Security systems and/or methods for cloud computing environments
First Claim
1. A computer-implemented method in a cloud computing environment including at least first and second partners that share a distributed file system, wherein:
- one or more Trading Partner Agreements (TPAs) are negotiated between two or more of the at least first and second partners, each said TPA specifying;
any resources allocated by the partners in the TPA,a transport protocol to be used by the partners in the TPA, anda security mechanism to be used by the partners in the TPA; and
wherein a security policy is formed from the TPAs.
1 Assignment
0 Petitions
Accused Products
Abstract
Certain example embodiments described herein relate to security systems and/or methods for cloud computing environments. More particularly, certain example embodiments described herein relate to the negotiation and subsequent use of Trading Partner Agreements (TPAs) between partners in a Virtual Organization, the TPAs enabling resources to be shared between the partners in a secure manner. In certain example embodiments, TPAs are negotiated, an algorithm is executed to determine where an executable is to be run, the resource is transferred to the location where it is to be run, and it is executed—with the TPAs collectively defining a security policy that constrains how and where it can be executed, the resources it can use, etc. The executable may be transferred to a location in a multipart (e.g., SMIME) message, along with header information and rights associated with the executable.
49 Citations
26 Claims
-
1. A computer-implemented method in a cloud computing environment including at least first and second partners that share a distributed file system, wherein:
-
one or more Trading Partner Agreements (TPAs) are negotiated between two or more of the at least first and second partners, each said TPA specifying; any resources allocated by the partners in the TPA, a transport protocol to be used by the partners in the TPA, and a security mechanism to be used by the partners in the TPA; and wherein a security policy is formed from the TPAs. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 22)
-
-
15. A cloud computing system, comprising:
-
a plurality of partner servers and/or partner server instances; a distributed file system shared by the plurality of partner servers and/or partner server instances; and a software module comprising an algorithm that, when executed, determines a target partner server or target partner server instance to which an executable from a source partner server or source partner server instance is to be distributed, wherein; one or more Trading Partner Agreements (TPAs) are negotiated between two or more of the plurality of partner servers and/or partner server instances, each said TPA specifying; any resources allocated by the partner servers and/or partner server instances that are a party to the TPA, a transport protocol to be used by the partner servers and/or partner server instances that are a party to the TPA, and a security mechanism to be used by the partner servers and/or partner server instances that are a party to the TPA; wherein a security policy is formed from the TPAs; wherein the source partner server or source partner server instance includes a first processor configured to cause the executable to be transferred to the target partner server or target partner server instance in accordance with a TPA negotiated between the target partner server or target partner server instance and the source partner server or source partner server instance; and wherein the target partner instance or target partner instance includes a second processor configured to invoke the executable, once received, on the target partner instance or target partner instance, within constraints specified by the security policy. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
23. A computer-implemented method for sharing resources among and/or between partners in a virtual organization, the partners adhering to Trading Partner Agreements (TPAs) negotiated between at least two of said partners in the virtual organization, the method comprising:
-
running an algorithm to determine a target partner server or target partner server instance to which an executable from a source partner server or source partner server instance is to be distributed; transferring the executable to the target partner server or target partner server instance in accordance with a TPA negotiated between the target partner server or target partner server instance and the source partner server or source partner server instance; and invoking the executable on the target partner server or target partner server instance within constraints specified by a security policy, the security policy including each said TPA, wherein the TPA specifies; any resources allocated by the partners in the TPA, a transport protocol to be used by the partners in the TPA, and a security mechanism to be used by the partners in the TPA. - View Dependent Claims (24, 25, 26)
-
Specification