Guest thin agent assisted host network encryption
US11032248B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 9, 2017 |
| Grant date | Jun 8, 2021 |
| Priority date | — |
| Expiry date | Apr 19, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/164
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method to selectively encrypting packets includes filtering calls, at a virtual machine on a host, to connect sockets to server applications. When a call by a client application to connect a socket to a server application is detected, the method includes determining if the socket between the client and the server applications is to be encrypted based on identities of the client application, a user logged in on the virtual machine, or the client application and the user logged in on the virtual machine. The method includes filtering outbound packets in a protocol stack of the virtual machine. When the socket is to be encrypted and an outbound packet for the socket is detected, the method includes tagging the outbound packet for encryption by a hypervisor on the host and sending the outbound packet to a virtual network interface card (vNIC) emulated by the hypervisor.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.