Providing automatic policy enforcement in a multi-computer service application
First Claim
1. A computer-readable medium comprising computer-program instructions executable by a processor for enforcing policy in a multi-computer service application having a plurality of software modules that execute on a plurality of computers, the multi-computer service application further having access to a communications medium that allows data communications between different ones of the computers, the computer-program instructions comprising instructions for:
- configuring logical output ports and logical input ports on different modules in accordance with a logical model of the multi-computer service application, wherein each logical input and output port is defined by port software;
configuring logical data connections between the logical output and input ports in accordance with the logical model;
configuring each port to communicate through different numbers of logical data connections without modifying the port software;
sending a notification from a particular module to a policy module; and
responding, by the policy module, to the notification by;
determining a request for one or more destination modules;
providing the request to an output port of the policy module; and
forwarding, by the output port, the request to input ports of a plurality of the modules in accordance with the configured logical data connections.
1 Assignment
0 Petitions
Accused Products
Abstract
Enforcing policy in a multi-computer service application is described. In one aspect, a scale-independent logical model of an application is generated. The application is for implementation in a distributed computing system. The scale-independent logical model includes multiple components representing logical functions of the application and intercommunication protocols. The model components are converted into one or more instances representative of physical resources used to implement the logical functions. The instances specify information such as communication ports on the physical resources and communication paths that link the physical resources.
-
Citations
20 Claims
-
1. A computer-readable medium comprising computer-program instructions executable by a processor for enforcing policy in a multi-computer service application having a plurality of software modules that execute on a plurality of computers, the multi-computer service application further having access to a communications medium that allows data communications between different ones of the computers, the computer-program instructions comprising instructions for:
-
configuring logical output ports and logical input ports on different modules in accordance with a logical model of the multi-computer service application, wherein each logical input and output port is defined by port software;
configuring logical data connections between the logical output and input ports in accordance with the logical model;
configuring each port to communicate through different numbers of logical data connections without modifying the port software;
sending a notification from a particular module to a policy module; and
responding, by the policy module, to the notification by;
determining a request for one or more destination modules;
providing the request to an output port of the policy module; and
forwarding, by the output port, the request to input ports of a plurality of the modules in accordance with the configured logical data connections. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computing device comprising:
-
a processor; and
a memory coupled to the processor, the memory comprising computer-program instructions executable by the processor for enforcing policy in a multi-computer service application having a plurality of software modules that execute on a plurality of computers, the multi-computer service application further having access to a communications medium that allows data communications between different ones of the computers, the computer-program instructions comprising instructions for;
configuring logical output ports and logical input ports on different modules in accordance with a logical model of the multi-computer service application, wherein each logical input and output port is defined by port software;
configuring logical data connections between the logical output and input ports in accordance with the logical model;
configuring each port to communicate through different numbers of logical data connections without modifying the port software;
sending a notification from a particular module to a policy module; and
responding, by the policy module, to the notification by;
determining a request for one or more destination modules;
providing the request to an output port of the policy module; and
forwarding, by the output port, the request to input ports of a plurality of the modules in accordance with the configured logical data connections. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method to enforce a policy in a multi-computer service application, the multi-computer service application including multiple software modules configured for execution on respective ones of multiple computers, the multi-computer service application having access to a communications medium that allows data communications between different ones of the computers, the method comprising:
-
representing logical functions of the multi-computer service application with a logical model comprising model components;
creating, by a core runtime converter, one or more module instances of the model components to implement logical functions represented by the model components, one of the module instances being a policy module, logical output ports and logical input ports on different modules being configured in accordance with the logical model, each logical input and output port being defined by port software, logical data connections being configured between the logical output and input ports in accordance with the logical model, each port being configured to communicate through different numbers of logical data connections without modifying the port software; and
wherein, the policy module is configured to receive event notifications from a module instance, and in response to receiving an event notification, the policy module is configured to;
(a) determine a request for one or more destination modules; and
(b) provide the request to an output port of the policy module, the output port being configured to forward the request to input ports of a plurality of the modules in accordance with the configured logical data connections. - View Dependent Claims (16, 18, 19, 20)
-
-
17. A method of 15, further comprising representing the model components with a schema that specifies hardware and software modules represented by the model components
Specification