Increasingly, services and communication are achieved over the Internet and the World-Wide Web (WWW). Geographical location is becoming irrelevant with respect to network connectivity. Furthermore, the physical devices used by individuals to communicate and conduct business are increasingly becoming transparent through machine virtualization and machine miniaturization techniques.
Virtual Desktop Infrastructure (VDI) is a new technology domain for providing users access to machines via virtualization and vendors are exploring various models of deployment opportunities. In the VDI environment, the Virtual Machines (VMs) of multiple customers can be hosted in the same data center sharing the same physical machine resources. One of the challenges in VDI deployments is to establish customer trust that the VMs that belonging to the customer are used only by intended users and that the VMs are not accidentally opened up to other users or other customers.
Another customer challenge is to determine which users can access which VMs and for how long. The VMs are dynamically instantiated on an as needed basis and the Internet Protocol (IP) addresses of these VMs changes every time they get instantiated. This poses a challenge, to configure and enforce a role-based policy on a VM whose IP Address is dynamically established at the run time.