Secure cloud storage distribution and aggregation
US-2015363611-A1 · Dec 17, 2015 · US
Securely virtualizating network services
US9325666B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9325666-B2 |
| Application number | US-201414578788-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 22, 2014 |
| Priority date | Oct 30, 2007 |
| Publication date | Apr 26, 2016 |
| Grant date | Apr 26, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Services in a network device are added through providing virtual environments. Virtualization allows services based on other platforms or architectures to be run with minimum modification and in a secure manner. Connecting services to the host through a stateful firewall allows dynamic integration, and passes only traffic of interest to the service. Virtualization allows services written for different instruction architectures to be supported. Multiple virtualized environments each supporting a service may be run.
First claim
Opening claim text (preview).
What is claimed is: 1. A method of adding a service to a host device, comprising: providing a virtual environment to support a service that is not native to the host device; executing the service in the virtual environment; and providing isolation between the service and the host device through an isolation component that is separate from the virtual environment, wherein a failure of the service does not cause a failure of another service connected to the host device. 2. The method of claim 1 , wherein providing isolation between service and the host device comprises providing the isolation between the service and the host device by a stateful firewall. 3. The method of claim 1 , further comprising executing multiple services in the virtual environment. 4. The method of claim 1 , further comprising executing multiple services are in the virtual environment, wherein one of the multiple services is native to the host device. 5. The method of claim 1 , wherein the virtual environment provides a different instruction set architecture than the host device. 6. The method of claim 1 , wherein the service and a native service are cascaded. 7. The method of claim 1 , further comprising: providing an intrusion detection service that receives all data prior to the data being forwarded to another service. 8. A computing device, comprising: one or more processors; and a memory having instructions stored thereon, which when executed by the one or more processors, cause the computing device to: provide a virtual environment to support a service that is not native to the host device; execute the service in the virtual environment; and provide isolation between the service and the host device through an isolation component that is separate from the virtual environment, wherein a failure of the service does not cause a failure of another service connected to the host device. 9. The computing device of claim 8 , wherein the isolation between the service and the host device is provided by a stateful firewall. 10. The computing device of claim 8 , wherein multiple services are executed in the virtual environment. 11. The computing device of claim 8 , wherein multiple services are executed in the virtual environment, and wherein one of the multiple services is native to the host device. 12. The computing device of claim 8 , wherein the virtual environment provides a different instruction set architecture than the host device. 13. The computing device of claim 8 , wherein the service and a native service are cascaded. 14. The computing device of claim 8 , further comprising instructions, which when executed by the one or more processors, cause the computing device to: provide an intrusion detection service that receives all data prior to the data being forwarded to another service. 15. A non-transitory machine-readable storage medium, including instructions that when executed by a data processing apparatus, cause the data processing apparatus to: provide a virtual environment to support a service that is not native to the host device; execute the service in the virtual environment; and provide isolation between the service and the host device through an isolation component that is separate from the virtual environment, wherein a failure of the service does not cause a failure of another service connected to the host device. 16. The non-transitory machine-readable storage medium of claim 15 , wherein the isolation between the service and the host device is provided by a stateful firewall. 17. The non-transitory machine-readable storage medium of claim 15 , wherein multiple services are executed in the virtual environment. 18. The non-transitory machine-readable storage medium of claim 15 , wherein multiple services are executed in the virtual environment, and wherein one of the multiple services are native to the host device. 19. The non-transitory machine-readable storage medium of claim 15 , wherein the virtual environment provides a different instruction set architecture than the host device. 20. The non-transitory machine-readable storage medium of claim 15 , wherein the service and a native service are cascaded. 21. The non-transitory machine-readable storage medium of claim 15 , wherein the instructions are further to cause the data processing apparatus to: provide an intrusion detection service that receives all data prior to the data being forwarded to another service.
Assignees
Inventors
Classifications
PIN / Access code, authentication · CPC title
Microprocessor, CPU · CPC title
Electricity · mapped topic
Virtual channel/circuits · CPC title
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9325666B2 cover?
- Services in a network device are added through providing virtual environments. Virtualization allows services based on other platforms or architectures to be run with minimum modification and in a secure manner. Connecting services to the host through a stateful firewall allows dynamic integration, and passes only traffic of interest to the service. Virtualization allows services written for di…
- Who is the assignee on this patent?
- Aruba Networks Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/02. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Apr 26 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).