What technology area does this patent fall under?

Primary CPC classification H04L63/0272. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Apr 11 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Cloud-native proxy gateway to cloud resources

US11625280B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11625280-B2
Application number	US-202016836847-A
Country	US
Kind code	B2
Filing date	Mar 31, 2020
Priority date	Mar 31, 2020
Publication date	Apr 11, 2023
Grant date	Apr 11, 2023

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A cloud-native proxy gateway is reachable from a central server and from an isolated cloud VM. A method allows legacy (non-cloud native) solutions to establish a secure connection to the isolated cloud VM, even when incoming port flows are not enabled. The method involves transforming a TCP/IP network connection request into a cloud API call, ignoring IP addresses, and instead using a unique cloud resource identifier as the primary network routing methodology. In response to a communication connection request by the central server, the isolated VM establishes a reverse tunnel to the cloud-native proxy gateway. Communication flow initiated by the central server proceeds through the reverse tunnel to the isolated VM, avoiding an issue of duplicate IP addresses in the cloud.

First claim

Opening claim text (preview).

What is claimed is: 1. A method for establishing connection to a virtual machine (VM) in a cloud, the method comprising: initiating, at a central server, a request for connection to a target cloud VM, the target cloud VM being one of a plurality of target cloud VMs and the request specifying a unique resource identifier (ID) of the target cloud VM, wherein the unique resource ID of the target cloud VM is a string of characters not in an Internet Protocol (IP) address format; determining whether the unique resource ID of the target cloud VM is registered in a cloud network domain in a local hosts file; when the unique resource ID is registered in the local hosts file, connecting to a cloud-native proxy gateway; directing the request for connection to the target cloud VM to the cloud-native proxy gateway, the cloud-native proxy gateway being reachable from each one of the plurality of target cloud VMs and the central server; and establishing a reverse tunnel from the target cloud VM back to the cloud-native proxy gateway. 2. The method of claim 1 , further comprising: at the cloud-native proxy gateway, assigning a local port to the reverse tunnel. 3. The method of claim 2 , further comprising: at the cloud-native proxy gateway, sending incoming communication flow from the central server to the target cloud VM through the reverse tunnel by adjusting a port designated in the incoming communication flow to the local port assigned to the reverse tunnel. 4. The method of claim 3 , further comprising: at the cloud-native proxy gateway, for outgoing communication flow from the target cloud VM, adjusting the local port back to the port originally designated in the incoming communication flow and making a connection to a local host on the port originally designated in the incoming communication flow. 5. The method of claim 1 , further comprising: keeping the connection from the central server to the cloud-native proxy gateway alive while establishing the reverse tunnel. 6. The method of claim 1 , wherein establishing the reverse tunnel from the target cloud VM back to the cloud-native proxy gateway includes looking up calling information for the target cloud VM in a cloud resources inventory, the calling information including information needed to issue an Application Programming Interface (API) call to establish a shell connection to the target cloud VM. 7. The method of claim 1 , wherein establishing the reverse tunnel from the target cloud VM back to the cloud-native proxy gateway includes issuing a command to an agent in the target cloud VM to establish the reverse tunnel from the target cloud VM back to the cloud-native proxy gateway. 8. The method of claim 1 , further comprising: directing incoming communication flow to the target cloud VM through the reverse tunnel. 9. The method of claim 1 , further comprising: when the unique resource ID of the target cloud VM is not registered in a cloud network domain in the local hosts file, forwarding the request to a local network. 10. A computer program product for establishing connection to virtual machine (VM) in a cloud, the computer program product including instructions recorded on a non-transitory computer-readable storage medium and configured to cause one or more processors to: initiate, at a central server, a request for connection to a target cloud VM, the target cloud VM being one of a plurality of target cloud VMs and the request specifying a unique resource identifier (ID) of the target cloud VM, wherein the unique resource ID of the target cloud VM is a string of characters not in an Internet Protocol (IP) address format; determine whether the unique resource ID of the target cloud VM is registered in a cloud network domain in a local hosts file; when the unique resource ID of the target cloud VM is registered in the local hosts file, connect to a cloud-native proxy gateway; direct the request for connection to the target cloud VM to the cloud-native proxy gateway, the cloud-native proxy gateway being reachable from each one of the plurality of target cloud VMs and the central server; and establish a reverse tunnel from the target cloud VM back to the cloud-native proxy gateway. 11. The computer program product of claim 10 , wherein the instructions are configured to further cause the one or more processors to: at the cloud-native proxy gateway, assign a local port to the reverse tunnel. 12. The computer program product of claim 11 , wherein the instructions are configured to further cause the one or more processors to: at the cloud-native proxy gateway, send incoming communication flow directed to the target cloud VM through the reverse tunnel by adjusting a port designated in the incoming communication flow to the local port assigned to the reverse tunnel. 13. The computer program product of claim 12 , wherein the instructions are configured to further cause the one or more processors to: at the cloud-native proxy gateway, for outgoing communication flow from the target cloud VM, adjust the local port back to the port originally designated in the incoming communication flow and make a connection to a local host on the port originally designated in the incoming communication flow. 14. The computer program product of claim 10 , wherein the instructions are configured to further cause the one or more processors to: keep the connection from the central server to the cloud-native proxy gateway alive while establishing the reverse tunnel. 15. The computer program product of claim 10 , wherein establishing the reverse tunnel from the target cloud VM back to the cloud-native proxy gateway includes looking up calling information for the target cloud VM in a cloud resources inventory, the calling information including information needed to issue an Application Programming Interface (API) call to establish a shell connection to the target cloud VM. 16. The computer program product of claim 10 , wherein establishing the reverse tunnel from the target cloud VM back to the cloud-native proxy gateway includes issuing a command to an agent in the target cloud VM to establish the reverse tunnel from the target cloud VM back to the cloud-native proxy gateway. 17. The computer program product of claim 10 , wherein the instructions are configured to further cause the one or more processors to: direct incoming communication flow to the target cloud VM through the reverse tunnel. 18. The computer program product of claim 10 , wherein the instructions are configured to further cause the one or more processors to: when the unique resource ID of the target cloud VM is not registered in the cloud network domain in the local hosts file, forward the request to a local network. 19. A system for establishing connection to a virtual machine (VM) in a cloud, the system comprising: one or more processors; a memory; a central server; a cloud-native proxy gateway; and a cloud resources inventory, the one or more processors in conjunction with the memory configured to: at the central server, initiate a request for connection to a target cloud VM, the target cloud VM being one of a plurality of target cloud VMs and the request specifying a unique resource identifier (ID) of the target cloud VM, wherein the unique resource ID of the target cloud VM is a string of characters not in an Internet Protocol (IP) address format; determine whether the unique resource ID of the target cloud VM is registered in a cloud network domain in a local hosts file; when the unique re

Assignees

Bmc Software Inc

Inventors

Classifications

G06F9/547
Remote procedure calls [RPC]; Web services · CPC title
H04L12/4633
Interconnection of networks using encapsulation techniques, e.g. tunneling · CPC title
H04L63/0272Primary
Virtual private networks · CPC title
H04L67/10
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title
G06F2009/45595
Network integration; Enabling network access in virtual machine instances · CPC title

Patent family

Related publications grouped by family.

View patent family 75562892

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11625280B2 cover?: A cloud-native proxy gateway is reachable from a central server and from an isolated cloud VM. A method allows legacy (non-cloud native) solutions to establish a secure connection to the isolated cloud VM, even when incoming port flows are not enabled. The method involves transforming a TCP/IP network connection request into a cloud API call, ignoring IP addresses, and instead using a unique cl…
Who is the assignee on this patent?: Bmc Software Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/0272. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Apr 11 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).