Invention Grant
US09411973B2 Secure isolation of tenant resources in a multi-tenant storage system using a security gateway
有权
使用安全网关在多租户存储系统中安全隔离租户资源
- Patent Title: Secure isolation of tenant resources in a multi-tenant storage system using a security gateway
- Patent Title (中): 使用安全网关在多租户存储系统中安全隔离租户资源
-
Application No.: US13875301Application Date: 2013-05-02
-
Publication No.: US09411973B2Publication Date: 2016-08-09
- Inventor: Michael E. Factor , David Hadas , Elliot K. Kolodner , Anil Kurmus , Alexandra Shulman-Peleg , Alessandro Sorniotti
- Applicant: International Business Machines Corporation
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agent Steven L. Fisher-Stawinski
- Main IPC: G06F17/30
- IPC: G06F17/30 ; G06F21/62 ; G06F9/00 ; G06F9/46
Abstract:
Machines, systems and methods for handling a client request in a hierarchical multi-tenant data storage system, the method comprising processing a request in subtasks, wherein a subtask is executed with a minimal set of privileges associated with a specific subtenant; extracting a claimed n-level hierarchy of a tenant and sub-tenant identities from the request; extracting authentication signatures or credentials that correspond to a level in the hierarchy; for a first level in the hierarchy, sending the request to a dedicated subtenant authenticator with privilege to validate credentials for a subtenant at the first level; and receiving a confirmation from the dedicated subtenant authenticator, whether the request is authentic.
Public/Granted literature
- US20140330869A1 SECURE ISOLATION OF TENANT RESOURCES IN A MULTI-TENANT STORAGE SYSTEM USING A SECURITY GATEWAY Public/Granted day:2014-11-06
Information query
