Security management for cloud services

摘要

A cloud management node (102) in a public cloud (100) works together with a private management system (116) in a private cloud (114) to manage provisioning and access to cloud services from the private cloud (114). Private data does not need to be held or duplicated in the public cloud so that the data security is enhanced. The private management system (116) issues tokens for authorization so that user access to cloud services may be controlled. The cloud management node (102) receives provisioning requests from the private cloud (114) and selects and informs an appropriate service provider node (112) that a provisioning request is waiting. In examples an administrator at the private cloud (114) is able to manage cloud service access for many users in a simple effective manner and users are able to operate multiple cloud services from a single account.

主权项

1. A computer-implemented security management method comprising a plurality of steps executed at at least one management node in a public domain of a communications network, the steps comprising:
receiving a request message associated with a user for a resource provided by at least one service provider node in a public domain of the communications network; authorizing the request message using information at a private management system in a private cloud of the communications network associated with the user; enabling access to the service provider node if a check is successful; sending a message to the service provider node to inform the service provider node that the request message is available at the management node; and allowing the service provider node to collect the request message from the management node.