-
公开(公告)号:US20140019745A1
公开(公告)日:2014-01-16
申请号:US13547138
申请日:2012-07-12
申请人: David S. Dodgson , Ralph Foring , James A. Fontana , Robert A. Johnson , David Maw , Anthony Narisl
发明人: David S. Dodgson , Ralph Foring , James A. Fontana , Robert A. Johnson , David Maw , Anthony Narisl
IPC分类号: H04L29/06
CPC分类号: H04L63/065 , H04L63/0227 , H04L63/0428
摘要: Virtual machines in a network may be isolated by encrypting transmissions between the virtual machines with keys possessed only by an intended recipient. Within a network, the virtual machines may be logically organized into a number of community-of-interest (COI) groups. Each COI may use an encryption key to secure communications within the COI, such that only other virtual machines in the COI may decrypt the message. Security may be further enhanced by establishing a session key for use during communications between a first and a second virtual machine. The session key may be encrypted with the COI key.
摘要翻译: 可以通过使用仅由预期接收者拥有的密钥对虚拟机之间的传输进行加密来隔离网络中的虚拟机。 在网络中,虚拟机可以在逻辑上被组织成许多社区(COI)组。 每个COI可以使用加密密钥来保护COI内的通信,使得仅COI中的其他虚拟机可以解密该消息。 可以通过建立在第一和第二虚拟机之间的通信期间使用的会话密钥来进一步增强安全性。 会话密钥可以用COI密钥加密。