Resource unit isolation for increased safety and security in cloud services

Assignee

• MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

• Nidhi VERMA · Bellevue, US
• Roberta Cannerozzi · Bellevue, US
• Brian O'Connor · Kenmore, US
• Darius Snapkauskas · Redmond, US
• Le Chang · Kirkland, US
• Harpreet Miglani · Redmond, US
• Phillip Beish · Duvall, US
• Dylan Nunley · Seattle, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/20
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

The techniques disclosed herein enable improved security as well as more scalable and reliable job execution by utilizing granular security boundaries and certificate-based authentication for all communication within cloud-based platforms. To manage a cloud-based platform, a system receives a plurality of jobs and associated certificates at a first security boundary that are to be executed at various resource units within a second security boundary. The system then authenticates each certificate before transmitting each job to its respective resource unit for execution. In addition, the system is further configured to monitor active certificates for compromise and accordingly isolate various security boundaries in the event of a security breach. By isolating portions of the cloud-based platform within security boundaries, the system can mitigate the impact of security breaches. Furthermore, certificate-based authentication addresses performance constraints to enable more efficient and scalable job execution.