System and method for restricting data transfers and managing software components of distributed computers
First Claim
1. One or more computer-readable media having stored thereon instructions that, when executed by one or more processors, cause the one or more processors to:
- associate each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;
allow only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assign the remaining management devices a more limited set of rights, wherein the one management agent corresponds to a top-level ownership domain, and wherein any of the other management agents can revoke the rights of the one management agent; and
restrict which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent.
1 Assignment
0 Petitions
Accused Products
Abstract
A controller, referred to as the “BMonitor”, is situated on a computer. The BMonitor includes a plurality of filters that identify where data can be sent to and/or received from, such as another node in a co-location facility or a client computer coupled to the computer via the Internet. The BMonitor further receives and implements requests from external sources regarding the management of software components executing on the computer, allowing such external sources to initiate, terminate, debug, etc. software components on the computer. Additionally, the BMonitor operates as a trusted third party mediating interaction among multiple external sources managing the computer.
-
Citations
27 Claims
-
1. One or more computer-readable media having stored thereon instructions that, when executed by one or more processors, cause the one or more processors to:
-
associate each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;
allow only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assign the remaining management devices a more limited set of rights, wherein the one management agent corresponds to a top-level ownership domain, and wherein any of the other management agents can revoke the rights of the one management agent; and
restrict which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. One or more computer-readable media having stored thereon instructions that, when executed by one or more processors, cause the one or more processors to:
-
associate each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;
allow only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assign the remaining management devices a more limited set of rights;
restrict which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent;
allow which of the plurality of management agents has the extended set of rights to change over time; and
erase a system memory each time a change occurs in which of the plurality of management agents has the extended set of rights. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A system comprising:
-
means for associating each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of the system and is external to the system;
means for allowing only one of the plurality of management agents to have an extended set of rights to the system at a time, and for assigning the remaining management devices a more limited set of rights, wherein the one management agent corresponds to a top-level ownership domain, and wherein any of the other management agents can revoke the rights of the one management agent; and
means for restricting which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A system comprising:
-
interface means for allowing management devices corresponding to a plurality of management agents responsible for managing the system to access the system; and
controller means for operating as a trusted third party mediating interaction among the plurality of management agents by assigning each of the plurality of management agents to a different one of a plurality of ownership domains and restricting the rights of each ownership domain in the system, wherein only one of the plurality of management agents can correspond to a top-level ownership domain at a time, and wherein the one management agent can create a new ownership domain for a new management agent, and wherein the new ownership domain becomes the new top-level ownership domain. - View Dependent Claims (19, 20, 21)
-
-
22. A computer comprising:
-
a processor; and
a memory, coupled to the processor, storing instructions that, when executed by the processor, cause the processor to;
associate each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;
allow only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assign the remaining management devices a more limited set of rights;
restrict which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent;
allow which of the plurality of management agents has the extended set of rights to change over time; and
erase a system memory each time a change occurs in which of the plurality of management agents has the extended set of rights. - View Dependent Claims (23, 24, 25, 26, 27)
-
Specification