Multi-tenant identity and data security management cloud service
First Claim
1. A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to provide cloud-based identity and access management, the providing comprising:
- receiving a request from a client for an identity management service;
authenticating the request;
accessing a microservice based on the request;
determining, based on the request, a tenancy of the client, a tenancy of a user related to the request, and a tenancy of a resource related to the request;
retrieving data from at least one of the tenancy of the client, the tenancy of the user, or the tenancy of the resource in a database, wherein the data is retrieved by the microservice using a connection pool that provides connections to the database; and
performing the identity management service by the microservice using the data;
wherein the microservice uses a proxy user to connect to a respective connection in the connection pool and the proxy user represents a tenant in the database.
2 Assignments
0 Petitions
Accused Products
Abstract
A system provides cloud-based identity and access management. The system receives a request from a client for an identity management service, authenticates the request, and accesses a microservice based on the request. The system determines, based on the request, a tenancy of the client, a tenancy of a user, and a tenancy of a resource. The system retrieves data from the determined tenancies as required to process the request, where the data is retrieved by the microservice using a connection pool that provides connections to the database. The system then performs the identity management service by the appropriate microservice responsible for processing the received request.
100 Citations
20 Claims
-
1. A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to provide cloud-based identity and access management, the providing comprising:
-
receiving a request from a client for an identity management service; authenticating the request; accessing a microservice based on the request; determining, based on the request, a tenancy of the client, a tenancy of a user related to the request, and a tenancy of a resource related to the request; retrieving data from at least one of the tenancy of the client, the tenancy of the user, or the tenancy of the resource in a database, wherein the data is retrieved by the microservice using a connection pool that provides connections to the database; and performing the identity management service by the microservice using the data; wherein the microservice uses a proxy user to connect to a respective connection in the connection pool and the proxy user represents a tenant in the database. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of providing cloud-based identity and access management, comprising:
-
receiving a request from a client for an identity management service; authenticating the request; accessing a microservice based on the request; determining, based on the request, a tenancy of the client, a tenancy of a user related to the request, and a tenancy of a resource related to the request; retrieving data from at least one of the tenancy of the client, the tenancy of the user, or the tenancy of the resource in a database, wherein the data is retrieved by the microservice using a connection pool that provides connections to the database; and performing the identity management service by the microservice using the data; wherein the microservice uses a proxy user to connect to a respective connection in the connection pool and the proxy user represents a tenant in the database. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for providing cloud-based identity and access management, comprising:
-
one or more processors coupled to a storage device comprising instructions that when executed by the one or more processors implement a security gate and a microservice; the security gate that receives a request from a client for an identity management service; the security gate authenticating the request; the security gate accessing the microservice based on the request; the microservice determining, based on the request, a tenancy of the client, a tenancy of a user related to the request, and a tenancy of a resource related to the request; the microservice retrieving data from at least one of the tenancy of the client, the tenancy of the user, or the tenancy of the resource in a database, wherein the microservice retrieves the data using a connection pool that provides connections to the database; and the microservice performing the identity management service using the data; wherein the microservice uses a proxy user to connect to a respective connection in the connection pool and the proxy user represents a tenant in the database. - View Dependent Claims (18, 19, 20)
-
Specification