Providing context-based visibility of cloud resources in a multi-tenant environment

Assignee

• International Business Machines Corporation · US

Inventors

• Sridhar R. Muppidi · Austin, US
• William A. Bird · Fredericton, CA
• Sreekanth Ramakrishna Iyer · Savanuru, IN
• Archana Kumar · Mountain View, US
• Nataraj Nagaratnam · Cary, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L41/50
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A secure tag generation service is associated with a cloud infrastructure. This service establishes a security context for a particular cloud tenant based on a tenant's security requirements, one or more cloud resource attributes, and the like. The security content is encoded into a data structure, such as a tag that uniquely identifies that security context. The tag is then encrypted. The encrypted tag is then propagated to one or more cloud management services, such as a logging service. When one or more cloud resources are then used, such use is associated with the encrypted security context tag. In this manner, the encrypted tag is used to monitor activities that are required to meet the security context. When it comes time to perform a security or compliance management task, any cloud system logs that reference the encrypted security context tag are correlated to generate a report for the security context.