US2017118174A1PendingUtilityA1
Communication tunneling in application container environments
Est. expiryJan 28, 2035(~8.5 yrs left)· nominal 20-yr term from priority
H04L 67/16H04L 63/0272H04L 12/4641H04L 63/0478H04L 63/029H04L 2101/622H04L 67/51H04L 63/02G06F 21/606H04L 63/0407
37
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
Systems, methods, and software described herein provide encryption configurations to application containers. In one example, a method of operating a management system to provide VPN configurations to application containers in an application container environment includes identifying two application containers in the application container environment for secure communication, and identifying a VPN configuration for the two application containers. The method further includes configuring the two application containers for secure communication by transferring the VPN configuration to security layers within each of the two application containers.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A computing apparatus comprising:
one or more non-transitory computer readable storage media; a processing system communicatively coupled to the non-transitory computer readable storage media; and processing instructions stored on the one or more non-transitory computer readable storage media to provide virtual private network (VPN) configurations to application containers that, when read and executed by the processing system, direct the processing system to:
identify a first application container and a second application container in the application container environment for secure communication, wherein the first application container executes using resource isolation provided by an operating system for the first application container, and wherein the second application container executes using resource isolation provided by an operating system for the second application container;
identify a VPN configuration for the first application container and the second application container; and
configure the first application container and the second application container for secure communication by transferring the VPN configuration to a first security layer within the first application container and a second security layer within the second application container, wherein the first security layer acts as a communication intermediary between at least one application within the first application container and at least one application in the second application container, and wherein the second security layer acts as a communication intermediary between the at least one application within the second application container and the at least one application in the first application container.
2 . The computer apparatus of claim 1 wherein the application container environment comprises a web service environment configured to provide a web service to one or more end user devices.
3 . The computer apparatus of claim 11 wherein the processing instructions to identify the first application container and the second application container in the application container environment for secure communication direct the management system to:
receive a configuration request from at least one of the first application container or the second application container; and
in response to receiving the configuration request, identify the first application container and the second application container in the application container environment for secure communication.
4 . The computer apparatus of claim 1 wherein the processing instructions to identify the first application container and the second application container in the application container environment for secure communication direct the management system to identify user input defining the first application container and the second application container in the application container environment for secure communication.
5 . The computer apparatus of claim 1 wherein the processing instructions to identify the first application container and the second application container in the application container environment for secure communication direct the management system to identify applications within the first application container and the second application container for secure communication.
6 . The computer apparatus of claim 1 wherein the processing instructions to identify the VPN configuration for the first application container and the second application container direct the management system to identify the VPN configuration for the first application container and the second application container based on user defined preferences.
7 . The computer apparatus of claim 1 wherein the processing instructions to identify the VPN configuration for the first application container and the second application container direct the management system to identify the VPN configuration for the first application container and the second application container based on security requirements for the at least one application within the first application container and the at least one application within the second application container.
8 . The computer apparatus of claim 1 wherein the first application container and the second application container each comprise a Linux container.
9 . The computer apparatus of claim 1 wherein the first application container and the second application container each comprise a jail.
10 . A method of operating a management system to provide virtual private network (VPN) configurations to application containers in an application container environment, the method comprising:
identifying a first application container and a second application container in the application container environment for secure communication, wherein the first application container executes using resource isolation provided by an operating system for the first application container, and wherein the second application container executes using resource isolation provided by an operating system for the second application container; identifying a VPN configuration for the first application container and the second application container; and configuring the first application container and the second application container for secure communication by transferring the VPN configuration to a first security layer within the first application container and a second security layer within the second application container, wherein the first security layer acts as a communication intermediary between at least one application within the first application container and at least one application in the second application container, and wherein the second security layer acts as a communication intermediary between the at least one application within the second application container and the at least one application in the first application container.
11 . The method of claim 10 wherein the application container environment comprises a web service environment configured to provide a web service to one or more end user devices.
12 . The method of claim 10 wherein identifying the first application container and the second application container in the application container environment for secure communication comprises:
receiving a configuration request from at least one of the first application container or the second application container; and
in response to receiving the configuration request, identifying the first application container and the second application container in the application container environment for secure communication.
13 . The method of claim 10 wherein identifying the first application container and the second application container in the application container environment for secure communication comprises identifying user input defining the first application container and the second application container in the application container environment for secure communication.
14 . The method of claim 10 wherein identifying the first application container and the second application container in the application container environment for secure communication comprises identifying applications within the first application container and the second application container for secure communication.
15 . The method of claim 10 wherein configuring the first application container and the second application container for secure communication by transferring the VPN configuration to the first security layer within the first application container and the second security layer within the second application container comprises configuring the first application container and the second application container for secure communication by provisioning the first application container and the second application container with the VPN configuration for the first security layer within the first application container and the second security layer within the second application container.
16 . The method of claim 10 wherein identifying the VPN configuration for the first application container and the second application container comprises identifying the VPN configuration for the first application container and the second application container based on user defined preferences.
17 . The method of claim 10 wherein identifying the VPN configuration for the first application container and the second application container comprises identifying the VPN configuration for the first application container and the second application container based on security requirements for the at least one application within the first application container and the at least one application within the second application container.
18 . The method of claim 10 wherein the first application container and the second application container each comprise a Linux container.
19 . The method of claim 10 wherein the first application container and the second application container each comprise a jail.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.