TECHNIQUES FOR IDENTITY-ENABLED INTERFACE DEPLOYMENT
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques for providing identity-enabled interfaces for deployment are presented. Specifically, an agent of an enterprise infrastructure authenticates and acquires an agent identity for interacting with a cloud processing environment. Once the agent is deployed in the cloud processing environment, enterprise policy can be enforced within the cloud processing environment on actions occurring within the cloud. The agent acts as an Application Programming Interface between the enterprise and the cloud processing environment. The reverse is also achievable, where a cloud deploys an agent to the enterprise to deploy a cloud interface within the enterprise for policy enforcement.
12 Citations
21 Claims
-
1. (canceled)
-
2. A method, comprising:
-
authenticating, by a cloud agent, for operation within a cloud environment; obtaining, by the cloud agent, security policy for the cloud environment; and enforcing, by the cloud agent, the security policy within the cloud environment - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method, comprising:
-
receiving a request for authentication of a cloud agent for processing within a cloud environment; providing the cloud agent with a token having encrypted identity information cloud agent and an expiration specification defining conditions that revoke authentication of the cloud agent in response to successful authentication of the cloud agent; obtaining a second request from the cloud agent subsequent to the successful authentication of the cloud agent requesting modification to the expiration specification; and sending the cloud agent, a new token having the modified expiration specification. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A system comprising:
-
a server; and an identity manager configured to;
i) execute on one or more processors of the server, ii) provide a mechanism for authenticating a cloud agent for enforcing security policy within a cloud environment, and iii) provide a mechanism for the cloud agent to extend authentication for enforcing the security policy within the cloud environment before a condition occurs that invalidates the cloud agent for enforcing security policy within the cloud environment. - View Dependent Claims (20, 21)
-
Specification