公开(公告)号：US20230244517A1

公开(公告)日：2023-08-03

申请号：US18162963

申请日：2023-02-01

Applicant: Oracle International Corporation

Inventor： Girish Nagaraja ,  Venkata Subbarao Evani ,  Daniel M. Vogel

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Techniques are described for providing a multi-cloud control plane (MCCP) in a first cloud infrastructure (included in a first cloud environment provided by a first cloud services provider) that enables services and/or resources provided in the first cloud infrastructure to be utilized by users of a second cloud environment. The first cloud infrastructure receives a request from a user associated with an account in the second cloud infrastructure. The request corresponding to using a service provided by the first cloud infrastructure. A tenancy is created for the user in the first cloud infrastructure to enable the user to utilize the service, and a link-resource object is created that includes information linking the tenancy of the user in the first cloud infrastructure to the account of the user in the second cloud infrastructure, the link-resource object enabling the user to utilize the service provided by the first cloud infrastructure.

公开(公告)号：US20230113325A1

公开(公告)日：2023-04-13

申请号：US17934846

申请日：2022-09-23

Applicant: Oracle International Corporation

Inventor： Girish Nagaraja ,  Martinus Petrus Lambertus van den Dungen ,  Gregg Alan Wilson ,  Gary Philip Cole ,  Venkata Subbarao Evani

IPC: H04L9/40

Abstract: Described herein is a framework for generating an integrated identity and access management (IAM) system from a first IAM system and a second IAM system that is different than the first IAM system. The integrated IAM system is generated by: (i) creating a domain in a customer tenancy associated with the first IAM system, and (ii) embedding an identity provider of the second IAM system within the domain. The integrated IAM system receives a request from a user to perform an operation with respect to resource associated with the second IAM system. Upon the user being successfully authenticated by the integrated IAM system, the request is executed.

公开(公告)号：US20230098641A1

公开(公告)日：2023-03-30

申请号：US17957146

申请日：2022-09-30

Applicant: Oracle International Corporation

Inventor： Shobhank Sharma ,  Venkata Subbarao Evani ,  Kranthi Kiran Pandiri ,  Girish Nagaraja ,  Martinus Petrus Lambertus van den Dungen ,  Ashok Kumar Subbaiyan ,  Ari M. Kermaier

IPC: H04L9/40

Abstract: Systems and methods for a single logout between two independent systems are described herein. The system includes a first access control system having a first login protocol. The first access control system includes at least one first processor, and a memory comprising a plurality of instructions executable by the at least one first processor. The system includes a second access control system. The second access control system has a second login protocol independent of the first login protocol. The first access control system can receive a logout request from a user at the first access control system, logging the user out of the first access control system, and utilizing a trust mechanism to log the user out of the second access control system.

公开(公告)号：US20250088360A1

公开(公告)日：2025-03-13

申请号：US18825689

申请日：2024-09-05

Applicant: Oracle International Corporation

Inventor： Venkata Subbarao Evani ,  Girish Nagaraja ,  Atul Goyal

IPC: H04L9/32 ,  G06F9/455

Abstract: Described herein is a token exchange framework between two different cloud services providers. A multi-cloud infrastructure included in a first cloud environment that is provided by a first cloud services provider (CSP) receives a first request from a user associated with an account in a second cloud environment that is provided by a second CSP. The first request corresponds to using of a service provided by the first cloud environment and includes a first token issued by the second CSP. The multi-cloud infrastructure obtains a second token issued by the first CSP based on validating the first token with respect to a trust configuration corresponding to the second CSP. The trust configuration is previously generated and maintained by the first CSP in the first cloud environment. The multi-cloud infrastructure transmits the second token to the service to enable the user to utilize the service provided by the first cloud environment.

公开(公告)号：US20250086001A1

公开(公告)日：2025-03-13

申请号：US18825661

申请日：2024-09-05

Applicant: Oracle International Corporation

Inventor： Venkata Subbarao Evani ,  Girish Nagaraja ,  Atul Goyal

IPC: G06F9/455 ,  H04L9/40

Abstract: Described herein is a token exchange framework between two different cloud services providers. A multi-cloud infrastructure included in a first cloud environment that is provided by a first cloud services provider (CSP) receives a first request from a user associated with an account in a second cloud environment that is provided by a second CSP. The first request corresponds to using of a service provided by the first cloud environment and includes a first token issued by the second CSP. The multi-cloud infrastructure obtains a second token issued by the first CSP based on validating the first token with respect to a trust configuration corresponding to the second CSP. The trust configuration is previously generated and maintained by the first CSP in the first cloud environment. The multi-cloud infrastructure transmits the second token to the service to enable the user to utilize the service provided by the first cloud environment.

公开(公告)号：US12301556B2

公开(公告)日：2025-05-13

申请号：US18162947

申请日：2023-02-01

Applicant: Oracle International Corporation

Inventor： Girish Nagaraja ,  Venkata Subbarao Evani ,  Daniel M. Vogel ,  Atul Goyal ,  Norka Beatriz Lucena Mogollon

IPC: H04L9/40 ,  G06F9/455 ,  H04L9/32 ,  H04L67/10 ,  H04L67/306

Abstract: Techniques are described for providing a multi-cloud control plane (MCCP) in a first cloud infrastructure (included in a first cloud environment provided by a first cloud services provider) that enables services and/or resources provided in the first cloud infrastructure to be utilized by users of a second cloud environment. The first cloud infrastructure receives a request from a user associated with an account in the second cloud infrastructure. The request corresponding to using a service provided by the first cloud infrastructure. A tenancy is created for the user in the first cloud infrastructure to enable the user to utilize the service, and a link-resource object is created that includes information linking the tenancy of the user in the first cloud infrastructure to the account of the user in the second cloud infrastructure, the link-resource object enabling the user to utilize the service provided by the first cloud infrastructure.

公开(公告)号：US20230247087A1

公开(公告)日：2023-08-03

申请号：US18162924

申请日：2023-02-01

Applicant: ORACLE INTERNATIONAL CORPORATION

Inventor： Girish Nagaraja ,  Venkata Subbarao Evani ,  Daniel M. Vogel ,  Matthew Victor Rushton

IPC: H04L67/10 ,  H04L67/306 ,  H04L9/40

CPC classification number: H04L67/10 ,  H04L67/306 ,  H04L63/08

Abstract: Techniques are described for providing a multi-cloud control plane (MCCP) in a first cloud infrastructure (included in a first cloud environment provided by a first cloud services provider) that enables services and/or resources provided in the first cloud infrastructure to be utilized by users of a second cloud environment. The first cloud infrastructure receives a request from a user associated with an account in the second cloud infrastructure. The request corresponding to using a service provided by the first cloud infrastructure. A tenancy is created for the user in the first cloud infrastructure to enable the user to utilize the service, and a link-resource object is created that includes information linking the tenancy of the user in the first cloud infrastructure to the account of the user in the second cloud infrastructure, the link-resource object enabling the user to utilize the service provided by the first cloud infrastructure.

公开(公告)号：US20230100200A1

公开(公告)日：2023-03-30

申请号：US17953172

申请日：2022-09-26

Applicant: Oracle International Corporation

Inventor： Venkata Subbarao Evani ,  Girish Nagaraja ,  Norka Beatriz Lucena Mogollon

IPC: H04L9/32

Abstract: Techniques are discloses for exchanging tokens between different identity systems that follow different identity models. A token exchange system of an integrated identity management system of a cloud service can determine that that an entity is authorized to access a first identity system based on credentials of the entity entered in the first identity system. The token exchange system can exchange a first token for the first identity system for a second token for the second identity system without requiring entry of credentials to access the second identity system.

公开(公告)号：US12273343B2

公开(公告)日：2025-04-08

申请号：US18048710

申请日：2022-10-21

Applicant: Oracle International Corporation

Inventor： Gregg Alan Wilson ,  Venkata Subbarao Evani ,  Martinus Petrus Lambertus van den Dungen ,  Girish Nagaraja ,  Gary Philip Cole

IPC: G06F7/04 ,  H04L9/40

Abstract: An identity management and authorization system (IMAS) receives a request to download an application to a user device associated with a user. The IMAS downloads, to the user device, a template application instance corresponding to the requested application, the template application instance having a reduced functionality than the requested application. The IMAS receives, from the user device, a request to register to the downloaded template. Responsive to receiving the request to register the application, the IMAS causes the template application instance on the user device to transition to an application instance of the application with full functionality, generates an application instance-specific credential for the application instance, associates the generated application instance-specific credential with the application instance, and stores the application instance-specific credential in association with (1) an application identifier identifying the application instance, (2) a user identifier identifying the user, and (3) a user device identifier identifying the user device.

公开(公告)号：US20250086000A1

公开(公告)日：2025-03-13

申请号：US18825612

申请日：2024-09-05

Applicant: Oracle International Corporation

Inventor： Venkata Subbarao Evani ,  Girish Nagaraja ,  Atul Goyal

IPC: G06F9/455 ,  H04L9/40

Abstract: Described herein is a token exchange framework between two different cloud services providers. A multi-cloud infrastructure included in a first cloud environment that is provided by a first cloud services provider (CSP) receives a first request from a user associated with an account in a second cloud environment that is provided by a second CSP. The first request corresponds to using of a service provided by the first cloud environment and includes a first token issued by the second CSP. The multi-cloud infrastructure obtains a second token issued by the first CSP based on validating the first token with respect to a trust configuration corresponding to the second CSP. The trust configuration is previously generated and maintained by the first CSP in the first cloud environment. The multi-cloud infrastructure transmits the second token to the service to enable the user to utilize the service provided by the first cloud environment.