APPARATUS, SYSTEMS AND METHODS FOR SECURE AND SELECTIVE ACCESS TO SERVICES IN HYBRID PUBLIC-PRIVATE INFRASTRUCTURES
First Claim
1. A processor-implemented method for securely accessing at least one service on a private infrastructure from a distributed computing application running on a public cloud infrastructure, the processor implemented method comprising:
- instantiating a first proxy on the private infrastructure, wherein the first proxy is identified by a first network address and a first port number;
instantiating a second proxy on the public cloud infrastructure wherein the second proxy is identified by a second network address and a second port number;
configuring the distributed application to access the at least one service using the second network address and second port number; and
establishing at least one secure tunnel between the first proxy and the second proxy, wherein;
the second proxy sends access requests received from the distributed computing application to the first proxy over the secure tunnel using the first network address and first port number, andthe first proxy forwards the access request to the at least one service.
4 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of apparatus, systems and methods facilitate deployment of distributed computing applications on hybrid public-private infrastructures by facilitating secure access to selected services running on private infrastructures by distributed computing applications running on public cloud infrastructures. In some embodiments, a secure tunnel may be established between proxy processes on the public and private infrastructures and communication between the distributed computing application and the selected services may occur through the proxy processes over the secure tunnel.
-
Citations
20 Claims
-
1. A processor-implemented method for securely accessing at least one service on a private infrastructure from a distributed computing application running on a public cloud infrastructure, the processor implemented method comprising:
-
instantiating a first proxy on the private infrastructure, wherein the first proxy is identified by a first network address and a first port number; instantiating a second proxy on the public cloud infrastructure wherein the second proxy is identified by a second network address and a second port number; configuring the distributed application to access the at least one service using the second network address and second port number; and establishing at least one secure tunnel between the first proxy and the second proxy, wherein; the second proxy sends access requests received from the distributed computing application to the first proxy over the secure tunnel using the first network address and first port number, and the first proxy forwards the access request to the at least one service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
a first infrastructure capable of hosting at least one application service used by a distributed application; a first proxy accessible over a public network, the first proxy being identified by a first network address and a first port number; a second infrastructure capable of running the distributed computing application; and a second proxy identified by a second network address and second port number; and wherein the distributed application is configured to access the at least one application service using the second network address and second port number through a secure tunnel between the first proxy and the second proxy, wherein; the second proxy sends access requests received from the distributed computing application to the first proxy over the secure tunnel using the first network address and first port number, and the first proxy forwards the access request to the at least one application service. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer-readable medium comprising instructions, which when executed by a computer perform steps in a method for securely accessing at least one service on a private infrastructure from a distributed computing application running on a public cloud infrastructure, the computer implemented steps comprising:
-
instantiating a first proxy on the private infrastructure, wherein the first proxy is identified by a first network address and a first port number; instantiating a second proxy on the public cloud infrastructure wherein the second proxy is identified by a second network address and a second port number; configuring the distributed application to access the at least one service using the second network address and the second port number; and establishing at least one secure tunnel between the first proxy and the second proxy, wherein; the second proxy sends access requests received from the distributed computing application to the first proxy over the secure tunnel using the first network address and the first port number, and the first proxy forwards the access request to the at least one service. - View Dependent Claims (20)
-
Specification