	US 11,991,155 B2
	Methods and systems for securing containerized applications
William Rodgers Ackerly, Washington, DC (US); Julian Embry Herwitz, Arlington, VA (US); and Timothy Robert Tschampel, Reston, VA (US)
Assigned to Virtru Corporation, Washington, DC (US)
Filed by Virtru Corporation, Washington, DC (US)
Filed on Feb. 24, 2021, as Appl. No. 17/184,364.
Claims priority of provisional application 63/046,182, filed on Jun. 30, 2020.
Claims priority of provisional application 62/982,313, filed on Feb. 27, 2020.
Prior Publication US 2021/0281548 A1, Sep. 9, 2021
Int. Cl. H04L 9/40 (2022.01); H04L 9/08 (2006.01); H04L 9/32 (2006.01); H04L 67/60 (2022.01)

CPC H04L 63/0428 (2013.01) [H04L 9/085 (2013.01); H04L 9/3268 (2013.01); H04L 63/10 (2013.01); H04L 67/60 (2022.05)]

6 Claims

1. A method for securing data access by containerized applications, the method comprising:

intercepting, by a first container executing on a first computing device and associated with a containerized application in a second container executing on the first computing device, a first Internet Protocol (IP) request from the containerized application;

determining, by the first container, that the first IP request is addressed to a second computing device executing a resource that the containerized application is authorized to access;

encrypting, by the first container, a payload portion of the first IP request;

transmitting, by the first container, to the resource, a second IP request with the encrypted payload portion;

receiving, by the first container, from the resource, a response to the second IP request;

requesting, by the first container, from a third computing device, a cryptographic key for decrypting the response to the second IP request;

decrypting, by the first container, with the cryptographic key, a payload portion of the response; and

transmitting, by the first container, to the containerized application, the decrypted payload portion of the response.