Enforcing policy-based compliance of virtual machine image configurations
US9448826B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Mar 15, 2013 |
| Grant date | Sep 20, 2016 |
| Priority date | — |
| Expiry date | Aug 3, 2034 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2009/45587
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Techniques are disclosed for data risk management in accessing an Infrastructure as a Service (IaaS) cloud network. More specifically, embodiments of the invention evaluate virtual machine images launched in cloud-based environments for compliance with a policy. After intercepting a virtual machine image launch request, an intermediary policy management engine determines whether the request conforms to a policy defined by a policy manager, e.g., an enterprise's information security officer. The policy may be based on user identities, virtual machine image attributes, data classifications, or other criteria. Upon determining whether the request conforms to policy, the policy management engine allows the request, blocks the request, or triggers a management approval workflow.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.