Dynamic workload balancing for real-time stream data analytics
US-2016182588-A1 · Jun 23, 2016 · US
Multi-tenant identity and data security management cloud service
US9781122B1 · US · B1
| Field | Value |
|---|---|
| Publication number | US-9781122-B1 |
| Application number | US-201715485532-A |
| Country | US |
| Kind code | B1 |
| Filing date | Apr 12, 2017 |
| Priority date | May 11, 2016 |
| Publication date | Oct 3, 2017 |
| Grant date | Oct 3, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A system provides cloud-based identity and access management. The system receives a request from a client for an identity management service, authenticates the request, and accesses a microservice based on the request. The system determines, based on the request, a tenancy of the client, a tenancy of a user, and a tenancy of a resource. The system retrieves data from the determined tenancies as required to process the request, where the data is retrieved by the microservice using a connection pool that provides connections to the database. The system then performs the identity management service by the appropriate microservice responsible for processing the received request.
First claim
Opening claim text (preview).
What is claimed is: 1. A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to provide cloud-based identity and access management, the providing comprising: receiving a request from a client for an identity management service; authenticating the request; accessing a microservice based on the request; determining, based on the request, a tenancy of the client, a tenancy of a user related to the request, and a tenancy of a resource related to the request; retrieving data from at least one of the tenancy of the client, the tenancy of the user, or the tenancy of the resource in a database, wherein the data is retrieved by the microservice using a connection pool that provides connections to the database; and performing the identity management service by the microservice using the data; wherein the microservice uses a proxy user to connect to a respective connection in the connection pool and the proxy user represents a tenant in the database. 2. The computer readable medium of claim 1 , wherein the identity management service includes obtaining an access token for the user to access the resource, wherein the token identifies the tenancy of the resource and the tenancy of the user. 3. The computer readable medium of claim 1 , wherein the microservice is stateless. 4. The computer readable medium of claim 1 , wherein the microservice comprises a OAuth microservice. 5. The computer readable medium of claim 1 , wherein Uniform Resource Locator (URL) token identifies the tenancy of the client, the tenancy of a user related to the request, and the tenancy of the resource. 6. The computer readable medium of claim 1 , wherein the database and the microservice are configured to scale independently of one another. 7. The computer readable medium of claim 1 , wherein the database comprises a distributed data grid. 8. The computer readable medium of claim 1 , wherein at least two of the tenancy of the client, the tenancy of the user, and the tenancy of the resource are the same tenancy. 9. A method of providing cloud-based identity and access management, comprising: receiving a request from a client for an identity management service; authenticating the request; accessing a microservice based on the request; determining, based on the request, a tenancy of the client, a tenancy of a user related to the request, and a tenancy of a resource related to the request; retrieving data from at least one of the tenancy of the client, the tenancy of the user, or the tenancy of the resource in a database, wherein the data is retrieved by the microservice using a connection pool that provides connections to the database; and performing the identity management service by the microservice using the data; wherein the microservice uses a proxy user to connect to a respective connection in the connection pool and the proxy user represents a tenant in the database. 10. The method of claim 9 , wherein the identity management service includes obtaining an access token for the user to access the resource, wherein the token identifies the tenancy of the resource and the tenancy of the user. 11. The method of claim 9 , wherein the microservice is stateless. 12. The method of claim 9 , wherein the microservice comprises a OAuth microservice. 13. The method of claim 9 , wherein a Uniform Resource Locator (URL) token identifies the tenancy of the client, the tenancy of a user related to the request, and the tenancy of the resource. 14. The method of claim 9 , wherein the database and the microservice are configured to scale independently of one another. 15. The method of claim 9 , wherein the database comprises a distributed data grid. 16. The method of claim 9 , wherein at least two of the tenancy of the client, the tenancy of the user, and the tenancy of the resource are the same tenancy. 17. A system for providing cloud-based identity and access management, comprising: one or more processors coupled to a storage device comprising instructions that when executed by the one or more processors implement a security gate and a microservice; the security gate that receives a request from a client for an identity management service; the security gate authenticating the request; the security gate accessing the microservice based on the request; the microservice determining, based on the request, a tenancy of the client, a tenancy of a user related to the request, and a tenancy of a resource related to the request; the microservice retrieving data from at least one of the tenancy of the client, the tenancy of the user, or the tenancy of the resource in a database, wherein the microservice retrieves the data using a connection pool that provides connections to the database; and the microservice performing the identity management service using the data; wherein the microservice uses a proxy user to connect to a respective connection in the connection pool and the proxy user represents a tenant in the database. 18. The system of claim 17 , wherein the identity management service includes obtaining an access token for the user to access the resource, wherein the token identifies the tenancy of the resource and the tenancy of the user. 19. The system of claim 17 , wherein the microservice is stateless. 20. The system of claim 17 , wherein the microservice comprises a OAuth microservice.
Assignees
Inventors
Classifications
Proxies · CPC title
Authentication · CPC title
Access security · CPC title
providing single-sign-on or federations · CPC title
using tickets, e.g. Kerberos (cryptographic mechanisms or cryptographic arrangements for entity authentication using tickets or tokens H04L9/3213) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9781122B1 cover?
- A system provides cloud-based identity and access management. The system receives a request from a client for an identity management service, authenticates the request, and accesses a microservice based on the request. The system determines, based on the request, a tenancy of the client, a tenancy of a user, and a tenancy of a resource. The system retrieves data from the determined tenancies as…
- Who is the assignee on this patent?
- Oracle Int Corp
- What technology area does this patent fall under?
- Primary CPC classification H04L63/101. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Oct 03 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).