System and method for restricting data transfers and managing software components of distributed computers
First Claim
Patent Images
1. A system comprising:
- an interface allowing management devices corresponding to a plurality of management agents responsible for managing the system to access the system; and
a controller to operate as a trusted third party mediating interaction among the plurality of management agents by assigning each of the plurality of management agents to a different one of a plurality of ownership domains and restricting the rights of each ownership domain in the system, wherein only one of the plurality of management agents can correspond to a top-level ownership domain at a time, and wherein any of the other management agents can revoke the top-level ownership domain.
3 Assignments
0 Petitions
Accused Products
Abstract
A controller, referred to as the “BMonitor”, is situated on a computer. The BMonitor includes a plurality of filters that identify where data can be sent to and/or received from, such as another node in a co-location facility or a client computer coupled to the computer via the Internet. The BMonitor further receives and implements requests from external sources regarding the management of software components executing on the computer, allowing such external sources to initiate, terminate, debug, etc. software components on the computer. Additionally, the BMonitor operates as a trusted third party mediating interaction among multiple external sources managing the computer.
148 Citations
24 Claims
-
1. A system comprising:
-
an interface allowing management devices corresponding to a plurality of management agents responsible for managing the system to access the system; and
a controller to operate as a trusted third party mediating interaction among the plurality of management agents by assigning each of the plurality of management agents to a different one of a plurality of ownership domains and restricting the rights of each ownership domain in the system, wherein only one of the plurality of management agents can correspond to a top-level ownership domain at a time, and wherein any of the other management agents can revoke the top-level ownership domain. - View Dependent Claims (2, 3, 4, 5, 13)
-
-
6. A system comprising:
-
an interface allowing management devices corresponding to a plurality of management agents responsible for managing the system to access the system; and
a controller to operate as a trusted third party mediating interaction among the plurality of management agents by assigning each of the plurality of management agents to a different one of a plurality of ownership domains and restricting the rights of each ownership domain in the system, wherein one of the plurality of ownership domains is a top-level ownership domain having a first set of rights, wherein each of the other ownership domains in the plurality of ownership domains has a second set of rights, and wherein the first set of rights includes;
the right to create new ownership domains, the right to access system memory, the right to access a mass storage device of the system, the right to modify filters in the system, the right to start execution of software engines in the system, the right to stop execution of software engines in the system, the right to debug software engines in the system, the right to change authentication credentials for the ownership domain, the right to modify a storage key for the ownership domain, and the right to subscribe to events engine events, machine events, and packet filter events at the system.
-
-
7. A system comprising:
-
an interface allowing management devices corresponding to a plurality of management agents responsible for managing the system to access the system; and
a controller to operate as a trusted third party mediating interaction among the plurality of management agents by assigning each of the plurality of management agents to a different one of a plurality of ownership domains and restricting the rights of each ownership domain in the system, wherein one of the plurality of ownership domains is a top-level ownership domain having a first set of rights, wherein each of the other ownership domains in the plurality of ownership domains has a second set of rights, and wherein the second set of rights includes;
the right to revoke an existing ownership domain, the right to modify filters in the system, the right to change authentication credentials for the ownership domain, and the right to subscribe to machine events and packet filter events at the system.
-
-
8. A system comprising:
-
an interface allowing management devices corresponding to a plurality of management agents responsible for managing the system to access the system; and
a controller to operate as a trusted third party mediating interaction among the plurality of management agents by assigning each of the plurality of management agents to a different one of a plurality of ownership domains and restricting the rights of each ownership domain in the system, wherein one of the plurality of ownership domains is a top-level ownership domain having a first set of rights, wherein each of the other ownership domains in the plurality of ownership domains has a second set of rights, and wherein the first set of rights includes;
the right to create new ownership domains, the right to access system memory, the right to access a mass storage device of the system, and the right to modify filters in the system.
-
-
9. A system comprising:
-
an interface allowing management devices corresponding to a plurality of management agents responsible for managing the system to access the system; and
a controller to operate as a trusted third party mediating interaction among the plurality of management agents by assigning each of the plurality of management agents to a different one of a plurality of ownership domains and restricting the rights of each ownership domain in the system, wherein one of the plurality of ownership domains is a top-level ownership domain having a first set of rights, wherein each of the other ownership domains in the plurality of ownership domains has a second set of rights, and wherein the second set of rights includes;
the right to revoke an existing ownership domain and the right to modify filters in the system, including the right to add a filter that cannot be subverted by a management agent assigned to the top-level ownership domain.
-
-
10. A system comprising:
-
an interface allowing management devices corresponding to a plurality of management agents responsible for managing the system to access the system; and
a controller to operate as a trusted third party mediating interaction among the plurality of management agents by assigning each of the plurality of management agents to a different one of a plurality of ownership domains and restricting the rights of each ownership domain in the system, wherein one of the plurality of ownership domains is a top-level ownership domain having a first set of rights, wherein each of the other ownership domains in the plurality of ownership domains has a second set of rights, and wherein the controller allows a device corresponding to any one of the other ownership domains to revoke the top-level ownership domain, and wherein the controller erases a system memory during the revocation process.
-
-
11. A system comprising:
-
an interface allowing management devices corresponding to a plurality of management agents responsible for managing the system to access the system; and
a controller to operate as a trusted third party mediating interaction among the plurality of management agents by assigning each of the plurality of management agents to a different one of a plurality of ownership domains and restricting the rights of each ownership domain in the system, wherein only one of the plurality of management agents can correspond to a top-level ownership domain at a time, and wherein the one management agent can create a new ownership domain for a new management agent, and wherein the new ownership domain becomes the new top-level ownership domain.
-
-
12. A system comprising:
-
an interface allowing management devices corresponding to a plurality of management agents responsible for managing the system to access the system; and
a controller to operate as a trusted third party mediating interaction among the plurality of management agents by assigning each of the plurality of management agents to a different one of a plurality of ownership domains and restricting the rights of each ownership domain in the system, wherein only one of the plurality of management agents can correspond to a top-level ownership domain at a time, wherein which of the plurality of management agents corresponds to the top-level ownership domain at any given time can vary over time, and wherein the controller erases a system memory each time a change occurs in which of the plurality of management agents corresponds to the top-level ownership domain.
-
-
14. A method comprising:
-
associating each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;
allowing only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assigning the remaining management devices a more limited set of rights;
restricting which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent;
allowing which of the plurality of management agents has the extended set of rights to change over time; and
erasing a system memory each time a change occurs in which of the plurality of management agents has the extended set of rights. - View Dependent Claims (15, 21, 22, 23, 24)
-
-
16. A method comprising:
-
associating each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;
allowing only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assigning the remaining management devices a more limited set of rights, wherein the extended set of rights includes;
the right to create new ownership domains, the right to access system memory, the right to access a mass storage device of the system, the right to modify filters in the system, the right to start execution of software engines in the system, the right to stop execution of software engines in the system, the right to debug software engines in the system, the right to change authentication credentials for the ownership domain, the right to modify a storage key for the ownership domain, and the right to subscribe to events engine events, machine events, and packet filter events at the system; and
restricting which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent.
-
-
17. A method comprising:
-
associating each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;
allowing only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assigning the remaining management devices a more limited set of rights, wherein the more limited set of rights includes;
the right to revoke an existing ownership domain, the right to modify filters in the system, the right to change authentication credentials for the ownership domain, and the right to subscribe to machine events and packet filter events at the system; and
restricting which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent.
-
-
18. A method comprising:
-
associating each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;
allowing only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assigning the remaining management devices a more limited set of rights, wherein the extended set of rights includes;
the right to create new ownership domains, the right to access system memory, the right to access a mass storage device of the system, and the right to modify filters in the system; and
restricting which request from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent.
-
-
19. A method comprising:
-
associating each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;
allowing only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assigning the remaining management devices a more limited set of rights, wherein the more limited set of rights includes;
the right to revoke an existing ownership domain and the right to modify filters in the system, including the right to add a filter that cannot be subverted by a management agent assigned to the top-level ownership domain; and
restricting which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent.
-
-
20. A method comprising:
-
associating each of a plurality of management agents with one of a plurality of ownership domains, wherein each of the plurality of management agents is responsible for managing at least a portion of a computer and is external to the computer;
allowing only one of the plurality of management agents to have an extended set of rights to the computer at a time, and assigning the remaining management devices a more limited set of rights, wherein the one management agent corresponds to a top-level ownership domain, and wherein any of the other management agents can revoke the rights of the one management agent; and
restricting which requests from management devices corresponding to the plurality of management agents are carried out based at least in part on the rights of the management agent.
-
Specification