US-20260128890-A1 - EXTENDING A SECURITY PERIMETER INTO A TENANT-SPECIFIC PUBLIC CLOUD PARTITION

Abstract

Methods, systems, and computer program products for executing trusted software components in public computing clouds. Verifiably authentic software components are installed into a tenant partition of a multi-tenant public cloud-based environment. To do so, a software component installer is configured to install registered software components into the tenant partition. Installer processing includes (1) obtaining a component-specific token for a software component wherein the component-specific token is specific to both the software component to be installed and a particular tenant, and (2) installing the software component on behalf of the given tenant in the multi-tenant public cloud-based environment. Prior to executing the underlying code of the tenant-specific software component, the software component is authenticated with a component registry using the component-specific token. Additional trusted components are installed based on demand from within the tenant partition. No user or administrator intervention is needed and no credentials are hard-coded into the software components.

Inventors

• Arindam Mukherjee
• Nitin Parab
• Shrikant Janardhan Jadhav
• Sunil Khushal Patil

Assignees

• Nutanix, Inc.

Dates

Publication Date

20260507

Application Date

20250905

Priority Date

20210917

Claims (1)

1. 1 . A non-transitory computer readable medium having stored thereon a sequence of instructions which, when stored in memory and executed by a processor cause the processor to perform acts for loading one or more registered software components in a multi-tenant public cloud-based environment the acts comprising: instantiating, into a tenant partition of the multi-tenant public cloud-based environment, a software component installer that is configured to respond to a command to install one or more of the registered software components into the tenant partition by: obtaining a component-specific token for a software component to be installed into the multi-tenant public cloud-based environment, wherein the component-specific token is specific to the software component to be installed and a given tenant; and installing the software component on behalf of the given tenant in the multi-tenant public cloud-based environment; and authenticating the software component with a component registry, wherein the software component is authenticated by using the component-specific token for the software component.

Description

RELATED APPLICATIONS The present application is a continuation of U.S. patent application Ser. No. 17/804,843 titled “EXTENDING A SECURITY PERIMETER INTO A TENANT-SPECIFIC PUBLIC CLOUD PARTITION,” filed on May 31, 2022, which claims the benefit of priority to India Patent Application Ser. No. 202141042145 titled “AUTOMATICALLY ESTABLISHING TRUSTED RELATIONSHIPS WHEN DEPLOYING VIRTUALIZATION SYSTEM COMPONENTS INTO A COMPUTING CLOUD” filed on Sep. 17, 2021, which are hereby incorporated by reference in their entirety. TECHNICAL FIELD This disclosure relates to techniques for deployment of trusted software components into public computing clouds, and more particularly to techniques for extending a security perimeter into a tenant-specific public cloud partition. BACKGROUND There are many techniques for installing, initializing and maintaining software components that run on so called “on-premises” or “on-prem” nodes. By definition, on-prem nodes are fully under control of the owner of the on-prem nodes and, as such, the owner can establish a secure environment by implementing logical security provisions into a physically secure environment. For example, the owner of a set of nodes can manipulate the nodes using administrative or ‘root’ privileges that are given to an administrator. The administrator in turn can situate any number of nodes into the physically secure environment, boot/reboot the nodes at will, and install any software components that might be needed. Moreover, since the physical environment is secure, the administrator can configure network equipment to permit network communications by and between the nodes. While the foregoing on-prem environment can be made logically secure by managing owner/deployer (e.g., administrator) credentials such as username/password pairs, new problems emerge when configuring software components to operate on and in public clouds where neither the physical environment that hosts the cloud-based computing nodes-nor the network equipment offered by the public cloud vendor—is fully under control of the owner/deployer. Indeed, this situation presents many new challenges (e.g., initial software deployment, initial and ongoing software configuration/reconfiguration, etc.) that must be addressed in order to establish and maintain a logically secure computing environment when deploying software into public clouds. Some legacy approaches rely on hard-coded username/password credentials. Other legacy approaches employ a user interface (e.g., a graphical user interface or a command line interpreter interface) that interrogates (e.g., challenges) a human user (e.g., an administrator) to provide verifiable authentication and authorization credentials. Such approaches are deficient in several regards. In the case of using hard-coded authentication and authorization credentials, the mere fact of hard-coding username/password credentials presents a security vulnerability, since the username/password credentials can be easily compromised. In the case of employing a user interface that interrogates a human user to provide verifiable authentication and authorization credentials, the fact that user intervention is required precludes a wide range of use cases where the software components being deployed might be dynamically changing. This latter deficiency cannot be overlooked. In many modern computing situations, for example in situations that implement map-reduce applications, it often happens that a master software component will deploy hundreds or even thousands of worker software components. Therefore, an automated approach is needed. Unfortunately, none of the foregoing approaches can satisfy both (1) an acceptable level of security (which username/password pairs do not provide), and (2) automated, intervention-free, dynamic deployment of software components onto the public cloud infrastructure. Therefore, what is needed are techniques that address the foregoing deficiencies. More specifically, what is needed is a technique or techniques that address problems associated with providing secure, automated deployment of software components into a multi-tenant computing cloud environment. SUMMARY This summary is provided to introduce a selection of concepts that are further described elsewhere in the written description and in the figures. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to limit the scope of the claimed subject matter. Moreover, the individual embodiments of this disclosure each have several innovative aspects, no single one of which is solely responsible for any particular desirable attribute or end result. The present disclosure describes techniques used in systems, methods, and in computer program products for extending a security perimeter into a tenant-specific public cloud partition, which techniques advance the relevant technologies to address technological issues with legacy approaches