SECURITY SERVER FOR CLOUD COMPUTING
First Claim
1. A security system for cloud computing comprising:
- a computing resource available over a network;
an authentication permitting use of said computing resource;
hardware connected to the network by an access connection enabling a user to access said computing resource, said hardware having a hardware processor;
a security server in communication with both said hardware and said computing resource over the network, said security server having a server processor, said security server not sharing administrative or physical security control with either of said hardware or said computing resource;
software executing on the hardware processor for encrypting said authentication and for transmitting it to said security server; and
software executing on the server processor for decrypting said authentication and for transmitting it to said computing resource,whereby the risk of transmitting said authentication over an insecure access connection to the network is reduced.
0 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and server improving the security of accessing Internetworked computer resources, especially over public access connections, without requiring additional servers from either the resource provider or the authenticating user. User authentications are transmitted over data access connections over which users do not have administrative rights and/or physical security control. A resource request which includes user authentications can be encrypted on a user computer and transmitted over the internet or other data network over which the user has no administrative access or physical control. A security server receives the encrypted resource request, decrypts it, and forwards the resource request to a cloud computing resource.
35 Citations
26 Claims
-
1. A security system for cloud computing comprising:
-
a computing resource available over a network; an authentication permitting use of said computing resource; hardware connected to the network by an access connection enabling a user to access said computing resource, said hardware having a hardware processor; a security server in communication with both said hardware and said computing resource over the network, said security server having a server processor, said security server not sharing administrative or physical security control with either of said hardware or said computing resource; software executing on the hardware processor for encrypting said authentication and for transmitting it to said security server; and software executing on the server processor for decrypting said authentication and for transmitting it to said computing resource, whereby the risk of transmitting said authentication over an insecure access connection to the network is reduced. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A security system for cloud computing comprising:
-
a computing resource available over a network; an authentication permitting use of said computing resource; hardware for use by a user to access said computing resource, said hardware having a hardware processor; an access connection connecting said hardware to said computing resource; a security server in communication with both said hardware over said access connection and said computing resource over the network, said security server having a server processor, said security server not sharing administrative or physical security control with either of said hardware or said computing resource; software executing on the hardware processor for encrypting said authentication and for transmitting it to said security server; and software executing on the server processor for decrypting said authentication and for transmitting it to said computing resource, whereby the risk of transmitting said authentication over an insecure access connection to the network is reduced. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of secure computer communications comprising the steps of:
-
providing a computing resource available over a network, the computing resource requiring an authentication for use; providing hardware for use by a user to access the computing resource, the hardware having a hardware processor, and encryption software executing on the hardware processor; providing an access connection which connects the hardware to the computing resource over the network; providing a security server having a server processor, and decryption software executing on the server processor, the security server not sharing administrative or physical security control with the hardware or the computing resource; issuing a request for the authentication from the computing resource to the hardware; connecting the security server with the hardware over the access connection; encrypting the authentication using the encryption software and transmitting the authentication as encrypted to the security server; connecting the security server with the computing resource over the network; decrypting the authentication using the decryption software and transmitting the authentication to the computing resource. - View Dependent Claims (21, 22, 23, 24)
-
-
25. A method of secure computer communications comprising the steps of:
-
providing a computing resource available over a network, the computing resource requiring an authentication for use; providing hardware for use by a user to access the computing resource, the hardware having a hardware processor, providing a hardware token connected to the hardware and encryption software executing on the hardware token; providing an access connection which connects the hardware to the computing resource over the network; providing a security server having a server processor, and decryption software executing on the server processor, the security server not sharing administrative or physical security control with the hardware or the computing resource; issuing a request for the authentication from the computing resource to the hardware; connecting the security server with the hardware over the access connection; encrypting the authentication using the encryption software and transmitting the authentication as encrypted to the security server; connecting the security server with the computing resource over the network; and
,decrypting the authentication using the decryption software and transmitting the authentication to the computing resource. - View Dependent Claims (26)
-
Specification