Virtualization infrastructure support
US-9424062-B1 · Aug 23, 2016 · US
Connecting public cloud with private network resources
US9912755B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9912755-B2 |
| Application number | US-201514708859-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 11, 2015 |
| Priority date | May 12, 2014 |
| Publication date | Mar 6, 2018 |
| Grant date | Mar 6, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The automatic provisioning of a connection between a public cloud and an on-premises resource in a private network. This allows a connection to be more easily made when an application in the public cloud is to access that on-premises resource in the private network. The automatic provisioning is initiated upon determining that an application running in the public cloud is to access the on-premises resource. The provisioning occurs by identifying a bridging infrastructure that provides access to the on-premises resource. Credentials are then accessed for later use in connecting to the bridging infrastructure. Application-specific credentials are securely provided to the application. The application-specific credentials are usable by an agent on the public cloud to connect to the identified bridging infrastructure. A configuration packages is then created that includes resource-specific credentials, the identity of the on-premises resource and an executable.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for automatically provisioning a connection between a public cloud and an on-premises resource in a private network, the method comprising: determining that an application running in the public cloud is to access an on-premises resource of the private network; based at least on the determining, automatically generating a resource-specific credential, an application specific credential, and a one-time password (OTP); generating a hyperlink pointing to a network address of the on-premises resource that includes at least the OTP as a query parameter; based at least on the hyperlink being selected from within the private network, automatically performing the following: identifying a bridging infrastructure that provides access to the on-premises resource; causing a configuration package to be downloaded within the private network, wherein the downloaded configuration package uses the OTP from the query parameter of the hyperlink to acquire the resource-specific credential; causing a hybrid connection manager on the private network to automatically start, including configuring the hybrid connection manager to use the resource-specific credential to provide connectivity between the on-premises resource on the private network and the bridging infrastructure; and securely providing the application-specific credentials to the application on the public cloud, the application-specific credentials usable by an agent on the public cloud to connect to the identified bridging infrastructure causing a hybrid connection manager on the private network to automatically provide connectivity between the on-premises resource on private network and the bridging infrastructure using the resource-specific credentials. 2. The method in accordance with claim 1 , the on-premises resource in the private network being a first on-premises resource in the private network, the bridging infrastructure being a first bridging infrastructure, the credentials being first credentials, the application-specific credentials being first application-specific credentials, the resource-specific credentials being first resource-specific credentials, the method further comprising: determining that the application running in the public cloud is to access a second on-premises resource of the private network; automatically performing the following in response to the act of determining that the application running in the public cloud is to access the second on-premises resource of the private network: identifying a second bridging infrastructure that provides access to the second on-premises resource; accessing second credentials used to connect to the second bridging infrastructure; securely providing second application-specific credentials to the application on the public cloud, the second application-specific credentials usable by an agent on the public cloud to connect to the second bridging infrastructure; and creating a configuration package that includes second resource-specific credentials and the identity of the second on-premises resource, the execution of the executable for the control providing connectivity between the second on-premises resource on private network and the second bridging infrastructure using the second resource-specific credentials. 3. The method in accordance with claim 1 , the on-premises resource being a server. 4. The method in accordance with claim 1 , the on-premises resource being a database. 5. The method in accordance with claim 1 , the on-premises resource being storage. 6. The method in accordance with claim 1 , the act of determining that an application running in the public cloud is to access an on-premises resource of the private network comprising: navigating to a web site and indicating to that web site that the on-premises resource is to be made available to the public cloud. 7. The method in accordance with claim 6 , the act of determining further comprising: receiving a control that is unique to the bridging infrastructure and on-premises resource, and that is selectable to obtain the resource-specific credential. 8. The method in accordance with claim 7 , the act of determining further comprising: the user selecting the control thereby initiating the act of automatically performing. 9. The method in accordance with claim 7 , the control being a hyperlink. 10. A computer program product comprising one or more computer-readable hardware storage device having thereon computer-executable instructions that are structured such that, when executed by one or more processors of the computing system, cause the computing system to automatically provision a connection between a public cloud and an on-premises resource in a private network in response to determining that an application running in the public cloud is to access an on-premises resource of the private network: based at least on the determining, automatically generating a resource-specific credential, an application specific credential, and a one-time password (OTP); generating a hyperlink pointing to a network address of the on-premises resource that includes at least the OTP as a query parameter; based at least on the hyperlink being selected from within the private network, automatically performing the following: identifying a bridging infrastructure that provides access to the on-premises resource; causing a configuration package to be downloaded within the private network, wherein the downloaded configuration package uses the OTP from the query parameter of the hyperlink to acquire the resource-specific credential; causing a hybrid connection manager on the private network to automatically start, including configuring the hybrid connection manager to use the resource-specific credential to provide connectivity between the on-premises resource on the private network and the bridging infrastructure; and securely providing the application-specific credentials to the application on the public cloud, the application-specific credentials usable by an agent on the public cloud to connect to the identified bridging infrastructure causing a hybrid connection manager on the private network to automatically provide connectivity between the on-premises resource on private network and the bridging infrastructure using the resource-specific credentials. 11. The computer program product in accordance with claim 10 , the on-premises resource in the private network being a first on-premises resource in the private network, the bridging infrastructure being a first bridging infrastructure, the credentials being first credentials, the application-specific credentials being first application-specific credentials, the resource-specific credentials being first resource-specific credentials, the computer-executable instructions being further structured such that, when executed by the one or more processors of the computing system, cause the computing system to automatically provisioning a connection between the public cloud and a second on-premises resource in a private network in response to determining that the application running in the public cloud is to access the second on-premises resource of the private network: identifying a second bridging infrastructure that provides access to the second on-premises resource; accessing second credentials used to connect to the second bridging infrastructure; securely providing second application-specific credentials to the application on the public cloud, the second application-specific credentials usable by an agent on the public cloud to connect to the second bridging infrastructure; and creating a configuration package that includes second resource-specific
Assignees
Inventors
Classifications
Proxies · CPC title
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
for controlling access to devices or network resources · CPC title
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title
based on web technology, e.g. hypertext transfer protocol [HTTP] · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9912755B2 cover?
- The automatic provisioning of a connection between a public cloud and an on-premises resource in a private network. This allows a connection to be more easily made when an application in the public cloud is to access that on-premises resource in the private network. The automatic provisioning is initiated upon determining that an application running in the public cloud is to access the on-premi…
- Who is the assignee on this patent?
- Microsoft Technology Licensing Llc, Microsoft Technology Licensing Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L67/141. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 06 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).