SECURING INTERNAL SERVICES IN A DISTRIBUTED ENVIRONMENT
First Claim
1. A method comprising:
- intercepting a service call initiated by a client process of a client, whereinthe client is deployed in a source appliance,the service call is a request for provision of an internal service by a server deployed in a target appliance,the service call comprises an identifier, andthe identifier identifies the internal service;
determining whether one or more rules of a plurality of rules are specified for the identifier; and
in response to a determination that the one or more rules are specified for the identifier,generating a service packet by multiplexing client information and information specified in the service call, andforwarding the service packet to the target appliance.
6 Assignments
0 Petitions
Accused Products
Abstract
Disclosed herein are methods, systems, and processes to secure internal services in a distributed environment. A service call initiated by a client process of a client is intercepted. In this example, the service call is a request for an internal service provided by a server deployed in a target appliance. The client is deployed in a source appliance. The service call includes an identifier, and the identifier identifies the internal service. If one or more rules are specified for the identifier, a service packet is generated by multiplexing client information associated with the client process as well as information in the service call. The service packet is forwarded to the target appliance.
7 Citations
20 Claims
-
1. A method comprising:
-
intercepting a service call initiated by a client process of a client, wherein the client is deployed in a source appliance, the service call is a request for provision of an internal service by a server deployed in a target appliance, the service call comprises an identifier, and the identifier identifies the internal service; determining whether one or more rules of a plurality of rules are specified for the identifier; and in response to a determination that the one or more rules are specified for the identifier, generating a service packet by multiplexing client information and information specified in the service call, and forwarding the service packet to the target appliance. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A non-transitory computer readable storage medium storing program instructions executable to:
-
intercept a service call initiated by a client process of a client, wherein the client is deployed in a source appliance, the service call is a request for provision of an internal service by a server deployed in a target appliance, the service call comprises an identifier, and the identifier identifies the internal service; determine whether one or more rules of a plurality of rules are specified for the identifier; and in response to a determination that the one or more rules are specified for the identifier, generate a service packet by multiplexing client information and information specified in the service call, and forward the service packet to the target appliance. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A system comprising:
-
one or more processors; and a memory coupled to the one or more processors, wherein the memory stores program instructions executable by the one or more processors to; intercept a service call initiated by a client process of a client, wherein the client is deployed in a source appliance, the service call is a request for provision of an internal service by a server deployed in a target appliance, the service call comprises an identifier, and the identifier identifies the internal service; determine whether one or more rules of a plurality of rules are specified for the identifier; and in response to a determination that the one or more rules are specified for the identifier, generate a service packet by multiplexing client information and information specified in the service call, and forward the service packet to the target appliance. - View Dependent Claims (17, 18, 19, 20)
-
Specification