System and method for command routing and execution in a multiprocessing system

US 6,389,543 B1
Filed: 08/31/1998
Issued: 05/14/2002
Est. Priority Date: 08/31/1998
Status: Expired due to Fees

First Claim

Patent Images

1. A method for routing messages in a multi-node processing system including multiple interconnected application nodes, the method comprising:

transmitting input from an originating entity to a first one of the application nodes, the input including a command and also including routing information identifying multiple of the application nodes, the originating entity having associated security credentials;

the first node receiving the input and in response, a synchronously transmitting messages to all identified application nodes to log-in to those nodes using the originating entity'"'"'s security credentials and request each of the identified nodes to execute the command;

the identified application nodes receiving the transmitted messages, and in response, each of the identified application nodes reviewing the security credentials to determine whether the log-in is permitted, and if the log-in is not permitted, aborting execution of the command;

if the log-in is permitted, permitting the first node to log-in and request execution of the command, and in response to the request to execute the command, the identified application node executing the command;

sending the first node a response representing outcome of the execution of the command; and

in response to the first application node receiving any responses from the identified application nodes, the first application node organizing the responses and providing a representative output.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Any node in a multi-node processing system may be employed to route commands to a selected group of one or more nodes, and initiate local command execution if permitted by local security provisions. The system includes multiple application nodes interconnected by a network, and one or more administrator nodes each coupled to at least one application node. Each administrator node has assigned security credentials. The process starts when the administrator node transmits input to one of the application nodes (an “entry” node). The input includes a command and routing information specifying a list of desired application nodes (“destination” nodes) to execute the command. In response to this input, the entry node transmits messages to all destination nodes to (1) log-in to the destination nodes as the originating administrator node, and (2) request the destination nodes to execute the command. Consulting locally stored security information, each destination node determines whether the entry node'"'"'s log-in should succeed. If so, the destination node consults locally stored authority information to determine whether the initiating administrator node has authority to execute the requested command. If so, the destination node executes the command. The destination node sends the entry node a response representing the outcome of command execution. The entry node organizes such responses and provides a representative output.

Citations

46 Claims

1. A method for routing messages in a multi-node processing system including multiple interconnected application nodes, the method comprising:
- transmitting input from an originating entity to a first one of the application nodes, the input including a command and also including routing information identifying multiple of the application nodes, the originating entity having associated security credentials;
  
  the first node receiving the input and in response, a synchronously transmitting messages to all identified application nodes to log-in to those nodes using the originating entity'"'"'s security credentials and request each of the identified nodes to execute the command;
  
  the identified application nodes receiving the transmitted messages, and in response, each of the identified application nodes reviewing the security credentials to determine whether the log-in is permitted, and if the log-in is not permitted, aborting execution of the command;
  
  if the log-in is permitted, permitting the first node to log-in and request execution of the command, and in response to the request to execute the command, the identified application node executing the command;
  
  sending the first node a response representing outcome of the execution of the command; and
  
  in response to the first application node receiving any responses from the identified application nodes, the first application node organizing the responses and providing a representative output.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, where the first node performs the transmission of messages and receiving of responses concurrently.
  - 3. The method of claim 1, where:
4. The method of claim 1, where:
- each application node has access to a reference list of security credentials;
  
  each message a synchronously transmitted by the first node to all identified application nodes to log-in to those nodes further includes security credentials of the originating entity;
  
  responsive to the first node a synchronously transmitting messages to all identified application nodes to log-in to those nodes, the identified application nodes perform operations comprising;
  
  consulting their respective reference lists of security credentials to determine whether the transmitted security credentials are represented therein;
  
  only if the transmitted security credentials are represented in the reference list of security credentials, permitting the first node to log-in to the identified application nodes.
5. The method of claim 1, where:
- each application node has access to a list of authority information;
  
  the method further comprises, responsive to the first node a synchronously transmitting the messages, each identified application node consulting its respective authority information to determine whether the originating entity is authorized to request the command; and
  
  only if the originating entity is authorized to request the command, executing the command.
6. The method of claim 1, where each response representing outcome of the execution of the command at a particular application node includes at least one of the following:
- whether the first node succeeded in logging-in to the application node;
  
  whether the application node executed the command;
  
  conditions at the application node as a result of having executed the command.
7. The method of claim 1, where:
- each application node has access to a command vocabulary list;
  
  the method further comprises, responsive to the first node a synchronously transmitting the messages, each identified application node consulting its respective command vocabulary list to determine whether the command is valid at the identified application node, and the identified application node proceeding to execute the command only if the command is valid at the identified application node.
8. The method of claim 1, the method further comprising:
- the first node providing the representative output to the originating entity.
9. The method of claim 1, where the application nodes identified by the routing information include the first node.

10. A method for routing messages in a multi-node processing system including multiple interconnected application nodes, the method comprising:
- a first application node receiving input from an originating entity having assigned security credentials, the input including a command and routing information identifying multiple application nodes;
  
  responsive to the input, the first application node a synchronously transmitting messages to all identified application nodes to log-in to those nodes using the originating entity'"'"'s security credentials and request each of the identified application nodes to execute the command; and
  
  the first application node determining whether any responses have been received from the identified application nodes where each response represents an outcome of execution of the command at that application node, and if any responses have been received, the first application node organizing the responses and providing a representative output.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10, where the first application node performs the transmission of messages and receiving of responses concurrently.
  - 12. The method of claim 10, where:
13. The method of claim 10, where:
- each message a synchronously transmitted by the first application node to all identified application nodes to log-in to those nodes further includes security credentials of the originating entity, the security credentials including a user name and a password.
14. The method of claim 10, where:
- each application node has access to a list of authority information;
  
  the method further comprises, responsive to the first application node a synchronously transmitting the messages, each identified application node consulting its respective authority information to determine whether the originating entity is authorized to request the command; and
  
  only if the originating entity is authorized to request the command, executing the command.
15. The method of claim 10, where each response representing outcome of the execution of the command at a particular application node includes at least one of the following:
- whether the first node succeeded in logging-in to the application node;
  
  whether the application node executed the command;
  
  conditions at the application node as a result of having executed the command.
16. The method of claim 10, where:
- each application node has access to a command vocabulary list;
  
  the method further comprises, responsive to the first node a synchronously transmitting the messages, each identified application node consulting its respective command vocabulary list to determine whether the command is valid at the identified application node, and the identified application node proceeding to execute the command only if the command is valid at the identified application node.
17. The method of claim 10, the method further comprising:
- the first application node providing the representative output to the originating entity.
18. The method of claim 10, where the application nodes identified by the routing information include the first application node.

19. A signal-bearing medium tangibly embodying a program of machine-readable instructions executable by a digital processing apparatus to perform a method for routing messages in a multi-node processing system that includes multiple interconnected application nodes, the method comprising:
- a first application node receiving input from an originating entity having assigned security credentials, the input including a command and routing information identifying multiple application nodes;
  
  responsive to the input, the first application node a synchronously transmitting messages to all identified application nodes to log-in to those nodes using the originating entity'"'"'s security credentials and request each of the identified application nodes to execute the command; and
  
  the first application node determining whether any responses have been received from the identified application nodes where each response represents an outcome of execution of the command at that application node, and if any responses have been received, the first application node organizing the responses and providing a representative output.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The medium of claim 19, where the application node performs the transmission of messages and receiving of responses concurrently.
  - 21. The medium of claim 19, where:
22. The medium of claim 19, where:
- each message a synchronously transmitted by the first application node to all identified application nodes to log-in to those nodes further includes security credentials of the originating entity, the security credentials including a user name and a password.
23. The medium of claim 19, where:
- each application node has access to a list of authority information;
  
  the method further comprises, responsive to the first application node asynchronously transmitting messages, each identified application node consulting its respective authority information to determine whether the originating entity is authorized to request the command; and
  
  only if the originating entity is authorized to request the command, executing the command.
24. The medium of claim 19, where each response representing outcome of the execution of the command at a particular application node includes at least one of the following:
- whether the first node succeeded in logging-in to the application node;
  
  whether the application node executed the command;
  
  conditions at the application node as a result of having executed the command.
25. The medium of claim 19, where:
- each application node has access to a command vocabulary list;
  
  the method further comprises, responsive to the first node a synchronously transmitting the messages, each identified application node consulting its respective command vocabulary list to determine whether the command is valid at the identified application node, and the identified application node proceeding to execute the command only if the command is valid at the identified application node.
26. The medium of claim 19, the method further comprising:
- the first application node providing the representative output to the originating entity.
27. The medium of claim 19, where the application nodes identified by the routing information include the first application node.

28. A computing system, comprising:
- multiple application nodes; and
  
  a network interconnecting the application nodes;
  
  where the application nodes are programmed to perform operations to route messages to one or more of the application nodes for execution therein, the operations comprising;
  
  a first one of the nodes receiving input from an originating entity having assigned security credentials, the input including a command and also including routing information identifying multiple application nodes;
  
  in response to receiving the input, the first node asynchronously transmitting messages to all identified application nodes to log-in to those nodes using the entity'"'"'s security credentials and request each of the identified nodes to execute the command;
  
  the identified application nodes receiving the transmitted messages, and in response, each of the identified application nodes reviewing the security credentials to determine whether the log-in is permitted, and if the log-in is not permitted, aborting execution of the command;
  
  if the log-in is permitted, permitting the first node to log-in and request execution of the command, and in response to the request to execute the command, the identified application node executing the command; and
  
  sending the first node a response representing outcome of the execution of the command; and
  
  in response to the first application node receiving any responses from the identified application nodes, the first application node organizing the responses and providing a representative output.
- View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 29. The system of claim 28, where at least one of the application nodes comprises an instance of an application program.
  - 30. The system of claim 28, where at least one of the application nodes comprises a digital processing apparatus.
  - 31. The system of claim 28, where at least one of the application nodes comprises a digital data storage server.
  - 32. The system of claim 28, where at least two of the application nodes comprise separate digital computers, and the network includes communications links operatively interconnecting the digital computers.
  - 33. The system of claim 28, where at least two of the application nodes comprise separate instances of an application program executing on a single computer, and the network includes intra-computer communications link between the application program instances.
  - 34. The system of claim 28, where the application nodes are programmed to perform the transmission of messages and receiving of responses concurrently.
  - 35. The system of claim 28, where:
36. The system of claim 28, where:
- each application node has access to a reference list of security credentials;
  
  each message a synchronously transmitted by the first node to all identified application nodes to log-in to those nodes further includes security credentials of the originating entity;
  
  responsive to the first node a synchronously transmitting messages to all identified application nodes to log-in to those nodes, the identified application nodes perform operations comprising;
  
  consulting their respective reference lists of security credentials to determine whether the transmitted security credentials are represented therein;
  
  only if the transmitted security credentials are represented in the reference list of security credentials, permitting the first node to log-in to the identified application nodes.
37. The system of claim 28, where:
- each application node has access to a list of authority information;
  
  the method further comprises, responsive to the first node a synchronously transmitting the messages, each identified application node consulting its respective authority information to determine whether the originating entity is authorized to request the command; and
  
  only if the originating entity is authorized to request the command, executing the command.
38. The system of claim 28, where each response representing outcome of the execution of the command at a particular application node includes at least one of the following:
- whether the first node succeeded in logging-in to the application node;
  
  whether the application node executed the command;
  
  conditions at the application node as a result of having executed the command.
39. The system of claim 28, where:
- each application node has access to a command vocabulary list;
  
  the method further comprises, responsive to the first node a synchronously transmitting the messages, each identified application node consulting its respective command vocabulary list to determine whether the command is valid at the identified application node, and the identified application node proceeding to execute the command only if the command is valid at the identified application node.
40. The system of claim 28, the method further comprising:
- the first node providing the representative output to the originating entity.
41. The system of claim 28, where the application nodes identified by the routing information include the first application node.

42. A distributed computing system, comprising:
- one or more administrator nodes each having predefined security credentials; and
  
  multiple application nodes, where each administrator node is coupled to at least one application node, and each application node includes storage containing;
  
  authority levels listing a number of operations and which administrator nodes if any are permitted to perform that operation on the application node; and
  
  security credentials of all administrator nodes;
  
  a network interconnecting the application nodes;
  
  where each application node is programmed to perform operations to route messages from an attached administrator node to application nodes, the operations comprising;
  
  responsive to a first on of the application nodes receiving input from an administrator node, the input including a command and also including routing Information identifying multiple of the application nodes, the first node performing operations comprising;
  
  consulting the security credentials in storage to retrieve the security credentials of the administrator node;
  
  asynchronously transmitting messages to all identified application nodes to log-in to those nodes using the retrieved security credentials and request each of the identified application nodes to execute the command;
  
  the identified application nodes receiving the transmitted messages, and in response, each identified application node;
  
  consulting the stored security credentials to determine whether the transmitted security credentials are valid, and if not, failing the log-in attempt;
  
  if the transmitted security credentials valid, consulting the stored authority levels to determine whether the administrator node is authorized to request execution of the command, and only if so, requesting the application node to execute the command;
  
  sending the first application node a response representing outcome of execution of the command; and
  
  responsive to the first application node receiving any responses the identified application nodes, the first application node organizing the responses and providing a representative output.

43. A command relay system, comprising:
- multiple application nodes;
  
  a network interconnecting the application nodes;
  
  where the application nodes are programmed to perform operations to selectively receive and relay commands to other application nodes and arrange for local execution thereby, the operations comprising;
  
  receiving input from an originator, the input including a command and also including routing information identifying multiple of the application nodes;
  
  responsive to the input, the application node asynchronously responding to the input by log-in to each of the identified application nodes using security credentials of the originator and requesting each of the identified nodes to execute the command;
  
  responsive to receiving any responses from the identified application nodes resulting from execution of the command thereby, the application node organizing the responses and providing a representative output to the originator.
- View Dependent Claims (44, 45, 46)
- - 44. The command relay system of claim 43, where each application node is further programmed to perform operations comprising:
45. The system of claim 43, where:
- each application node is programmed such that the operation of receiving routing information comprises receiving identification of one or more node groups each node group being associated with a predetermined selection of application nodes;
  
  each application node is further programmed to reference a stored group definition list to identify individual nodes represented by the specified node groups.
46. The system of claim 44, where each application node is programmed to receive input from the originator free from any security credentials, and responsive thereto to perform operations comprising retrieving security credentials associated with the originator from storage.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Dawson, Colin Scott, Kaczmarski, Michael Allen, Warren, Donald Paul Jr.
Primary Examiner(s)
Hayes, Gail
Assistant Examiner(s)
Revak, Christopher A.

Application Number

US09/143,820
Time in Patent Office

1,352 Days
Field of Search

713/200, 713/201, 713/202, 709/102, 709/106, 709/200, 709/201, 709/202, 709/203, 709/244, 709/217, 709/218, 709/219, 709/227
US Class Current

726/4
CPC Class Codes

H04L 63/104 Grouping of entities

System and method for command routing and execution in a multiprocessing system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

46 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for command routing and execution in a multiprocessing system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

46 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links