Virtual communication endpoint services
First Claim
1. A system for managing requests for a customer service, comprising:
- at least one processor; and
a memory storing instructions that, when executed by the at least one processor, cause the system to;
receive, via an interface layer configured to communicate with a customer of the multi-tenant environment, a request to define a virtual endpoint for at least performing authentication of requests directed to the customer service, wherein the customer service is offered by the customer of the multi-tenant environment using one or more resources of the multi-tenant environment, and wherein the request includes application information associated with an endpoint interface used to enable access to the customer service via the virtual endpoint; and
define the virtual endpoint for the customer service in response to receiving the request; and
enable access to the endpoint interface for the customer service by a virtual load balancer of the multi-tenant environment, the virtual load balancer configured to;
receive a communication that is originated from a computing device of a caller and sent to the virtual endpoint via a communication network connection, the communication including a signature generated using at least one security credential;
determine whether the signature is a valid signature associated with the caller;
determine identity information for the caller associated with the communication;
determine one or more policies to be evaluated for the communication based at least in part upon the identity information;
determine whether the communication satisfies the one or more policies including whether the caller has agreed to pay relevant charges; and
forward, to the endpoint interface for the customer service, the communication that was received at the virtual endpoint, wherein the endpoint interface processes the communication after the signature is determined to be valid and after the communication is determined to be allowed according to the one or more policies.
1 Assignment
0 Petitions
Accused Products
Abstract
Customers can utilize resources of a multi-tenant environment to provide one or more services available to various users. In order to simplify the process for these customers, the multi-tenant environment can include an infrastructure wherein a portion of the resources provide an authentication and/or authorization service that can be leveraged by the customer services. These resources can logically sit in front of the resources used to provide the customer services, such that a user request must pass through the authorization and authentication service before being directed to the customer service. Such resources can provide other functionality as well, such as load balancing and metering.
52 Citations
19 Claims
-
1. A system for managing requests for a customer service, comprising:
-
at least one processor; and a memory storing instructions that, when executed by the at least one processor, cause the system to; receive, via an interface layer configured to communicate with a customer of the multi-tenant environment, a request to define a virtual endpoint for at least performing authentication of requests directed to the customer service, wherein the customer service is offered by the customer of the multi-tenant environment using one or more resources of the multi-tenant environment, and wherein the request includes application information associated with an endpoint interface used to enable access to the customer service via the virtual endpoint; and define the virtual endpoint for the customer service in response to receiving the request; and enable access to the endpoint interface for the customer service by a virtual load balancer of the multi-tenant environment, the virtual load balancer configured to; receive a communication that is originated from a computing device of a caller and sent to the virtual endpoint via a communication network connection, the communication including a signature generated using at least one security credential; determine whether the signature is a valid signature associated with the caller; determine identity information for the caller associated with the communication; determine one or more policies to be evaluated for the communication based at least in part upon the identity information; determine whether the communication satisfies the one or more policies including whether the caller has agreed to pay relevant charges; and forward, to the endpoint interface for the customer service, the communication that was received at the virtual endpoint, wherein the endpoint interface processes the communication after the signature is determined to be valid and after the communication is determined to be allowed according to the one or more policies. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-implemented method, comprising:
-
receiving, by a virtual load balancer of a multi-tenant environment, a communication that is originated from a computing device of a caller and sent via a communication network connection to a virtual endpoint for at least performing authentication of requests directed to a customer service, the communication including a signature generated using at least one security credential, the customer service being offered by a customer of the multi-tenant environment using one or more resources of the multi-tenant environment, the customer service being associated with an endpoint interface that is provided through at least one resource of the multi-tenant environment, wherein the virtual endpoint was defined by the multi-tenant environment in response to receiving a request to define the virtual endpoint from the customer of the multi-tenant environment, and wherein the request to define the virtual endpoint includes application information associated with the endpoint interface used to enable access to the customer service via the virtual endpoint; determining, by the virtual load balancer of the multi-tenant environment, one or more policies to be evaluated for the communication based upon identity information for the caller associated with the communication; determining, by the virtual load balancer of the multi-tenant environment, that (i) the communication is allowed according to the one or more policies including whether the caller has agreed to pay relevant charges and (ii) that the signature is a valid signature associated with the caller; and forwarding, by the virtual load balancer of the multi-tenant environment, to the endpoint interface for the customer service, the communication that was received at the virtual endpoint, wherein the communication is processed by the endpoint interface after the signature is determined to be valid and after the communication is determined to be allowed according to the one or more policies. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable storage medium including instructions that, when executed by at least one processor of a computer system, cause the computer system to:
-
receive, by a virtual load balancer of a multi-tenant environment, a communication that is originated from a computing device of a caller and sent via a communication network connection to a virtual endpoint for at least performing authentication of requests directed to a customer service, the communication including a signature generated using at least one security credential, the customer service being offered by a customer of a multi-tenant environment using one or more resources of the multi-tenant environment, the customer service being associated with an endpoint interface that is provided through at least one resource of the multi-tenant environment, wherein the virtual endpoint was defined by the multi-tenant environment in response to receiving a request to define the virtual endpoint from the customer of the multi-tenant environment, and wherein the request to define the virtual endpoint includes application information associated with the endpoint interface used to enable access to the customer service via the virtual endpoint; determine, by the virtual load balancer of the multi-tenant environment, one or more policies to be evaluated for the communication based upon identity information for the caller associated with the communication; determine, by the virtual load balancer of the multi-tenant environment, that (i) the communication is allowed according to the one or more policies including whether the caller has agreed to pay relevant charges and (ii) that the signature is a valid signature associated with the caller; and forward, by the virtual load balancer of the multi-tenant environment, to the endpoint interface for the customer service, the communication that was received at the virtual endpoint, wherein the communication is processed by the endpoint interface after the signature is determined to be valid and after the communication is determined to be allowed according to the one or more policies. - View Dependent Claims (15, 16, 17)
-
-
18. A system for managing requests, comprising:
-
at least one processor; and memory storing instructions that, when executed by the at least one processor, cause the system to; receive, via an interface layer configured to communicate with a customer of the multi-tenant environment, a request to define a virtual endpoint for at least performing authentication of requests directed to a service, the service being provided by the customer of the multi-tenant environment using one or more resources of the multi-tenant environment, the request including application information associated with an endpoint interface used to enable access to the service via the virtual endpoint; define the virtual endpoint for the service in response to receiving the request; and enable access to the endpoint interface for the service by a virtual load balancer of the multi-tenant environment, the virtual load balancer configured to; receive a communication that is originated from a computing device of a caller to the virtual endpoint, the communication including a signature generated using at least one security credential; determine whether the signature is a valid signature associated with the caller; determine identity information for the caller associated with the communication; determine one or more policies to be evaluated for the communication based at least in part upon the identity information; determine whether the communication satisfies the one or more policies including whether the caller has agreed to pay relevant charges; and forward, to the endpoint interface for the service, the communication that was received at the virtual endpoint, wherein the endpoint interface processes the communication after the signature is determined to be valid and after the communication is determined to be allowed according to the one or more policies. - View Dependent Claims (19)
-
Specification