公开(公告)号：US11032295B2

公开(公告)日：2021-06-08

申请号：US16357355

申请日：2019-03-19

Applicant: VMWARE, INC.

Inventor： Ravi Kumar Reddy Kottapalli ,  Avinash Mudivedu

IPC: H04L29/06 ,  H04W12/67 ,  H04L12/26

Abstract: Techniques for provisioning of digital certificates in software defined data centers (SDDCs) based on security monitoring information are disclosed. In one example, a set of digital certificates may be assigned to a group of computing resources of an SDDC. Each digital certificate may include a different security level. The group of computing resources may include applications that use a first digital certificate with a first security level for data communication. Further, security monitoring information associated with the group of computing resources may be received. Furthermore, a second security level to be used for the group of computing resources may be determined based on the security monitoring information. The group of computing resources may be managed by communicating the second security level to an agent associated with the group of computing resources. The agent may then implement a second digital certificate with the second security level for the applications.

公开(公告)号：US20200228547A1

公开(公告)日：2020-07-16

申请号：US16357355

申请日：2019-03-19

Applicant: VMWARE, INC.

Inventor： Ravi Kumar Reddy Kottapalli ,  Avinash Mudivedu

IPC: H04L29/06 ,  H04L12/26

Abstract: Techniques for provisioning of digital certificates in software defined data centers (SDDCs) based on security monitoring information are disclosed. In one example, a set of digital certificates may be assigned to a group of computing resources of an SDDC. Each digital certificate may include a different security level. The group of computing resources may include applications that use a first digital certificate with a first security level for data communication. Further, security monitoring information associated with the group of computing resources may be received. Furthermore, a second security level to be used for the group of computing resources may be determined based on the security monitoring information. The group of computing resources may be managed by communicating the second security level to an agent associated with the group of computing resources. The agent may then implement a second digital certificate with the second security level for the applications.