-
公开(公告)号:US10248442B2
公开(公告)日:2019-04-02
申请号:US13547148
申请日:2012-07-12
申请人: David S Dodgson , Ralph Farina , James A Fontana , Robert A Johnson , David Maw , Anthony Narisi
发明人: David S Dodgson , Ralph Farina , James A Fontana , Robert A Johnson , David Maw , Anthony Narisi
摘要: Virtual machines in a network may be isolated by encrypting transmissions between the virtual machines with keys possessed only by an intended recipient. Within a network, the virtual machines may be logically organized into a number of community-of-interest (COI) groups. Each COI may use an encryption key to secure communications within the COI, such that only other virtual machines in the COI may decrypt the message. Virtual machines may be automatically provisioned with configuration information, such as the encryption keys, when the virtual machine is started. The provisioning information may be created based on a template stored on a configuration server.
-
公开(公告)号:US10454931B2
公开(公告)日:2019-10-22
申请号:US15001354
申请日:2016-01-20
申请人: Ted Hinaman , Steven J Rajcan , Matthew Mohr , William Gunn , Sarah K Inforzato , Robert A Johnson , Gregory J Small , David S Dodgson
发明人: Ted Hinaman , Steven J Rajcan , Matthew Mohr , William Gunn , Sarah K Inforzato , Robert A Johnson , Gregory J Small , David S Dodgson
摘要: Methods and systems for securing communications with an enterprise from a remote computing system are disclosed. One method includes initiating a secured connection with a VPN appliance associated with an enterprise using service credentials maintained in a secure applet installed on a remote computing device, and initiating communication with an authentication server within an enterprise via the secured connection. The method also includes receiving specific credentials from the authentication server, terminating the secured connection with the VPN appliance, and initiating a second secured connection with the VPN appliance using the specific credentials, the specific credentials providing access to one or more computing devices within the enterprise being within a same community of interest as the remote computing device and obfuscating one or more other computing systems within the enterprise excluded from the community of interest. The method also includes initiating communications with at least one of the one or more computing devices included in the community of interest.
-
公开(公告)号:US20150381597A1
公开(公告)日:2015-12-31
申请号:US14688348
申请日:2015-04-16
CPC分类号: H04L63/08 , G06F21/604 , H04L41/0843 , H04L63/20 , H04L67/02 , H04L67/30
摘要: Methods and systems for managing a secure enterprise are disclosed. One method includes initiating a management service at a server within the secure enterprise, the management service including a web interface providing administrative access to configuration settings associated with the secure enterprise, the management service initializing a secure communications protocol and managing access to a credential store, the credential store including a plurality of credentials defining communities of interest within the secure enterprise, each of the communities of interest defining a collection of authenticated endpoints having common access and usage rights. The method includes initiating an object management service at the server defining an interface to a configuration database, and accessing the configuration database to obtain data defining a configuration of the enterprise according to a configuration profile. The method includes applying configuration settings to the secure enterprise based on the data defining the configuration of the secure enterprise.
摘要翻译: 公开了用于管理安全企业的方法和系统。 一种方法包括在安全企业内的服务器上启动管理服务,管理服务包括提供对与安全企业相关联的配置设置的管理访问的web界面,初始化安全通信协议的管理服务以及管理对凭证存储的访问, 证书存储包括在安全企业内定义感兴趣社区的多个凭证,感兴趣的社区每个定义具有共同访问权限和使用权限的认证端点的集合。 该方法包括在定义与配置数据库的接口的服务器上启动对象管理服务,以及根据配置简档访问配置数据库以获取定义企业配置的数据。 该方法包括基于定义安全企业的配置的数据将配置设置应用于安全企业。
-
-
搜索结果
3 条记录 (耗时 0.026 秒)
