Secure instance metadata as cryptographic identity

Assignee

• Oracle International Corporation · US

Inventors

• Anthony Long · Edmonds, US
• Brady Turner · Crestview Hills, US
• Mina Anes · Bothell, US
• Mauruthi Geetha Mohan · Seattle, US
• Adam Franklin Wilford · Lexington, US
• Bill Chau · Kirkland, US
• Timothy Kraus · Carlsbad, US
• David Dale Becker · Seattle, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0823
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method may include transmitting a request for metadata associated with a compute instance and receiving, by a computing system, metadata associated with the compute instance signed with a private key. The private key may be associated with a public key. The method may include receiving a request to access a cloud resource and transmitting the request for the metadata. The method may also include receiving the metadata. The metadata may indicate that the compute instance is hosted on the computing system. The method may also include transmitting, to an instance principal service, a request for an instance principal certificate. The request may include the metadata signed with the private key and be cryptographically verified by the instance principal service using the public key. The method may also include receiving the instance principal certificate and providing access to the could resource based on the instance principal certificate.