CN119173871A - 云间服务网关 - Google Patents

云间服务网关 Download PDF

Info

Publication number
CN119173871A
CN119173871A CN202380039552.0A CN202380039552A CN119173871A CN 119173871 A CN119173871 A CN 119173871A CN 202380039552 A CN202380039552 A CN 202380039552A CN 119173871 A CN119173871 A CN 119173871A
Authority
CN
China
Prior art keywords
cloud environment
target
request
source
cloud
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202380039552.0A
Other languages
English (en)
Chinese (zh)
Inventor
H·K·凯利
S·瓦维拉帕利
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Oracle International Corp
Original Assignee
Oracle International Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oracle International Corp filed Critical Oracle International Corp
Publication of CN119173871A publication Critical patent/CN119173871A/zh
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/104Grouping of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
CN202380039552.0A 2022-05-12 2023-05-02 云间服务网关 Pending CN119173871A (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US17/742,472 2022-05-12
US17/742,472 US20230370461A1 (en) 2022-05-12 2022-05-12 Intercloud service gateway
PCT/US2023/020663 WO2023219829A1 (en) 2022-05-12 2023-05-02 Intercloud service gateway

Publications (1)

Publication Number Publication Date
CN119173871A true CN119173871A (zh) 2024-12-20

Family

ID=86692984

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202380039552.0A Pending CN119173871A (zh) 2022-05-12 2023-05-02 云间服务网关

Country Status (5)

Country Link
US (1) US20230370461A1 (enExample)
EP (1) EP4523120A1 (enExample)
JP (1) JP2025518495A (enExample)
CN (1) CN119173871A (enExample)
WO (1) WO2023219829A1 (enExample)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12126593B2 (en) * 2023-01-10 2024-10-22 VMware LLC Validation-based service request handling
US20250181736A1 (en) * 2023-11-30 2025-06-05 Oracle International Corporation Managing resource locks within a cloud environment of a first cloud service provider offering a cloud service to a second cloud service provider
US20250286888A1 (en) * 2024-03-05 2025-09-11 Oracle International Corporation System And Method For Managing Security For A Cloud Infrastructure Realm Using Cross-Domain Approval
US12592934B2 (en) 2024-03-07 2026-03-31 Oracle International Corporation Managing approval workflows for privileged roles in private label cloud realms

Family Cites Families (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9467395B2 (en) * 2013-03-13 2016-10-11 Vmware, Inc. Cloud computing nodes for aggregating cloud computing resources from multiple sources
US10129344B2 (en) * 2014-06-19 2018-11-13 Microsoft Technology Licensing, Llc Integrated user interface for consuming services across different distributed networks
CN105049408A (zh) * 2015-05-28 2015-11-11 合肥城市云数据中心有限公司 一种用于分布式云环境之间互访的安全访问控制架构及其访问方法
US10554620B2 (en) * 2015-05-29 2020-02-04 Cisco Technology, Inc. Default gateway extension
US10142284B2 (en) * 2015-09-30 2018-11-27 Vmware, Inc. Faster IP address allocation in a hybrid cloud environment using subnet selective randomization
US10462136B2 (en) * 2015-10-13 2019-10-29 Cisco Technology, Inc. Hybrid cloud security groups
US10425386B2 (en) * 2016-05-11 2019-09-24 Oracle International Corporation Policy enforcement point for a multi-tenant identity and data security management cloud service
US10129177B2 (en) * 2016-05-23 2018-11-13 Cisco Technology, Inc. Inter-cloud broker for hybrid cloud networks
US10469479B2 (en) * 2017-06-13 2019-11-05 Microsoft Technology Licensing, Llc Cross cloud tenant discovery
US10931656B2 (en) * 2018-03-27 2021-02-23 Oracle International Corporation Cross-region trust for a multi-tenant identity cloud service
CN110390184B (zh) * 2018-04-20 2022-12-20 伊姆西Ip控股有限责任公司 用于在云中执行应用的方法、装置和计算机程序产品
US10680831B2 (en) * 2018-08-14 2020-06-09 Juniper Networks, Inc. Single point of management for multi-cloud environment including route propagation, security, and application deployment
US11012299B2 (en) * 2019-01-18 2021-05-18 Cisco Technology, Inc. Seamless multi-cloud routing and policy interconnectivity
US11695654B2 (en) * 2019-02-27 2023-07-04 Hewlett Packard Enterprise Development Lp High performance compute infrastructure as a service
US11907743B2 (en) * 2019-05-21 2024-02-20 Oracle International Corporation System and method for relocating customer virtual machine instances in a multi-tenant cloud service
CN110990858B (zh) * 2019-12-11 2023-01-17 中山大学 一种基于分布式信息流控制的跨云资源共享系统及方法
US11030343B1 (en) * 2020-01-28 2021-06-08 Snowflake Inc. System and method for creating a global data sharing listing
US12316505B2 (en) * 2020-04-15 2025-05-27 Alkira, Inc. Application-agnostic tenant onboarding onto a multi-tenant system
US11362900B2 (en) * 2020-06-12 2022-06-14 Strata Identity, Inc. Systems, methods, and storage media for controlling identity information across multiple identity domains in a distributed identity infrastructure
CA3177396A1 (en) * 2020-06-29 2022-01-06 Prabhu PALANISAMY Temporary cloud provider credentials via secure discovery framework
US11770372B2 (en) * 2020-07-28 2023-09-26 Hewlett Packard Enterprise Development Lp Unified identity and access management (IAM) control plane for services associated with a hybrid cloud
US11848998B2 (en) * 2020-07-29 2023-12-19 Control Plane Corporation Cross-cloud workload identity virtualization

Also Published As

Publication number Publication date
WO2023219829A1 (en) 2023-11-16
US20230370461A1 (en) 2023-11-16
JP2025518495A (ja) 2025-06-17
EP4523120A1 (en) 2025-03-19

Similar Documents

Publication Publication Date Title
US11757636B2 (en) Access control for short-lived resource principals
US11811679B2 (en) Stacked identities for resource principals
US11418343B2 (en) Access control for long-lived resource principals
US12316762B2 (en) Applications as resource principals or service principals
US11695765B2 (en) Techniques for selective container access to cloud services based on hosting node
CN119173871A (zh) 云间服务网关
US12238166B2 (en) Providing managed services in a cloud environment
US20230113325A1 (en) External identity provider as a domain resource
JP2024538626A (ja) リソースプリンシパルまたはサービスプリンシパルとしてのアプリケーション
US12260261B2 (en) Remote cloud function invocation service
US12526160B2 (en) KMS dedicated HSM design (claiming ownership)
US20250030680A1 (en) Compartment level binding for workload identity
US12438733B2 (en) Authorizing requests for access credentials, for accessing cloud resources, based on successful stateless validation of digital certificates
JP2024543002A (ja) ホームリージョン切り替え
US20240187232A1 (en) Secured bootstrap with dynamic authorization
CN118043787A (zh) 用于域内实体的组合授权
US12468609B2 (en) Failover of domains
US20260127082A1 (en) Failover of domains
US20250190278A1 (en) Remote cloud function invocation service
US20250337718A1 (en) Secure instance metadata as cryptographic identity
JP2024538627A (ja) シングルログアウト
CN118077173A (zh) 应用作为资源主体或服务主体
JP2024542002A (ja) マルチ領域ログイン
CN121336379A (zh) 工作负载身份资源准则
CN117751554A (zh) 作为域资源的外部身份提供者

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination