Application-based security rights in cloud environments
First Claim
1. A method to enforce security service requirements for a cloud application, comprising:
- associating with the cloud application a set of security service requirements;
deploying the cloud application into a specific cloud security environment;
evaluating the security service requirements against the specific cloud security environment; and
responsive to a determination that the specific cloud security environment does not meet the security service requirements for the cloud application, taking a given action.
2 Assignments
0 Petitions
Accused Products
Abstract
This disclosure provides the ability for a cloud application to specify its security requirements, to ability to have those requirements evaluated, e.g., against a specific cloud deployment environment, and the ability to enable the application to control a cloud-based security assurance service to provision additional security technology in the cloud to support deployment (or re-deployment elsewhere) of the application if the environment does not have the necessary topology and security resources deployed. To this end, the application queries the service by passing a set of application-based security rights. If the security capabilities provided by the security assurance service are sufficient or better than the application'"'"'s security rights, the application functions normally. If, however, the security environment established by the security assurance service is insufficient for the application, the application is afforded one or more remediation options, e.g., issuing a request to upgrade the security environment, or the like.
43 Citations
21 Claims
-
1. A method to enforce security service requirements for a cloud application, comprising:
-
associating with the cloud application a set of security service requirements; deploying the cloud application into a specific cloud security environment; evaluating the security service requirements against the specific cloud security environment; and responsive to a determination that the specific cloud security environment does not meet the security service requirements for the cloud application, taking a given action. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. Apparatus, comprising:
-
a processor; computer memory holding computer program instructions executed by the processor to enforce security service requirements for a cloud application, the computer program instructions comprising program code operative to; associate with the cloud application a set of security service requirements; deploy the cloud application into a specific cloud security environment; evaluate the security service requirements against the specific cloud security environment; and responsive to a determination that the specific cloud security environment does not meet the security service requirements for the cloud application, take a given action. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer program product in a non-transitory computer readable medium for use in a data processing system, the computer program product holding computer program instructions executed by the data processing system to enforce security service requirements for a cloud application, the computer program instructions comprising program code operative to:
-
associate with the cloud application a set of security service requirements; deploy the cloud application into a specific cloud security environment; evaluate the security service requirements against the specific cloud security environment; and responsive to a determination that the specific cloud security environment does not meet the security service requirements for the cloud application, take a given action. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification