WO2021086404A1 - Device announcement and tenancy association - Google Patents
Device announcement and tenancy association Download PDFInfo
- Publication number
- WO2021086404A1 WO2021086404A1 PCT/US2019/059443 US2019059443W WO2021086404A1 WO 2021086404 A1 WO2021086404 A1 WO 2021086404A1 US 2019059443 W US2019059443 W US 2019059443W WO 2021086404 A1 WO2021086404 A1 WO 2021086404A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- tenancy
- cloud platform
- announcing
- local network
- network
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5061—Partitioning or combining of resources
- G06F9/5072—Grid computing
Definitions
- a cloud platform may implement multi-tenant remote management of connected devices for multiple customers. To do so, the cloud platform may assign, to each customer, a respective tenancy for managing connected devices of the customer. For example, a cloud print service may manage multiple network- connected printers of a customer through the cloud such that remote print jobs may be sent to any one of the network-connected printers of the customer through the cloud print service.
- FIG. 1 shows a block diagram of an example apparatus that accesses device announcements from announcing devices and facilitates association of the announcing devices with a tenancy on a cloud platform;
- FIG. 2 shows a block diagram of an example architecture of a local network in which an announcing device is associated with a tenancy on a cloud platform;
- FIG. 3 shows a data flow diagram in which an announcing device in a local network is associated with a tenancy on a cloud platform
- FIG. 4 depicts a flow diagram of an example method for registering with a cloud platform by transmitting a device announcement within a local network
- FIG. 5 depicts a block diagram of an example non-transitory machine- readable storage medium for providing multi-tenancy management of devices and associating an announcing device with a tenancy.
- the disclosure relates to automatically associating connected devices in a local network with a cloud-based tenancy associated with an entity that operates the local network.
- the local network may include a local area network (LAN) that operates within a firewall.
- Each local network may be operated by a respective entity.
- Connected devices of various entities may be managed by the cloud platform.
- the cloud platform may include a cloud platform device that may manage devices of different entities through respective tenancies on the cloud platform. As such, newly added or updated devices on a local network may be automatically added to a tenancy at the cloud platform that manages connected devices of the local network.
- a device may announce its presence on the local network, which may be operated by the entity associated with the tenancy.
- announcing device may announce its presence on the local network, which may be operated by the entity associated with the tenancy.
- security and performance of computer systems that implement the features of the disclosure may be improved. For example, polling the local network for new devices may impose computational overhead.
- a polling device may require processor, memory, and other computational resources to poll the local network. By its very nature, such polling may be performed even though no additional devices are to be discovered, wasting computational resources.
- the polling may be confused with malware that attempts to discover connected devices to scan for vulnerabilities in the network. As such, polling may raise false alarms, which may degrade an ability to detect malware in the local network.
- the disclosure may mitigate these and other problems through automated device announcement and tenancy discovery/assignment for new or updated devices on a local network.
- Examples that follow may refer to connected printer devices for convenience of illustration. Flowever, the disclosure may be implemented to manage other types of connected devices via a cloud platform.
- a printer device may be newly installed on-premise and connected to the local network via an Ethernet or other connection.
- network or other settings of an existing printer device may be updated to reflect being physically moved to another location on-premise and/or for other reasons.
- the printer device may transmit a device announcement to a well-known Domain Name System (DNS) hostname.
- DNS Domain Name System
- the DNS hostname may be pre-stored at a memory of the printer device and/or may be updated by a system administrator.
- the system administrator may have designated an apparatus (such as another printer device) in the local network to act as a reference device that listens for or otherwise accesses device announcements from other devices on the local network.
- the DNS hostname may be associated with the apparatus in a DNS lookup table so that device announcements directed to the DNS hostname may be routed to the apparatus.
- the apparatus itself may be programmed to operate as an announcing device as well.
- various connected devices of the local network may serve as an apparatus (reference device) and/or announcing device.
- the apparatus may provide network information, which may include proxy settings used by the devices of the local network, to the announcing device.
- the announcing device may register with the cloud platform device using the network or other information provided by the apparatus.
- the apparatus may cause the announcing device to be associated with the tenancy at the cloud platform, such as by transmitting a request to the cloud platform device to associate an identifier of the announcing device with the tenancy.
- the disclosure may automatically, without human intervention, add new devices of a local network so that the devices may connect to a network outside the local network.
- the devices may connect to a cloud platform device that manages the connected devices of the local network via a tenancy established on the cloud for the connected devices. In this manner, connected devices may be improved to facilitate automated discovery and registration to an appropriate tenancy of a cloud platform.
- FIG. 1 shows a block diagram of an example apparatus 100 that accesses device announcements from announcing devices and facilitates association of the announcing devices with a tenancy on a cloud platform.
- the example apparatus 100 depicted in FIG. 1 may include additional features and that some of the features described herein may be removed and/or modified without departing from any of the scopes of the example apparatus 100.
- various devices or other components that relate to or communicate with the apparatus 100 may be illustrated with reference to FIG. 2. For example, a local network, firewall, proxy server, device (announcing device), cloud platform, and cloud platform device referred to when describing the apparatus 100 are illustrated and described with reference to FIG. 2.
- the apparatus 100 shown in FIG. 1 may be a computing device, a server, or the like. As shown in FIG. 1 , the apparatus 100 may include a processor 102 that may control operations of the apparatus 100.
- the processor 102 may be a semiconductor-based microprocessor, a central processing unit (CPU), an application specific integrated circuit (ASIC), a field-programmable gate array (FPGA), and/or other suitable hardware device.
- CPU central processing unit
- ASIC application specific integrated circuit
- FPGA field-programmable gate array
- the apparatus 100 has been depicted as including a single processor 102, it should be understood that the apparatus 100 may include multiple processors, multiple cores, or the like, without departing from the scopes of the apparatus 100 disclosed herein.
- the apparatus 100 may include a memory 110 that may have stored thereon machine-readable instructions (which may also be termed computer readable instructions) 112-118 that the processor 102 may execute.
- the memory 110 may be an electronic, magnetic, optical, or other physical storage device that includes or stores executable instructions.
- the memory 110 may be, for example, Random Access memory (RAM), an Electrically Erasable Programmable Read-Only Memory (EEPROM), a storage device, an optical disc, and the like.
- RAM Random Access memory
- EEPROM Electrically Erasable Programmable Read-Only Memory
- the memory 110 may be a non-transitory machine-readable storage medium, where the term “non-transitory” does not encompass transitory propagating signals.
- the processor 102 may fetch, decode, and execute the instructions 112 to access, from within a local network, a device announcement from an announcing device.
- the local network may include a local area network or other network that connects together devices of a customer, generally within a firewall. Thus, the local network may represent devices of the customer that are connected to one another via a network communication protocol.
- a “device announcement” may refer to data that is transmitted via a network to one or more network destinations that indicates an announcing device is online. The device announcement may be transmitted by the announcing device upon startup and/or detection of a network connection to the local network.
- the device announcement may be transmitted upon an initial startup (such as when the announcing device is newly installed and connected to the local network), upon an update to the announcing device (such as a device name or other update that causes a network configuration change), and/or other at other times when the announcing device is to announce its presence on the local network.
- the data may include information such as identification information that describes an announcing device that transmits the device announcement.
- the one or more network destinations may be specified by a DNS hostname.
- the apparatus 100 may be associated with the DNS hostname such that data transmitted via the local network addressed to the DNS hostname may be directed to the apparatus 100. Thus, the apparatus 100 may receive the device announcement from the announcing device via the DNS hostname.
- the processor 102 may fetch, decode, and execute the instructions 114 to provide, responsive to the device announcement, network information to the announcing device for the announcing device to connect to a cloud platform external to the local network, the cloud platform managing a plurality of tenancies comprising a first tenancy that is associated with connected devices of the local network.
- the network information may include information for connecting to a network outside the local network.
- the network information may include a Hyper Text Transfer Protocol (HTTP) proxy setting used by devices in the local network to connect to an external network, such as to connect to the cloud platform.
- HTTP Hyper Text Transfer Protocol
- the HTTP proxy setting may include, for example, a proxy server name, a proxy server port, a user name for the proxy server, a password or other credential for the proxy server, an exceptions list for the proxy server, and/or other information for connecting to the proxy server.
- the proxy server may connect to devices to an external network via the firewall on behalf of connected devices of the local network.
- the processor 102 may provide policy configuration information to the announcing device.
- the policy configuration information may convey the policy of an entity that operates the local network with respect to connected devices on the local network.
- the policy configuration information may include a location for device drivers (such as printer drivers) or driver settings, log locations, such as error or usage log location information, and/or other policy information.
- the processor 102 may fetch, decode, and execute the instructions 116 to connect to the cloud platform.
- the processor 102 may connect to the cloud platform via a secure (authenticated) channel. Based on the connection, the cloud platform may recognize the apparatus 100 and identify a tenancy to which the apparatus 100 belongs.
- the processor 102 may use the network information to connect to the cloud platform.
- the network information provided to the announcing device may include a copy of some or all of the network information used by the apparatus 100 to connect to the cloud platform. Such network information may be stored, for example, at memory 110.
- the processor 102 may fetch, decode, and execute the instructions 118 to cause the announcing device to be associated with the first tenancy at the cloud platform. For example, the processor 102 may transmit, to the cloud platform, an identifier of the announcing device and a request to associate the announcing device with the tenancy for which the apparatus 100 is associated. Based on the connection, which may be secured, the cloud platform may recognize that the apparatus 100 is associated with the first tenancy. As such, the announcing device may be associated with the first tenancy without human intervention.
- FIG. 2 shows a block diagram of an example architecture 200 of a local network 201 A in which an announcing device 220 is associated with a tenancy on a cloud platform 230.
- the cloud platform 230 may include a cloud platform device 232 that provides multitenancy cloud services, such as cloud print services, to various local networks 201 (illustrated as local networks 201 A-N - only local network 201 A is shown in further detail although other local networks 201 B-N may include similar features).
- the term multitenancy cloud services may refer an architecture in which a cloud service may execute on one or more servers, such as the cloud platform device 232, and serves multiple tenants. Each tenant may be associated with an entity that operates a respective local network 201 .
- the cloud platform 230 may separately store tenancy data 234 for each tenant.
- Each tenancy data 234 may include data that describes a respective local network 201 , such as a proxy server address, devices of each local network 201 that are associated with the tenancy, and/or other information related to a tenancy or local network.
- Each tenancy, or connected devices of each local network 201 may share resources provided by the cloud platform 230 but the tenancy data 234 of each tenancy may be stored separately such that each tenancy is separately managed at the cloud platform.
- one tenant (such as a first set of connected devices of a first local network 201 ) may not have access to the tenancy data 234 of a second tenant and vice versa.
- a firewall 202 may manage network traffic to and from the local network 201 A.
- a proxy server 210 may manage connections of connected devices within the local network 201 A to a device or network outside the firewall 202.
- the proxy server 210 may be a proxy for the cloud platform device 232 so that connected devices of the local network 201 A may connect to, and receive data such as cloud print jobs from, the cloud platform 230 via the firewall 202.
- Further details of a local network 201 A, such as various routers, switches, and so forth are omitted for illustrative clarity.
- an announcing device 220 may be associated with a tenancy responsive to a device announcement transmitted by the announcing device.
- the announcing device 220 may transmit the device announcement at startup (such as for the first time), when a change in announcing device 220 is made, and/or at other times.
- the announcing device 220 may be started up and plugged into an Ethernet port that connects to the local network 201 A.
- the announcing device 220 may have pre-stored a DNS hostname to which a device announcement is to be made.
- the pre-stored DNS hostname may be set at the factory and/or re-set locally such as by a system administrator.
- the pre-stored DNS hostname may be a well-known DNS hostname that the system administrator may assign to the apparatus 100 for receiving the device announcement and causing the announcing device 220 to be associated with the tenancy described by the tenancy data 234A.
- a device identifier of the announcing device 220 may be added to the tenancy data 234A so that the announcing device is managed as part of the tenancy associated with the local network 201 A. Further details of adding an announcing device 220 to a tenancy at a cloud platform 230 is discussed further with respect to FIG. 3. It should be noted that similar processing may occur at other local networks 201 B-N to add an announcing device to an appropriate tenancy.
- the cloud platform device 232 and the announcing device 220 may each include a processor, similar to the processor 102 illustrated in FIG. 1 , and a memory, similar to the memory 110 also illustrated in FIG. 1 , that stores instructions that program the processor to respectively perform the various operations of the cloud platform device 232 and the announcing device 220 described herein throughout.
- a cloud print job may be received at the cloud platform device 232.
- the cloud print job may be received from within a local network 201 or other network, such as a wide area network.
- the cloud print job may include an identifier used to identify a tenancy managed by the cloud platform 230.
- the cloud platform device 232 may consult the appropriate tenancy data 234 associated with the tenancy.
- the cloud print job may specify that a print job is to be transmitted to the local network 201 A.
- the cloud print job may specify a tenancy identifier and/or a printer identifier.
- the cloud platform device 232 may identify the appropriate tenancy and access an address to which to provide the cloud print job.
- the cloud platform device 232 may transmit the cloud print job to the proxy server 210 of the local network 201 A via the firewall 202.
- the proxy server 210 may route the cloud print job to the appropriate printer device specified by the cloud platform device 232.
- FIG. 3 An example data flow diagram of associating an announcing device 220 with a tenancy on a cloud platform will now be described with respect to FIG. 3. It should be understood that the data flow diagram 300 illustrated in FIG. 3 may include additional operations and that some of the operations described therein may be removed and/or modified without departing from the scopes of the data flow diagram 300. The descriptions of the data flow diagram 300 may be made with reference to the features depicted in FIGS. 1-3 for purposes of illustration.
- a proxy server and a firewall such as the proxy server 210 and the firewall 202 illustrated in FIG. 2
- the announcing device 220 and the apparatus 100 may each operate within a firewall of a local network and may use the proxy server to communicate with the cloud platform device 232.
- the announcing device 220 and/or the apparatus 100 may not operate within a local network, such as when either or both are connected to each other or the cloud platform device 232 via a wide area network, such as the Internet, which may be accessed through a cellular data service or other Internet Service Provider.
- the well-known DNS hostname may instead or additionally include a Uniform Resource Locator (URL) or domain name to which the announcing device 220 transmits an announcement and via which the apparatus 100 receives the device announcement.
- the well-known DNS hostname may instead or additionally include a URL to a webservice associated with a particular tenancy managed by the cloud platform device 232.
- the apparatus 100 may establish a secure channel with the cloud platform device 232. Through the establishment of the secure channel and authentication of the apparatus 100, the cloud platform device 232 may identify the tenancy to which the apparatus 100 belongs.
- the cloud platform device 232 may store an association of an identifier of the apparatus 100 with a tenancy identifier (ID) that uniquely identifies the tenancy to which the apparatus 100 belongs. The cloud platform device 232 may therefore associate the tenancy ID with the apparatus 100.
- ID tenancy identifier
- the apparatus 100 may access a device announcement from the announcing device 220.
- the apparatus 100 may listen for or otherwise receive data transmitted to a DNS hostname to which the device announcement is directed.
- data specified for delivery to the DNS hostname may be routed (by network devices of a local network) to the apparatus 100.
- the apparatus 100 may provide proxy setting information to the announcing device 220.
- the proxy setting information may specify information for the announcing device 220 to connect to a proxy server (such as proxy server 210 illustrated in FIG. 2).
- the apparatus 100 may provide information to register with the cloud.
- Such information may include, for example, information for registering with the cloud platform device 232.
- the registration information may include some or all of the HTTP proxy settings and/or username, password, or other information for connecting to the cloud platform device 232.
- the announcing device 220 may register with the cloud platform device 232.
- the announcing device 220 may use the proxy setting information from the apparatus 100 to connect with the proxy server, which may mediate communication with the cloud platform device 232.
- the announcing device 220 may use the registration information to register with the cloud platform device 232.
- the apparatus 100 may provide information relating to the tenancy of the local network to the announcing device 220.
- the apparatus 100 may provide the tenant ID to the announcing device 220.
- the apparatus 100 may cause an association of the announcing device 220 with the tenancy ID.
- the apparatus 100 may transmit, to the cloud platform device 232, a request to add the announcing device 220 to the tenancy identified by the tenancy ID.
- the cloud platform device 232 may add the announcing device 220 to the tenancy such as by storing an identifier of the announcing device 220 (which may be received by the cloud platform device 232 at block 310) in association with the tenancy ID (such as by storing the ID of the announcing device 220 in tenancy data associated with the tenancy to which the apparatus 100 belongs).
- FIG. 4 depicts a flow diagram of an example method 400 for registering with a cloud platform by transmitting a device announcement within a local network (such as local network 201A illustrated in FIG. 2). As shown in FIG.
- the processor of an announcing device may transmit a device announcement to a reference device (such as the apparatus 100 illustrated in FIGS. 1-3) via a local network within a firewall (such as the firewall 202 illustrated in FIG. 2). Transmit of the device announcement may be responsive to various events.
- the announcing device may transmit the device announcement responsive to performing an initial start-up on the local network.
- the announcing device may transmit the device announcement responsive to accessing an indication that a network address of the announcing device has been changed, wherein the device announcement is transmitted responsive to the indication that the network address of the announcing device has been changed.
- the processor of the announcing device may transmit (via a network port) the device announcement to a DNS hostname.
- the announcing device may store a well-known DNS hostname.
- the announcing device may access the stored DNS hostname from a memory of the announcing device and transmit the device announcement directed to the stored DNS hostname.
- the processor of the announcing device may receive network information from the reference device via the local network.
- the network information may include proxy information for connecting to the cloud platform via a proxy, such as proxy server 210 illustrated in FIG. 2.
- the processor of the announcing device may connect to a cloud platform (such as the cloud platform 230 illustrated in FIG. 2) outside the firewall based on the network information.
- the processor of the announcing device may connect to the cloud platform device 232 illustrated in FIG. 2.
- the processor of the announcing device may register with the cloud platform. To do so, the processor of the announcing device may provide, to the cloud platform, an identifier that may uniquely identify the announcing device.
- the cloud platform may associate the announcing device with a particular tenancy. Such registration and association with a particular tenancy may facilitate cloud- based management of the announcing device.
- the announcing device may be a printer device.
- the cloud platform may manage cloud print jobs for the printer device and other printers associated with the particular tenancy.
- a print job source (such as a client device associated with the particular tenancy) may transmit a cloud print job to the cloud platform, which may direct the cloud print job to the announcing device (or other printer device of the local network associated with the particular tenancy).
- the announcing device may then cause a print to be generated based on the cloud print job. For example, the announcing device may print a document based on the cloud print job.
- Some or all of the operations set forth in the method 400 may be included as utilities, programs, or subprograms, in any desired computer accessible medium.
- the method 400 may be embodied by computer programs, which may exist in a variety of forms.
- some operations of the method 400 may exist as machine-readable instructions, including source code, object code, executable code or other formats. Any of the above may be embodied on a non- transitory computer readable storage medium. Examples of non-transitory computer readable storage media include computer system RAM, ROM, EPROM, EEPROM, and magnetic or optical disks or tapes. It is therefore to be understood that any electronic device capable of executing the above-described functions may perform those functions enumerated above.
- FIG. 5 depicts a block diagram of an example non-transitory machine- readable storage medium 500 for providing multi-tenancy management of devices and associating an announcing device with a tenancy.
- the non-transitory machine- readable storage medium 500 may be an electronic, magnetic, optical, or other physical storage device that includes or stores executable instructions.
- the non- transitory machine-readable storage medium 500 may be, for example, Random Access memory (RAM), an Electrically Erasable Programmable Read-Only Memory (EEPROM), a storage device, an optical disc, and the like.
- the non-transitory machine-readable storage medium 500 may have stored thereon machine-readable instructions 502-510 that a processor (such as a processor of the cloud platform device 232 illustrated in FIGS. 2 and 3), may execute.
- a processor such as a processor of the cloud platform device 232 illustrated in FIGS. 2 and 3
- the machine-readable instructions 502 may cause the processor to provide a plurality of tenancies, each tenancy being used to remotely manage devices of respective local networks protected by a firewall, the plurality of tenancies comprising a first tenancy to manage a first set of devices of a first local network (such as the local network 201 A illustrated in FIG. 2) protected by a first firewall (such as the firewall 202 illustrated in FIG. 2).
- the machine-readable instructions 504 may cause the processor to establish, through the first firewall, a secure channel with a reference device (such as the apparatus 100 illustrated in FIGS. 1-3) of the first local network.
- the machine-readable instructions 506 may cause the processor to access a registration request from a first connected device of the first local network.
- the machine-readable instructions 508 may cause the processor to access an association of the first connected device with the first tenancy from the reference device via the secure channel.
- the machine-readable instructions 510 may cause the processor to add, based on the association, the first connected device to the first tenancy to manage the first connected device via the first tenancy.
- the machine-readable instructions further cause the processor to access a management operation directed to the first tenancy and transmit the management operation to the first local network.
- the management operation may include a print job that causes the first connected device to generate a print based on the print job.
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Mathematical Physics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer And Data Communications (AREA)
Abstract
According to examples, an apparatus may include a processor that may execute instructions that cause the processor to access, from within a local network, a device announcement from an announcing device, provide, responsive to the device announcement, network information to the announcing device for the announcing device to connect to a cloud platform device external to the local network, the cloud platform device managing a plurality of tenancies comprising a first tenancy that is associated with connected devices of the local network, connect to the cloud platform device, and cause the announcing device to be associated with the first tenancy at the cloud platform device.
Description
DEVICE ANNOUNCEMENT AND TENANCY ASSOCIATION
BACKGROUND
[0001] A cloud platform may implement multi-tenant remote management of connected devices for multiple customers. To do so, the cloud platform may assign, to each customer, a respective tenancy for managing connected devices of the customer. For example, a cloud print service may manage multiple network- connected printers of a customer through the cloud such that remote print jobs may be sent to any one of the network-connected printers of the customer through the cloud print service.
BRIEF DESCRIPTION OF THE DRAWINGS
[0002] Features of the present disclosure may be illustrated by way of example and not limited in the following figure(s), in which like numerals indicate like elements, in which:
[0003] FIG. 1 shows a block diagram of an example apparatus that accesses device announcements from announcing devices and facilitates association of the announcing devices with a tenancy on a cloud platform;
[0004] FIG. 2 shows a block diagram of an example architecture of a local network in which an announcing device is associated with a tenancy on a cloud platform;
[0005] FIG. 3 shows a data flow diagram in which an announcing device in a local network is associated with a tenancy on a cloud platform;
[0006] FIG. 4 depicts a flow diagram of an example method for registering with a cloud platform by transmitting a device announcement within a local network;
[0007] FIG. 5 depicts a block diagram of an example non-transitory machine- readable storage medium for providing multi-tenancy management of devices and associating an announcing device with a tenancy.
DETAILED DESCRIPTION
[0008] For simplicity and illustrative purposes, the present disclosure may be described by referring mainly to examples. In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present disclosure. It will be readily apparent however, that the present disclosure may be practiced without limitation to these specific details. In other instances, some methods and structures have not been described in detail so as not to unnecessarily obscure the present disclosure. Throughout the present disclosure, the terms “a” and “an” may be intended to denote at least one of a particular element. As used herein, the term “includes” means includes but not limited to, the term “including” means including but not limited to. The term “based on” means based at least in part on.
[0009] The disclosure relates to automatically associating connected devices in a local network with a cloud-based tenancy associated with an entity that operates the local network. The local network may include a local area network (LAN) that operates within a firewall. Each local network may be operated by a respective entity. Connected devices of various entities may be managed by the cloud platform. For example, the cloud platform may include a cloud platform device that may manage devices of different entities through respective tenancies on the cloud platform. As such, newly added or updated devices on a local network may be automatically added to a tenancy at the cloud platform that manages connected devices of the local network. To facilitate automatic addition to a tenancy, a device (referred to hereinafter as “announcing device”) may announce its presence on the local network, which may be operated by the entity associated with the tenancy.
[0010] By discovering devices on a local network based on announcements from those devices for tenancy assignment for the devices, security and performance of computer systems that implement the features of the disclosure may be improved. For example, polling the local network for new devices may impose computational overhead. In particular, a polling device may require processor, memory, and other computational resources to poll the local network. By its very nature, such polling may be performed even though no additional devices are to be discovered, wasting computational resources. Furthermore, the polling may be confused with malware that attempts to discover connected devices to scan for vulnerabilities in the network. As such, polling may raise false alarms, which may degrade an ability to detect malware in the local network. The disclosure may mitigate these and other problems through automated device announcement and tenancy discovery/assignment for new or updated devices on a local network.
[0011] Examples that follow may refer to connected printer devices for convenience of illustration. Flowever, the disclosure may be implemented to manage other types of connected devices via a cloud platform. In an example, a printer device may be newly installed on-premise and connected to the local network via an Ethernet or other connection. In another example, network or other settings of an existing printer device may be updated to reflect being physically moved to another location on-premise and/or for other reasons. To announce its presence, the printer device may transmit a device announcement to a well-known Domain Name System (DNS) hostname. The DNS hostname may be pre-stored at a memory of the printer device and/or may be updated by a system administrator. The system administrator may have designated an apparatus (such as another printer device) in the local network to act as a reference device that listens for or otherwise accesses device announcements from other devices on the local network. For example, the DNS hostname may be associated with the apparatus in a DNS lookup table so that device announcements directed to the DNS hostname may be routed to the apparatus. It should be noted that the apparatus itself may be programmed to operate as an
announcing device as well. Thus, various connected devices of the local network may serve as an apparatus (reference device) and/or announcing device.
[0012] Responsive to the device announcement, the apparatus may provide network information, which may include proxy settings used by the devices of the local network, to the announcing device. The announcing device may register with the cloud platform device using the network or other information provided by the apparatus. The apparatus may cause the announcing device to be associated with the tenancy at the cloud platform, such as by transmitting a request to the cloud platform device to associate an identifier of the announcing device with the tenancy. [0013] The disclosure may automatically, without human intervention, add new devices of a local network so that the devices may connect to a network outside the local network. For example, the devices may connect to a cloud platform device that manages the connected devices of the local network via a tenancy established on the cloud for the connected devices. In this manner, connected devices may be improved to facilitate automated discovery and registration to an appropriate tenancy of a cloud platform.
[0014] FIG. 1 shows a block diagram of an example apparatus 100 that accesses device announcements from announcing devices and facilitates association of the announcing devices with a tenancy on a cloud platform. It should be understood that the example apparatus 100 depicted in FIG. 1 may include additional features and that some of the features described herein may be removed and/or modified without departing from any of the scopes of the example apparatus 100. Furthermore, various devices or other components that relate to or communicate with the apparatus 100 may be illustrated with reference to FIG. 2. For example, a local network, firewall, proxy server, device (announcing device), cloud platform, and cloud platform device referred to when describing the apparatus 100 are illustrated and described with reference to FIG. 2.
[0015] The apparatus 100 shown in FIG. 1 may be a computing device, a server, or the like. As shown in FIG. 1 , the apparatus 100 may include a processor 102 that may control operations of the apparatus 100. The processor 102 may be a
semiconductor-based microprocessor, a central processing unit (CPU), an application specific integrated circuit (ASIC), a field-programmable gate array (FPGA), and/or other suitable hardware device. Although the apparatus 100 has been depicted as including a single processor 102, it should be understood that the apparatus 100 may include multiple processors, multiple cores, or the like, without departing from the scopes of the apparatus 100 disclosed herein.
[0016] The apparatus 100 may include a memory 110 that may have stored thereon machine-readable instructions (which may also be termed computer readable instructions) 112-118 that the processor 102 may execute. The memory 110 may be an electronic, magnetic, optical, or other physical storage device that includes or stores executable instructions. The memory 110 may be, for example, Random Access memory (RAM), an Electrically Erasable Programmable Read-Only Memory (EEPROM), a storage device, an optical disc, and the like. The memory 110 may be a non-transitory machine-readable storage medium, where the term “non-transitory” does not encompass transitory propagating signals.
[0017] Referring to FIG. 1 , the processor 102 may fetch, decode, and execute the instructions 112 to access, from within a local network, a device announcement from an announcing device. The local network may include a local area network or other network that connects together devices of a customer, generally within a firewall. Thus, the local network may represent devices of the customer that are connected to one another via a network communication protocol. A “device announcement” may refer to data that is transmitted via a network to one or more network destinations that indicates an announcing device is online. The device announcement may be transmitted by the announcing device upon startup and/or detection of a network connection to the local network. The device announcement may be transmitted upon an initial startup (such as when the announcing device is newly installed and connected to the local network), upon an update to the announcing device (such as a device name or other update that causes a network configuration change), and/or other at other times when the announcing device is to announce its presence on the local network.
[0018] The data may include information such as identification information that describes an announcing device that transmits the device announcement. The one or more network destinations may be specified by a DNS hostname. The apparatus 100 may be associated with the DNS hostname such that data transmitted via the local network addressed to the DNS hostname may be directed to the apparatus 100. Thus, the apparatus 100 may receive the device announcement from the announcing device via the DNS hostname.
[0019] The processor 102 may fetch, decode, and execute the instructions 114 to provide, responsive to the device announcement, network information to the announcing device for the announcing device to connect to a cloud platform external to the local network, the cloud platform managing a plurality of tenancies comprising a first tenancy that is associated with connected devices of the local network. In some examples, the network information may include information for connecting to a network outside the local network. For example, the network information may include a Hyper Text Transfer Protocol (HTTP) proxy setting used by devices in the local network to connect to an external network, such as to connect to the cloud platform. The HTTP proxy setting may include, for example, a proxy server name, a proxy server port, a user name for the proxy server, a password or other credential for the proxy server, an exceptions list for the proxy server, and/or other information for connecting to the proxy server. The proxy server may connect to devices to an external network via the firewall on behalf of connected devices of the local network. In some examples, in addition to, or instead of, the network information, the processor 102 may provide policy configuration information to the announcing device. The policy configuration information may convey the policy of an entity that operates the local network with respect to connected devices on the local network. For example, the policy configuration information may include a location for device drivers (such as printer drivers) or driver settings, log locations, such as error or usage log location information, and/or other policy information.
[0020] The processor 102 may fetch, decode, and execute the instructions 116 to connect to the cloud platform. For example, the processor 102 may connect
to the cloud platform via a secure (authenticated) channel. Based on the connection, the cloud platform may recognize the apparatus 100 and identify a tenancy to which the apparatus 100 belongs. In some examples, the processor 102 may use the network information to connect to the cloud platform. In these examples, the network information provided to the announcing device may include a copy of some or all of the network information used by the apparatus 100 to connect to the cloud platform. Such network information may be stored, for example, at memory 110.
[0021] The processor 102 may fetch, decode, and execute the instructions 118 to cause the announcing device to be associated with the first tenancy at the cloud platform. For example, the processor 102 may transmit, to the cloud platform, an identifier of the announcing device and a request to associate the announcing device with the tenancy for which the apparatus 100 is associated. Based on the connection, which may be secured, the cloud platform may recognize that the apparatus 100 is associated with the first tenancy. As such, the announcing device may be associated with the first tenancy without human intervention.
[0022] FIG. 2 shows a block diagram of an example architecture 200 of a local network 201 A in which an announcing device 220 is associated with a tenancy on a cloud platform 230. The cloud platform 230 may include a cloud platform device 232 that provides multitenancy cloud services, such as cloud print services, to various local networks 201 (illustrated as local networks 201 A-N - only local network 201 A is shown in further detail although other local networks 201 B-N may include similar features). The term multitenancy cloud services may refer an architecture in which a cloud service may execute on one or more servers, such as the cloud platform device 232, and serves multiple tenants. Each tenant may be associated with an entity that operates a respective local network 201 . The cloud platform 230 may separately store tenancy data 234 for each tenant. Each tenancy data 234 may include data that describes a respective local network 201 , such as a proxy server address, devices of each local network 201 that are associated with the tenancy, and/or other information related to a tenancy or local network. Each tenancy, or connected devices of each local network 201 , may share resources provided by the
cloud platform 230 but the tenancy data 234 of each tenancy may be stored separately such that each tenancy is separately managed at the cloud platform. Thus, one tenant (such as a first set of connected devices of a first local network 201 ) may not have access to the tenancy data 234 of a second tenant and vice versa. [0023] In a local network 201 A, a firewall 202 may manage network traffic to and from the local network 201 A. A proxy server 210 may manage connections of connected devices within the local network 201 A to a device or network outside the firewall 202. For example, the proxy server 210 may be a proxy for the cloud platform device 232 so that connected devices of the local network 201 A may connect to, and receive data such as cloud print jobs from, the cloud platform 230 via the firewall 202. Further details of a local network 201 A, such as various routers, switches, and so forth are omitted for illustrative clarity.
[0024] In some examples, an announcing device 220 may be associated with a tenancy responsive to a device announcement transmitted by the announcing device. The announcing device 220 may transmit the device announcement at startup (such as for the first time), when a change in announcing device 220 is made, and/or at other times. For example, the announcing device 220 may be started up and plugged into an Ethernet port that connects to the local network 201 A. The announcing device 220 may have pre-stored a DNS hostname to which a device announcement is to be made. The pre-stored DNS hostname may be set at the factory and/or re-set locally such as by a system administrator. The pre-stored DNS hostname may be a well-known DNS hostname that the system administrator may assign to the apparatus 100 for receiving the device announcement and causing the announcing device 220 to be associated with the tenancy described by the tenancy data 234A. For example, a device identifier of the announcing device 220 may be added to the tenancy data 234A so that the announcing device is managed as part of the tenancy associated with the local network 201 A. Further details of adding an announcing device 220 to a tenancy at a cloud platform 230 is discussed further with respect to FIG. 3. It should be noted that similar processing may occur at other local networks 201 B-N to add an announcing device to an appropriate tenancy.
[0025] It should be noted that the cloud platform device 232 and the announcing device 220 may each include a processor, similar to the processor 102 illustrated in FIG. 1 , and a memory, similar to the memory 110 also illustrated in FIG. 1 , that stores instructions that program the processor to respectively perform the various operations of the cloud platform device 232 and the announcing device 220 described herein throughout.
[0026] An example usage of multitenancy cloud print services will be described for illustration. A cloud print job may be received at the cloud platform device 232. The cloud print job may be received from within a local network 201 or other network, such as a wide area network. The cloud print job may include an identifier used to identify a tenancy managed by the cloud platform 230. The cloud platform device 232 may consult the appropriate tenancy data 234 associated with the tenancy. For example, the cloud print job may specify that a print job is to be transmitted to the local network 201 A. The cloud print job may specify a tenancy identifier and/or a printer identifier. The cloud platform device 232 may identify the appropriate tenancy and access an address to which to provide the cloud print job. The cloud platform device 232 may transmit the cloud print job to the proxy server 210 of the local network 201 A via the firewall 202. The proxy server 210 may route the cloud print job to the appropriate printer device specified by the cloud platform device 232.
[0027] An example data flow diagram of associating an announcing device 220 with a tenancy on a cloud platform will now be described with respect to FIG. 3. It should be understood that the data flow diagram 300 illustrated in FIG. 3 may include additional operations and that some of the operations described therein may be removed and/or modified without departing from the scopes of the data flow diagram 300. The descriptions of the data flow diagram 300 may be made with reference to the features depicted in FIGS. 1-3 for purposes of illustration.
[0028] Not illustrated in FIG. 3 for clarity is a proxy server and a firewall (such as the proxy server 210 and the firewall 202 illustrated in FIG. 2), although the announcing device 220 and the apparatus 100 may each operate within a firewall of
a local network and may use the proxy server to communicate with the cloud platform device 232. In some examples, the announcing device 220 and/or the apparatus 100 may not operate within a local network, such as when either or both are connected to each other or the cloud platform device 232 via a wide area network, such as the Internet, which may be accessed through a cellular data service or other Internet Service Provider. In these examples, the well-known DNS hostname may instead or additionally include a Uniform Resource Locator (URL) or domain name to which the announcing device 220 transmits an announcement and via which the apparatus 100 receives the device announcement. For example, the well-known DNS hostname may instead or additionally include a URL to a webservice associated with a particular tenancy managed by the cloud platform device 232. [0029] At 302, the apparatus 100 may establish a secure channel with the cloud platform device 232. Through the establishment of the secure channel and authentication of the apparatus 100, the cloud platform device 232 may identify the tenancy to which the apparatus 100 belongs. For example, the cloud platform device 232 may store an association of an identifier of the apparatus 100 with a tenancy identifier (ID) that uniquely identifies the tenancy to which the apparatus 100 belongs. The cloud platform device 232 may therefore associate the tenancy ID with the apparatus 100.
[0030] At 304, the apparatus 100 may access a device announcement from the announcing device 220. For example, the apparatus 100 may listen for or otherwise receive data transmitted to a DNS hostname to which the device announcement is directed. In these examples, data specified for delivery to the DNS hostname may be routed (by network devices of a local network) to the apparatus 100.
[0031] At 306, the apparatus 100 may provide proxy setting information to the announcing device 220. In the illustrated example, the proxy setting information may specify information for the announcing device 220 to connect to a proxy server (such as proxy server 210 illustrated in FIG. 2).
[0032] At 308, the apparatus 100 may provide information to register with the cloud. Such information may include, for example, information for registering with the cloud platform device 232. In some examples, the registration information may include some or all of the HTTP proxy settings and/or username, password, or other information for connecting to the cloud platform device 232.
[0033] At 310, the announcing device 220 may register with the cloud platform device 232. For example, the announcing device 220 may use the proxy setting information from the apparatus 100 to connect with the proxy server, which may mediate communication with the cloud platform device 232. The announcing device 220 may use the registration information to register with the cloud platform device 232.
[0034] At 312, the apparatus 100 may provide information relating to the tenancy of the local network to the announcing device 220. For example, the apparatus 100 may provide the tenant ID to the announcing device 220.
[0035] At 314, the apparatus 100 may cause an association of the announcing device 220 with the tenancy ID. For example, the apparatus 100 may transmit, to the cloud platform device 232, a request to add the announcing device 220 to the tenancy identified by the tenancy ID. The cloud platform device 232 may add the announcing device 220 to the tenancy such as by storing an identifier of the announcing device 220 (which may be received by the cloud platform device 232 at block 310) in association with the tenancy ID (such as by storing the ID of the announcing device 220 in tenancy data associated with the tenancy to which the apparatus 100 belongs).
[0036] Various manners in which the announcing device 220 may operate to announce itself on a local network for connecting to a cloud platform are discussed in greater detail with respect to the method 400 depicted in FIG. 4. It should be understood that the method 400 may include additional operations and that some of the operations described therein may be removed and/or modified without departing from the scopes of the method 400. The descriptions of the method 400 may be made with reference to the features depicted in FIGS. 1 -3 for purposes of illustration.
[0037] FIG. 4 depicts a flow diagram of an example method 400 for registering with a cloud platform by transmitting a device announcement within a local network (such as local network 201A illustrated in FIG. 2). As shown in FIG. 4, at block 402, the processor of an announcing device (such as announcing device 220 illustrated in FIGS. 2 and 3) may transmit a device announcement to a reference device (such as the apparatus 100 illustrated in FIGS. 1-3) via a local network within a firewall (such as the firewall 202 illustrated in FIG. 2). Transmit of the device announcement may be responsive to various events. In some examples, the announcing device may transmit the device announcement responsive to performing an initial start-up on the local network. In some examples, the announcing device may transmit the device announcement responsive to accessing an indication that a network address of the announcing device has been changed, wherein the device announcement is transmitted responsive to the indication that the network address of the announcing device has been changed.
[0038] In some examples, the processor of the announcing device may transmit (via a network port) the device announcement to a DNS hostname. For example, the announcing device may store a well-known DNS hostname. When the device announcement is to be transmitted, the announcing device may access the stored DNS hostname from a memory of the announcing device and transmit the device announcement directed to the stored DNS hostname.
[0039] At block 404, the processor of the announcing device may receive network information from the reference device via the local network. For example, the network information may include proxy information for connecting to the cloud platform via a proxy, such as proxy server 210 illustrated in FIG. 2.
[0040] At block 406, the processor of the announcing device may connect to a cloud platform (such as the cloud platform 230 illustrated in FIG. 2) outside the firewall based on the network information. In particular, the processor of the announcing device may connect to the cloud platform device 232 illustrated in FIG. 2.
[0041] At block 408, the processor of the announcing device may register with the cloud platform. To do so, the processor of the announcing device may provide, to the cloud platform, an identifier that may uniquely identify the announcing device. The cloud platform may associate the announcing device with a particular tenancy. Such registration and association with a particular tenancy may facilitate cloud- based management of the announcing device. For example, the announcing device may be a printer device. In this example, the cloud platform may manage cloud print jobs for the printer device and other printers associated with the particular tenancy. A print job source (such as a client device associated with the particular tenancy) may transmit a cloud print job to the cloud platform, which may direct the cloud print job to the announcing device (or other printer device of the local network associated with the particular tenancy). The announcing device may then cause a print to be generated based on the cloud print job. For example, the announcing device may print a document based on the cloud print job.
[0042] Some or all of the operations set forth in the method 400 may be included as utilities, programs, or subprograms, in any desired computer accessible medium. In addition, the method 400 may be embodied by computer programs, which may exist in a variety of forms. For example, some operations of the method 400 may exist as machine-readable instructions, including source code, object code, executable code or other formats. Any of the above may be embodied on a non- transitory computer readable storage medium. Examples of non-transitory computer readable storage media include computer system RAM, ROM, EPROM, EEPROM, and magnetic or optical disks or tapes. It is therefore to be understood that any electronic device capable of executing the above-described functions may perform those functions enumerated above.
[0043] FIG. 5 depicts a block diagram of an example non-transitory machine- readable storage medium 500 for providing multi-tenancy management of devices and associating an announcing device with a tenancy. The non-transitory machine- readable storage medium 500 may be an electronic, magnetic, optical, or other physical storage device that includes or stores executable instructions. The non-
transitory machine-readable storage medium 500 may be, for example, Random Access memory (RAM), an Electrically Erasable Programmable Read-Only Memory (EEPROM), a storage device, an optical disc, and the like. The non-transitory machine-readable storage medium 500 may have stored thereon machine-readable instructions 502-510 that a processor (such as a processor of the cloud platform device 232 illustrated in FIGS. 2 and 3), may execute.
[0044] The machine-readable instructions 502 may cause the processor to provide a plurality of tenancies, each tenancy being used to remotely manage devices of respective local networks protected by a firewall, the plurality of tenancies comprising a first tenancy to manage a first set of devices of a first local network (such as the local network 201 A illustrated in FIG. 2) protected by a first firewall (such as the firewall 202 illustrated in FIG. 2). The machine-readable instructions 504 may cause the processor to establish, through the first firewall, a secure channel with a reference device (such as the apparatus 100 illustrated in FIGS. 1-3) of the first local network.
[0045] The machine-readable instructions 506 may cause the processor to access a registration request from a first connected device of the first local network. The machine-readable instructions 508 may cause the processor to access an association of the first connected device with the first tenancy from the reference device via the secure channel. The machine-readable instructions 510 may cause the processor to add, based on the association, the first connected device to the first tenancy to manage the first connected device via the first tenancy. In some examples, the machine-readable instructions further cause the processor to access a management operation directed to the first tenancy and transmit the management operation to the first local network. The management operation may include a print job that causes the first connected device to generate a print based on the print job. [0046] Although described specifically throughout the entirety of the instant disclosure, representative examples of the present disclosure have utility over a wide range of applications, and the above discussion is not intended and should not be
construed to be limiting, but is offered as an illustrative discussion of aspects of the disclosure.
[0047] What has been described and illustrated herein is an example of the disclosure along with some of its variations. The terms, descriptions and figures used herein are set forth by way of illustration only and are not meant as limitations. Many variations are possible within the spirit and scope of the disclosure, which is intended to be defined by the following claims -- and their equivalents -- in which all terms are meant in their broadest reasonable sense unless otherwise indicated.
Claims
1. An apparatus comprising: a processor; and a non-transitory machine-readable medium on which is stored instructions that when executed by the processor, cause the processor to: access, from within a local network, a device announcement from an announcing device; provide, responsive to the device announcement, network information to the announcing device for the announcing device to connect to a cloud platform device external to the local network, the cloud platform device managing a plurality of tenancies comprising a first tenancy that is associated with connected devices of the local network; connect to the cloud platform device; and cause the announcing device to be associated with the first tenancy at the cloud platform device.
2. The apparatus of claim 1 , wherein the instructions further cause the processor to: use the network information to connect to the cloud platform device.
3. The apparatus of claim 2, wherein the network information comprises a Hyper Text Transfer Protocol proxy setting used by devices in the local network to connect to the cloud platform device.
4. The apparatus of claim 1 , wherein the instructions further cause the processor to: provide policy configuration information to the announcing device.
5. The apparatus of claim 1 , wherein to access the device announcement, the instructions further cause the processor to: access the device announcement via a Domain Name System (DNS) hostname associated with the apparatus.
6. The apparatus of claim 1 , wherein the announcing device is associated with the first tenancy without human intervention.
7. A method, comprising: transmitting, by an announcing device, a device announcement to a reference device via a local network within a firewall; receiving, by the announcing device network information from the reference device via the local network; connecting, by the announcing device, to a cloud platform device outside the firewall based on the network information; and registering, by the announcing device, with the cloud platform device.
8. The method of claim 7, wherein transmitting the device announcement comprises: accessing, from a device storage, a Domain Name System (DNS) hostname, wherein the device announcement is transmitted to the reference device at the DNS hostname.
9. The method of claim 7, further comprising: receiving a print job from the cloud platform device; and causing a print to be generated based on the print job.
10. The method of claim 7, wherein receiving the network information comprises receiving proxy information for connecting to the cloud platform device via a proxy.
11. The method of claim 7, further comprising: performing an initial start-up on the local network, wherein the device announcement is transmitted responsive to the initial start-up.
12. The method of claim 7, further comprising: accessing an indication that a network address of the announcing device has been changed, wherein the device announcement is transmitted responsive to the indication that the network address of the announcing device has been changed.
13. A non-transitory machine-readable medium on which is stored machine- readable instructions that when executed by a processor, cause the processor to: provide a plurality of tenancies, each tenancy being used to remotely manage devices of respective local networks protected by a firewall, the plurality of tenancies comprising a first tenancy to manage a first set of devices of a first local network protected by a first firewall; establish, through the first firewall, a secure channel with a reference device of the first local network; access a registration request from a first connected device of the first local network; access an association of the first connected device with the first tenancy from the reference device via the secure channel; and add, based on the association, the first connected device to the first tenancy to manage the first connected device via the first tenancy.
14. The non-transitory machine-readable medium of claim 13, wherein the machine-readable instructions further cause the processor to: access a management operation directed to the first tenancy; and transmit the management operation to the first local network.
15. The non-transitory machine-readable medium of claim 14, wherein the management operation comprises a print job that causes the first connected device to generate a print based on the print job.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/US2019/059443 WO2021086404A1 (en) | 2019-11-01 | 2019-11-01 | Device announcement and tenancy association |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/US2019/059443 WO2021086404A1 (en) | 2019-11-01 | 2019-11-01 | Device announcement and tenancy association |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2021086404A1 true WO2021086404A1 (en) | 2021-05-06 |
Family
ID=75715234
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2019/059443 WO2021086404A1 (en) | 2019-11-01 | 2019-11-01 | Device announcement and tenancy association |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2021086404A1 (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140215590A1 (en) * | 2008-12-22 | 2014-07-31 | Ctera Networks, Ltd. | Multi-tenant cloud storage system |
US20170264642A1 (en) * | 2016-03-08 | 2017-09-14 | Oracle International Corporation | Thick client policy caching |
US20170331829A1 (en) * | 2016-05-11 | 2017-11-16 | Oracle International Corporation | Security tokens for a multi-tenant identity and data security management cloud service |
US20190238598A1 (en) * | 2018-01-29 | 2019-08-01 | Oracle International Corporation | Dynamic client registration for an identity cloud service |
-
2019
- 2019-11-01 WO PCT/US2019/059443 patent/WO2021086404A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140215590A1 (en) * | 2008-12-22 | 2014-07-31 | Ctera Networks, Ltd. | Multi-tenant cloud storage system |
US20170264642A1 (en) * | 2016-03-08 | 2017-09-14 | Oracle International Corporation | Thick client policy caching |
US20170331829A1 (en) * | 2016-05-11 | 2017-11-16 | Oracle International Corporation | Security tokens for a multi-tenant identity and data security management cloud service |
US20190238598A1 (en) * | 2018-01-29 | 2019-08-01 | Oracle International Corporation | Dynamic client registration for an identity cloud service |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11218420B2 (en) | Virtual network interface objects | |
US10778775B2 (en) | Control of network connected devices | |
US9118657B1 (en) | Extending secure single sign on to legacy applications | |
US9021005B2 (en) | System and method to provide remote device management for mobile virtualized platforms | |
US20080184354A1 (en) | Single sign-on system, information terminal device, single sign-on server, single sign-on utilization method, storage medium, and data signal | |
US8346940B2 (en) | Method and system for provisioning customer premises equipment | |
EP3466136B1 (en) | Method and system for improving network security | |
WO2018144157A1 (en) | Single authentication to a multi-tenancy single-page cloud application | |
JP2016144186A (en) | Communication information controller, relay system, communication information control method, and communication information control program | |
US8289969B2 (en) | Network edge switch configuration based on connection profile | |
US20130254425A1 (en) | Dns forwarder for multi-core platforms | |
WO2021086404A1 (en) | Device announcement and tenancy association | |
US20180220477A1 (en) | Mobile communication system and pre-authentication filters | |
CN109218415B (en) | Distributed node management method, node and storage medium | |
JP6096700B2 (en) | API providing system | |
US20220182353A1 (en) | Server connection resets based on domain name server (dns) information |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 19950873 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19950873 Country of ref document: EP Kind code of ref document: A1 |