Security context management in multi-tenant environments
First Claim
1. A computer-implemented method comprising:
- receiving, by a tenant component of a multi-tenant computational environment, a request to access security context data by a tenant application of a tenant in the multi-tenant computational environment;
unsealing a first protection layer of the security context data based on a determination that the tenant component is part of a trusted service of the multi-tenant computational environment;
unsealing a second protection layer of the security context data based on a determination that the tenant application is authorized to access the security context data; and
executing the tenant application in a context defined by the security context data based on the determination that the tenant application is authorized to access the security context data, wherein the executing of the tenant application further comprises launching a provisioned service account for the tenant application to execute operations associated with the security context data, and wherein the provisioned service account has restricted privilege as compared to an account of a tenant.
2 Assignments
0 Petitions
Accused Products
Abstract
Examples of the present disclosure describe security context enforcement in a multi-tenant environment. Security context data may be transmitted through an un-secure multi-tenant computational environment. The security context data is secured by protection layers that restrict untrusted resources from running tenant applications and restrict the ability of unauthorized tenants to access context information associated with a tenant. Data may be received and evaluated at a component of a multi-tenant environment. If the component is a trusted component and the security context data indicates that the tenant is authorized to execute an application using a specified context, the component may run a tenant application in a context associated with the security context data.
-
Citations
19 Claims
-
1. A computer-implemented method comprising:
-
receiving, by a tenant component of a multi-tenant computational environment, a request to access security context data by a tenant application of a tenant in the multi-tenant computational environment; unsealing a first protection layer of the security context data based on a determination that the tenant component is part of a trusted service of the multi-tenant computational environment; unsealing a second protection layer of the security context data based on a determination that the tenant application is authorized to access the security context data; and executing the tenant application in a context defined by the security context data based on the determination that the tenant application is authorized to access the security context data, wherein the executing of the tenant application further comprises launching a provisioned service account for the tenant application to execute operations associated with the security context data, and wherein the provisioned service account has restricted privilege as compared to an account of a tenant. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system, comprising:
-
at least one processor; and a memory operatively connected with the at least one processor, wherein the memory stores thereon computer-executable instructions, that when executed on the at least one processor, cause the at least one processor to; receive security context data at a trusted component of a multi-tenant computational environment; determine whether to unseal a first protection layer of the security context data for a tenant component of the multi-tenant computational environment to access the security context data, wherein the first protection layer prevents an ability to access the security context data by devices and services external to a trusted service of the multi-tenant computational environment; in response to determining to unseal the first protection layer, determine whether to unseal a second protection layer of the security context data to enable the tenant component to execute an application in a context associated with the security context data, wherein the second protection layer prevents un-authorized tenant components of the trusted service from executing the application in the context of the security context data; and in response to determining to unseal the second protection layer, launching a restricted service account for the tenant component to execute the application in the context of the security context data, wherein the restricted service account has restricted privilege as compared to an account of a tenant. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer-readable storage medium having computer-executable instructions thereupon that, when executed by a computer, cause the computer to perform a set of operations comprising:
-
receiving, by a tenant component of a multi-tenant computational environment, a request to access security context data by a tenant application of a tenant in the multi-tenant computational environment; unsealing a first protection layer of the security context data based on a determination that the tenant component is part of a trusted service of the multi-tenant computational environment; unsealing a second protection layer of the security context data based on a determination that the tenant application is authorized to access the security context data; and executing the tenant application in a context defined by the security context data based on the determination that the tenant application is authorized to access the security context data, wherein the executing of the tenant application further comprises launching a provisioned service account for the tenant application to execute operations associated with the security context data, and wherein the provisioned service account has restricted privilege as compared to an account of a tenant. - View Dependent Claims (17, 18, 19)
-
Specification