COMPUTER SYSTEM AND VIRTUAL COMPUTER MANAGEMENT METHOD
First Claim
1. A computer system, comprising:
- a plurality of computers each including;
a processor;
a memory coupled to the processor; and
a network interface coupled to the processor;
a virtual computer system including a computer resource allocated to at least one virtual computer; and
a verification system for verifying integrity relating to the at least one virtual computer,the virtual computer system including;
a plurality of servers for providing the computer resource to the at least one virtual computer;
a management computer for managing a plurality of virtual computers that operate on each of the plurality of servers; and
an image data storage part for storing image data for generating a virtual computer for executing an application,the verification system including a verification server for verifying the integrity relating to the virtual computer for executing the application,the virtual computer system having;
image data management information in which the image data and a security strength required on a boot of the virtual computer for executing the application generated based on the image data are associated with each other; and
server management information in which the server and a security strength set for the server are associated with each other,the virtual computer system including;
a deployment request reception part for receiving, from a user using the virtual computer system, a deployment request including identification information on target image data for generating the virtual computer for executing the application;
a server search part for searching for the server, for which a security strength equal to or larger than the security strength associated with the target image data is set, based on the image data management information and the server management information;
a deployment instruction part for instructing the retrieved server to deploy the target image data; and
a virtual computer management part for generating the virtual computer for executing the application on the retrieved server by using the target image data, and transmitting a first integrity report, which is obtained on the boot of the virtual computer for executing the application and used to verify the integrity relating to the virtual computer for executing the application, to the verification server, wherein;
the virtual computer management part receives a result of a verification process with respect to the first integrity report transmitted from the verification server; and
the deployment request reception part outputs a deployment result for the target image data based on the received result of the verification process with respect to the first integrity report.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer system, comprising: a virtual computer system and a verification system, the virtual computer system including: a deployment request reception part for receiving a deployment request; a server search part for searching for a server, for which a security strength equal to or larger than the security strength associated with target image data is set; a deployment instruction part for instructing the retrieved server to deploy the target image data; and a virtual computer management part for generating a virtual computer for executing an application on the retrieved server by using the target image data, and transmitting a integrity report, which is obtained on the boot of the virtual computer for executing the application and used to verify the integrity relating to the virtual computer for executing the application, to a verification server.
-
Citations
14 Claims
-
1. A computer system, comprising:
-
a plurality of computers each including;
a processor;
a memory coupled to the processor; and
a network interface coupled to the processor;a virtual computer system including a computer resource allocated to at least one virtual computer; and a verification system for verifying integrity relating to the at least one virtual computer, the virtual computer system including; a plurality of servers for providing the computer resource to the at least one virtual computer; a management computer for managing a plurality of virtual computers that operate on each of the plurality of servers; and an image data storage part for storing image data for generating a virtual computer for executing an application, the verification system including a verification server for verifying the integrity relating to the virtual computer for executing the application, the virtual computer system having; image data management information in which the image data and a security strength required on a boot of the virtual computer for executing the application generated based on the image data are associated with each other; and server management information in which the server and a security strength set for the server are associated with each other, the virtual computer system including; a deployment request reception part for receiving, from a user using the virtual computer system, a deployment request including identification information on target image data for generating the virtual computer for executing the application; a server search part for searching for the server, for which a security strength equal to or larger than the security strength associated with the target image data is set, based on the image data management information and the server management information; a deployment instruction part for instructing the retrieved server to deploy the target image data; and a virtual computer management part for generating the virtual computer for executing the application on the retrieved server by using the target image data, and transmitting a first integrity report, which is obtained on the boot of the virtual computer for executing the application and used to verify the integrity relating to the virtual computer for executing the application, to the verification server, wherein; the virtual computer management part receives a result of a verification process with respect to the first integrity report transmitted from the verification server; and the deployment request reception part outputs a deployment result for the target image data based on the received result of the verification process with respect to the first integrity report. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A virtual computer management method performed in a computer system including a plurality of computers,
the plurality of computers each including: - a processor;
a memory coupled to the processor; and
a network interface coupled to the processor;the computer system including; a virtual computer system including a computer resource allocated to at least one virtual computer; and a verification system for verifying integrity relating to the at least one virtual computer, the virtual computer system including; a plurality of servers for providing the computer resource to the at least one virtual computer; a management computer for managing a plurality of virtual computers that operates on each of the plurality of servers; and an image data storage part for storing image data for generating a virtual computer for executing an application, the verification system including; a verification server for verifying the integrity of the virtual computer for executing the application; and a data-for-verification storage part for storing information used to verify the integrity of the virtual computer for executing the application, the virtual computer system having; image data management information in which the image data and a security strength required on a boot of the virtual computer for executing the application generated based on the image data are associated with each other; and server management information in which the server and a security strength set for the server are associated with each other, the virtual computer management method including; a first step of receiving, by the management computer, from a user using the virtual computer system, a deployment request including identification information on target image data for generating the virtual computer for executing the application; a second step of searching, by the management computer, for the server, for which a security strength equal to or larger than the security strength associated with the target image data is set, based on the image data management information and the server management information; a third step of instructing, by the management computer, the retrieved server to deploy the target image data; a fourth step of generating, by the server instructed to deploy the target image data, the virtual computer for executing the application by using the target image data, and transmitting a first integrity report, which is obtained on the boot of the virtual computer for executing the application and used to verify the integrity relating to the virtual computer for executing the application, to the verification server; a fifth step of receiving, by the server instructed to deploy the target image data, a result of a verification process with respect to the first integrity report transmitted from the verification server; a sixth step of transmitting, by the server instructed to deploy the target image data, the received result of the verification process with respect to the first integrity report to the management computer; and a seventh step of outputting, by the management computer, a deployment result for the target image data to the user based on the received result of the verification process with respect to the first integrity report. - View Dependent Claims (9, 10, 11, 12, 13, 14)
- a processor;
Specification