Security zone policy enforcement in a cloud infrastructure system

Assignee

• Oracle International Corporation · US

Inventors

• Igor Dozorets · Sammamish, US
• Thoulfekar Alrahem · Bellevue, US
• Jun Tong · Jersey City, US
• Leonid Kuperman · Toronto, CA
• Nachiketh Rao Potlapally · Arlington, US
• Bala Ganesh Chandran · Winchester, US
• Brian Irl Pratt · Seattle, US
• Nathaniel Martin Glass · Bellevue, US
• Girish Nagaraja · Sammamish, US
• Jonathan Jorge Nadal · Seattle, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L67/10
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A cloud-based security solution that provides a robust and secure framework for managing and enforcing security policies related to various resources managed in the cloud is disclosed. The cloud-based security solution is implemented by a security zone policy enforcement system in a cloud service provider infrastructure. The system receives a request to perform an operation on a resource and determines a compartment associated with the resource. The system determines that the compartment is associated with a security zone and determines a set of one or more security zone policies applicable to the resource. The system then determines that the operation on the resource is permitted based on the set of one or more security zone policies and responsive to determining that the operation on the resource is permitted, allows the operation to be performed on the resource.