Techniques for identity-enabled interface deployment
First Claim
Patent Images
1. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:
- configuring a cloud agent for deployment within a target cloud environment, the cloud agent configured within an enterprise environment and the cloud agent is configured to process on processors of the target cloud environment and to use interfaces that the target cloud environment uses;
authenticating the cloud agent and obtaining a cloud agent identity;
assigning an expiration condition to the cloud agent identity that when satisfied renders the cloud agent identity invalid and providing the configured cloud agent with a mechanism to extend the expiration condition of the agent by obtaining other credentials to extend beyond the expiration condition by extending an expiration specification, wherein the agent uses the mechanism for raising a particular event that results in the agent obtaining the other credentials;
requesting, by the cloud agent, a security token from a security manager of the target cloud environment, the security token unique to the target cloud environment;
receiving, by the cloud agent, a token expiration condition with the security token, and when the token expiration condition is met, the security token becomes invalid for use within the target cloud environment; and
deploying the cloud agent to the target cloud environment for enforcement of enterprise policy within the target cloud environment, via the cloud agent.
16 Assignments
0 Petitions
Accused Products
Abstract
Techniques for providing identity-enabled interfaces for deployment are presented. Specifically, an agent of an enterprise infrastructure authenticates and acquires an agent identity for interacting with a cloud processing environment. Once the agent is deployed in the cloud processing environment, enterprise policy can be enforced within the cloud processing environment on actions occurring within the cloud. The agent acts as an Application Programming Interface between the enterprise and the cloud processing environment. The reverse is also achievable, where a cloud deploys an agent to the enterprise to deploy a cloud interface within the enterprise for policy enforcement.
-
Citations
8 Claims
-
1. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:
-
configuring a cloud agent for deployment within a target cloud environment, the cloud agent configured within an enterprise environment and the cloud agent is configured to process on processors of the target cloud environment and to use interfaces that the target cloud environment uses; authenticating the cloud agent and obtaining a cloud agent identity; assigning an expiration condition to the cloud agent identity that when satisfied renders the cloud agent identity invalid and providing the configured cloud agent with a mechanism to extend the expiration condition of the agent by obtaining other credentials to extend beyond the expiration condition by extending an expiration specification, wherein the agent uses the mechanism for raising a particular event that results in the agent obtaining the other credentials; requesting, by the cloud agent, a security token from a security manager of the target cloud environment, the security token unique to the target cloud environment; receiving, by the cloud agent, a token expiration condition with the security token, and when the token expiration condition is met, the security token becomes invalid for use within the target cloud environment; and deploying the cloud agent to the target cloud environment for enforcement of enterprise policy within the target cloud environment, via the cloud agent. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMicro Focus Software, Inc. (Open Text Corporation)
-
Original AssigneeNovell Incorporated (Open Text Corporation)
-
InventorsEarl, Douglas Garry, Carter, Stephen R
-
Primary Examiner(s)Shepperd, Eric W
-
Application NumberUS13/182,090Publication NumberTime in Patent Office1,581 DaysField of Search726/7, 726/19, 726/21, 726/22, 726 1- 5, 726 9- 10, 726/12, 726 26- 29, 713/150, 713155-159, 713168-169, 713172-173, 713/182, 713/185, 709201-202, 709204-205, 709/218, 709/223, 709/225, 709/229, 709/249US Class Current1/1CPC Class CodesG06F 21/41 where a single sign-on prov...H04L 63/0435 wherein the sending and rec...H04L 63/06 for supporting key manageme...H04L 63/083 using passwords cryptograph...H04L 63/108 when the policy decisions a...H04L 9/3213 using tickets or tokens, e....
