Patent application number | Description | Published |
20080229410 | PERFORMING A BUSINESS TRANSACTION WITHOUT DISCLOSING SENSITIVE IDENTITY INFORMATION TO A RELYING PARTY - A user engages in a transaction with a relying party. The relying party requests identity information from the user in a security policy and identifies transaction elements for an on-line business transaction. Typically, the security policy and transaction elements are transmitted together; the security policy can be as little as a request to conduct the on-line business transaction. The user identifies an information card that satisfies the security policy. The computer system requests a security token from the identity provider managing the information card, which can include requesting a transaction receipt for the transaction elements. The computer system then returns the security token (and the transaction receipt) to the relying party, to complete the transaction. | 09-18-2008 |
20090205035 | INFO CARD SELECTOR RECEPTION OF IDENTITY PROVIDER BASED DATA PERTAINING TO INFO CARDS - A computer system accesses metadata about an information card. The metadata can be stored locally or remotely (for example, at an identity provider). A metadata engine can be used to generate data to be provided to the user from the metadata: this data can take any desired form, such as an advertisement, a state of the user's account, or a policy update, among other possibilities. | 08-13-2009 |
20090249430 | CLAIM CATEGORY HANDLING - A relying party can have a security policy. The security policy can include claims that are categorized other than “required” and “optional”. The user can specify, in a user policy, whether or not to include in a request for a security token from an identity provider claims that are not “required”. | 10-01-2009 |
20110153499 | PERFORMING A BUSINESS TRANSACTION WITHOUT DISCLOSING SENSITIVE IDENTITY INFORMATION TO A RELYING PARTY - A user engages in a transaction with a relying party. The relying party requests identity information from the user in a security policy and identifies transaction elements for an on-line business transaction. Typically, the security policy and transaction elements are transmitted together; the security policy can be as little as a request to conduct the on-line business transaction. The user identifies an information card that satisfies the security policy. The computer system requests a security token from the identity provider managing the information card, which can include requesting a transaction receipt for the transaction elements. The computer system then returns the security token (and the transaction receipt) to the relying party, to complete the transaction. | 06-23-2011 |
Patent application number | Description | Published |
20100235355 | SYSTEM AND METHOD FOR UNIFIED CLOUD MANAGEMENT - Method and system for managing workloads in a cloud computing environment comprising cloud services providers is described. In one embodiment, the method comprises, for each of the cloud services providers, monitoring a situation of the cloud services provider to obtain situation information for the cloud services provider and evaluating the obtained situation information and then deploying an workload to a selected one of the cloud services providers based at least in part on results of the evaluating. | 09-16-2010 |
20100235526 | SYSTEM AND METHOD FOR REDUCING CLOUD IP ADDRESS UTILIZATION USING A DISTRIBUTOR REGISTRY - System and method for providing cloud computing services are described. In one embodiment, the system comprises a cloud computing environment comprising resources for supporting cloud workloads, each cloud workload having associated therewith an internal cloud address; and a routing system disposed between external workloads of an external computing environment and the cloud workloads, the routing system for directing traffic from an external cloud address to the internal cloud addresses of the cloud workloads. The routing system comprises a virtual router configured to function as a network address translator (“NAT”); a distributor connected between the virtual router and the cloud workloads; and a distributor registry accessible by the distributor for maintaining information comprising at least one of port mappings, cloud address mappings, and cloud workload configuration information. | 09-16-2010 |
20100235539 | SYSTEM AND METHOD FOR REDUCED CLOUD IP ADDRESS UTILIZATION - System and method for providing cloud computing services is described. In one embodiment, the system includes a cloud computing environment, the cloud computing environment comprising resources for supporting cloud workloads, each cloud workload having associated therewith an internal cloud address; and a routing system disposed between external workloads of an external computing environment and the cloud workloads, the routing system for directing traffic from an external address to the internal addresses of the cloud workloads. | 09-16-2010 |
20100235630 | SYSTEM AND METHOD FOR PROVIDING KEY-ENCRYPTED STORAGE IN A CLOUD COMPUTING ENVIRONMENT - System and method for providing cloud computing services are described. In one embodiment, the system comprises a cloud computing environment comprising resources for supporting cloud workloads, each cloud workload having associated therewith an internal cloud address; and a routing system disposed between external workloads of an external computing environment and the cloud workloads, the routing system for directing traffic from an external address to the internal cloud addresses of the cloud workloads. A designated one of the cloud workloads obtains one key of a first pair of cryptographic keys, the first pair of cryptographic keys for decrypting encrypted storage hosted within the cloud computing environment. | 09-16-2010 |
20100235903 | SYSTEM AND METHOD FOR TRANSPARENT CLOUD ACCESS - System and method for transparent cloud access are described. In one embodiment, the system comprises an enterprise computing environment maintained by an enterprise and a cloud computing environment maintained by a cloud provider; and a secure bridge mechanism for interconnecting the enterprise computing environment and the cloud computing environment. The secure bridge mechanism comprises a first secure bridge portion associated with the enterprise and a second secure bridge portion associated with the cloud computing environment. The first and second secure bridge portions interoperate to provide transparent and secure access by resources of one of the computing environments to those of the other computing environment. | 09-16-2010 |
20110106926 | System and method for implementing a cloud workflow - System and method for implementing a workflow of a first domain, wherein the workflow is implemented as a series of steps to accomplish a workload and wherein at least one of the steps utilizes a process, are described. In one embodiment, the method comprises establishing a mutual trust relationship between the first domain and a second domain; wherein one of the steps is authored by the second domain, the method further comprising associating with the step authored by the second domain a digital attestation for enabling the first domain to verify authorship and non-modification thereof. | 05-05-2011 |
20110106927 | SYSTEM AND METHOD FOR IMPLEMENTING CLOUD MITIGATION AND OPERATIONS CONTROLLERS - System and method for implementing cloud mitigation and operations controllers are described. One embodiment is a system for controlling operation of a cloud computing environment, wherein the system comprises a repository for storing data regarding characteristics of the cloud computing environment, wherein the stored data includes policy notations designating compliance or noncompliance of the data with policy; an analyst module for analyzing the stored data in combination with external report information regarding the cloud computing environment and for providing results of the analysis; and a controller for evaluating the analysis results and issuing instructions for controlling operation of the cloud computing environment based on the evaluating. | 05-05-2011 |
Patent application number | Description | Published |
20160092310 | SYSTEMS AND METHODS FOR MANAGING GLOBALLY DISTRIBUTED REMOTE STORAGE DEVICES - Methods and systems are described managing module for remotely managing hardware of at least one of a plurality of distributed remote storage devices. A computer implemented method includes locally monitoring a system (including, for example, a core operating system) of the hardware, locally detecting an abnormal or unresponsive state of the system, generating a notice when the abnormal or unresponsive state is detected, delivering the notice to a remotely located central service, and automatically rebooting the hardware when the abnormal or unresponsive state is detected. | 03-31-2016 |
20160092593 | PAGE-BASED METADATA SYSTEM FOR DISTRIBUTED FILESYSTEM - Methods and systems are described for storing metadata in a network of distributed remote storage devices. An example computer implemented method includes identifying a plurality of metadata inodes, grouping the plurality of metadata inodes into one or more metadata pages, mapping the plurality of metadata inodes and the plurality of metadata pages, and storing the mapping as a manifest page, and storing data to and retrieving data from the distributed remote storage devices using the plurality of metadata inodes. | 03-31-2016 |
20160094419 | SYSTEMS AND METHODS FOR MONITORING GLOBALLY DISTRIBUTED REMOTE STORAGE DEVICES - Methods and systems are described for remotely monitoring a plurality of distributed remote storage devices. An example computer implemented method includes locally collecting monitoring data for one of the plurality of distributed remote storage devices, and periodically sending at least one of an aggregate of the locally recorded monitoring data and a summary of the locally recorded monitoring data to a remote location. The remote location includes at least one of another one of the plurality of distributed remote storage devices, at least one central server, and a set of the plurality of distributed remote storage devices. | 03-31-2016 |
20160094448 | SYSTEMS AND METHODS FOR CENTRALLY-ASSISTED DISTRIBUTED HASH TABLE - Methods and systems are described managing module for locating a target storage device among a plurality of storage devices connected via a network. A computer implemented method includes sending registration information to a central directory, wherein the registration information includes at least an address of one of the plurality of storage devices, and the central directory stores the registration information in a registry. The method also includes sending a request to the central directory for an address for another one of the plurality of storage devices, receiving the address from the central directory if the address is in the registry, and conducting a successive lookup of a closest known address until the address is located if the address is not in the registry. | 03-31-2016 |