Maintaining user identity associated with access to network resources using virtual machines
First Claim
Patent Images
1. A method, comprising:
- receiving, by a server in a computer system from a user of the computer system, a request for access to a network resource in a legacy system, wherein the request includes a user identifier value that identifies the user, and wherein the legacy system is incapable of tracking the user identifier value;
upon receiving the request for access to the network resource in the legacy system from the user, determining, by the server of the computer system, whether at least one of a plurality of virtual machines that are uniquely associated with the user identifier value is running in a virtual machine environment of the computer system;
based on the at least one of the plurality of virtual machines not running in the virtual machine environment, instantiating, by the server of the computer system and in the virtual machine environment of the computer system, one or more virtual machines that are uniquely associated with the user identifier value and that are used only by the user, wherein the one or more virtual machines are configured to provide the user with access to the network resource in the legacy system;
processing, by the one or more virtual machines in the virtual machine environment of the computer system, the request for access to the network resource in the legacy system, wherein processing the request for access comprises performing one or more data requests to the network resource in the legacy system for the user without including the user identifier value in the one or more data requests;
storing, by the one or more virtual machines in the virtual machine environment of the computer system, a record of the one or more data requests to the network resource in the legacy system performed by the one or more virtual machines in a log file associated with the one or more virtual machines, wherein the log file stores the user identifier value that identifies the only user of the one or more virtual machines; and
identifying, by the server in the computer system and to an administrator of the computer system, the user associated with the one or more data requests to the network resource in the legacy system based on the user identifier value stored in the log file associated with the one or more virtual machines.
1 Assignment
0 Petitions
Accused Products
Abstract
The identity of a user of a computerized system is maintained by operating a virtual machine used only by the user, such that logged actions made by the virtual machine can be associated with the user, wherein the user is not otherwise directly identified by the virtual machine. Information requests made from the virtual machine to a specific resource may be logged to enable tracking and auditing of resource access by the user. The virtual machine is managed by an access device to a data center for the enterprise system, a server, or other device within the data center.
15 Citations
20 Claims
-
1. A method, comprising:
-
receiving, by a server in a computer system from a user of the computer system, a request for access to a network resource in a legacy system, wherein the request includes a user identifier value that identifies the user, and wherein the legacy system is incapable of tracking the user identifier value; upon receiving the request for access to the network resource in the legacy system from the user, determining, by the server of the computer system, whether at least one of a plurality of virtual machines that are uniquely associated with the user identifier value is running in a virtual machine environment of the computer system; based on the at least one of the plurality of virtual machines not running in the virtual machine environment, instantiating, by the server of the computer system and in the virtual machine environment of the computer system, one or more virtual machines that are uniquely associated with the user identifier value and that are used only by the user, wherein the one or more virtual machines are configured to provide the user with access to the network resource in the legacy system; processing, by the one or more virtual machines in the virtual machine environment of the computer system, the request for access to the network resource in the legacy system, wherein processing the request for access comprises performing one or more data requests to the network resource in the legacy system for the user without including the user identifier value in the one or more data requests; storing, by the one or more virtual machines in the virtual machine environment of the computer system, a record of the one or more data requests to the network resource in the legacy system performed by the one or more virtual machines in a log file associated with the one or more virtual machines, wherein the log file stores the user identifier value that identifies the only user of the one or more virtual machines; and identifying, by the server in the computer system and to an administrator of the computer system, the user associated with the one or more data requests to the network resource in the legacy system based on the user identifier value stored in the log file associated with the one or more virtual machines. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computerized system, comprising:
-
a server in a computer system comprising a processor and memory, the server configured to receive from a user of the computer system a request for access to a network resource in a legacy system, wherein the request includes a user identifier value that identifies the user, and wherein the legacy system is incapable of tracking the user identifier value, upon receiving the request for access to the network resource in the legacy system from the user, determine whether at least one of a plurality of virtual machines that are uniquely associated with the user identifier value is running in a virtual machine environment of the computer system, and based on the at least one of the plurality of virtual machines not running in the virtual machine environment, instantiate one or more virtual machines in the virtual machine environment of the computer system that are uniquely associated with the user identifier value and that are used only by the user; and the one or more virtual machines in the virtual machine environment of the computer system configured to process the request for access to the network resource in the legacy system, wherein the one or more virtual machines are configured to perform one or more data requests to the network resource in the legacy system for the user without including the user identifier value in the one or more data requests, and store a record of the one or more data requests to the network resource in the legacy system performed by the one or more virtual machines in a log file associated with the one or more virtual machines, wherein the log file stores the user identifier value that identifies the only user of the one or more virtual machines, the server in the computer system further configured to identify, to an administrator of the computer system, the user associated with the one or more data requests to the network resource in the legacy system based on the user identifier value stored in the log file associated with the one or more virtual machines. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory machine-readable medium with instruction stored thereon, the instructions when executed cause a computerized system to:
-
receive, by a server in a computer system from a user of the computer system, a request for access to a network resource in a legacy system, wherein the request includes a user identifier value that identifies the user, and wherein the legacy system is incapable of tracking the user identifier value; upon receiving the request for access to the network resource in the legacy system from the user, determine, by the server of the computer system, whether at least one of a plurality of virtual machines that are uniquely associated with the user identifier value is running in a virtual machine environment of the computer system; based on the at least one of the plurality of virtual machines not running in the virtual machine environment, instantiate, by the server in the computer system and in the virtual machine environment of the computer system, one or more virtual machines that are uniquely associated with the user identifier value and that are used only by the user, wherein the one or more virtual machines are configured to provide the user with access to the network resource in the legacy system; process, by the one or more virtual machines in the virtual machine environment of the computer system, the request for access to the network resource in the legacy system, wherein the instructions cause the computerized system to perform one or more data requests to the network resource in the legacy system for the user without including the user identifier value in the one or more data requests; store, by the one or more virtual machines in the virtual machine environment of the computer system, a record of the one or more data requests to the network resource in the legacy system performed by the one or more virtual machines in a log file associated with the one or more virtual machines, wherein the log file stores the user identifier value that identifies the only user of the one or more virtual machines; and identify, by the server in the computer system and to an administrator of the computer system, the user associated with the one or more data requests to the network resource in the legacy system based on the user identifier value stored in the log file associated with the one or more virtual machines. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification