公开(公告)号：US20160352738A1

公开(公告)日：2016-12-01

申请号：US15184558

申请日：2016-06-16

申请人： Novell, Inc.

发明人： Lloyd Leon Burch ,  Prakash Umasankar Mukkara ,  Douglas Garry Earl

IPC分类号： H04L29/06 ,  G06F9/50 ,  G06F9/455

CPC分类号： H04L63/10 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/468 ,  G06F9/5077 ,  G06F21/53 ,  G06F2009/45587 ,  G06F2009/45595 ,  G06F2212/151 ,  H04L9/3247 ,  H04L29/06612 ,  H04L29/08468 ,  H04L29/08846 ,  H04L63/08 ,  H04L63/20

摘要： Techniques for sharing virtual machine (VM) resources are provided. A relative location for a resource within a VM is created; the relative location dynamically resolves to a particular physical location when a principal requests access to the resource at runtime. The principal is located outside an environment associated with the VM. Authentication and access restrictions are dynamically enforced against the requests made by the principal before a connection is permitted between the principal and the resource (the resource located within the environment of the VM).

摘要翻译： 提供了共享虚拟机（VM）资源的技术。 创建VM内资源的相对位置; 当主体在运行时请求访问资源时，相对位置会动态地解析为特定的物理位置。 主体位于与虚拟机相关的环境之外。 在主体和资源（位于VM环境中的资源）之间允许连接之前，认证和访问限制将针对主体发出的请求动态执行。

公开(公告)号：US09380062B2

公开(公告)日：2016-06-28

申请号：US14468927

申请日：2014-08-26

申请人： Novell, Inc.

发明人： Lloyd Leon Burch ,  Prakash Umasankar Mukkara ,  Douglas Garry Earl

IPC分类号： G06F21/00 ,  H04L29/06 ,  G06F9/455 ,  G06F21/53 ,  G06F9/46 ,  H04L29/08 ,  H04L9/32 ,  G06F9/50

CPC分类号： H04L63/10 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/468 ,  G06F9/5077 ,  G06F21/53 ,  G06F2009/45587 ,  G06F2009/45595 ,  G06F2212/151 ,  H04L9/3247 ,  H04L29/06612 ,  H04L29/08468 ,  H04L29/08846 ,  H04L63/08 ,  H04L63/20

摘要： Techniques for sharing virtual machine (VM) resources are provided. A relative location for a resource within a VM is created; the relative location dynamically resolves to a particular physical location when a principal requests access to the resource at runtime. The principal is located outside an environment associated with the VM. Authentication and access restrictions are dynamically enforced against the requests made by the principal before a connection is permitted between the principal and the resource (the resource located within the environment of the VM).

摘要翻译： 提供了共享虚拟机（VM）资源的技术。 创建VM内资源的相对位置; 当主体在运行时请求访问资源时，相对位置会动态地解析为特定的物理位置。 主体位于与虚拟机相关的环境之外。 在主体和资源（位于VM环境中的资源）之间允许连接之前，认证和访问限制将针对主体发出的请求动态执行。

公开(公告)号：US20150200928A1

公开(公告)日：2015-07-16

申请号：US14658349

申请日：2015-03-16

申请人： Novell, Inc.

发明人： Lloyd Leon Burch ,  Prakash Umasankar Mukkara ,  Douglas Garry Earl

IPC分类号： H04L29/06 ,  G06F9/455

CPC分类号： H04L63/08 ,  G06F9/455 ,  G06F9/45533 ,  G06F21/33 ,  G06F21/53 ,  G06F2221/2149 ,  H04L63/0272 ,  H04L63/10 ,  H04L67/10

摘要： Techniques for secure access management to virtual environments are provided. A user authenticates to a portal for purposes of establishing a virtual machine (VM). The portal interacts with a cloud server and an identity server to authenticate the user, to acquire an Internet Protocol (IP) address and port number for the VM, and to obtain a secure token. The user then interacts with a secure socket layer virtual private network (SSL VPN) server to establish a SSL VPN session with the VM. The SSL VPN server also authenticates the token through the identity server and acquires dynamic policies to enforce during the SSL VPN session between the user and the VM (the VM managed by the cloud server).

摘要翻译： 提供了对虚拟环境进行安全访问管理的技术。 为了建立虚拟机（VM），用户认证到门户。 门户与云服务器和身份服务器进行交互以验证用户，获取虚拟机的互联网协议（IP）地址和端口号，并获取安全令牌。 然后，用户与安全套接字层虚拟专用网（SSL VPN）服务器交互，以与VM建立SSL VPN会话。 SSL VPN服务器还通过身份服务器对令牌进行身份验证，并获取动态策略，以在用户与VM（由云端服务器管理的虚拟机）之间的SSL VPN会话期间执行。

公开(公告)号：US20160261607A1

公开(公告)日：2016-09-08

申请号：US14935581

申请日：2015-11-09

申请人： Novell, Inc.

发明人： Stephen R. Carter ,  Douglas Garry Earl

IPC分类号： H04L29/06

CPC分类号： H04L63/108 ,  G06F21/41 ,  H04L9/3213 ,  H04L63/0435 ,  H04L63/06 ,  H04L63/083

摘要： Techniques for providing identity-enabled interfaces for deployment are presented. Specifically, an agent of an enterprise infrastructure authenticates and acquires an agent identity for interacting with a cloud processing environment. Once the agent is deployed in the cloud processing environment, enterprise policy can be enforced within the cloud processing environment on actions occurring within the cloud. The agent acts as an Application Programming Interface between the enterprise and the cloud processing environment. The reverse is also achievable, where a cloud deploys an agent to the enterprise to deploy a cloud interface within the enterprise for policy enforcement.

摘要翻译： 提出了用于提供身份启用的部署接口的技术。 具体来说，企业基础设施的代理认证并获取与云处理环境交互的代理身份。 一旦将代理部署在云处理环境中，企业策略可以在云处理环境中对云中发生的动作执行。 该代理作为企业和云处理环境之间的应用程序编程接口。 反过来也是可以实现的，在这种情况下，云将企业部署一个代理，在企业内部部署一个云接口，以实施策略。

公开(公告)号：US20140366096A1

公开(公告)日：2014-12-11

申请号：US14468927

申请日：2014-08-26

申请人： Novell, Inc.

发明人： Lloyd Leon Burch ,  Prakash Umasankar Mukkara ,  Douglas Garry Earl

IPC分类号： H04L29/06 ,  H04L9/32

CPC分类号： H04L63/10 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/468 ,  G06F9/5077 ,  G06F21/53 ,  G06F2009/45587 ,  G06F2009/45595 ,  G06F2212/151 ,  H04L9/3247 ,  H04L29/06612 ,  H04L29/08468 ,  H04L29/08846 ,  H04L63/08 ,  H04L63/20

摘要： Techniques for sharing virtual machine (VM) resources are provided. A relative location for a resource within a VM is created; the relative location dynamically resolves to a particular physical location when a principal requests access to the resource at runtime. The principal is located outside an environment associated with the VM. Authentication and access restrictions are dynamically enforced against the requests made by the principal before a connection is permitted between the principal and the resource (the resource located within the environment of the VM).

摘要翻译： 提供了共享虚拟机（VM）资源的技术。 创建VM内资源的相对位置; 当主体在运行时请求访问资源时，相对位置会动态地解析为特定的物理位置。 主体位于与虚拟机相关的环境之外。 在主体和资源（位于VM环境中的资源）之间允许连接之前，认证和访问限制将针对主体发出的请求动态执行。

公开(公告)号：US20150281286A1

公开(公告)日：2015-10-01

申请号：US14719386

申请日：2015-05-22

申请人： Novell, Inc.

发明人： Lloyd Leon Burch ,  Douglas Garry Earl ,  Jonathan Paul Bultmeyer ,  Carolyn B. McClain

IPC分类号： H04L29/06 ,  G06Q10/10

CPC分类号： H04L63/20 ,  G06Q10/10 ,  H04L63/0281 ,  H04L63/08 ,  H04L63/0884

摘要： Techniques for virtual Representational State Transfer (REST) interfaces are provided. A proxy is interposed between a client and a REST service over a network. The proxy performs independent authentication of the client and provides credentials to the client and for the client to authenticate to the REST service using a REST service authentication mechanism. The proxy inspects requests and responses and translates the requests and responses into formats expected by the client and the REST service. Moreover, the proxy enforces policy and audits the requests and responses occurring between the client and the REST service over the network.

摘要翻译： 提供了虚拟表示状态转移（REST）接口的技术。 代理服务器介于客户端和通过网络的REST服务之间。 代理执行客户端的独立身份验证，并向客户端提供凭据，并为客户端使用REST服务验证机制向REST服务进行身份验证。 代理检查请求和响应，并将请求和响应转换为客户端和REST服务所期望的格式。 此外，代理强制执行策略并对通过网络在客户端和REST服务之间发生的请求和响应进行审计。