TOPOLOGICAL QUERY IN MULTI-TENANCY ENVIRONMENT

US 20150120703A1
Filed: 03/26/2012
Published: 04/30/2015
Est. Priority Date: 03/21/2012
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

accessing a topological database with multi-tenancy capability that represents an information technology environment, each node of the topological database representing a configuration item within the environment, each node being characterized by a tenant authorization rule (TAR) that indicates a list of tenants of the topological database that are authorized to access the configuration item that corresponds to that node;

obtaining an unrestricted result to an unrestricted query, the unrestricted query being representable as a sub-graph isomorphism, the unrestricted result to the unrestricted query including any groups of the nodes of the database that satisfy the sub-graph isomorphism;

applying a tenant query to the unrestricted result to obtain an authorized result, the tenant query being representable by a sub-graph isomorphism that is substantially of the same form as the sub-graph isomorphism representation of the unrestricted query, the authorized result including identification of any of the groups whose component nodes are each characterized by a TAR that authorizes access by the querying tenant; and

issuing a notification on the basis of the obtained authorized result.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Each node of a topological database that represents an information technology environment with multi-tenancy capability represents a configuration item within the environment and is characterized by a tenant authorization rule that indicates a list of tenants that are authorized to access the corresponding configuration. An unrestricted result to an unrestricted query is obtained, the unrestricted query being representable as a sub-graph isomorphism. The unrestricted result includes groups of nodes of the database that satisfy the isomorphism. A tenant query is applied to the unrestricted result to obtain an authorized result, the tenant query being representable by the same sub-graph isomorphism as the unrestricted query. The authorized result includes identification of any of the groups whose component nodes are each characterized by a TAR that authorizes access by the querying tenant. A notification is issued to the querying tenant on the basis of the obtained authorized result.

Citations

15 Claims

1. A method comprising:
- accessing a topological database with multi-tenancy capability that represents an information technology environment, each node of the topological database representing a configuration item within the environment, each node being characterized by a tenant authorization rule (TAR) that indicates a list of tenants of the topological database that are authorized to access the configuration item that corresponds to that node;
  
  obtaining an unrestricted result to an unrestricted query, the unrestricted query being representable as a sub-graph isomorphism, the unrestricted result to the unrestricted query including any groups of the nodes of the database that satisfy the sub-graph isomorphism;
  
  applying a tenant query to the unrestricted result to obtain an authorized result, the tenant query being representable by a sub-graph isomorphism that is substantially of the same form as the sub-graph isomorphism representation of the unrestricted query, the authorized result including identification of any of the groups whose component nodes are each characterized by a TAR that authorizes access by the querying tenant; and
  
  issuing a notification on the basis of the obtained authorized result.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the information technology environment comprises a managed service provider (MSP), and wherein each configuration item represents a resource of the MSP.
  - 3. The method of claim 1, wherein obtaining the unrestricted result comprises repeatedly submitting an active query to the database.
  - 4. The method of claim 3, wherein the tenant query is applied to the unrestricted result when a change is detected in the unrestricted results obtained from successive submissions of the active query.
  - 5. The method of claim 1, comprising comparing the obtained authorized result with a previously obtained authorized result.
  - 6. The method of claim 5, wherein the issuing the notification comprises indicating a difference between obtained authorized result and the previously obtained authorized result.
  - 7. The method of claim 1, wherein applying the tenant query comprises applying the tenant query to a stored unrestricted result.

8. A non-transitory computer readable medium having stored thereon instructions that when executed by a processor will cause the processor to:
- receive a tenant query to a topological database with multi-tenancy capability from a tenant of topological database, wherein each node of the topological database represents a configuration item within an information technology environment, each node being characterized by a TAR that indicates a list of those tenants that are authorized to access the configuration item that corresponds to that node, and wherein the tenant query is representable as a sub-graph isomorphism of the database;
  
  obtain an unrestricted result to an unrestricted query to the database, the sub-graph isomorphism of the unrestricted query having substantially the same form as the tenant query, the unrestricted result including any groups of the nodes of the database that satisfy the sub-graph isomorphism of the unrestricted query;
  
  apply the tenant query to the obtained unrestricted result to obtain an authorized result, the authorized result including identification of any of the groups whose component nodes are each characterized by a TAR that authorizes access by the tenant; and
  
  issue a notification on the basis of the obtained authorized result.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The non-transitory computer readable medium of claim 8, wherein the environment comprises an MSP, and wherein each configuration item comprises a resource of the MSP.
  - 10. The non-transitory computer readable medium of claim 8, wherein the instruction to obtain the unrestricted result comprises instruction to retrieve a stored result of the unrestricted query.
  - 11. The non-transitory computer readable medium of claim 8, wherein the instruction to obtain the unrestricted result comprises instruction to submit the unrestricted query to the database.
  - 12. The non-transitory computer readable medium of claim 11, wherein the instruction to submit the unrestricted query comprises instruction to repeatedly submit an active query to the database and to store the unrestricted result.
  - 13. The non-transitory computer readable medium of claim 12, wherein the instruction to apply the tenant query to the obtained unrestricted result comprises instructions to apply the tenant query when a change is detected in the unrestricted result.
  - 14. The non-transitory computer readable medium of claim 8, comprising instructions to compare the obtained authorized result with a previously obtained authorized result.
  - 15. The non-transitory computer readable medium of claim 14, wherein the notification to the tenant comprises an indication of a difference between the obtained authorized result and a previously obtained authorized result.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micro Focus LLC (Open Text Corporation)
Original Assignee
Arik Sityon
Inventors
Sityon, Arik, Regev, Eyal, Ziv, Assif

Granted Patent

US 9,703,834 B2
Time in Patent Office

Days
Field of Search
US Class Current

707/722
CPC Class Codes

G06F 16/24564   Applying rules; Deductive q...

G06F 21/6227   where protection concerns t...

G06F 2221/2141   Access rights, e.g. capabil...

TOPOLOGICAL QUERY IN MULTI-TENANCY ENVIRONMENT

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

TOPOLOGICAL QUERY IN MULTI-TENANCY ENVIRONMENT

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links