Hybrid cloud identity mapping infrastructure
First Claim
Patent Images
1. A system, comprising:
- at least one processor;
a hybrid identity mapper implemented by the at least one processor and configured to;
maintain a cloud role associated with an enterprise identity of an enterprise user, the enterprise identity being an entry in an internal cloud directory under a first distinguished name, andmaintain hybrid cloud mapping data that maps the enterprise identity of the enterprise user to an identity usable in a public cloud, the hybrid cloud mapping data maps the enterprise identity to the identity based on;
the entry being under the first distinguished name, andthe first distinguished name being mapped to a second distinguished name in a public cloud directory that corresponds to the identity;
an authentication and authorization (AA) server configured to;
authenticate the enterprise user based on the enterprise identity, andobtain the cloud role and the hybrid cloud mapping data in response to authenticating the enterprise user; and
an administration server configured to allow the enterprise user to access the public cloud using the identity based on the hybrid cloud mapping data.
1 Assignment
0 Petitions
Accused Products
Abstract
In various exemplary embodiments, a system and associated method for providing a hybrid cloud computing environment are disclosed. For example, a system may authorize an enterprise user based on an enterprise identity. Once authenticated, embodiments may use mapping data and a cloud role to determine an identity to use when the enterprise user accesses a cloud.
44 Citations
20 Claims
-
1. A system, comprising:
-
at least one processor; a hybrid identity mapper implemented by the at least one processor and configured to; maintain a cloud role associated with an enterprise identity of an enterprise user, the enterprise identity being an entry in an internal cloud directory under a first distinguished name, and maintain hybrid cloud mapping data that maps the enterprise identity of the enterprise user to an identity usable in a public cloud, the hybrid cloud mapping data maps the enterprise identity to the identity based on; the entry being under the first distinguished name, and the first distinguished name being mapped to a second distinguished name in a public cloud directory that corresponds to the identity; an authentication and authorization (AA) server configured to; authenticate the enterprise user based on the enterprise identity, and obtain the cloud role and the hybrid cloud mapping data in response to authenticating the enterprise user; and an administration server configured to allow the enterprise user to access the public cloud using the identity based on the hybrid cloud mapping data. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method, comprising:
-
authenticating an enterprise user based on an enterprise identity, the enterprise identity being an entry in an internal cloud directory under a first distinguished name; responsive to the authenticating of the enterprise user, obtaining a cloud role associated with the enterprise user and hybrid cloud mapping data that maps the enterprise identity to an identity usable in a public cloud, the hybrid cloud mapping data maps the enterprise identity to the identity based on; the entry being under the first distinguished name, and the first distinguished name being mapped to a second distinguished name in a public cloud directory that corresponds to the identity; and providing the enterprise user access to the public cloud using the identity based on the hybrid cloud mapping data. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory machine-readable storage medium storing a set of instructions that, when executed by at least one processor, causes the at least one processor to perform operations comprising:
-
authenticating an enterprise user based on an enterprise identity, the enterprise identity being an entry in an internal cloud directory under a first distinguished name; responsive to the authenticating of the enterprise user, obtaining a cloud role associated with the enterprise user and hybrid cloud mapping data that maps the enterprise identity to an identity usable in a public cloud, the hybrid cloud mapping data maps the enterprise identity to the identity based on; the entry being under the first distinguished name, and the first distinguished name being mapped to a second distinguished name in a public cloud directory that corresponds to the identity; and providing the enterprise user access to the public cloud using the identity based on the hybrid cloud mapping data. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification