Method for secure single-packet authorization within cloud computing networks

Inventors

• Michael Rash · Mount Airy, US
• Damien S. Stuart · Edgewater, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2151
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method for secure single-packet authorization and secure transparent access to software services residing on cloud-based servers other than the host system where the SPA server itself is running. A single packet authorization (SPA) server running on a host system passively monitors a network for a valid SPA packet while maintaining a default deny stance on a gateway packet filter. The SPA server stores the MD5 sum of every valid SPA packet that it monitors and flags any duplicate access attempts. This way, if any SPA packet has the same MD5 hash as a previously monitored packet the SPA server treats the packet as malicious. After a valid SPA packet is sent, the SPA host server provides a Network Address Translation (NAT) which essentially creates an “SPA gateway” within a Cloud network independent of any other border gateway devices that already exist within the Cloud. The client system may then request access via the SPA gateway to services that are on other Cloud systems besides the one where the SPA server is running.