Invention Title:

Software Defined Community Cloud

Publication number:

US20240177115

Publication date:

2024-05-30

Section:

Physics

Class:

G06Q10/103

Inventors:

Timothy Matthew Dierks Brooklyn, NY, United States

Christopher William Johnson San Francisco, CA, United States

Jason Edward Callaway Frederick, MD, United States

Anthony Michael Carnevale San Diego, CA, United States

Omkhar Arasaratnam New York City, NY, United States

Assignee:

Google LLC Mountain View, CA, United States

Applicant:

Google LLC Mountain View, CA, United States

Drawings (4 of 6)

Drawing 01 for Software Defined Community Cloud

Drawing 02 for Software Defined Community Cloud

Drawing 03 for Software Defined Community Cloud

Drawing 04 for Software Defined Community Cloud

Smart overview of the Invention

A method for implementing software-defined community clouds involves managing access to various projects based on compliance requirements. When a requestor seeks access to a project, the system evaluates whether the access request meets specific compliance standards. If the request satisfies all requirements, access is granted; if not, access is denied. This method ensures that only authorized users can access sensitive project data, maintaining compliance with regulatory standards.

Community Cloud Concept

Community clouds are designed for organizations with shared concerns, such as security and compliance needs. These cloud infrastructures can be owned and managed by the participating organizations or a third party, and they may be hosted on or off-site. The separation from other public cloud resources enhances security and allows for tailored compliance measures that are crucial for highly regulated entities, like government agencies.

Access Control Mechanism

The system employs a zero trust access control policy, requiring two-factor authentication and valid justifications for access requests. This dynamic policy adapts based on the identity of the requestor, project status, and environmental factors. Such stringent measures help ensure that only legitimate users gain access to sensitive data, thereby reinforcing security protocols within the community cloud.

Infrastructure Primitives

Each project within the community cloud consists of multiple infrastructure primitives, which represent distinct units of computing capacity. These can include virtual machines, persistent storage disks, or storage buckets. The isolation of these projects ensures that resources are dedicated and secure, preventing unauthorized crossover between different projects within the community cloud.

Benefits of Software-Defined Community Clouds

The implementation of software-defined community clouds offers several advantages, including enhanced security through shared controls among community members and simplified data management based on geographical location and compliance needs. These clouds provide a clearly defined security perimeter while ensuring that all operational requirements are met efficiently and effectively.