Distributed service deliver model
First Claim
1. For a distributed computer system comprising one or more clients, one or more servicing silos that provide one or more services to the one or more clients, and a root silo that authorizes the one or more clients to access the one or more services at the one or more servicing silos, a method of identifying a servicing silo as a provider of a service desired by a client and entitling the client to interact with the servicing silo, without requiring the client to authenticate to the root silo each time the client interacts with the service at the servicing silo, the method comprising the root silo performing acts of:
- receiving at the root silo a request from the client for interaction with a service, wherein a plurality of instances of the service run on a plurality of servicing silos;
the root silo selecting one of the plurality of servicing silos which run an instance of the requested service as an available provider of the service for interacting with the client;
generating a servicing certificate that contains (i) service entitlement information showing that the client is entitled to interact with the service at the selected servicing silo, (ii) location information identifying a location of the selected servicing silo, and (iii) one or more keys for use in secure communication between the client and the selected servicing silo;
sending the servicing certificate to the client such that the client stores the servicing certificate and uses the servicing certificate to interact with the service at the selected servicing silo using the location information specified in the servicing certificate, wherein interacting with the service comprises the client, subsequent to receiving the servicing certificate, providing the service entitlement information to the service showing that the client is entitled to interact with the service at the selected servicing silo without requiring the client to authenticate to the root silo each time the client interacts with the service at the selected servicing silo;
determining by the root silo that the client should be moved from the first servicing silo as a result of one of;
the first servicing silo not operating according to agreed standards, orthe addition of one or more new servicing silos that run an instance of the requested service;
selecting by the root silo a second servicing silo of the plurality of servicing silos that run an instance of the requested service as an available provider of the service for interacting with the client;
generating a second servicing certificate that contains (i) service entitlement information showing that the client is entitled to interact with the instance of the requested service at a second servicing silo, (ii) location information identifying a location of the second servicing silo, and (iii) one or more keys for use in secure communication between the client and the second servicing silo; and
sending the second servicing certificate to the client for the client to use when interacting with the service at the second servicing silo, in order to move the client from the first servicing silo to the second servicing silo.
1 Assignment
0 Petitions
Accused Products
Abstract
A root silo that authorizes one or more clients to access one or more services at one or more servicing silos receives a request from a client for interaction with a service. The root silo identifies a servicing silo as an available provider of the service for interacting with the client and generates a servicing certificate that contains (i) service entitlement information showing that the client is entitled to interact with the service at the servicing silo, (ii) location information identifying a location of the servicing silo, and (iii) one or more keys for use in secure communication between the client and the servicing silo. Having generated the servicing certificate, the root silo sends the servicing certificate to the client for the client to use when interacting with the service at the servicing silo.
17 Citations
19 Claims
-
1. For a distributed computer system comprising one or more clients, one or more servicing silos that provide one or more services to the one or more clients, and a root silo that authorizes the one or more clients to access the one or more services at the one or more servicing silos, a method of identifying a servicing silo as a provider of a service desired by a client and entitling the client to interact with the servicing silo, without requiring the client to authenticate to the root silo each time the client interacts with the service at the servicing silo, the method comprising the root silo performing acts of:
-
receiving at the root silo a request from the client for interaction with a service, wherein a plurality of instances of the service run on a plurality of servicing silos; the root silo selecting one of the plurality of servicing silos which run an instance of the requested service as an available provider of the service for interacting with the client; generating a servicing certificate that contains (i) service entitlement information showing that the client is entitled to interact with the service at the selected servicing silo, (ii) location information identifying a location of the selected servicing silo, and (iii) one or more keys for use in secure communication between the client and the selected servicing silo; sending the servicing certificate to the client such that the client stores the servicing certificate and uses the servicing certificate to interact with the service at the selected servicing silo using the location information specified in the servicing certificate, wherein interacting with the service comprises the client, subsequent to receiving the servicing certificate, providing the service entitlement information to the service showing that the client is entitled to interact with the service at the selected servicing silo without requiring the client to authenticate to the root silo each time the client interacts with the service at the selected servicing silo; determining by the root silo that the client should be moved from the first servicing silo as a result of one of; the first servicing silo not operating according to agreed standards, or the addition of one or more new servicing silos that run an instance of the requested service; selecting by the root silo a second servicing silo of the plurality of servicing silos that run an instance of the requested service as an available provider of the service for interacting with the client; generating a second servicing certificate that contains (i) service entitlement information showing that the client is entitled to interact with the instance of the requested service at a second servicing silo, (ii) location information identifying a location of the second servicing silo, and (iii) one or more keys for use in secure communication between the client and the second servicing silo; and sending the second servicing certificate to the client for the client to use when interacting with the service at the second servicing silo, in order to move the client from the first servicing silo to the second servicing silo. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer program product for use in a distributed computer system comprising one or more clients, one or more servicing silos that provide one or more services to the one or more clients, a root silo that authorizes the one or more clients to access the one or more services at the one or more servicing silos, the computer program product comprising one or more memory modules storing computer executable instructions that implement a method of identifying a servicing silo as a provider of a service desired by a client and entitling a client to interact with a servicing silo, without requiring the client to authenticate to the root silo each time the client interacts with the service at the servicing silo, the method comprising the client performing steps for:
-
directing a request for interaction with a service to the root silo such that the root silo selects one of a plurality of servicing silos which run an instance of the requested service as an available provider of the service for interacting with the client; acquiring and storing a servicing certificate from the root silo that contains (i) service entitlement information showing that the client is entitled to interact with the service at the selected servicing silo, (ii) location information identifying a location of the selected servicing silo, and (iii) one or more keys for use in secure communication between the client and the selected servicing silo; directing a request to the selected servicing silo for interaction with the service using the location information in the servicing certificate acquired from the root silo; providing at least the entitlement information to the selected servicing silo to show that the client is entitled to interact with the service at the selected servicing silo; interacting with the service at the selected servicing silo, wherein interacting with the service comprises, subsequent to receiving the servicing certificate, providing the service entitlement information to the service showing that the client is entitled to interact with the service at the selected servicing silo without requiring the client to authenticate to the root silo each time the client interacts with the service at the selected servicing silo; acquiring and storing a second servicing certificate from the root silo that contains (i) service entitlement information showing that the client is entitled to interact with an instance of the requested service at a second servicing silo, (ii) location information identifying a location of the second servicing silo, and (iii) one or more keys for use in secure communication between the client and the second servicing silo, wherein the second servicing certificate is generated by the root silo in response to a determination that the client should be moved from the first servicing silo to the second servicing silo as a result of one of; the first servicing silo not operating according to agreed standards, or the addition of one or more new servicing silos that run an instance of the requested service; and interacting with the service at the second servicing silo, wherein interacting with the service comprises, subsequent to receiving the second servicing certificate, providing the service entitlement information to the service showing that the client is entitled to interact with the service at the second servicing silo without requiring the client to authenticate to the root silo each time the client interacts with the service at the second servicing silo. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. In a distributed computer system comprising one or more clients, a plurality of servicing silos that provide one or more services to the one or more clients, and a root silo that authorizes the one or more clients to access the one or more services at the plurality of servicing silos without requiring the one or more clients to authenticate to the root silo each time the one or more clients interact with the one or more services at the plurality of servicing silos, each servicing silo comprising:
-
a network interface for communicating with the one or more clients; one or more memory modules storing computer executable instructions, the computer executable instructions comprising; computer executable instructions for receiving provisioning data created by the root silo indicating that the servicing silo should allocate and initialize storage for the client, the provisioning data being received from the client, wherein the servicing silo runs an instance of a service that is requested by the client, and wherein the servicing silo is selected by the root silo from among a plurality of servicing silos that each run an instance of the requested service as an available provider of the service for interacting with the client, wherein a different servicing silo of the plurality of servicing silos was previously servicing the client prior to the client selecting the servicing silo to service the client, and wherein the servicing silo is selected by the root silo to service the client based on one of; the different servicing silo not operating according to agreed standards, or the addition of the servicing silo to the plurality of servicing silos that each run an instance of the requested service; computer executable instructions for receiving a servicing certificate created by the root silo which is different from a prior servicing certificate that was assigned to the client to access the different servicing silo, the servicing certificate containing (i) service entitlement information showing that the root silo authorized the client to interact with the instance of the service at the servicing silo, (ii) location information identifying a location of the servicing silo, and (iii) one or more keys for use in secure communication between the client and the servicing silo; computer executable instructions for implementing at least a portion of the service; and computer executable instructions for interacting with the client in accordance with the service, wherein interacting with the client comprises receiving the service entitlement information from the client showing that the root silo authorized the client to interact with the service without requiring the client to authenticate to the root silo each time the client interacts with the service at the servicing silo; and a processing unit coupled to the network connection and the one or more memory modules for sending and receiving data over the network connection and for executing the computer executable instructions. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification