CROSS PROVIDER SECURITY MANAGEMENT FUNCTIONALITY WITHIN A CLOUD SERVICE BROKERAGE PLATFORM
First Claim
1. A method implemented by a cloud service brokerage platform, comprising:
- enabling a user to create a plurality of virtual data centers (VDCs) each including one or more resource groups, wherein the one or more resource groups of each one of the VDCs comprise cloud services procured from a respective one of a plurality of different cloud service providing entities; and
enabling the user to associate a common security credential with each one of the VDCs for enabling secure access thereto through use of the security credential.
3 Assignments
0 Petitions
Accused Products
Abstract
Implementation of cross provider security in accordance with the disclosures made herein enables users of a system (e.g., a cloud services brokerage platform) in a cloud environment provides for system-managed provisioning and management of keys to cloud resources thereby allowing the user to manage data security and enable secured access to their cloud resources. To this end, cross provider security management functionality in accordance with the disclosures made herein can include provisioning system-generated keys across different regions in a provider, provisioning cloud brokerage system-generated keys across different providers; and associating (i.e., managing) the keys from the system to a hardware security module. The keys can be managed by/though a variety of different resources (e.g., brokering system, VDC, user group concepts, etc).
94 Citations
20 Claims
-
1. A method implemented by a cloud service brokerage platform, comprising:
-
enabling a user to create a plurality of virtual data centers (VDCs) each including one or more resource groups, wherein the one or more resource groups of each one of the VDCs comprise cloud services procured from a respective one of a plurality of different cloud service providing entities; and enabling the user to associate a common security credential with each one of the VDCs for enabling secure access thereto through use of the security credential. - View Dependent Claims (2, 3, 4, 5, 6, 7, 18)
-
-
8. A non-transitory computer-readable storage medium having tangibly embodied thereon and accessible therefrom instructions interpretable by at least one data processing device, the instructions are configured for causing the at least one data processing device to perform a method enabling brokering of cloud services, the method comprising:
-
receiving, from a user, information defining a first virtual data center (VDC), wherein the first VDC comprises cloud services procured from a first cloud service providing entity; assigning a security credential to the first VDC for enabling secure access thereto through use of the security credential; and enabling the user to create a second VDC comprising cloud services procured from a second cloud service providing entity different than the first cloud service providing entity and having access privileged granted thereto through use of the security credential. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A cloud service brokerage (CSB) platform, comprising:
-
a first instantiation of a virtual data center (VDC) including one or more resource groups, wherein the one or more resource groups of the first instantiation of the VDC comprise cloud services procured from a first cloud service providing entity and wherein the first instantiation of the VDC has assigned thereto, by a creator of the first instantiation of the VDC, a security credential for enabling secure access thereto by the user through use of the security credential; and a second instantiation of a VDC including one or more resource groups comprising cloud services, wherein the one or more resource groups of the second instantiation of the VDC comprise cloud services procured from a second cloud service providing entity different than the first cloud service providing entity and wherein the second instantiation of the VDC has assigned thereto, by the CSB platform, the security credential thereby enabling secure access thereto by the user through use of the security credential. - View Dependent Claims (16, 17, 19, 20)
-
Specification