| CPC G06F 21/31 (2013.01) [G06F 21/602 (2013.01); G06F 21/6281 (2013.01)] | 20 Claims |
|
1. A method for managing data, the method comprising:
identifying an operation for performance by a storage array;
generating a request to execute the operation by the storage array;
obtaining a token from an identity management system by, at least:
obtaining, by the identity management system, credentials for a user that is attempting to initiate performance of the operation by the storage array;
attempting, by the identity management system, to authenticate the credentials;
in a first instance of the attempting where the credentials are authenticated:
generating, by the identity management system, the token, the token comprising a private key signature and permissions of a user use of the storage array, and
providing, by the identity management system, the token to a system that a user is using; and
in a second instance of the attempting where the credentials are not authenticated, denying, by the identity management system, the token to the user;
adding the token to the request to obtain a modified request, the token being cryptographically verifiable by the storage array;
providing the modified request to the storage array; and
obtaining a response from the storage array, the response indicating whether the operation is performed by the storage array based on the request.
|