System and Method for Restricting Data Transfers and Managing Software Components of Distributed Computers

US 20100287271A1
Filed: 07/19/2010
Published: 11/11/2010
Est. Priority Date: 10/24/2000
Status: Abandoned Application

First Claim

Patent Images

1. One or more computer-readable media having stored thereon a computer program that, when executed by a processor of a node in a co-location facility, causes the processor to perform operations including:

beginning and terminating execution of components on the node in response to received commands, wherein the node is associated with a first server cluster that is associated with a first customer of the co-location facility and the beginning and the terminating execution of the components comprises beginning and terminating execution of the components based on commands received from an operations console at a location remote from the co-location facility;

establishing a first boundary by restricting the components that are executing on the node associated with the first server cluster that is associated with the first customer from receiving data from and sending data to one or more other nodes that are associated with a second server cluster that is associated with a second customer of the co-location facility; and

altering a sub-boundary within the first server cluster based on a command received from the first customer, wherein the first customer is restricted from altering the first boundary.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A controller, referred to as the “BMonitor”, is situated on a computer. The BMonitor includes a plurality of filters that identify where data can be sent to and/or received from, such as another node in a co-location facility or a client computer coupled to the computer via the Internet. The BMonitor further receives and implements requests from external sources regarding the management of software components executing on the computer, allowing such external sources to initiate, terminate, debug, etc. software components on the computer. Additionally, the BMonitor operates as a trusted third party mediating interaction among multiple external sources managing the computer.

Citations

20 Claims

1. One or more computer-readable media having stored thereon a computer program that, when executed by a processor of a node in a co-location facility, causes the processor to perform operations including:
- beginning and terminating execution of components on the node in response to received commands, wherein the node is associated with a first server cluster that is associated with a first customer of the co-location facility and the beginning and the terminating execution of the components comprises beginning and terminating execution of the components based on commands received from an operations console at a location remote from the co-location facility;
  
  establishing a first boundary by restricting the components that are executing on the node associated with the first server cluster that is associated with the first customer from receiving data from and sending data to one or more other nodes that are associated with a second server cluster that is associated with a second customer of the co-location facility; and
  
  altering a sub-boundary within the first server cluster based on a command received from the first customer, wherein the first customer is restricted from altering the first boundary.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. One or more computer-readable media as recited in claim 1, the co-location facility having multiple server clusters that correspond to a different customer of the co-location facility.
  - 3. One or more computer-readable media as recited in claim 1, wherein a plurality of management devices share management responsibility for the node, and wherein the beginning and the terminating execution of the components on the node is confined to one of the plurality of management devices at a time.
  - 4. One or more computer-readable media as recited in claim 1, wherein the restricting comprises:
    - checking whether it is permissible to forward received data to an intended target of the received data; and
      
      forwarding the received data to the intended target when it is permissible to do so.
  - 5. One or more computer-readable media as recited in claim 4, wherein the intended target comprises another node in the co-location facility.
  - 6. One or more computer-readable media as recited in claim 4, wherein the intended target comprises at least one of the components executing on the node.
  - 7. One or more computer-readable media as recited in claim 1, wherein one of the components comprises an operating system.

8. A method comprising:
- receiving, at a node within a first server cluster in a co-location facility, a first request from a first customer at a first control console that is local to the co-location facility to alter a first sub-boundary within the first server cluster;
  
  checking whether the first control console has rights for the first request;
  
  implementing the first request when the first control console has the rights and when the first request does not alter a boundary established between the first server cluster and one or more additional server clusters associated with one or more additional customers;
  
  receiving, at the node within the first server cluster, a second request from the first customer at a second control console that is remote from the co-location facility to alter a second sub-boundary within the first server cluster;
  
  checking whether the second control console has corresponding rights for the second request; and
  
  implementing the second request when the second control console has the corresponding rights for the second request and when the second request does not alter the boundary established between the first server cluster and the one or more additional server clusters associated with the one or more additional customers.
- View Dependent Claims (9, 10, 11, 12)
- - 9. A method as recited in claim 8, wherein the first request comprises hardware operation oriented commands.
  - 10. A method as recited in claim 8, wherein the second request comprises software application control oriented commands.
  - 11. A method as recited in claim 8, wherein the first request corresponds to one of a first set of rights that are granted to the first control console, wherein the second request corresponds to one of a second set of rights that are granted to the second control console, and wherein the first set of rights is more restricted than the second set of rights.
  - 12. One or more computer-readable memories containing a computer program that is executable by a processor to perform the method recited in claim 8.

13. One or more computer-readable media having stored thereon a computer program that, when executed by a processor of a node in a co-location facility, causes the processor to perform operations including:
- establishing a first boundary of a first server cluster of multiple server clusters in the co-location facility, wherein the multiple server clusters correspond to different customers of the co-location facility, wherein the first server cluster of the multiple server clusters includes the node, and wherein the first boundary restricts the node from sending data to and receiving data from nodes in other server clusters of the multiple server clusters in the co-location facility; and
  
  altering a sub-boundary within the first server cluster based on commands received from a console outside the first server cluster that is remote from the co-location facility, wherein said altering cannot alter the first boundary.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. One or more computer-readable media as recited in claim 13, wherein the establishing comprises including a filter that restricts access to another node that is in the co-location facility but that is not in the first server cluster.
  - 15. One or more computer-readable media as recited in claim 13, wherein the establishing comprises generating a plurality of filters identifying other nodes in the first server cluster of the multiple server clusters as being permissible to access.
  - 16. One or more computer-readable media as recited in claim 13, wherein the computer program, when executed, further causes the processor to perform operations including executing a software engine in response to a command received from the console.
  - 17. One or more computer-readable media as recited in claim 13, wherein the computer program, when executed, further causes the processor to perform operations including terminating execution of a software engine in response to a command received from the console.
  - 18. One or more computer-readable media as recited in claim 13, the altering comprising restricting, in response to a command to add a filter to the node, the node from sending data to and receiving data from a second node in the first server cluster.
  - 19. One or more computer-readable media as recited in claim 18, the restricting being performed responsive to the command being received from the console.
  - 20. The processor configured by executing the one or more computer-readable media as recited in claim 13.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Hydrie, Aamer, Stutz, David S., Tabbara, Bassam, Hunt, Galen C., Welland, Robert V., Levi, Steven P.

Application Number

US12/839,328
Publication Number

US 20100287271A1
Time in Patent Office

Days
Field of Search
US Class Current

709/223
CPC Class Codes

H04L 67/34 involving the movement of s...

H04L 69/329 in the application layer [O...

System and Method for Restricting Data Transfers and Managing Software Components of Distributed Computers

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and Method for Restricting Data Transfers and Managing Software Components of Distributed Computers

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links