Secure end-to-end deployment of workloads in a virtualized environment using hardware-based attestation
US11799670B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 11, 2020 |
| Grant date | Oct 24, 2023 |
| Priority date | — |
| Expiry date | Dec 3, 2041 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2009/45595
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A framework is provided that assigns a digital certificate to each VM-based control plane element and computing node (i.e., worker VM) of a workload orchestration platform implemented in a virtualized environment, where the digital certificate is signed by a trusted entity and provides cryptographic proof that the control plane element/worker VM has been successfully attested by that trusted entity using hardware-based attestation. Each control plane element/worker VM is configured to verify the digital certificates of other platform components prior to communicating with those components. With these digital certificates in place, when an end-user submits to the platform's front-end control plane element a new workload for deployment, the end-user can verify the digital certificate of the front-end control plane element in order to be assured that the workload will be deployed and executed by the platform in a secure manner.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.