| 摘要 |
<p>A Cloud Management Node (CMN) 102 acts as a broker/portal 105/106 for resources 112 on service provider nodes (SPN) 113. This system may be a public cloud 100. Users/clients 122/124 in a private/corporate network/cloud 114, can request access to the resources. Where resource access is restricted the identity engine 104 of the CMN may send a request to the private management system 116 in the private cloud of the requestor. The private management system validates the users authorisation to access the resource and supplies a token to the CMN. This allows user authorisations to be stored and managed locally by administrator 118. If authorised the CMN forwards the request to the relevant SPN. This may be done by sending the SPN a message telling it that a service request is waiting on a queue at the CMN. The SPN than pulls the request from the queue. The requests may be encrypted with the SPN public key. Requests sent directly from users/client to SPN may be redirected to CMN for authorisation processing.</p> |
