Mobile cloud service architecture
First Claim
1. A method comprising:
- receiving, by a cloud computer system, from a mobile computing device, a request for a service from an enterprise computer system, wherein the cloud computer system is located at a first geographical location that is different from a second geographical location of the enterprise computer system, wherein the cloud computer system and the enterprise computer system communicate over a public communication network, and wherein the cloud computer system provides an application programming interface (API), the API using a first communication protocol to receive requests for services;
obtaining, by the cloud computer system, for a user of the mobile computing device associated with the request, a security authentication to obtain at least one service through the cloud computer system;
storing, by the cloud computer system, information indicating the security authentication;
identifying, based on the security authentication of the user, by the cloud computer system, a plurality of enterprise computer systems accessible to the user through the cloud computer system, wherein each enterprise computer system of the plurality of enterprise computer systems uses a second communication protocol to receive the requests for services, and wherein the second communication protocol is different from the first communication protocol;
verifying, by the cloud computer system, that the enterprise computer system is included in the plurality of enterprise computer systems accessible to the user;
determining, by the cloud computer system, a security protocol for requesting the service from the enterprise computer system;
generating, by the cloud computer system, a security token corresponding to the determined security protocol for the enterprise computer system, wherein the security token is generated based on the information indicating the security authentication of the user;
converting the request from a format of the first communication protocol to a different format corresponding to the second communication protocol;
sending, by the cloud computer system, to the enterprise computer system, the converted request for the service, wherein the converted request includes the generated security token;
receiving, from the enterprise computer system, a response to the converted request, wherein the response has a format of the second communication protocol used by the enterprise computer system;
converting the response from the format of the second communication protocol to the format of the first communication protocol; and
providing the converted response to the mobile computing device.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques are described for implementing a cloud computer system to facilitate communication between a computing device (e.g., a mobile computing device) and enterprise computer systems. In certain embodiments, the cloud computer system may receive, from a computing device, a request for a service provided by an enterprise computer system. The cloud computer system may determine security authentication of a user for the requested service. A security protocol may be determined for a requested enterprise computer system and a security token may be generated for the request according to the determined security protocol. The request may be sent to the requested enterprise computer system. In some embodiments, security authentication for a request to an enterprise computer system may be determined based on previous authentication. The cloud computer system may be configured to communicate with several different enterprise computer systems according to their supported protocols (e.g., communication protocol and/or security protocol).
-
Citations
17 Claims
-
1. A method comprising:
-
receiving, by a cloud computer system, from a mobile computing device, a request for a service from an enterprise computer system, wherein the cloud computer system is located at a first geographical location that is different from a second geographical location of the enterprise computer system, wherein the cloud computer system and the enterprise computer system communicate over a public communication network, and wherein the cloud computer system provides an application programming interface (API), the API using a first communication protocol to receive requests for services; obtaining, by the cloud computer system, for a user of the mobile computing device associated with the request, a security authentication to obtain at least one service through the cloud computer system; storing, by the cloud computer system, information indicating the security authentication; identifying, based on the security authentication of the user, by the cloud computer system, a plurality of enterprise computer systems accessible to the user through the cloud computer system, wherein each enterprise computer system of the plurality of enterprise computer systems uses a second communication protocol to receive the requests for services, and wherein the second communication protocol is different from the first communication protocol; verifying, by the cloud computer system, that the enterprise computer system is included in the plurality of enterprise computer systems accessible to the user; determining, by the cloud computer system, a security protocol for requesting the service from the enterprise computer system; generating, by the cloud computer system, a security token corresponding to the determined security protocol for the enterprise computer system, wherein the security token is generated based on the information indicating the security authentication of the user; converting the request from a format of the first communication protocol to a different format corresponding to the second communication protocol; sending, by the cloud computer system, to the enterprise computer system, the converted request for the service, wherein the converted request includes the generated security token; receiving, from the enterprise computer system, a response to the converted request, wherein the response has a format of the second communication protocol used by the enterprise computer system; converting the response from the format of the second communication protocol to the format of the first communication protocol; and providing the converted response to the mobile computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A computer system comprising:
-
one or more processors; and one or more memory devices coupled to the one or more processors, the one or more memory devices containing instructions, which when executed on the one or more processors, cause the one or more processors to; receive, from a mobile computing device using a first communication protocol, a request for a service, wherein the service is provided by an enterprise computer system, wherein the enterprise computer system is located at a first geographical location that is different from a second geographical location of the computer system, and wherein the enterprise computer system and the computer system communicate over a public communication network; obtain, for a user of the mobile computing device associated with the request, a security authentication to obtain at least one service via the computer system; store information indicating the security authentication; identify, based on the security authentication of the user, a plurality of enterprise computer systems accessible to the user through the computer system that provides an application programming interface (API); verify that the enterprise computer system is included in the plurality of enterprise computer systems accessible to the user; determine a security protocol for requesting the service from the enterprise computer system; generate a security token corresponding to the determined security protocol for the enterprise computer system, wherein the security token is generated based on the information indicating the security authentication of the user, and wherein the generated security token is included in a request sent to the enterprise computer system; convert the request received from the mobile computing device, wherein the request is converted from a first format of the first communication protocol to a second format of a second communication protocol, wherein the second communication protocol is different from the first communication protocol; send the converted request to the enterprise computer system; receive, from the enterprise computer system via the second communication protocol, a response to the converted request for the service; convert the response received from the enterprise computer system, wherein the response is converted from the second format of the second communication protocol to the first format of the first communication protocol; and send the converted response to the mobile computing device. - View Dependent Claims (14, 15)
-
-
16. A cloud computer system to facilitate communication between a mobile computing device and an on-premises enterprise computer system, the cloud computer system comprising:
-
a cloud computer device configured to; receive, through an application programming interface (API), from a mobile computing device, a message conforming to a first format of a first application protocol; and generate and send, to an agent, a message conforming to a second format of a second application protocol; a firewall connected with the cloud computer device, wherein an internal network and an external network are separated by the firewall, and wherein the firewall is configured to; permit communication of messages, conforming to the first format of the first application protocol, between the mobile computing device and the cloud computer device; and permit communication of messages, conforming to the second format of the second application protocol, between the cloud computer device and the agent; and a metadata repository connected with the cloud computer device, wherein the metadata repository is configured to store metadata for implementing the API, the implementing including translating between the first format and the second format, and wherein the metadata repository is modifiable by an authenticated user via the external network. - View Dependent Claims (17)
-
Specification