-
公开(公告)号:US20180367528A1
公开(公告)日:2018-12-20
申请号:US16048917
申请日:2018-07-30
发明人: Rafi Schwarz , Eli Maccabi , Moti Cohen , Nessi Lahav , Inbal Zilberman Kubovsky , Evgeny Sakirko
摘要: The disclosed embodiments include systems and methods for providing authentication credential data to cloud-based assets on demand. Operations include receiving a prompt indicating that a cloud-based asset is seeking to communicate with an access-controlled resource, extracting information associated with the cloud-based asset, authenticating the cloud-based asset based on the extracted information, generating first authentication credential data for the cloud-based asset, generating second authentication credential data for the cloud-based asset, making the first authentication credential data available to the cloud-based asset via a first communication channel, and making the second authentication credential data available to the cloud-based asset via a second communication channel. A combination of the first and the second authentication credential data may be sufficient to authenticate the cloud-based asset to the access-controlled resource.
-
公开(公告)号:US10333925B2
公开(公告)日:2019-06-25
申请号:US16013242
申请日:2018-06-20
发明人: Rafi Schwarz , Eli Maccabi , Moti Cohen , Nessi Lahav , Inbal Zilberman Kubovsky , Evgeny Sakirko
摘要: The disclosed embodiments include systems and methods for providing security tokens to cloud-based assets on demand. Operations performed in the disclosed embodiments include receiving a prompt from a cloud-based asset indicating that the cloud-based asset is seeking to communicate with an access-controlled resource, wherein the cloud-based asset lacks authorization to communicate with the access-controlled resource. Additionally, the operations include extracting information associated with the cloud-based asset by accessing a trusted cloud platform resource storing data associated with verified cloud-based assets, where the trusted cloud platform resource is separate from the cloud-based asset, and authenticating the cloud-based asset based on the extracted information. The operations also include generating a security token for the cloud-based asset, making a first portion of the security token available to be injected into the cloud-based asset, and responding to the prompt with a second portion of the security token.
-
公开(公告)号:US20180359239A1
公开(公告)日:2018-12-13
申请号:US16013242
申请日:2018-06-20
发明人: Rafi Schwarz , Eli Maccabi , Moti Cohen , Nessi Lahav , Inbal Zilberman Kubovsky , Evgeny Sakirko
CPC分类号: H04L63/083 , G06F21/41 , G06F21/44 , H04L9/3213 , H04L63/0807 , H04L63/0815 , H04L63/0853 , H04L63/10
摘要: The disclosed embodiments include systems and methods for providing security tokens to cloud-based assets on demand. Operations performed in the disclosed embodiments include receiving a prompt from a cloud-based asset indicating that the cloud-based asset is seeking to communicate with an access-controlled resource, wherein the cloud-based asset lacks authorization to communicate with the access-controlled resource. Additionally, the operations include extracting information associated with the cloud-based asset by accessing a trusted cloud platform resource storing data associated with verified cloud-based assets, where the trusted cloud platform resource is separate from the cloud-based asset, and authenticating the cloud-based asset based on the extracted information. The operations also include generating a security token for the cloud-based asset, making a first portion of the security token available to be injected into the cloud-based asset, and responding to the prompt with a second portion of the security token.
-
公开(公告)号:US10027658B1
公开(公告)日:2018-07-17
申请号:US15620262
申请日:2017-06-12
发明人: Rafi Schwarz , Eli Maccabi , Moti Cohen , Nessi Lahav , Inbal Zilberman Kubovsky , Evgeny Sakirko
IPC分类号: H04L29/06
摘要: The disclosed embodiments include systems and methods for providing security tokens to cloud-based assets on demand. Operations performed in the disclosed embodiments include receiving a prompt from a cloud-based asset indicating that the cloud-based asset is seeking to communicate with an access-controlled resource, wherein the cloud-based asset lacks authorization to communicate with the access-controlled resource. Additionally, the operations include extracting information associated with the cloud-based asset by accessing a trusted cloud platform resource storing data associated with verified cloud-based assets, where the trusted cloud platform resource is separate from the cloud-based asset, and authenticating the cloud-based asset based on the extracted information. The operations also include generating a security token for the cloud-based asset, making a first portion of the security token available to be injected into the cloud-based asset, and responding to the prompt with a second portion of the security token.
-
-
-