for the call to be authorized. These checks provide increased security by preventing unauthorized calls to the tenant's virtual network.
Bibliography:Application Number: US202117344857