TECHNIQUES FOR IDENTITY-ENABLED INTERFACE DEPLOYMENT
First Claim
1. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:
- configuring a cloud agent for deployment within a target cloud environment, the cloud agent configured within an enterprise environment;
authenticating the cloud agent and obtaining a cloud agent identity;
assigning an expiration condition to the cloud agent identity that when satisfied renders the cloud agent identity invalid; and
deploying the cloud agent to the target cloud environment for enforcement of enterprise policy within the target cloud environment, via the cloud agent.
16 Assignments
0 Petitions
Accused Products
Abstract
Techniques for providing identity-enabled interfaces for deployment are presented. Specifically, an agent of an enterprise infrastructure authenticates and acquires an agent identity for interacting with a cloud processing environment. Once the agent is deployed in the cloud processing environment, enterprise policy can be enforced within the cloud processing environment on actions occurring within the cloud. The agent acts as an Application Programming Interface between the enterprise and the cloud processing environment. The reverse is also achievable, where a cloud deploys an agent to the enterprise to deploy a cloud interface within the enterprise for policy enforcement.
52 Citations
20 Claims
-
1. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:
-
configuring a cloud agent for deployment within a target cloud environment, the cloud agent configured within an enterprise environment; authenticating the cloud agent and obtaining a cloud agent identity; assigning an expiration condition to the cloud agent identity that when satisfied renders the cloud agent identity invalid; and deploying the cloud agent to the target cloud environment for enforcement of enterprise policy within the target cloud environment, via the cloud agent. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:
-
interacting with a cloud agent deployed to a cloud environment by an enterprise environment using a cloud provider interface; requesting the cloud agent to authenticate a security manager of the cloud environment to the enterprise environment; receiving, by the security manager, an enterprise token that is specific to the enterprise environment in response to the authentication of the security manager; and using, by the security manager, the enterprise token to enforce cloud policy within the enterprise environment. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A processor-implemented system, comprising:
-
an enterprise processing environment including enterprise processing devices; and a cloud processing environment including cloud processing devices; wherein the enterprise processing environment configures a cloud agent for deployment to the cloud processing environment to enforce enterprise policy within the cloud processing environment, and wherein a security manager of the cloud processing environment interacts with the cloud agent to enforce cloud policy in the enterprise processing environment. - View Dependent Claims (19, 20)
-
Specification