Accessing enterprise communication systems from external networks

What is claimed is: 1. A computer program product for enabling access to an end service in a private communication system from a cloud-based requestor in a public network, comprising: a non-transitory computer readable storage medium storing computer readable program code which when executed by a processor of an electronic device causes the processor to perform operations comprising: establishing a secure bridge connection between a connector service located outside the private communication system and a tenant application in the private communication system, the secure bridge connection extending between the private communication system and the public network to provide secure communications between the connector service located outside the private communication system and the tenant application within the private communication system to enable access to enterprise services operating within the private communication system from requestors located outside the private communication system wherein the secure bridge connection comprises a secure outbound pipe, accessible with first session credentials, that handles all outbound connections and data flow for carrying requests from the connector service to the tenant application and a separate secure inbound pipe, accessible with second session credentials that handles all inbound connections and data flow for carrying responses from the tenant application to the connector service, wherein the secure inbound pipe and the secure outbound pipe are established with separate session credentials; receiving a request at the connector service from the cloud-based requestor to use services of the end service, the request including information from the cloud-based requestor addressed to the end service; creating a virtual communication circuit by associating a cloud side work socket with a unique cloud-side network object identifier (NOID-C) attribute that uniquely identifies the cloud-based requestor, a default network object identifier (NOID-Default) attribute associated with the private communications system, and an end service identifier (ESID) attribute that uniquely identifies an instance of the end service in the private communication system; storing a virtual communication circuit identifier associated with the work socket, the virtual circuit identifier including the ESID, the NOID-default, and the attributes, after creating the virtual communication circuit; and transmitting the information addressed to the end service along with the NOID-C and ESID attributes to the tenant application in the private communication system. 2. The computer program product of claim 1 , further comprising: before receiving the request from the cloud-based requestor, opening a listening socket in a public network, the listening socket representing an end service in the private communication system; wherein receiving the request from the cloud-based requestor to use services of the end service comprises receiving the request from the cloud-based requestor to use services of the end service as a connection to the listening socket. 3. The computer program product of claim 2 , wherein the cloud side work socket corresponds to the listening socket. 4. The computer program product of claim 3 , wherein receiving information from the cloud-based requestor addressed to the end service comprises receiving the information from the cloud-based requestor using the cloud side work socket. 5. The computer program product of claim 1 , further comprising: receiving a response from the end service over the virtual communication circuit, the response including the ESID and NOID-C attributes along with a private communication system network object identifier (NOID-P) attribute; and retrieving the cloud side work socket in response to the ESID and NOID-C attributes. 6. The computer program product of claim 5 , further comprising: replacing the NOID-default attribute with the NOID-P attribute in the virtual communication circuit identifier; and transmitting the response of the end service to the cloud-based requestor using the cloud side work socket. 7. A computer program product for enabling access to an end service in a private communication system from a cloud-based requestor in a public network, comprising: a non-transitory computer readable storage medium storing computer readable program code which when executed by a processor of an electronic device causes the processor to perform operations comprising: establishing a secure bridge connection between a connector service located outside the private communication system and a tenant application in the private communication system, the secure bridge connection extending between the private communication system and the public network to provide secure communications between the connector service located outside the private communication system and the tenant application within the private communication system to enable access to enterprise services operating within the private communication system from requestors located outside the private communication system wherein the secure bridge connection comprises a secure outbound pipe, accessible with first session credentials, that handles all outbound connections and data flow for carrying requests from the connector service to the tenant application and a separate secure inbound pipe, accessible with second session credentials that handles all inbound connections and data flow for carrying responses from the tenant application to the connector service, wherein the secure inbound pipe and the secure outbound pipe are established with separate session credentials; receiving a message addressed to an end service in the private communication network along with a cloud-side network object identifier (NOID-C) attribute that uniquely identifies a cloud-based requestor that seeks to access the end service in the private communication network, and an end service identifier (ESID) attribute that uniquely identifies the end service in the private communication network; identifying an instance of the end service in the private communication system to which the information is addressed in response to the ESID; associating a private communication system network object identifier (NOID-P) attribute with the instance of the end service in the private communication system to which the information is addressed; creating a private side transmission socket; creating a virtual communication circuit by associating the transmission socket with the ESID, NOID-C and NOID-P attributes; storing a virtual communication circuit identifier associated with the transmission socket, the virtual circuit identifier including the ESID, the NOID-C, and the NOID-P attributes, after creating the virtual communication circuit; and transmitting the message addressed to the end service to the destination identified by the ESID. 8. The computer program product of claim 7 , wherein identifying the instance of the end service in the private communication system to which the information is addressed comprises using the ESID to determine the instance of the end service in the private communication system to which the information is addressed. 9. The computer program product of claim 7 , further comprising: transitioning the private side transmission socket into a receiving socket; receiving a response from the end service response using the receiving socket; associating the response received from the end service with the ESID, NOID-C and NOID- P attributes; and transmitting the response from the end service and the ESID, NOID-C and NOID-P attributes to the cloud-based requestor.