-
公开(公告)号:US08065395B2
公开(公告)日:2011-11-22
申请号:US12612807
申请日:2009-11-05
IPC分类号: G06F15/16 , G06F15/173 , G06F15/177
CPC分类号: H04L63/0281 , H04L63/20
摘要: System and method for servicing queue requests via a proxy are described. In one embodiment, the system includes an enterprise queuing proxy (“EQP”) disposed within an enterprise computing environment and having an enterprise queue associated therewith; a cloud queuing proxy (“CQP”) disposed within a cloud computing environment, the CQP connected to a plurality of cloud queues each having associated therewith at least one queue service process listening on the cloud queue for queue requests to service; and a secure communications mechanism for interconnecting the EQP and the CQP. Upon receipt of a queue request from an enterprise service, the EQP evaluates the request against policy to determine whether to service it locally or remotely and, if the request is to be serviced remotely, forwards the request to the CQP via the secure communications mechanism. Upon receipt of the request, the CQP evaluates the queue request against policy to select one of the cloud queues to which to route the queue request for servicing.
摘要翻译: 描述了通过代理服务队列请求的系统和方法。 在一个实施例中,系统包括设置在企业计算环境内并且具有与之相关联的企业队列的企业排队代理(“EQP”)。 布置在云计算环境中的云队列代理(“CQP”),CQP连接到多个云队列,每个云队列具有与其相关联的至少一个队列服务进程,在云队列上侦听队列请求进行服务; 以及用于互连EQP和CQP的安全通信机制。 当从企业服务接收到队列请求时,EQP根据策略评估请求以确定是在本地还是远程地进行服务,并且如果请求远程服务,则通过安全通信机制将请求转发给CQP。 在接收到请求后,CQP根据策略评估队列请求,以选择要路由队列请求进行维护的一个云队列。
-
22.发明申请公开(公告)号:US20110106927A1
公开(公告)日:2011-05-05
申请号:US12612903
申请日:2009-11-05
IPC分类号: G06F15/173 , G06F21/00 , G06F7/00
CPC分类号: H04L67/306 , G06F7/00 , G06F15/173 , G06F21/554 , H04L67/10
摘要: System and method for implementing cloud mitigation and operations controllers are described. One embodiment is a system for controlling operation of a cloud computing environment, wherein the system comprises a repository for storing data regarding characteristics of the cloud computing environment, wherein the stored data includes policy notations designating compliance or noncompliance of the data with policy; an analyst module for analyzing the stored data in combination with external report information regarding the cloud computing environment and for providing results of the analysis; and a controller for evaluating the analysis results and issuing instructions for controlling operation of the cloud computing environment based on the evaluating.
摘要翻译: 描述了用于实现云缓解和操作控制器的系统和方法。 一个实施例是用于控制云计算环境的操作的系统,其中所述系统包括用于存储关于云计算环境的特性的数据的存储库,其中所存储的数据包括指定数据与策略的合规性或不一致性的策略符号; 分析模块,用于结合云计算环境的外部报告信息分析存储的数据,并提供分析结果; 以及控制器,用于基于评估来评估分析结果并发布用于控制云计算环境的操作的指令。
-
公开(公告)号:US07845003B2
公开(公告)日:2010-11-30
申请号:US11590121
申请日:2006-10-31
CPC分类号: G06F21/31 , G06F21/46 , G06F2221/2137
摘要: Techniques for variable security access information are presented. The complexity levels associated with access secrets drive the assigned access rights to target resources. A single target resource may have varying sets of access rights, where each set is associated with a particular complexity level for a given access secret. A requesting principal can custom establish the principal's desired access secret complexity level for a target resource; this in turn drives the set of access rights for the target resource, which the principal may use when accessing the target resource.
摘要翻译: 介绍了可变安全访问信息的技术。 与访问机密相关联的复杂性级别驱动分配的访问权限以达到目标资源。 单个目标资源可以具有不同的访问权限集合,其中每个集合与给定访问秘密的特定复杂度级别相关联。 请求主体可以自定义建立主体对目标资源的期望访问密钥复杂度级别; 这又驱动了目标资源的访问权限集,主体可以在访问目标资源时使用该权限。
-
公开(公告)号:US20100235903A1
公开(公告)日:2010-09-16
申请号:US12612841
申请日:2009-11-05
申请人: Stephen R. Carter , Carolyn Bennion McClain , Jared Patrick Allen , Dale Robert Olds , Lloyd Leon Burch , Jaimon Jose
发明人: Stephen R. Carter , Carolyn Bennion McClain , Jared Patrick Allen , Dale Robert Olds , Lloyd Leon Burch , Jaimon Jose
IPC分类号: G06F21/00 , G06F15/173 , G06F9/455
CPC分类号: H04L63/0272 , H04L63/0281 , H04L67/10
摘要: System and method for transparent cloud access are described. In one embodiment, the system comprises an enterprise computing environment maintained by an enterprise and a cloud computing environment maintained by a cloud provider; and a secure bridge mechanism for interconnecting the enterprise computing environment and the cloud computing environment. The secure bridge mechanism comprises a first secure bridge portion associated with the enterprise and a second secure bridge portion associated with the cloud computing environment. The first and second secure bridge portions interoperate to provide transparent and secure access by resources of one of the computing environments to those of the other computing environment.
摘要翻译: 描述了透明云访问的系统和方法。 在一个实施例中,该系统包括由企业维护的企业计算环境和由云供应商维护的云计算环境; 以及用于互连企业计算环境和云计算环境的安全桥机制。 安全桥机构包括与企业相关联的第一安全桥接部分和与云计算环境相关联的第二安全桥接部分。 第一和第二安全桥接部分互操作以通过其中一个计算环境的资源与其他计算环境的资源提供透明和安全的访问。
-
公开(公告)号:US20100235887A1
公开(公告)日:2010-09-16
申请号:US12612807
申请日:2009-11-05
CPC分类号: H04L63/0281 , H04L63/20
摘要: System and method for servicing queue requests via a proxy are described. In one embodiment, the system includes an enterprise queuing proxy (“EQP”) disposed within an enterprise computing environment and having an enterprise queue associated therewith; a cloud queuing proxy (“CQP”) disposed within a cloud computing environment, the CQP connected to a plurality of cloud queues each having associated therewith at least one queue service process listening on the cloud queue for queue requests to service; and a secure communications mechanism for interconnecting the EQP and the CQP. Upon receipt of a queue request from an enterprise service, the EQP evaluates the request against policy to determine whether to service it locally or remotely and, if the request is to be serviced remotely, forwards the request to the CQP via the secure communications mechanism. Upon receipt of the request, the CQP evaluates the queue request against policy to select one of the cloud queues to which to route the queue request for servicing.
摘要翻译: 描述了通过代理服务队列请求的系统和方法。 在一个实施例中,系统包括设置在企业计算环境内并且具有与之相关联的企业队列的企业排队代理(“EQP”)。 布置在云计算环境中的云队列代理(“CQP”),CQP连接到多个云队列,每个云队列具有与其相关联的至少一个队列服务进程,在云队列上侦听队列请求进行服务; 以及用于互连EQP和CQP的安全通信机制。 当从企业服务接收到队列请求时,EQP根据策略评估请求以确定是在本地还是远程地进行服务,并且如果请求远程服务,则通过安全通信机制将请求转发给CQP。 在接收到请求后,CQP根据策略评估队列请求,以选择要路由队列请求进行维护的一个云队列。
-
26.发明申请SYSTEM AND METHOD FOR REDUCING CLOUD IP ADDRESS UTILIZATION USING A DISTRIBUTOR REGISTRY 有权使用分销商注册减少云端IP地址利用的系统和方法公开(公告)号:US20100235526A1
公开(公告)日:2010-09-16
申请号:US12613112
申请日:2009-11-05
申请人: Stephen R. Carter , Carolyn Bennion McClain , Jared Patrick Allen , Dale Robert Olds , Lloyd Leon Burch
发明人: Stephen R. Carter , Carolyn Bennion McClain , Jared Patrick Allen , Dale Robert Olds , Lloyd Leon Burch
IPC分类号: G06F15/173 , G06F15/16
CPC分类号: H04L63/061 , G06F9/505 , H04L29/12367 , H04L45/586 , H04L61/2514 , H04L63/0281 , H04L67/10
摘要: System and method for providing cloud computing services are described. In one embodiment, the system comprises a cloud computing environment comprising resources for supporting cloud workloads, each cloud workload having associated therewith an internal cloud address; and a routing system disposed between external workloads of an external computing environment and the cloud workloads, the routing system for directing traffic from an external cloud address to the internal cloud addresses of the cloud workloads. The routing system comprises a virtual router configured to function as a network address translator (“NAT”); a distributor connected between the virtual router and the cloud workloads; and a distributor registry accessible by the distributor for maintaining information comprising at least one of port mappings, cloud address mappings, and cloud workload configuration information.
摘要翻译: 描述了用于提供云计算服务的系统和方法。 在一个实施例中,该系统包括云计算环境,其包括用于支持云工作负载的资源,每个云工作负载与其相关联的内部云地址; 以及布置在外部计算环境的外部工作负载和云工作负载之间的路由系统,用于将来自外部云地址的流量引导到云工作负载的内部云地址的路由系统。 路由系统包括被配置为用作网络地址转换器(“NAT”)的虚拟路由器; 连接在虚拟路由器和云工作负载之间的分销商; 以及由分发器访问的分发者注册器,用于维护包括端口映射,云地址映射和云工作负载配置信息中的至少一个的信息。
-
公开(公告)号:US20130014245A1
公开(公告)日:2013-01-10
申请号:US13619554
申请日:2012-09-14
IPC分类号: G06F21/00
CPC分类号: G06F21/34
摘要: An accessor function interfaces among a client, a relying party, and an identity provider. The identity provider can “manage” personal (i.e., self-asserted) information cards on behalf of a user, making the personal information cards available on clients on which the personal information cards are not installed. The client can be an untrusted client, vulnerable to attacks such as key logging, screen capture, and memory interrogation. The accessor function can also asked as a proxy for the relying party in terms of invoking and using the information cards system, for use with legacy relying parties.
摘要翻译: 访问器功能在客户端,依赖方和身份提供者之间进行接口。 身份提供者可以代表用户管理个人(即自称的)信息卡,使个人信息卡可以在没有安装个人信息卡的客户端上可用。 客户端可以是不受信任的客户端,易受攻击,例如密钥记录,屏幕捕获和内存询问。 在访问和使用信息卡系统方面,访问者功能也可以被要求作为依赖方的代理人,以便与传统依赖方一起使用。
-
公开(公告)号:US20110107133A1
公开(公告)日:2011-05-05
申请号:US12612925
申请日:2009-11-05
IPC分类号: G06F1/00
CPC分类号: G06F1/06
摘要: One embodiment is a clocking system for a computing environment. The system comprises a first set of processes executing in a first computing environment; a first local clock mechanism associated with the first set of processes; and a first communications channel for connecting the first local clock mechanism with the first set of processes. The first local clock mechanism stores clock rates of the first set of processes, wherein each clock rate is specified by function and source and destination combination, the first local clock mechanism further coordinating the clock speeds of the first set of processes as necessary.
摘要翻译: 一个实施例是用于计算环境的计时系统。 该系统包括在第一计算环境中执行的第一组进程; 与第一组进程相关联的第一本地时钟机制; 以及用于将第一本地时钟机制与第一组进程连接的第一通信信道。 第一本地时钟机制存储第一组进程的时钟速率,其中每个时钟速率由功能和源和目的地组合来指定,第一本地时钟机制根据需要进一步协调第一组进程的时钟速度。
-
公开(公告)号:US20100325693A1
公开(公告)日:2010-12-23
申请号:US12871163
申请日:2010-08-30
CPC分类号: H04L63/062 , G06F21/33 , H04L63/08 , H04L63/102 , H04L2463/081
摘要: Techniques for the remote authorization of secure operations are provided. A secure security system restricts access to a secure operation via an access key. An authorization acquisition service obtains the access key on request from the secure security system when an attempt is made to initiate the secure operation. The authorization acquisition service gains access the access key from a secure store via a secret. That is, the secret store is accessible via the secret. The secret is obtained directly or indirectly from a remote authorization principal over a network.
摘要翻译: 提供了远程授权安全操作的技术。 安全的安全系统通过访问密钥限制对安全操作的访问。 当尝试启动安全操作时,授权获取服务从安全安全系统请求获得访问密钥。 授权获取服务通过秘密从安全商店访问访问密钥。 也就是说,秘密商店可以通过秘密访问。 秘密是通过网络从远程授权主体直接或间接获得的。
-
公开(公告)号:US07647624B2
公开(公告)日:2010-01-12
申请号:US11290971
申请日:2005-11-30
IPC分类号: H04L9/00
CPC分类号: H04L63/0807 , G06F21/31 , G06F21/552 , G06F21/6263
摘要: Techniques are provided for preserving and managing identities within an audit log. Initial entries into a log do not include an explicit and direct reference to an agent that performs a transaction; rather, the agent acquires a temporary transaction identity for the transaction and an indirect reference to the transaction identity is written to the log while the transaction is pending. Once the transaction completes a direct reference to the transaction identity is written to the log, the identity of agent remains transparent until the identity of the agent expires, if at all.
摘要翻译: 提供了在审核日志中保存和管理身份的技术。 日志中的初始条目不包括对执行事务的代理的显式和直接引用; 相反,代理获取事务的临时事务标识,并且在事务处于待处理状态时,将对事务标识的间接引用写入日志。 一旦事务完成,对事务身份的直接引用将被写入日志,代理的身份将保持透明,直到代理的身份到期为止(如果有的话)。
-
-
-
-
-
-
-
-
-
搜索结果
227 条记录 (耗时 0.042 秒)
