US2017163691A1PendingUtilityA1
Methods, circuits, apparatus, systems and associated software applications for providing security on one or more servers, including virtual servers
Est. expiryFeb 22, 2031(~4.6 yrs left)· nominal 20-yr term from priority
H04L 63/205H04L 63/029H04L 63/10H04L 63/20
38
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
A method and system for secured access for a computing platform are provided. The method includes generating an on-the-fly access lease to the computing platform, wherein the on-the-fly access lease defines provisions for accessing at least one firewall port of the computing platform, wherein the provisions include at least a lease duration for accessing the at least one firewall port; and controlling access to resources of the computing platform through an opening of the at least one firewall port of the computing platform, wherein the access to resources of the computing platform is determined based on the generated on-the-fly access lease and the security settings.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method for secured access for a computing platform comprising:
generating an on-the-fly access lease to the computing platform, wherein the on-the-fly access lease defines provisions for accessing at least one firewall port of the computing platform, wherein the provisions include at least a lease duration for accessing the at least one firewall port; and controlling access to resources of the computing platform through an opening of the at least one firewall port of the computing platform, wherein the access to resources of the computing platform is determined based on the generated on-the-fly access lease and the security settings.
2 . The method of claim 1 , wherein the access to resources of the computing platform is triggered by passing an instruction to the computing platform during a secure tunnel communication requested by the computing platform.
3 . The method of claim 2 , further comprising:
monitoring the port access to the resources of the computing platform by a port-tending agent (PorTender) connected to the secure tunnel.
4 . The method of claim 2 , further comprising:
regulating the port access to the resources of the computing platform by a port-tending agent (PorTender) connected to the secure tunnel.
5 . The method of claim 2 , further comprising:
establishing a secure tunnel communication with the computing platform responsive to an intermittent connection request from the computing platform.
6 . The method of claim 5 , further comprising:
managing security settings of the computing platform; and forwarding the security settings along the secure tunnel.
7 . The method of claim 1 , further comprising:
terminating the on-the-fly access lease according to a schedule.
8 . The method of claim 1 , further comprising:
transmitting administrator settings for port access of the one or more firewalls ports to a port-tending agent (PorTender) connected to the secure tunnel.
9 . The method of claim 8 , wherein the transmitting administrator settings occurs periodically according to a predetermined schedule.
10 . The method of claim 8 , wherein the transmitting administrator settings for port access occurs after a one-time request from the PorTender.
11 . A system for secured access for a computing platform comprising:
at least one computing platform comprising at least one resource and at least one firewall port; a policy server configured to control port access security and connectivity settings for the at least one computing platform; and a communication link communicatively connecting between the at least one computing platform and the policy server, the communication link is configured to serve a secure tunnel communication there through, wherein the secure tunnel communication is intermittently established over the communication link; wherein an on-the-fly access lease to the at least one port of the at least one computing platform defining provisions for access the at least one firewall port of the computing platform is acquired, wherein the provisions include at least a lease duration for accessing the at least one firewall port; and wherein the policy server is configured to send instructions to open the at least one firewall port of the at least one computing platform during a communication using the secure tunnel communication respective of the acquired on-the-fly access lease and the security settings.
12 . The system of claim 11 , wherein the on-the-fly access lease is performed by a dynamic access lease manager of the system.
13 . The system of claim 12 , wherein the dynamic access lease manager is configured to terminate the on-the-fly access lease.
14 . The system of claim 13 , wherein the dynamic access lease manager is further configured to terminate the on-the-fly access lease according to a schedule.
15 . The system of claim 11 , wherein access to the at least one resource is monitored and regulated by a port-tending agent (PorTender).
16 . The system of claim 15 , wherein the PorTender intermittently triggers the secure tunnel communication. 17 , The system of claim 15 , wherein the policy server is configured to transmit administrator settings for port access to said PorTender.
18 . The system of claim 17 , wherein receiving administrator settings for access to the at least one port occurs periodically according to a predetermined schedule.
19 . The system of claim 17 , wherein receiving administrator settings to access the at least one firewall port occurs after a one-time request from the PorTender.
20 . The system of claim 15 , wherein the PorTender is installed into an operating system of the computing platform.
21 . A non-transitory computer readable medium having stored thereon instructions for causing one or more processors to execute a process comprising:
generating an on-the-fly access lease to the computing platform, wherein the on-the-fly access lease defines provisions for accessing at least one firewall port of the computing platform, wherein the provisions include at least a lease duration for accessing the at least one firewall port; and controlling access to resources of the computing platform through an opening of the at least one firewall port of the computing platform, wherein the access to resources of the computing platform is determined based on the generated on-the-fly access lease and the security settings.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.