Method and apparatus for token-based container chaining
First Claim
1. An apparatus for container provisioning in a token-based environment, comprising a processor that executes instructions to:
- intercept a request from a device to access a resource, the resource represented by a resource token;
receive a hard token from a token provider in response to a request for identification information of the device, the hard token representing the identification information of the device;
determine at least one token-based rule based at least in part upon the hard token and the resource token, the at least one token-based rule specifying compliance criteria required to consume the resource;
receive at least one token from the token provider in response to a request for compliance information of the device, the at least one token representing the compliance information of the device, wherein the compliance information indicates capabilities of the device to consume the resource;
compare the compliance information against the compliance criteria to determine that the device is capable of consuming the resource;
generate a compliance token representing the determination that the device is capable of consuming the resource;
communicate the compliance token to facilitate the provisioning of a container to the device, the container facilitating access to the resource, wherein the container includes a virtual machine executable by the device;
correlate the hard token and the compliance token to a session token representing a session in response to the determination that the device is capable of consuming the resource, the session facilitating access by the device to the resource;
determine whether at least one of a hardware update and a firmware update associated with the device occurs during the session; and
communicate a response to the device indicating that access should be denied, wherein the response is based on an impact of at least one of the hardware update and the firmware update.
1 Assignment
0 Petitions
Accused Products
Abstract
According to one embodiment, an apparatus may intercept a request to access a resource represented by a resource token. The apparatus may receive a hard token representing identification information of a device. The apparatus may determine, based at least in part upon the hard token and the resource token, at least one token-based rule specifying compliance criteria required to consume the resource. The apparatus may receive at least one token representing compliance information of the device in response to a request for compliance information of the device. The apparatus may then compare the compliance information against the compliance criteria to determine that the device is capable of consuming the resource. The apparatus may then generate a compliance token representing the determination that the device is capable of consuming the resource, and communicate the compliance token to facilitate the provisioning of a container to the device.
-
Citations
15 Claims
-
1. An apparatus for container provisioning in a token-based environment, comprising a processor that executes instructions to:
-
intercept a request from a device to access a resource, the resource represented by a resource token; receive a hard token from a token provider in response to a request for identification information of the device, the hard token representing the identification information of the device; determine at least one token-based rule based at least in part upon the hard token and the resource token, the at least one token-based rule specifying compliance criteria required to consume the resource; receive at least one token from the token provider in response to a request for compliance information of the device, the at least one token representing the compliance information of the device, wherein the compliance information indicates capabilities of the device to consume the resource; compare the compliance information against the compliance criteria to determine that the device is capable of consuming the resource; generate a compliance token representing the determination that the device is capable of consuming the resource; communicate the compliance token to facilitate the provisioning of a container to the device, the container facilitating access to the resource, wherein the container includes a virtual machine executable by the device; correlate the hard token and the compliance token to a session token representing a session in response to the determination that the device is capable of consuming the resource, the session facilitating access by the device to the resource; determine whether at least one of a hardware update and a firmware update associated with the device occurs during the session; and communicate a response to the device indicating that access should be denied, wherein the response is based on an impact of at least one of the hardware update and the firmware update. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for container provisioning in a token-based environment, comprising:
-
intercepting, by a processor, a request from a device to access a resource, the resource represented by a resource token; receiving, by the processor, a hard token from a token provider in response to a request for identification information of the device, the hard token representing the identification information of the device; determining, by the processor, at least one token-based rule based at least in part upon the hard token and the resource token, the at least one token-based rule specifying compliance criteria required to consume the resource; receiving, by the processor, at least one token from the token provider in response to a request for compliance information of the device, the at least one token representing the compliance information of the device, wherein the compliance information indicates capabilities of the device to consume the resource; comparing, by the processor, the compliance information against the compliance criteria to determine that the device is capable of consuming the resource; generating, by the processor, a compliance token representing the determination that the device is capable of consuming the resource; communicating, by the processor, the compliance token to facilitate the provisioning of a container to the device, the container facilitating access to the resource, wherein the container includes a virtual machine executable by the device; correlating, by the processor, the hard token and the compliance token to a session token representing a session in response to the determination that the device is capable of consuming the resource, the session facilitating access by the device to the resource; determining, by the processor, whether at least one of a hardware update and a firmware update associated with the device occurs during the session; and communicating, by the processor, a response to the device that access should be denied, wherein the response is based on an impact of at least one of the hardware update and the firmware update. - View Dependent Claims (7, 8, 9, 10)
-
-
11. One or more computer-readable non-transitory storage media embodying software that is operable when executed to:
-
intercept, by a processor, a request from a device to access a resource, the resource represented by a resource token; receive, by the processor, a hard token from a token provider in response to a request for identification information of the device, the hard token representing the identification information of the device; determine, by the processor, at least one token-based rule based at least in part upon the hard token and the resource token, the at least one token-based rule specifying compliance criteria required to consume the resource; receive, by the processor, at least one token from the token provider in response to a request for compliance information of the device, the at least one token representing the compliance information of the device, wherein the compliance information indicates capabilities of the device to consume the resource; compare, by the processor, the compliance information against the compliance criteria to determine that the device is capable of consuming the resource; generate, by the processor, a compliance token representing the determination that the device is capable of consuming the resource; communicate, by the processor, the compliance token to facilitate the provisioning of a container to the device, the container facilitating access to the resource, wherein the container includes a virtual machine executable by the device; correlate, by the processor, the hard token and the compliance token to a session token representing a session in response to the determination that the device is capable of consuming the resource, the session facilitating access by the device to the resource; determine, by the processor, whether at least one of a hardware update and a firmware update associated with the device occurs during the session; and communicate, by the processor, a response to the device indicating that access should be denied, wherein the response is based on the impact of at least one of the hardware update and the firmware update. - View Dependent Claims (12, 13, 14, 15)
-
Specification