MULTI-TENANT DATA PROTECTION IN EDGE COMPUTING ENVIRONMENTS
First Claim
1. A system comprising:
- memory; and
processing circuitry coupled to the memory, the processing circuitry configured to;
obtain, from an orchestration provider, a workflow execution plan, the workflow execution plan including workload metadata defining a plurality of workloads associated with a plurality of edge service instances, the instances executing on one or more edge computing devices within an edge computing system;
translate the workload metadata to obtain workload configuration information for the plurality of workloads, the workload configuration information identifying a plurality of memory access configurations and service authorizations, the service authorizations identifying at least one edge service instance of the edge service instances authorized to access one or more of the plurality of memory access configurations;
partition the memory into a plurality of shared memory regions using the plurality of memory access configurations; and
process a memory access request for accessing at least one of the plurality of shared memory regions based on the service authorizations, the memory access request received from an edge service instance of the plurality of edge service instances.
1 Assignment
0 Petitions
Accused Products
Abstract
Various approaches for implementing multi-tenant data protection are described. In an edge computing system deployment, a system includes memory and processing circuitry coupled to the memory. The processing circuitry is configured to obtain a workflow execution plan that includes workload metadata defining a plurality of workloads associated with a plurality of edge service instances executing respectively on one or more edge computing devices. The workload metadata is translated to obtain workload configuration information for the plurality of workloads. The workload configuration information identifies a plurality of memory access configurations and service authorizations identifying at least one edge service instance authorized to access one or more of the memory access configurations. The memory is partitioned into a plurality of shared memory regions using the memory access configurations. A memory access request for accessing one of the shared memory regions is processed based on the service authorizations.
-
Citations
26 Claims
-
1. A system comprising:
-
memory; and processing circuitry coupled to the memory, the processing circuitry configured to; obtain, from an orchestration provider, a workflow execution plan, the workflow execution plan including workload metadata defining a plurality of workloads associated with a plurality of edge service instances, the instances executing on one or more edge computing devices within an edge computing system; translate the workload metadata to obtain workload configuration information for the plurality of workloads, the workload configuration information identifying a plurality of memory access configurations and service authorizations, the service authorizations identifying at least one edge service instance of the edge service instances authorized to access one or more of the plurality of memory access configurations; partition the memory into a plurality of shared memory regions using the plurality of memory access configurations; and process a memory access request for accessing at least one of the plurality of shared memory regions based on the service authorizations, the memory access request received from an edge service instance of the plurality of edge service instances. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. At least one non-transitory machine-readable storage medium comprising instructions, wherein the instructions, when executed by a processing circuitry of an edge computing device operable in an edge computing system, cause the processing circuitry to perform operations that:
-
obtain, from an orchestration provider, a workflow execution plan, the workflow execution plan including workload metadata defining a plurality of workloads associated with a plurality of edge service instances, the instances executing respectively on one or more edge computing devices within the edge computing system; translate the workload metadata to obtain workload configuration information for the plurality of workloads, the workload configuration information identifying a plurality of memory access configurations and service authorizations, the service authorizations identifying at least one edge service instance of the edge service instances authorized to access one or more of the plurality of memory access configurations; partition memory of the edge computing device into a plurality of shared memory regions using the plurality of memory access configurations; and process a memory access request for accessing at least one of the plurality of shared memory regions based on the service authorizations, the memory access request received from an edge service instance of the plurality of edge service instances. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A method performed by an edge computing device operable in an edge computing system, comprising:
-
obtaining, from an orchestration provider, a workflow execution plan, the workflow execution plan including workload metadata defining a plurality of workloads associated with a plurality of edge service instances, the instances executing respectively on one or more edge computing devices within an edge computing system; translating the workload metadata to obtain workload configuration information for the plurality of workloads, the workload configuration information identifying a plurality of memory access configurations and service authorizations, the service authorizations identifying at least one edge service instance of the edge service instances authorized to access one or more of the plurality of memory access configurations; partitioning memory of the edge computing device into a plurality of shared memory regions using the plurality of memory access configurations; and processing a memory access request for accessing at least one of the plurality of shared memory regions based on the service authorizations, the memory access request received from an edge service instance of the plurality of edge service instances. - View Dependent Claims (22, 23, 24, 25)
-
-
26-39. -39. (canceled)
Specification