System, Method, and Software for Providing Access Control Enforcement Capabilities in Cloud Computing Systems
First Claim
1. A system comprising one or more processors coupled to a memory, the one or more processors when executing logic encoded in the memory providing:
- a topology manager, configured to;
maintain a security topology of a plurality of hosts, the security topology associating one or more virtual host policies with a plurality of virtual hosts in a cloud computing deployment; and
request a query for one or more hosts that are candidates to be enforced (candidate hosts); and
a portability manager, configured to;
receive a request to deploy an access control agent on the one or more candidate hosts;
determine an optimal agent to be deployed from a list of available agents; and
deploy the optimal agent on the one or more candidate hosts.
3 Assignments
0 Petitions
Accused Products
Abstract
According to one embodiment, a system comprises one or more processors coupled to a memory. The one or more processors when executing logic encoded in the memory provide a topology manager. The topology manager is configured to maintain a security topology of a plurality of hosts. The security topology associates one or more virtual hosts policies with a plurality of virtual hosts in a cloud computing deployment. The topology manager is also configured to request a query for one or more hosts that are candidates to be enforced. A portability manager is configured to receive a request to deploy an access control agent on the one or more candidate hosts, determine an optimal agent to be deployed from a list of available agents, and deploy the optimal agent on the one or more candidate hosts.
145 Citations
21 Claims
-
1. A system comprising one or more processors coupled to a memory, the one or more processors when executing logic encoded in the memory providing:
-
a topology manager, configured to; maintain a security topology of a plurality of hosts, the security topology associating one or more virtual host policies with a plurality of virtual hosts in a cloud computing deployment; and request a query for one or more hosts that are candidates to be enforced (candidate hosts); and a portability manager, configured to; receive a request to deploy an access control agent on the one or more candidate hosts; determine an optimal agent to be deployed from a list of available agents; and deploy the optimal agent on the one or more candidate hosts. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method comprising:
-
at a topology manager comprising logic encoded in one or more media for execution; maintaining a security topology of a plurality of hosts, the security topology associating one or more virtual host policies with a plurality of virtual hosts in a cloud computing deployment; and requesting a query for one or more hosts that are candidates to be enforced (candidate hosts); and at a portability manager comprising logic encoded in one or more media for execution; receiving a request to deploy an access control agent on the one or more candidate hosts; determining an optimal agent to be deployed from a list of available agents; and deploying the optimal agent on the one or more candidate hosts. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. Logic encoded in one or more computer-readable storage media for execution and when executed operable to provide:
-
a topology manager, configured to; maintain a security topology of a plurality of hosts, the security topology associating one or more virtual host policies with a plurality of virtual hosts in a cloud computing deployment; and request a query for one or more hosts that are candidates to be enforced (candidate hosts); and a portability manager, configured to; receive a request to deploy an access control agent on the one or more candidate hosts; determine an optimal agent to be deployed from a list of available agents; and deploy the optimal agent on the one or more candidate hosts. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification