Abstract

Techniques described herein provide for an approach in which an agent provisions a workload with initial credentials based on a workload profile that is learned using a controller. During runtime, when the workload requests a new token using its initial token to interact with peer workloads, an authorization server coordinates with the controller to learn the upstream/downstream peer workloads that will be in the path for the flows the workload will handle. Based on the security posture of those workloads, an appropriate scoped token is returned. This ensures malicious / untrusted workloads in the path cannot re-use or proxy the token.

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 License.

Recommended Citation

R, Ram Mohan and I V, Rajesh, "WORKLOAD IDENTITY MANAGEMENT USING AGENT AND CONTROLLER", Technical Disclosure Commons, (June 20, 2024)
https://www.tdcommons.org/dpubs_series/7116

Download

COinS

Technical Disclosure Commons

Defensive Publications Series

WORKLOAD IDENTITY MANAGEMENT USING AGENT AND CONTROLLER

Abstract

Creative Commons License

Recommended Citation

Browse

Search

Submit

Additional Information

Technical Disclosure Commons

Defensive Publications Series

WORKLOAD IDENTITY MANAGEMENT USING AGENT AND CONTROLLER

Inventor(s)

Abstract

Creative Commons License

Recommended Citation

Share

Browse

Search

Submit

Additional Information