Automating cloud service reconnections
First Claim
1. A method executed on a computing device for automatically reconnecting a user to cloud based services, the method comprising:
- determining a first metadata attribute for a security principal managing access to a cloud based service at a source domain for the user;
creating a new security principal for the user at a destination domain;
specifying a value of the first metadata attribute for the security principal in a customizable metadata attribute in the new security principal;
receiving a request for reconnecting the user to the cloud based service; and
reconnecting the user to the cloud based service using a correlation between the first and the customizable metadata attributes of the security principal and the new security principal, wherein the correlation is created by setting the value of the customizable metadata attribute for the new security principal to be the same as the first metadata attribute of the security principal as part of a an automated cloud reconnection process controlling a transfer of connection from the security principal in the source domain to the new security principal in the destination domain.
2 Assignments
0 Petitions
Accused Products
Abstract
Technologies are generally described for automatically reconnecting a security principal to cloud services through correlation of security principal identifier attributes. A new security principal for a user may be detected and automatically reconnected to the user'"'"'s cloud based services. An administrator for the security domains may specify a value of a unique security principal metadata attribute for the original security principal in a customizable security principal metadata attribute in the new security principal in the same or new security domain. A secondary verification metadata attribute may optionally be specified to ensure the correct security principal is reconnected to the user'"'"'s cloud based resources. The correlation between the original security principal for the user and the new security principal may be used to reconnect the user'"'"'s cloud resources.
-
Citations
19 Claims
-
1. A method executed on a computing device for automatically reconnecting a user to cloud based services, the method comprising:
-
determining a first metadata attribute for a security principal managing access to a cloud based service at a source domain for the user; creating a new security principal for the user at a destination domain; specifying a value of the first metadata attribute for the security principal in a customizable metadata attribute in the new security principal; receiving a request for reconnecting the user to the cloud based service; and reconnecting the user to the cloud based service using a correlation between the first and the customizable metadata attributes of the security principal and the new security principal, wherein the correlation is created by setting the value of the customizable metadata attribute for the new security principal to be the same as the first metadata attribute of the security principal as part of a an automated cloud reconnection process controlling a transfer of connection from the security principal in the source domain to the new security principal in the destination domain. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computing device for managing cloud based services with automatic reconnection, the computing device comprising:
-
a memory storing instructions; and a processor executing a security management application in conjunction with the stored instructions, the security management application configured to; determine a first metadata attribute for a security principal managing access to a cloud based service for a user; create a new security principal for the user; specify a value of the first metadata attribute for the security principal in a customizable metadata attribute in the new security principal; receive a request for reconnecting the user to the cloud based service in response to one of;
a migration of the user from an original security domain to a new security domain and a deletion of the security principal;reconnect the user to the cloud based service using a correlation between the first and the customizable metadata attributes of the security principal and the new security principal at an automated cloud service reconnection module, wherein a new security principal'"'"'s customizable metadata attribute is set to a unique value of the first metadata attribute by the automated cloud service reconnection module; if any security principal in the original security domain is removed from visibility of the automated cloud service reconnection module, mark the cloud based services as pending deletion for a customizable period of time to enable one of;
reconnection of the security principal in a destination domain to the cloud based service in a case of the migration and reconnection of the new security principal in a source domain in the case of an accidental deletion of the security principal; andif the request for reconnecting is in response to the migration of the user to the new security domain, automatically remove the user from the original security domain upon connecting the user to the new security domain. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer-readable storage device with instructions stored thereon for automatically reconnecting a user to cloud based resources, the instructions comprising:
-
determining a metadata attribute for a security principal managing access to the cloud based resources coordinated through a cloud based metadata repository for the user; creating a new security principal for the user that includes at least one metadata attribute based on a second metadata attribute of an original security principal for the user at a source security domain; performing a secondary verification employing a third metadata attribute associated with an original security principal, wherein the third metadata attribute is a unique security principal attribute selected from one or more of;
an email alias and an employee identifier, when a connection to the user'"'"'s cloud resources is restored automatically without affecting the user;receiving a request for reconnecting the user to a destination security domain for the cloud based resources; and connecting the user to a new security domain based on a correlation between the at least one metadata attribute of the new security principal and the second metadata attribute of the original security principal if the secondary verification is successful. - View Dependent Claims (17, 18, 19)
-
Specification