Handling requests to service resources within a security boundary using a security gateway instance

Handling requests to service resources within a security boundary using a security gateway instance

The disclosure herein describes securing access to a service resource within a security boundary. A security gateway instance receives a request from an edge deployment outside the security boundary. The request includes identity data identifying the edge deployment. The identity data is validated b...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Roy, Arupendra Narayan, Aquino, Bisconde Ramon, Garcia Valenzuela, Fernando, Diaz Cuellar, Gerardo, Naparu, Alexandru, Raman, Venkatasubrahmanyam
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The disclosure herein describes securing access to a service resource within a security boundary. A security gateway instance receives a request from an edge deployment outside the security boundary. The request includes identity data identifying the edge deployment. The identity data is validated based on allowed identity data of the security gateway instance and based on a validation handler associated with the service resource. Based on validating the identity data and validating the request, the identity data is transformed using security data specific to the security gateway instance. The transformed identity data indicates the request has been validated by the security gateway instance. Based on transforming the identity data of the request, the transformed identity data and the request are forwarded to the service resource via a network link within the security boundary, wherein the service resource is configured to process the request based on identifying the transformed identity data.