PROVISIONING COMPOSITE APPLICATIONS USING SECURE PARAMETER ACCESS

US 20130326498A1
Filed: 05/30/2012
Published: 12/05/2013
Est. Priority Date: 05/30/2012
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method, comprising:

receiving, by a provisioning server, a request for a configuration parameter from a first component of a composite Web application, the first component residing on a first virtual machine (VM), the requested configuration parameter being related to a second component of the composite Web application, the second component residing on a second VM;

identifying a role of the first component in the composite Web application;

determining, by the provisioning server, whether the first component has access to the requested configuration parameter based on the role of the first component; and

providing the requested configuration parameter to the first component of the composite application if the first component is determined to have access to the requested configuration parameter.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mechanism for provisioning composite application using secure parameter transfer is disclosed. A method of one embodiment of the invention includes receiving a request for a configuration parameter from a first component of a composite Web application residing on a first virtual machine (VM), The requested configuration parameter can be related to a second component of the composite Web application residing on a second VM. The role of the first component in the composite Web application is identified and a determination is made as to whether the first component has access to the requested configuration parameter based on the role of the first component. If the first component has access, then the requested configuration parameter is provided to the first component.

48 Citations

View as Search Results

20 Claims

1. A computer-implemented method, comprising:
- receiving, by a provisioning server, a request for a configuration parameter from a first component of a composite Web application, the first component residing on a first virtual machine (VM), the requested configuration parameter being related to a second component of the composite Web application, the second component residing on a second VM;
  
  identifying a role of the first component in the composite Web application;
  
  determining, by the provisioning server, whether the first component has access to the requested configuration parameter based on the role of the first component; and
  
  providing the requested configuration parameter to the first component of the composite application if the first component is determined to have access to the requested configuration parameter.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising denying the requested configuration parameter if the first component is determined to not have access to the requested configuration parameter.
  - 3. The method of claim 1, wherein the provisioning server communicates with the first VM and the second VM via a network.
  - 4. The method of claim 1, wherein the first VM and the second VM are virtual machines of a cloud-based Web application hosting environment.
  - 5. The method of claim 1, wherein the first component comprises an application server and the second component comprises a database management system, and wherein the configuration parameter comprises a database password.
  - 6. The method of claim 5, wherein determining whether the application server has access to the database password comprises identifying whether the database management system is related to the application server in the composite Web application.
  - 7. The method of claim 1, wherein determining whether the first component has access to the requested configuration parameter comprises querying a hierarchical data structure and comparing the role of the first component to a match condition of at least one element of the hierarchical data structure.
  - 8. The method of claim 1, further comprising identifying a role of the second component in the composite Web application, wherein determining whether the first component has access to the requested configuration parameter if further based on the role of the second component.

9. A system comprising:
- a memory, anda processor coupled to the memory to perform;
  
  receiving a request for a configuration parameter from a first component of a composite Web application, the first component residing on a first virtual machine (VM), the requested configuration parameter being related to a second component of the composite Web application, the second component residing on a second VM;
  
  identifying a role of the first component in the composite Web application;
  
  determining whether the first component has access to the requested configuration parameter based on the role of the first component; and
  
  providing the requested configuration parameter to the first component of the composite application if the first component is determined to have access to the requested configuration parameter.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The system of claim 9, wherein the processor further denies the requested configuration parameter if the first component is determined to not have access to the requested configuration parameter.
  - 11. The system of claim 9, wherein the processor communicates with the first VM and the second VM via a network.
  - 12. The system of claim 9, wherein the first VM and the second VM are virtual machines of a cloud-based Web application hosting environment.
  - 13. The system of claim 9, wherein the first component comprises an application server and the second component comprises a database management system, and wherein the configuration parameter comprises a database password, wherein determining whether the application server has access to the database password comprises identifying whether the database management system is related to the application server in the composite Web application.
  - 14. The system, of claim 9, wherein determining whether the first component has access to the requested configuration parameter comprises querying a hierarchical data structure and comparing the role of the first component to a match condition of at least one element of the hierarchical data structure.
  - 15. The system of claim 9, wherein the processor further identifies a role of the second component in the composite Web application, wherein determining whether the first component has access to the requested configuration parameter if further based on the role of the second component.

16. A non-transitory computer-readable storage medium programmed to include instructions that, when executed by a processing device, cause the processing device to perform a method comprising:
- receiving, by a provisioning server, a request for a configuration parameter from a first component of a composite Web application, the first component residing on a first virtual machine (VM), the requested configuration parameter being related to a second component of the composite Web application, the second component residing on a second VM;
  
  identifying a role of the first component in the composite Web application;
  
  determining, by the provisioning server, whether the first component has access to the requested configuration parameter based on the role of the first component; and
  
  providing the requested configuration parameter to the first component of the composite application if the first component is determined to have access to the requested configuration parameter.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The non-transitory computer-readable storage medium of claim 16, wherein the instructions further cause the processing device to deny the requested configuration parameter if the first component is determined to not have access to the requested configuration parameter.
  - 18. The non-transitory computer-readable storage medium of claim 16, wherein the first component comprises an application server and the second component comprises a database management system, and wherein the configuration parameter comprises a database password, wherein determining whether the application server has access to the database password comprises identifying whether the database management system is related to the application server in the composite Web application.
  - 19. The non-transitory computer-readable storage medium of claim 16, wherein determining whether the first component has access to the requested configuration parameter comprises querying a hierarchical data structure and comparing the role of the first component to a match condition of at least one element of the hierarchical data structure.
  - 20. The non-transitory computer-readable storage medium of claim 16, wherein determining whether the first component has access to the requested configuration parameter comprises querying a hierarchical data structure and comparing the role of the first component to a match condition of at least one element of the hierarchical data structure.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat Israel Ltd. (International Business Machines Corporation)
Original Assignee
Red Hat Israel Ltd. (International Business Machines Corporation)
Inventors
Levy, Ohad Shaul Anaf, Benari, Amos

Granted Patent

US 10,169,000 B2
Time in Patent Office

Days
Field of Search
US Class Current

717/177
CPC Class Codes

G06F 11/1484   involving virtual machines

G06F 2009/45587   Isolation or security of vi...

G06F 2201/865   Monitoring of software

G06F 8/31   Programming languages or pr...

G06F 8/60   Software deployment

G06F 9/44505   Configuring for program ini...

G06F 9/45516   Runtime code conversion or ...

G06F 9/45537   Provision of facilities of ...

G06F 9/45558   Hypervisor-specific managem...

PROVISIONING COMPOSITE APPLICATIONS USING SECURE PARAMETER ACCESS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

48 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

PROVISIONING COMPOSITE APPLICATIONS USING SECURE PARAMETER ACCESS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

48 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others