Hybrid cloud security groups
First Claim
Patent Images
1. A method comprising:
- receiving a request from a first cloud network of a hybrid cloud environment at a gateway of a second cloud network of the hybrid cloud environment to transmit data from the second cloud network;
automatically analyzing a security tag associated with the data, at the gateway of the second cloud network, to yield an access determination, the automatically analyzing including an analysis of whether the security tag includes any access permissions to the data, the access permissions indicating that the data is allowed to enter the first cloud network; and
based at least in part on the access determination and if the security tag includes the access permissions indicating the data is allowed to enter the first cloud network, allowing the data to exit the second cloud network via the gateway, the hybrid cloud environment configured to prevent unauthorized access to the hybrid cloud environment while providing scalability to accommodate increases and decreases in demand for one or more computing resources, the one or more computing resources including a processing device.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, a request may be received from a first cloud network of a hybrid cloud environment to transmit data to a second cloud network of the hybrid cloud environment, wherein the request can include a security profile related to the data. The security profile may be automatically analyzed to determine access permissions related to the data. Based at least in part on the access permissions, data can be allowed to access to the second cloud network.
-
Citations
20 Claims
-
1. A method comprising:
-
receiving a request from a first cloud network of a hybrid cloud environment at a gateway of a second cloud network of the hybrid cloud environment to transmit data from the second cloud network; automatically analyzing a security tag associated with the data, at the gateway of the second cloud network, to yield an access determination, the automatically analyzing including an analysis of whether the security tag includes any access permissions to the data, the access permissions indicating that the data is allowed to enter the first cloud network; and based at least in part on the access determination and if the security tag includes the access permissions indicating the data is allowed to enter the first cloud network, allowing the data to exit the second cloud network via the gateway, the hybrid cloud environment configured to prevent unauthorized access to the hybrid cloud environment while providing scalability to accommodate increases and decreases in demand for one or more computing resources, the one or more computing resources including a processing device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A network device comprising:
-
one or more servers facilitating a first cloud network of a hybrid cloud environment; one or more servers facilitating a second cloud network of the hybrid cloud environment; one or more processors; and a memory configured to store non-transitory computer-readable instructions, which when executed by the one or more processors, cause the one or more processors to; receive a request from the first cloud network of the hybrid cloud environment to transmit data from the second cloud network of the hybrid cloud environment; automatically analyze a security tag associated with the data to determine whether the security tag includes any access permissions to the data and yield an access determination, the access permissions indicating that the data is allowed to enter the first cloud network; and based at least in part on the access determination and if the security tag includes the access permissions indicating the data is allowed to enter the first cloud network, allow the data to exit the second cloud network, the hybrid cloud environment configured to prevent unauthorized access to the hybrid cloud environment while providing scalability to accommodate increases and decreases in demand for one or more computing resources. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable medium having instructions encoded thereon, which when executed by one or more processors, cause the one or more processors to:
-
receive a request from a first cloud network of a hybrid cloud environment to transmit data from a second cloud network of the hybrid cloud environment; automatically analyze a security tag associated with the data to determine whether the security tag includes any access permissions to the data and yield an access determination, the access permissions indicating that the data is allowed to enter the first cloud network; and based at least in part on the access determination and if the security tag includes the access permissions indicating the data is allowed to enter the first cloud network, allow the data to exit the second cloud network, the hybrid cloud environment configured to prevent unauthorized access to the hybrid cloud environment while providing scalability to accommodate increases and decreases in demand for one or more computing resources. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification