What technology area does this patent fall under?

Primary CPC classification H04L63/0876. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Feb 07 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Method and system for providing access to administrative functionality a virtualization environment

US9565189B1 · US · B1

Patent metadata
Field	Value
Publication number	US-9565189-B1
Application number	US-201414556679-A
Country	US
Kind code	B1
Filing date	Dec 1, 2014
Priority date	Dec 1, 2014
Publication date	Feb 7, 2017
Grant date	Feb 7, 2017

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Described is an architecture for providing access to administrative functionality in a virtualization system using implied authentication. This approach avoids the problems associated with the requirements to use a user ID and password to access an admin console. The user ID and password can be rendered completely unnecessary, or where the user ID and password combination is only used as a supplement to the implied authentication.

First claim

Opening claim text (preview).

What is claimed is: 1. A computer-implemented method for providing access to administrative functionality in a virtualization environment, comprising: identifying an administrative functionality to access; communicating from a virtual machine over a secure communications channel to access the administrative functionality; wherein implied authentication corresponding to communications mechanisms in an underlying virtualization infrastructure is used to authenticate access to the administrative functionality from the virtual machine; wherein the secure communications channel comprises a virtual NIC at the virtual machine that communicates to the administrative functionality via a virtual switch; and wherein the implied authentication is implemented by permitting only a correct MAC address to communicate over the secure communications channel. 2. The computer-implemented method of claim 1 , wherein the virtual switch is dedicated to the correct MAC address. 3. The computer-implemented method of claim 1 , wherein each virtual NIC corresponds to a dedicated virtual switch. 4. The computer-implemented method of claim 1 , wherein multiple virtual NICs correspond to a shared virtual switch. 5. The computer-implemented method of claim 1 , wherein the secure communications channel comprises a virtual disk having one or more buffers to communicate between the virtual machine and the administrative functionality. 6. The computer-implemented method of claim 5 , wherein the implied authentication is implemented by permitting only an authorized entity to access the virtual disk. 7. The computer-implemented method of claim 1 , wherein the virtual machine communicates to a controller virtual machine to access the administrative functionality. 8. The computer-implemented method of claim 1 , wherein one or more tags are used to permit access to multiple objects that share a common tag. 9. The computer-implemented method of claim 1 , wherein the implied authentication is used in conjunction with key data or a combination of a username and password to authenticate access to the administrative functionality from the virtual machine. 10. A system for providing access to administrative functionality in a virtualization environment, comprising: a computer processor to execute a set of program instructions; a memory to hold the program code instructions, in which the program code instructions comprises program code to perform: identifying an administrative functionality to access; communicating from a virtual machine over a secure communications channel to access the administrative functionality; wherein implied authentication corresponding to communications mechanisms in an underlying virtualization infrastructure is used to authenticate access to the administrative functionality from the virtual machine; wherein the secure communications channel comprises a virtual NIC at the virtual machine that communicates to the administrative functionality via a virtual switch; and wherein the implied authentication is implemented by permitting only a correct MAC address to communicate over the secure communications channel. 11. The system of claim 10 , wherein the virtual switch is dedicated to the correct MAC address. 12. The system of claim 10 , wherein each virtual NIC corresponds to a dedicated virtual switch. 13. The system of claim 10 , wherein multiple virtual NICs correspond to a shared virtual switch. 14. The system of claim 10 , wherein the secure communications channel comprises a virtual disk having one or more buffers to communicate between the virtual machine and the administrative functionality. 15. The system of claim 14 , wherein the implied authentication is implemented by permitting only an authorized entity to access the virtual disk. 16. The system of claim 10 , wherein the virtual machine communicates to a controller virtual machine to access the administrative functionality. 17. The system of claim 10 , wherein one or more tags are used to permit access to multiple objects that share a common tag. 18. The system of claim 10 , wherein the implied authentication is used in conjunction with key data or a combination of a username and password to authenticate access to the administrative functionality from the virtual machine. 19. A computer program product embodied in a non-transitory computer readable medium, the computer readable medium having stored thereon a sequence of instructions which, when executed by a processor causes the processor to execute a process for providing access to administrative functionality in a virtualization environment, the process comprising: identifying an administrative functionality to access; communicating from a virtual machine over a secure communications channel to access the administrative functionality; wherein implied authentication corresponding to communications mechanisms in an underlying virtualization infrastructure is used to authenticate access to the administrative functionality from the virtual machine; wherein the secure communications channel comprises a virtual NIC at the virtual machine that communicates to the administrative functionality via a virtual switch; and wherein the implied authentication is implemented by permitting only a correct MAC address to communicate over the secure communications channel. 20. The computer program product of claim 19 , wherein the virtual switch is dedicated to the correct MAC address. 21. The computer program product of claim 19 , wherein each virtual NIC corresponds to a dedicated virtual switch. 22. The computer program product of claim 19 , wherein multiple virtual NICs correspond to a shared virtual switch. 23. The computer program product of claim 19 , wherein the secure communications channel comprises a virtual disk having one or more buffers to communicate between the virtual machine and the administrative functionality. 24. The computer program product of claim 23 , wherein the implied authentication is implemented by permitting only an authorized entity to access the virtual disk. 25. The computer program product of claim 19 , wherein the virtual machine communicates to a controller virtual machine to access the administrative functionality. 26. The computer program product of claim 19 , wherein one or more tags are used to permit access to multiple objects that share a common tag. 27. The computer program product of claim 19 , wherein the implied authentication is used in conjunction with key data or a combination of a username and password to authenticate access to the administrative functionality from the virtual machine. 28. A computer-implemented method for providing access to administrative functionality in a virtualization environment, comprising: determining encryption key data for a virtual machine; mounting a storage unit at the virtual machine; using the storage unit mounted at the virtual machine to exchange the encryption key data; identifying an administrative functionality to access; generating encrypted messages from the virtual machine using the encryption key data to access the administrative functionality; wherein access to the administrative functionality is granted if the encryption key data is properly used to generate the encrypted messages; communicating from the virtual machine over a secure communications channel to access

Assignees

Nutanix Inc

Inventors

Classifications

G06F9/45558
Hypervisor-specific management and integration aspects · CPC title
G06F2009/45583
Memory management, e.g. access or allocation · CPC title
G06F2009/45595
Network integration; Enabling network access in virtual machine instances · CPC title
G06F2009/45587
Isolation or security of virtual machine instances · CPC title
H04L63/0876Primary
based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint · CPC title

Patent family

Related publications grouped by family.

View patent family 57908898

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9565189B1 cover?: Described is an architecture for providing access to administrative functionality in a virtualization system using implied authentication. This approach avoids the problems associated with the requirements to use a user ID and password to access an admin console. The user ID and password can be rendered completely unnecessary, or where the user ID and password combination is only used as a supp…
Who is the assignee on this patent?: Nutanix Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/0876. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Feb 07 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).