Credential safety management for software containers
US11580216B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 26, 2021 |
| Grant date | Feb 14, 2023 |
| Priority date | — |
| Expiry date | Apr 15, 2041 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/604
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An example computer-implemented method of providing security for a software container includes discovering credentials that a software container is expected to use at runtime. The discovering is performed prior to instantiation of the software container from a container image, and is based on one or more of credentials stored in the container image, credentials stored in runtime configuration data for the software container, and credentials from a secrets management service. An unsafe credential set is determined that includes one or more of the discovered credentials that do not meet predefined credential safety criteria. A runtime request is intercepted from the software container. A credential violation is detected based on the intercepted runtime request attempting to use a credential from the unsafe discovered credential set. A corrective action is performed for the software container based on the detected credential violation.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.