System and method for restricting data transfers and managing software components of distributed computers

US 20050102388A1
Filed: 12/08/2004
Published: 05/12/2005
Est. Priority Date: 10/24/2000
Status: Abandoned Application

First Claim

Patent Images

1. One or more computer-readable media having stored thereon instructions that, when executed by one or more processors, cause the one or more processors to:

associate each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;

allow only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assign the remaining management devices a more limited set of rights, wherein the one management agent corresponds to a top-level ownership domain, and wherein any of the other management agents can revoke the rights of the one management agent; and

restrict which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A controller, referred to as the “BMonitor”, is situated on a computer. The BMonitor includes a plurality of filters that identify where data can be sent to and/or received from, such as another node in a co-location facility or a client computer coupled to the computer via the Internet. The BMonitor further receives and implements requests from external sources regarding the management of software components executing on the computer, allowing such external sources to initiate, terminate, debug, etc. software components on the computer. Additionally, the BMonitor operates as a trusted third party mediating interaction among multiple external sources managing the computer.

Citations

27 Claims

1. One or more computer-readable media having stored thereon instructions that, when executed by one or more processors, cause the one or more processors to:
- associate each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;
  
  allow only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assign the remaining management devices a more limited set of rights, wherein the one management agent corresponds to a top-level ownership domain, and wherein any of the other management agents can revoke the rights of the one management agent; and
  
  restrict which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. One or more computer-readable media as recited in claim 1, wherein the instructions further cause the one or more processors to:
    - allow which of the plurality of management agents has the extended set of rights to change over time; and
      
      erase a system memory each time a change occurs in which of the plurality of management agents has the extended set of rights.
  - 3. One or more computer-readable media as recited in claim 1, wherein the computer comprises a node in a co-location facility.
  - 4. One or more computer-readable media as recited in claim 1, wherein each of the plurality of management agents corresponds to one or more management devices that are coupled to the computer.
  - 5. One or more computer-readable media as recited in claim 1, wherein the instructions further cause the one or more processors to terminate execution of a software engine in the computer in response to a request from a management device corresponding to the one management agent having the extended set of rights.
  - 6. One or more computer-readable media as recited in claim 1, wherein the instructions further cause the one or more processors to initiate execution of a software engine in the computer in response to a request from a management device corresponding to the one management agent having the extended set of rights.

7. One or more computer-readable media having stored thereon instructions that, when executed by one or more processors, cause the one or more processors to:
- associate each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;
  
  allow only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assign the remaining management devices a more limited set of rights;
  
  restrict which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent;
  
  allow which of the plurality of management agents has the extended set of rights to change over time; and
  
  erase a system memory each time a change occurs in which of the plurality of management agents has the extended set of rights.
- View Dependent Claims (8, 9, 10, 11)
- - 8. One or more computer-readable media as recited in claim 7, wherein the computer comprises a node in a co-location facility.
  - 9. One or more computer-readable media as recited in claim 7, wherein each of the plurality of management agents corresponds to one or more management devices that are coupled to the computer.
  - 10. One or more computer-readable media as recited in claim 7, wherein the instructions further cause the one or more processors to terminate execution of a software engine in the computer in response to a request from a management device corresponding to the one management agent having the extended set of rights.
  - 11. One or more computer-readable media as recited in claim 7, wherein the instructions further cause the one or more processors to initiate execution of a software engine in the computer in response to a request from a management device corresponding to the one management agent having the extended set of rights.

12. A system comprising:
- means for associating each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of the system and is external to the system;
  
  means for allowing only one of the plurality of management agents to have an extended set of rights to the system at a time, and for assigning the remaining management devices a more limited set of rights, wherein the one management agent corresponds to a top-level ownership domain, and wherein any of the other management agents can revoke the rights of the one management agent; and
  
  means for restricting which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. A system as recited in claim 12, further comprising:
    - means for allowing which of the plurality of management agents has the extended set of rights to change over time; and
      
      means for erasing a system memory each time a change occurs in which of the plurality of management agents has the extended set of rights.
  - 14. A system as recited in claim 12, wherein the system comprises a node in a co-location facility.
  - 15. A system as recited in claim 12, wherein each of the plurality of management agents corresponds to one or more management devices that are coupled to the system.
  - 16. A system as recited in claim 12, further comprising means for terminating execution of a software engine in the system in response to a request from a management device corresponding to the one management agent having the extended set of rights.
  - 17. A system as recited in claim 12, further comprising means for initiating execution of a software engine in the system in response to a request from a management device corresponding to the one management agent having the extended set of rights.

18. A system comprising:
- interface means for allowing management devices corresponding to a plurality of management agents responsible for managing the system to access the system; and
  
  controller means for operating as a trusted third party mediating interaction among the plurality of management agents by assigning each of the plurality of management agents to a different one of a plurality of ownership domains and restricting the rights of each ownership domain in the system, wherein only one of the plurality of management agents can correspond to a top-level ownership domain at a time, and wherein the one management agent can create a new ownership domain for a new management agent, and wherein the new ownership domain becomes the new top-level ownership domain.
- View Dependent Claims (19, 20, 21)
- - 19. A system as recited in claim 18, wherein which of the plurality of management agents corresponds to the top-level ownership domain at any given time can vary over time, and wherein the controller erases a system memory each time a change occurs in which of the plurality of management agents corresponds to the top-level ownership domain.
  - 20. A system as recited in claim 18, wherein the system comprises a node in a co-location facility.
  - 21. A system as recited in claim 18, wherein each of the plurality of management agents corresponds to one or more management devices that are coupled to the system.

22. A computer comprising:
- a processor; and
  
  a memory, coupled to the processor, storing instructions that, when executed by the processor, cause the processor to;
  
  associate each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;
  
  allow only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assign the remaining management devices a more limited set of rights;
  
  restrict which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent;
  
  allow which of the plurality of management agents has the extended set of rights to change over time; and
  
  erase a system memory each time a change occurs in which of the plurality of management agents has the extended set of rights.
- View Dependent Claims (23, 24, 25, 26, 27)
- - 23. A computer as recited in claim 22, wherein the computer comprises a node in a co-location facility.
  - 24. A computer as recited in claim 22, wherein each of the plurality of management agents corresponds to one or more management devices that are coupled to the computer.
  - 25. A computer as recited in claim 22, wherein the instructions further cause the processor to terminate execution of a software engine in the computer in response to a request from a management device corresponding to the one management agent having the extended set of rights.
  - 26. A computer as recited in claim 22, wherein the instructions further cause the processor to initiate execution of a software engine in the computer in response to a request from a management device corresponding to the one management agent having the extended set of rights.
  - 27. A computer as recited in claim 22, wherein the one management agent corresponds to a top-level ownership domain, and wherein any of the other management agents can revoke the rights of the one management agent.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Tabbara, Bassam, Hunt, Galen C., Welland, Robert V., Hydrie, Aamer, Stutz, David S., Levi, Steven P.

Application Number

US11/007,001
Publication Number

US 20050102388A1
Time in Patent Office

Days
Field of Search
US Class Current

709/223
CPC Class Codes

H04L 67/34 involving the movement of s...

H04L 69/329 in the application layer [O...

System and method for restricting data transfers and managing software components of distributed computers

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for restricting data transfers and managing software components of distributed computers

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links