Security access protection for user data stored in a cloud computing facility
First Claim
1. A method comprising:
- storing a plurality of proxy access credentials for a user to securely access each of a plurality of cloud computing facilities;
receiving a request from a client device for access to one of the plurality of cloud computing facilities;
securing a communication link to the client device, thereby providing a secure link;
receiving access credentials from the user through the secure link;
verifying an identity of the user with the access credentials;
assessing a security state of the client device to determine if the client is in compliance with a security policy; and
if the client is in compliance with the security policy, coupling the client to one of the plurality of cloud computing facilities through a second secure link using a corresponding one of the plurality of proxy access credentials for the user.
7 Assignments
0 Petitions
Accused Products
Abstract
In embodiments of the present invention improved capabilities are described for a method and system including storing a plurality of proxy access credentials for a user to securely access each of a plurality of cloud computing facilities; receiving a request from a client device for access to one of the plurality of cloud computing facilities; securing a communication link to the client device, thereby providing a secure link; receiving access credentials from the user through the secure link; verifying an identity of the user with the access credentials; assessing a security state of the client device to determine if the client is in compliance with a security policy; and if the client is in compliance with the security policy, coupling the client to one of the plurality of cloud computing facilities through a second secure link using a corresponding one of the plurality of proxy access credentials for the user.
-
Citations
24 Claims
-
1. A method comprising:
-
storing a plurality of proxy access credentials for a user to securely access each of a plurality of cloud computing facilities; receiving a request from a client device for access to one of the plurality of cloud computing facilities; securing a communication link to the client device, thereby providing a secure link; receiving access credentials from the user through the secure link; verifying an identity of the user with the access credentials; assessing a security state of the client device to determine if the client is in compliance with a security policy; and if the client is in compliance with the security policy, coupling the client to one of the plurality of cloud computing facilities through a second secure link using a corresponding one of the plurality of proxy access credentials for the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A proxy server comprising:
-
a first interface for coupling in a communicating relationship with one or more of a plurality of cloud computing facilities; a second interface for coupling in a communicating relationship with a client device; a memory storing access credentials for enabling user access to the proxy server and a plurality of corresponding proxy access credentials for enabling the proxy server to link the user-provided access credentials to the proxy access credentials and use thereof to enable a user to access with the one or more of the plurality of cloud computing facilities through the proxy server; and a processor configured to secure communications through the first interface and the second interface, to receive a request from the client device, to verify an identity of the user against the access credentials, to assess a security state of the client device, and to conditionally grant access through the proxy server to one of the plurality of cloud computing facilities using a corresponding one of the plurality of proxy access credentials when the security state is in compliance with a security policy. - View Dependent Claims (19, 20, 21)
-
-
22. A system comprising:
-
a client device having a user; a plurality of cloud computing facilities, each accessible with one of a plurality of proxy access credentials; a proxy server configured for secure communications with the client device and the plurality of cloud computing facilities, the proxy server including a memory that stores the plurality of proxy access credentials for the plurality of cloud computing facilities, along with access credentials for the user to access the proxy server, and the proxy server further including a processor configured to conditionally grant access by the user to one or more of the plurality of cloud computing facilities through the proxy server with a corresponding one of the plurality of proxy access credentials based upon a verification of an identity of the user against the access credentials and a verification that a security state of the client device is in compliance with a security policy; and a transfer of data from the client device to the one of the plurality of cloud computing facilities, wherein the data that is transferred is at least one of tokenized and encrypted. - View Dependent Claims (23, 24)
-
Specification