What technology area does this patent fall under?

Primary CPC classification H04L63/104. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Nov 07 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Trust-based computing resource authorization in a networked computing environment

US9813423B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9813423-B2
Application number	US-201313777615-A
Country	US
Kind code	B2
Filing date	Feb 26, 2013
Priority date	Feb 26, 2013
Publication date	Nov 7, 2017
Grant date	Nov 7, 2017

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A trust-based approach for authorizing computing resources in a networked computing environment is provided. Specifically, in a typical embodiment, a candidate computing resource (e.g., a virtual machine) will submit a request to join a network computing environment (“environment”). Based on the request, a message will be communicated to previously authorized/joined computing resources to poll/solicit their votes as to whether the candidate computing resource should be trusted/authorized in the environment. Based on the responses submitted by the polled computing resources, the candidate computing resource may be authorized or denied membership in the environment. If authorized, a permission level may be set (e.g., as recommended by the polled computing resources).

First claim

Opening claim text (preview).

What is claimed is: 1. A computer-implemented method for trust-based computing resource authorization in a networked computing environment, comprising: receiving, in a computer memory medium, a request for a candidate virtual machine-to join the networked computing environment as a computing resource that becomes a part of the networked computing environment and is available for use by other users in the networked computing environment; identifying, based on a parsing of contextual metadata, a set of authorizing virtual machines that includes a plurality of virtual machines previously joined to the networked computing environment; communicating an authorization message to every one of the set of authorizing virtual machines, the authorization message comprising metadata describing a set of attributes of the candidate virtual machine; receiving a set of responses from the set of authorizing virtual machines, the set of responses comprising a set of votes responsive to the request of the candidate virtual machine to join the networked computing environment, and an indication whether any of the set of authorizing virtual machines requests the candidate virtual machine be configured for a particular authorizing virtual machine of the set of authorizing virtual machines, the set of responses further comprising a set of qualifiers that suggest a set of permission levels for the candidate virtual machines; making an authorization determination for the candidate virtual machine to join the networked computing environment based on the set of votes, wherein the candidate virtual machine is authorized to join the networked computing environment if the set of votes to allow the candidate virtual machine to join the networked computing environment is greater than the set of votes expressly voting not to allow the candidate virtual machine to join the networked computing environment; and setting an authorization level for the candidate virtual machine based on the suggested set of permission levels. 2. The computer-implemented method of claim 1 , further comprising returning a response to the candidate virtual machine, the response identifying the authorization level. 3. The computer-implemented method of claim 1 , the set of qualifiers setting forth a set of priorities for the set of votes. 4. The computer-implemented method of claim 1 , the set of votes comprising a set of codes having associated voting decisions. 5. The computer-implemented method of claim 1 , the networked computing environment comprising a cloud computing environment. 6. A system for trust-based computing resource authorization in a networked computing environment, comprising: a bus; a processor coupled to the bus; and a memory medium coupled to the bus, the memory medium comprising instructions to: receive, in a computer memory medium, a request for a candidate virtual machine to join the networked computing environment as a computing resource that becomes a part of the networked computing environment and is available for use by other users in the networked computing environment; identify a set of authorizing virtual machines that includes a plurality of virtual machines previously joined to the networked computing environment; communicate an authorization message to every one of the set of authorizing virtual machines, the authorization message comprising metadata describing a set of attributes of the candidate virtual machine; receive a set of responses from the set of authorizing virtual machines, the set of responses comprising a set of votes responsive to the request of the candidate virtual machine to join the networked computing environment, and an indication whether any of the set of authorizing virtual machines requests the candidate virtual machine be configured for a particular authorizing virtual machine of the set of authorizing virtual machines, the set of responses further comprising a set of qualifiers that suggest a set of permission levels for the candidate virtual machines; make an authorization determination for the candidate virtual machine to join the networked computing environment based on the set of votes, wherein the candidate virtual machine is authorized to join the networked computing environment if the set of votes to allow the candidate virtual machine to join the networked computing environment is greater than the set of votes expressly voting not to allow the candidate virtual machine to join the networked computing environment; and setting an authorization level for the candidate virtual machine based on the suggested set of permission levels. 7. The system of claim 6 , the memory medium further comprising instructions to return a response to the candidate virtual machine, the response identifying the authorization level. 8. The computer-implemented method of claim 6 , the set of qualifiers setting forth a set of priorities for the set of votes. 9. The system of claim 6 , the set of votes comprising a set of codes having associated voting decisions. 10. The system of claim 6 , the networked computing environment comprising a cloud computing environment. 11. A computer program product for trust-based computing resource authorization in a networked computing environment, the computer program product comprising a computer readable storage device, and program instructions stored on the computer readable storage media, to: receive, in a computer memory medium, a request for a candidate virtual machine to join the networked computing environment as a computing resource that becomes a part of the networked computing environment and is available for use by other users in the networked computing environment; identify a set of authorizing virtual machines that includes a plurality of virtual machines previously joined to the networked computing environment; communicate an authorization message to every one of the set of authorizing virtual machines, the authorization message comprising metadata describing a set of attributes of the candidate virtual machine; receive a set of responses from the set of authorizing virtual machines, the set of responses comprising a set of votes responsive to the request of the candidate virtual machine to join the networked computing environment, and an indication whether any of the set of authorizing virtual machines requests the candidate virtual machine be configured for a particular authorizing virtual machine of the set of authorizing virtual machines, the set of responses further comprising a set of qualifiers that suggest a set of permission levels for the candidate virtual machines; make an authorization determination for the candidate virtual machine to join the networked computing environment based on the set of votes, wherein the candidate virtual machine is authorized to join the networked computing environment if the set of votes to allow the candidate virtual machine to join the networked computing environment is greater than the set of votes expressly voting not to allow the candidate virtual machine to join the networked computing environment; and set an authorization level for the candidate virtual machine based on the suggested set of permission levels. 12. The computer program product of claim 11 , further comprising program instructions stored on the computer readable storage device-to return a response to the candidate virtual machine, the response identifying the authorization level. 13. The computer-implemented method of claim 11 , the set of qualifiers setting forth a set of priorities for the set of votes. 14. The computer program product of claim 11 , the set of votes comprising a set

Assignees

Inventors

Classifications

H04L63/104Primary
Grouping of entities · CPC title
H04L63/10
for controlling access to devices or network resources · CPC title
H04L63/08
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
H04L9/32
including means for verifying the identity or authority of a user of the system {or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials} · CPC title

Patent family

Related publications grouped by family.

View patent family 51389685

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9813423B2 cover?: A trust-based approach for authorizing computing resources in a networked computing environment is provided. Specifically, in a typical embodiment, a candidate computing resource (e.g., a virtual machine) will submit a request to join a network computing environment (“environment”). Based on the request, a message will be communicated to previously authorized/joined computing resources to poll/…
Who is the assignee on this patent?: IBM
What technology area does this patent fall under?: Primary CPC classification H04L63/104. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Nov 07 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).