Devices, systems, and methods for enabling reconfiguration of services supported by a network of devices
First Claim
1. A system for enabling reconfiguration of one or more services supported by a network of one or more devices, the system comprising:
- (a) a communication network;
(b) a set of one or more devices coupled to the communication network wherein a primary server and each of a set of one or more secondary servers, a set of one or more secure access nodes, and a set of one or more service multiplexers is a device from the set of one or more devices;
(c) each of the devices having;
(i) one or more communication interfaces that includes an administrative user interface wherein at least one of the one or more communication interfaces is coupled to the communication network;
(ii) one or more processors;
(iii) one or more storage devices coupled to the one or more processors;
(iv) one or more software applications stored in the one or more storage devices and executed by the one or more processors;
(v) one or more virtual machines generated and configured by one or more software applications executed by the one or more processors and stored in the one or more storage devices, each virtual machine implementing a functional stack with a corresponding operating system, the functional stack supporting one or more services and capable of being reconfigured dynamically in real-time;
(vi) a common layer generated and configured by one or more software applications executed by the one or more processors and stored in the one or more storage devices, the common layer having a common operating system and common security functions that segregate services supported by each functional stack on each virtual machine and minimize cross-service interference between services supported by each functional stack on each virtual machine during the reconfiguration of one or more functional stacks wherein the common operating system includes a common kernel that receives instructions from one or more software functions on the device and controls hardware resources, wherein the hardware resources include the one or more processors, the one or more storage devices, one or more input/output resources, and one or more display components;
(vii) a gateway virtual machine having a gateway functional stack providing basic network interface functions for the device that includes a gateway operating system, gateway security functions, gateway data mining functions, and set of gateway software applications that support gateway and basic services;
(viii) an administration function that manages and controls the functional stacks and network operations, and receives and replies to messages from an administration function of other devices through the one or more communication interfaces.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, devices, and methods are disclosed for enabling the reconfiguration of services supported by a network of devices. Such reconfiguration can be realized dynamically and in real time without compromising the security of the overall system from external threats or internal malfunctions. These systems, devices and methods may provide a first functional stack supporting a previous version of a specific service and the provisioning of a second functional stack dynamically and in real-time that supports an updated version of the specific service. In addition, an administration function may be included in the embodiment such that the administration function manages and controls the functional stacks and network operations. Using these mechanisms, an existing service can be changed dynamically or a new service can be added dynamically in a secure manner without interruption of other existing services.
-
Citations
20 Claims
-
1. A system for enabling reconfiguration of one or more services supported by a network of one or more devices, the system comprising:
-
(a) a communication network; (b) a set of one or more devices coupled to the communication network wherein a primary server and each of a set of one or more secondary servers, a set of one or more secure access nodes, and a set of one or more service multiplexers is a device from the set of one or more devices; (c) each of the devices having; (i) one or more communication interfaces that includes an administrative user interface wherein at least one of the one or more communication interfaces is coupled to the communication network; (ii) one or more processors; (iii) one or more storage devices coupled to the one or more processors; (iv) one or more software applications stored in the one or more storage devices and executed by the one or more processors; (v) one or more virtual machines generated and configured by one or more software applications executed by the one or more processors and stored in the one or more storage devices, each virtual machine implementing a functional stack with a corresponding operating system, the functional stack supporting one or more services and capable of being reconfigured dynamically in real-time; (vi) a common layer generated and configured by one or more software applications executed by the one or more processors and stored in the one or more storage devices, the common layer having a common operating system and common security functions that segregate services supported by each functional stack on each virtual machine and minimize cross-service interference between services supported by each functional stack on each virtual machine during the reconfiguration of one or more functional stacks wherein the common operating system includes a common kernel that receives instructions from one or more software functions on the device and controls hardware resources, wherein the hardware resources include the one or more processors, the one or more storage devices, one or more input/output resources, and one or more display components; (vii) a gateway virtual machine having a gateway functional stack providing basic network interface functions for the device that includes a gateway operating system, gateway security functions, gateway data mining functions, and set of gateway software applications that support gateway and basic services; (viii) an administration function that manages and controls the functional stacks and network operations, and receives and replies to messages from an administration function of other devices through the one or more communication interfaces. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A device enabling reconfiguration of one or more services supported by the device, the device comprising:
-
(a) one or more communication interfaces that includes an administrative user interface wherein at least one of the one or more communication interfaces is coupled to the communication network; (b) one or more processors; (c) one or more storage devices coupled to the one or more processors; (d) one or more software applications stored in the one or more storage devices and executed by the one or more processors; (e) a first virtual machine generated and configured by one or more software applications executed by the one or more processors and stored in the one or more storage devices, a first virtual machine supporting a first functional stack, the first functional stack having a first service operating system, a first set of security functions, a first set of data mining functions, and set of previous version software applications that support a previous version of a first service; (f) a second virtual machine generated and configured dynamically and in real-time by one or more software applications executed by the one or more processors and stored in the one or more storage devices, the second virtual machine supporting a second functional stack, the second functional stack having a second service operating system, a second set of security functions, a second set of data mining functions, and a set of updated version software applications that support an updated version of the first service; (g) a common layer generated and configured by one or more software applications executed by the one or more processors and stored in the one or more storage devices, the common layer including (i) a common operating system and a common security layer having virtual machine monitoring functions, common security functions, fuzzy logic security functions, and an inter-virtual machine communication integrity checking function to segregate services among the one or more functional stacks one the network devices and to minimize cross-service interference among services supported by one or more functional stacks;
(ii) one or more privilege descriptors, each privilege descriptor having a privilege status, the privilege status of each privilege descriptor having one or more states; and
(iii) a virtualizer function that manages the one or more privilege descriptors and the state of the privilege status of each privilege descriptor, each privilege descriptor and privilege status corresponding to a function stack, wherein the common operating system includes a common kernel that receives instructions from one or more software functions on the device and controls hardware resources, wherein the hardware resources include the one or more processors, the one or more storage devices, one or more input/output resources, and one or more display components;(h) a gateway virtual machine having a gateway functional stack providing basic network interface functions for the device that includes a gateway operating system, gateway security functions, gateway data mining functions, and set of gateway software applications that support gateway and basic services; (i) an administration function that manages and controls the functional stacks and network operations, and receives and replies to messages from an administration function of other devices through the one or more communication interfaces; (j) wherein one of the one or more privilege descriptors is a first privilege descriptor corresponding to a first privilege status of the first functional stack and one of the one or more privilege descriptors is a second privilege descriptor corresponding to a second privilege status of the second functional stack;
wherein the first privilege status is in an active state and the second privilege status is in an inactive state. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method for enabling reconfiguration of one or more services supported by a device, the method comprising:
-
(a) providing a first functional stack by a first virtual machine, the first functional stack having a first service operating system, a first set of security functions, a first set of data mining functions, and set of previous version software applications that support a previous version of a first service; (b) providing a second functional stack by a second virtual machine dynamically and in real-time, the second functional stack having a second service operating system, a second set of security functions, a second set of data mining functions, and set of updated version software applications that support an update version of the first service; (c) providing a common layer generated and configured by one or more software applications executed by the one or more processors and stored in the one or more storage devices, the common layer including (i) a common operating system and a common security layer having virtual machine monitoring functions, common security functions, fuzzy logic security functions, and an inter-virtual machine communication integrity checking function to segregate services among the one or more functional stacks one the network devices and to minimize cross-service interference among services supported by one or more functional stacks;
(ii) one or more privilege descriptors, each privilege descriptor having a privilege status, the privilege status of each privilege descriptor having one or more states, each privilege descriptor and privilege status corresponding to a function stack; and
(iii) a virtualizer function that manages the one or more privilege descriptors and the state of the privilege status of each privilege descriptor wherein the common operating system includes a common kernel that receives instructions from one or more software functions on the device and controls hardware resources, wherein the hardware resources include the one or more processors, the one or more storage devices, one or more input/output resources, and one or more display components;(d) providing a gateway virtual machine having a gateway functional stack providing basic network interface functions for the device that includes a gateway operating system, gateway security functions, gateway data mining functions, and set of gateway software applications that support gateway and basic services; (e) providing an administration function that manages and controls the functional stacks and network operations, and receives and replies to messages from an administration function of other devices through one or more communication interfaces; (f) wherein one of the one or more privilege descriptors is a first privilege descriptor corresponding to a first privilege status of the first functional stack and one of the one or more privilege descriptors is a second privilege descriptor corresponding to a second privilege status of the second functional stack;
wherein the first privilege status is in an active state and the second privilege status is in an inactive state;(g) wherein the first virtual machine, the second virtual machine, the gateway virtual machine, and the administrative function each are coupled to the one or more communication interfaces that includes an administrative user interface wherein at least one of the one or more communication interfaces is coupled to a communication network. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification