Abstract: Described is a system for maintaining dual-party authentication requirements for data retention compliance in a distributed storage environment that includes servers or nodes with remote access components. When administering a data retention policy, an operating system component may require a dual-party authentication mechanism to prevent data deletion, while a different authentication mechanism may control access to the remote access components. Access to the remote access component by a single privileged user, however, may enable overriding or compromising the retention lock compliance implemented by the operating system. Accordingly, the system may tie the dual-party authentication requirement to the authentication mechanism of the remote access components.

Abstract: Described is a system for maintaining dual-party authentication requirements for data retention compliance in systems with remote access components. When administering a data retention policy, an operating system component may require a dual-party authentication mechanism to prevent data deletion, while a different authentication mechanism may control access to the remote access controller. Access to the remote access controller by a single privileged user, however, may enable overriding or compromising the retention lock compliance implemented by the operating system. Accordingly, the system may tie the dual-party authentication requirement to the remote access controller authentication mechanism.

Abstract: Systems and methods implemented via a broker in a cloud-based system include steps of, responsive to a user and associated user device executing a client connector being authenticated, receiving a notification from the client connector; determining private applications accessible by the user based on policy, wherein the private applications are located in one of a public cloud, a private cloud, and an enterprise network; and sending a Top-Level Domain+1 (TLD+1) list of the accessible private applications to the user device, wherein the TLD+1 includes a TLD and a domain name.

Abstract: Secure communications are established in a non-secure environment between virtual machines configured as nodes of a virtual machine cluster having a virtual scale-out architecture without user intervention. When a new virtual cluster node is automatically and dynamically created and deployed by a virtual cluster master node, the master node embeds in a common image from which the new node is created an initial secret key for establishing initial trusted communications between the new node and the master node. The master node then passes a permanent secret key to the new node, opens an OpenSSL connection for creating a public key infrastructure, and signs the new node's CSR with its own public and private keys and sends the signed certificate to the new node.

Abstract: Systems, methods, and apparatus for authenticating and authorizing clients. A client certificate is used to authenticate and authorize a client (or user). When the client certificate is received, the certificate is authenticated. If the certificate is valid, a username included in the certificate is used to authorize the client. This may be done based on privileges or permissions associated with the user name. Once the client or user is authenticated and authorized, operations requested by the client can be performed as long as permitted by the privileges or permissions.

Abstract: Systems, methods, and apparatus for authenticating and authorizing clients. A client certificate is used to authenticate and authorize a client (or user). When the client certificate is received, the certificate is authenticated. If the certificate is valid, a username included in the certificate is used to authorize the client. This may be done based on privileges or permissions associated with the user name. Once the client or user is authenticated and authorized, operations requested by the client can be performed as long as permitted by the privileges or permissions.

Abstract: Secure communications are established in a non-secure environment between virtual machines configured as nodes of a virtual machine cluster having a virtual scale-out architecture without user intervention. When a new virtual cluster node is automatically and dynamically created and deployed by a virtual cluster master node, the master node embeds in a common image from which the new node is created an initial secret key for establishing initial trusted communications between the new node and the master node. The master node then passes a permanent secret key to the new node, opens an OpenSSL connection for creating a public key infrastructure, and signs the new node's CSR with its own public and private keys and sends the signed certificate to the new node.

Abstract: Systems, methods, and apparatus for authenticating and authorizing clients. A client certificate is used to authenticate and authorize a client (or user). When the client certificate is received, the certificate is authenticated. If the certificate is valid, a username included in the certificate is used to authorize the client. This may be done based on privileges or permissions associated with the user name. Once the client or user is authenticated and authorized, operations requested by the client can be performed as long as permitted by the privileges or permissions.