Invention Grant
US09405923B2 Establishing isolation between content hosting services executing on common support server
有权
在公共支持服务器上执行的内容托管服务之间建立隔离
- Patent Title: Establishing isolation between content hosting services executing on common support server
- Patent Title (中): 在公共支持服务器上执行的内容托管服务之间建立隔离
-
Application No.: US13248797Application Date: 2011-09-29
-
Publication No.: US09405923B2Publication Date: 2016-08-02
- Inventor: Daniel J. Walsh
- Applicant: Daniel J. Walsh
- Applicant Address: US NC Raleigh
- Assignee: Red Hat, Inc.
- Current Assignee: Red Hat, Inc.
- Current Assignee Address: US NC Raleigh
- Agency: Lowenstein Sandler LLP
- Main IPC: G06F17/00
- IPC: G06F17/00 ; G06F21/62
Abstract:
Embodiments relate to systems and methods for establishing isolation between content hosting services executing on a common support server. In aspects, a server virtualization platform can operate on a common physical support server to instantiate, configure, and operate a set of virtual servers. The set of virtual servers can, for instance, be used to run independent Web sites or other locations or services. The data available to each process on each virtual server can be encoded using an SELinux™ label including an MCS (multi-category security) category or categories uniquely identifying that process. Isolation of the potentially sensitive data for multiple Web sites and/or their content hosted on a common physical server can therefore be enforced, since each process operating on each virtual server is restricted to only access and manipulate data objects or other entities having matching MCS category information identified on that baremetal support server.
Public/Granted literature
Information query
