公开(公告)号：WO2022170260A1

公开(公告)日：2022-08-11

申请号：PCT/US2022/015659

申请日：2022-02-08

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： KHAUND, Bhaskardeep ,  WU, Bo ,  LUKYANOV, Andrey A. ,  VOICU, Nicolae

IPC: H04L9/40 ,  H04L67/568

Abstract: A cache service provides applications in a containerized, multi-tenant cloud-computing system low-latency access to secrets. The cache service may operate as a cluster-level service or a sidecar service. The cache service may store copies of secrets (which are located in one or more absolute stores) in a cache storage. The cache service and the cache storage may be closer to the applications than the one or more absolute stores are to the applications. The cache service may aggregate secrets associated with multiple entities in a single cache storage. The cache service may support isolation between secrets such that secrets of a first entity are isolated from secrets of a second entity. The cache service may enforce granulated access controls such that it can apply different access controls to secrets of a first entity than to secrets of a second entity.

公开(公告)号：WO2022182581A1

公开(公告)日：2022-09-01

申请号：PCT/US2022/016906

申请日：2022-02-18

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： GARAEV, Dmitry Dmitrievich ,  LUKYANOV, Andrey Anatolyevich ,  VOICU, Nicolae

IPC: G06F8/60 ,  G06F8/71 ,  G06F21/12 ,  G06F21/44 ,  H04L9/32

Abstract: A payload is generated by a build computing system. The payload includes payload identifying metadata and deployment target identifier metadata, as well as an application container that includes a set of signed binaries. The payload can be approved for deployment, and a token can be generated for the payload. The token may include a set of claims that include payload identifying information. A payload validation system validates the payload for deployment to a target environment using the payload identifying information.