Patent search ap:("VMware Page Inc.") AND inv:"Elena DIMITROVA"

1.

发明申请
DISTRIBUTED MANAGEMENT AND INSTALLATION OF DIGITAL CERTIFICATES ON A CLUSTER FOR AUTHENTICATION WITH AN EXTERNAL KEY MANAGEMENT SERVICE 有权

公开(公告)号：US20210218723A1

公开(公告)日：2021-07-15

申请号：US16742881

申请日：2020-01-14

Applicant: VMware, Inc.

Inventor： Georgi LEKOV , Rusko ATANASOV , Stanimir LUKANOV , Elena DIMITROVA , Dimo RAYCHEV

IPC: H04L29/06

Abstract: Hosts in a cluster in a virtualized computing environment bypass a management layer when communicating with an external key management service (KMS). One of the hosts is configured with KMS configuration information (including digital certificate information) that enables the host to directly communicate with the KMS via a secure communication connection, instead of communicating with the KMS via the management layer. This KMS configuration information is replicated in a distributed manner from the host to the other hosts in the cluster, thereby enabling the other hosts in the cluster to also directly and independently communicate with the KMS to obtain encryption keys to perform cryptographic operations.

2.

发明申请
AUTHORIZATION MONITOR TO DETECT PRIVILEGE USAGE PATTERNS 有权

公开(公告)号：US20230097770A1

公开(公告)日：2023-03-30

申请号：US17489012

申请日：2021-09-29

Applicant: VMware, Inc.

Inventor： Elena DIMITROVA , Georgi LEKOV , Radoslav GANKOV , Yoana STOYANOVA , Ivaylo KIRYAZOV

IPC: H04L29/06

Abstract: The disclosure herein describes monitoring authorization checks and detecting excess authorization privileges and other privilege usage patterns. An authorization check associated with an operation performed during a session in a computing environment is captured and a set of authorization privileges granted to a user of the session is identified. Based on comparison of the authorization privileges to authorization checks including the captured authorization check, excess authorization privileges granted to the user of the session is detected, wherein the excess authorization privileges are a subset of the identified set of authorization privileges. A privilege discrepancy notification based on the detected set of excess authorization privileges is generated. The detected privilege usage patterns described herein are used to improve the efficient use, and increase the security, of resources in the computing system. Further, the time required for authorization processing is reduced through caching of frequent privilege usage patterns.

Patent Agency Ranking