公开(公告)号：US11463544B1

公开(公告)日：2022-10-04

申请号：US17537240

申请日：2021-11-29

Applicant: salesforce.com, inc.

Inventor： Prasad Peddada ,  Sriram Shankarlal ,  Giridharan Sridharan ,  Nirav K. Butala

IPC: H04L67/51 ,  H04L67/10

Abstract: A cloud infrastructure is configured and deployed for managing services executed on a cloud platform. The cloud infrastructure includes a control datacenter configured to communicate with one or more service datacenters. The service datacenter deploys one or more application programming interfaces (API's) associated with a service. The service datacenter also deploys an administration agent. The control datacenter hosts an engine that receives requests from users to perform administration operations by invoking the administration API's. In this manner, the control datacenter functions as a centralized control mechanism that effectively distributes administration operation requests as they are received from users to service datacenters that can service the requests. The cloud infrastructure provides an auditable, compliant and secure management system for administering services for distributed systems running in the cloud.

公开(公告)号：US12052247B2

公开(公告)日：2024-07-30

申请号：US17740159

申请日：2022-05-09

Applicant: salesforce.com, inc.

Inventor： Adarsh Khare ,  Shruthi Chikkanna ,  Peixuan Jiang ,  Isaac Westlund ,  Hideyuki Komaki ,  Hayk Baluyan ,  Giridharan Sridharan ,  Mitchell Brent DiNicola ,  Ajay Thargan

IPC: H04L9/40 ,  G06F9/455

CPC classification number: H04L63/0884 ,  G06F9/45558 ,  H04L63/0823 ,  G06F2009/45587

Abstract: A system receives an access token generated by a user performing authentication via an authentication device, for example, a smart card. The system obtains a personalized virtual machine assigned to the user. The system exchanges the access token for a temporary certificate having an expiry time. The system provides the temporary certificate that includes verifiable user identity to a personalized virtual machine. The system provides the user with access to the personalized virtual machine. The system allows the user to present verifiable user identity and connect to any of a plurality of systems without requiring the user to authenticate again using the authentication device. After the expiry time of the temporary certificate is exceeded, the system denies subsequent requests from the user to connect to any of the plurality of systems.

公开(公告)号：US20230362162A1

公开(公告)日：2023-11-09

申请号：US17740159

申请日：2022-05-09

Applicant: salesforce.com, inc.

Inventor： Adarsh Khare ,  Shruthi Chikkanna ,  Peixuan Jiang ,  Isaac Westlund ,  Hideyuki Komaki ,  Hayk Baluyan ,  Giridharan Sridharan ,  Mitchell Brent DiNicola ,  Ajay Thargan

IPC: H04L9/40 ,  G06F9/455

CPC classification number: H04L63/0884 ,  H04L63/0823 ,  G06F9/45558 ,  G06F2009/45587

Abstract: A system receives an access token generated by a user performing authentication via an authentication device, for example, a smart card. The system obtains a personalized virtual machine assigned to the user. The system exchanges the access token for a temporary certificate having an expiry time. The system provides the temporary certificate that includes verifiable user identity to a personalized virtual machine. The system provides the user with access to the personalized virtual machine. The system allows the user to present verifiable user identity and connect to any of a plurality of systems without requiring the user to authenticate again using the authentication device. After the expiry time of the temporary certificate is exceeded, the system denies subsequent requests from the user to connect to any of the plurality of systems.

公开(公告)号：US20230171243A1

公开(公告)日：2023-06-01

申请号：US17537226

申请日：2021-11-29

Applicant: salesforce.com, inc.

Inventor： Prasad Peddada ,  Sriram Shankarlal ,  Giridharan Sridharan

IPC: H04L67/133 ,  H04L61/4505

CPC classification number: H04L63/083 ,  H04L67/40 ,  H04L61/1505

Abstract: A cloud infrastructure is configured and deployed for managing services executed on a cloud platform. The cloud infrastructure includes a control datacenter configured to communicate with one or more service datacenters. The service datacenter deploys one or more application programming interfaces (API's) associated with a service. The service datacenter also deploys an administration agent. The control datacenter hosts an engine that receives requests from users to perform administration operations by invoking the administration API's. In this manner, the control datacenter functions as a centralized control mechanism that effectively distributes administration operation requests as they are received from users to service datacenters that can service the requests. The cloud infrastructure provides an auditable, compliant and secure management system for administering services for distributed systems running in the cloud.

公开(公告)号：US20220019478A1

公开(公告)日：2022-01-20

申请号：US16930900

申请日：2020-07-16

Applicant: salesforce.com, inc.

Inventor： Giridharan Sridharan ,  Sridhar Dutta ,  Aman Gulati ,  Fiaz Hossain ,  Vishal Agarwal ,  Gage David Laufenberg

IPC: G06F9/50 ,  H04L9/32 ,  G06F9/445

Abstract: Examples include a system and computer-implemented method to create a cloud native workload identity (CNWI) and assign the CNWI to an instance of a workload to be instantiated in a cloud computing environment of a cloud service provider (CSP); translate the CNWI into a cloud agnostic workload identity (CAWI) and assign the CAWI to the workload instance; and use the CAWI by the workload instance to communicate with other workloads in the same or a different CSP.