IDENTITY AND POLICY ENFORCED INTER-CLOUD AND INTRA-CLOUD CHANNEL
First Claim
Patent Images
1. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:
- configuring a first process within a first cloud computing environment to manage select messages occurring within a communication channel within the first cloud computing environment;
instantiating the first cloud computing environment with the first process executing therein; and
enforcing, by the first process, selective policy restrictions based on the select messages that enter and exit the communication channel.
16 Assignments
0 Petitions
Accused Products
Abstract
Techniques for identity and policy enforced cloud communications are presented. Cloud channel managers monitor messages occurring within a cloud or between independent clouds. Policy actions are enforced when processing the messages. The policy actions can include identity-based restrictions and the policy actions are specific to the messages and/or clouds within which the messages are being processed.
50 Citations
20 Claims
-
1. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:
-
configuring a first process within a first cloud computing environment to manage select messages occurring within a communication channel within the first cloud computing environment; instantiating the first cloud computing environment with the first process executing therein; and enforcing, by the first process, selective policy restrictions based on the select messages that enter and exit the communication channel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:
-
detecting within a first cloud computing environment an event that identifies a message to manage on behalf of the first cloud computing environment; acquiring a policy in response to an identity assigned to the message; and processing actions defined in the policy. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A multi-processor implemented system, comprising:
-
a first processor configured to execute a cloud configurator; and a plurality of second processors, each second processor configured to execute one or more cloud channel managers; the cloud configurator configured to instantiate cloud computing environments, each cloud computing environment processing on one or more the second processors, and each cloud computing environment having one or more of the cloud channel managers, each cloud channel manager configured to handle inbound and outbound messages occurring over a particular communication channel and within that cloud channel manager'"'"'s cloud computing environment and enforcing policy and identity restrictions for each of the inbound and outbound messages processed. - View Dependent Claims (18, 19, 20)
-
Specification