Patent attributes
An application is comprised of a plurality of processes. A process is able to accesses a remote service using a service access credential which is adapted to the particular requirements of the process. By providing a process with customized credential, the process is constrained from performing unnecessary operations, and the overall security of the application is improved. When processes are deployed to a host computer, an agent on a host computer collects credential information and other metadata associated with the processes running on the host computer. The agent makes the metadata available to a credential provider running on the host, and the credential provider exposes an interface that is accessible to the processes. The processes include a credential proxy which communicates with the credential provider. The credential proxies relay credential requests to the credential provider, and return the provided credentials from the credential provider to the processes.
