Nutanix, Inc.
SECURE ACCESS TO APPLICATION INSTANCES IN A MULTI-USER, MULTI-TENANT COMPUTING ENVIRONMENT

Abstract:

Systems and methods for computer security in computer clusters. Techniques provide secure user access to applications that run in shared resource computing environments. A method embodiment commences upon identifying an application digital certificate corresponding to a subject application. The subject application is stored for access by a reverse proxy authorization service that also runs in the shared computing environment. Individual user processes are uniquely identified by corresponding user credentials. The reverse proxy authorization service processes a request to access the subject application, whereupon a generated subject application instance specific to the requestor is installed. Installation includes authentication using the application digital certificate for the subject application and authorization using the requestor's credentials. A second request from a second user to access the same subject application uses the same application digital certificate combined with the second requestor's credentials. The reverse proxy authorization service generates scope-specific access tokens for each generated instance.