| CPC H04L 63/0823 (2013.01) [G06F 8/77 (2013.01); G06F 21/6218 (2013.01); H04L 63/0876 (2013.01); H04L 63/20 (2013.01)] | 16 Claims |
|
1. An Information Handling System (IHS), comprising:
a processor; and
a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to:
allow a first remote orchestrator to manage a workspace instantiated by the IHS in response to the first remote orchestrator having a first credential, wherein the first remote orchestrator is associated with a first domain;
receive a request from a second remote orchestrator to manage the workspace, wherein the second remote orchestrator is associated with a second domain within the first domain, wherein the first domain and the second domain are distinct logically separated areas of access control, and wherein the first domain restricts access to the workspace by the second remote orchestrator; and
allow the second remote orchestrator to manage the workspace, at least in part, in response to a determination that the second remote orchestrator has a second credential provided by the first remote orchestrator, wherein the determination is made by the IHS based at least in part on out-of-band (OOB) network communication with the first remote orchestrator and the second remote orchestrator and a trusted controller configured to store cryptographic information for use in authorization of workspaces, and wherein the OOB network communication is isolated from any Operating System (OS) of the IHS.
|