Managing hardware reboot and reset in shared environments

US 8,381,264 B1
Filed: 09/10/2009
Issued: 02/19/2013
Est. Priority Date: 09/10/2009
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-implemented method for preventing a host machine from accessing a provisioning system during reboot, comprising:

under control of one or more computer systems configured with executable instructions,receiving a request from a user, the request capable of being processed by providing the user with native access to a host machine;

provisioning a customer on at least one of a plurality of host machines using at least one provisioning system on a network;

before the customer has access to perform operations on any provisioned host machine, directing at least one network switch along any communications path between the at least one provisioned host machine and the at least one provisioning system to disable communications between each provisioned host machine and each provisioning system for the duration of the time the user is utilizing the at least one host machine and while maintaining access to other communication paths of the network, wherein the user is unable to access the at least one provisioning system during a reboot of any of the at least one provisioned host machine; and

after the customer is no longer provisioned on the at least one host machine, directing the at least one network switch between the at least one provisioned host machine and the at least one provisioning system to enable communications between each provisioned host machine and each provisioning system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In an environment such as a cloud computing environment where various guests can be provisioned on a host machine or other hardware device, it can be desirable to prevent those users from rebooting or otherwise restarting the machine or other resources using unauthorized information or images that can be obtained from across the network. A cloud manager can cause one or more network switches or other routing or communication processing components to deny communication access between user-accessible ports on a machine or device and the provisioning systems, or other specific network resources, such that the user cannot cause the host machine to pull information from those resources upon a restart or reboot of the machine. Further, various actions can be taken upon a reboot or attempted reboot, such as to isolate the host machine or even power off the specific machine.

Citations

28 Claims

1. A computer-implemented method for preventing a host machine from accessing a provisioning system during reboot, comprising:
- under control of one or more computer systems configured with executable instructions,receiving a request from a user, the request capable of being processed by providing the user with native access to a host machine;
  
  provisioning a customer on at least one of a plurality of host machines using at least one provisioning system on a network;
  
  before the customer has access to perform operations on any provisioned host machine, directing at least one network switch along any communications path between the at least one provisioned host machine and the at least one provisioning system to disable communications between each provisioned host machine and each provisioning system for the duration of the time the user is utilizing the at least one host machine and while maintaining access to other communication paths of the network, wherein the user is unable to access the at least one provisioning system during a reboot of any of the at least one provisioned host machine; and
  
  after the customer is no longer provisioned on the at least one host machine, directing the at least one network switch between the at least one provisioned host machine and the at least one provisioning system to enable communications between each provisioned host machine and each provisioning system.
- View Dependent Claims (2, 3)
- - 2. The computer-implemented method of claim 1, further comprising:
    - before the user has access to perform operations on any provisioned host machine, setting a state of at least one network port on each provisioned host machine to a state that does not allow communication with the at least one provisioning system.
  - 3. The computer-implemented method of claim 1, further comprising:
    - detecting a reboot of a provisioned host machine; and
      
      removing power from the provisioned host machine for which the reboot was detected.

4. A computer-implemented method for blocking access to network resources for a hardware device accessible to a user, comprising:
- under control of one or more computer systems configured with executable instructions,providing a plurality of hardware devices for use by any of a plurality of managed users, each hardware device operating in an administrative network context and capable of accessing at least one administrative network resource;
  
  in response to a request from a user of the plurality of managed users, updating configuration information for at least one hardware device using the at least one administrative network resource to enable the user to utilize the at least one hardware device;
  
  before the user is capable of utilizing the at least one hardware device, switching the hardware device to a user network context including disabling a communication path by setting the configuration information for at least one network switch along a communications path between the hardware device and the at least one administrative network resource to disable communications between the hardware device and the at least one administrative network resource, wherein the hardware device is unable to access the at least one administrative network resource to modify the configuration information on the at least one hardware device for the duration of the time the user is utilizing the at least one hardware device; and
  
  after the user is finished utilizing the at least one hardware device, switching the hardware device back to the administrative network context.
- View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 5. The computer-implemented method of claim 4, wherein switching the hardware device to a user network context comprises disabling a communication path between the at least one hardware resource and the at least one administrative network resource.
  - 6. The computer-implemented method of claim 4, wherein the administrative network resource is a provisioning system, and wherein updating the configuration information includes loading a customer image on the hardware device.
  - 7. The computer-implemented method of claim 4, wherein the hardware device is a host machine including at least one network port configured to communicate with the at least one administrative network resource, andwherein switching the hardware device to the user network context comprises modifying a state of the at least one network port to prevent communications between the host machine and the at least one administrative network resource.
  - 8. The computer-implemented method of claim 4, further comprising:
    - monitoring network traffic for the at least one hardware device in the user network context;
      
      determining whether the monitored network traffic is indicative of a reboot of the at least one hardware device; and
      
      when network traffic is detected that is indicative of a reboot of the at least one hardware device, performing at least one action with respect to the hardware device.
  - 9. The computer-implemented method of claim 8, wherein the action includes removing power from at least one network switch along any communications path between the hardware device and the at least one administrative network resource.
  - 10. The computer-implemented method of claim 4, wherein the hardware device is prevented from performing an unauthorized reboot operation using information from the at least one administrative network resource.
  - 11. The computer-implemented method of claim 8, wherein the action includes at least logging information for the detected attempt, notifying a user, isolating the hardware device, disabling specific communications from the network device, limiting access of the user to at least a portion of the hardware device, disabling at least some network communications, removing power from a network switch, or removing power from the hardware device.
  - 12. The computer-implemented method of claim 4, further comprising:
    - detecting at least an attempt by the hardware device to access information from the at least one administrative network resource; and
      
      executing at least one action in response to the detected attempt.
  - 13. The computer-implemented method of claim 12, further comprising:
    - applying at least one policy to determine the at least one action to execute in response to the detected attempt.
  - 14. The computer-implemented method of claim 4, wherein the request is received on behalf of the user based upon a current need of the user for remote centralized resources under control of at least one management system.
  - 15. The computer-implemented method of claim 4, further comprising:
    - booting a host machine containing the at least one hardware device using a ramdisk.
  - 16. The computer-implemented method of claim 4, further comprising:
    - detecting an attempted reboot of the at least one hardware device;
      
      applying a policy for at least one of the user and the hardware device to determine a remedial action for the attempted reboot; and
      
      performing the remedial action.
  - 17. The computer-implemented method of claim 16, wherein the remedial action includes at least logging information, notifying a user, isolating the at least one hardware device, disabling specific communications from the at least one hardware device, limiting user access to at least a portion of the at least one hardware device, or removing power from the processing device for which the reboot or attempted reboot was detected.
  - 18. The computer-implemented method of claim 17, wherein removing power from the at least one hardware device comprises instructing a smart power device to remove power from reaching the processing device.

19. A computer-implemented method for blocking access to an administrative network resource for a hardware device accessible to a user, comprising:
- under control of one or more computer systems configured with executable instructions,providing a plurality of hardware devices for use by any of a plurality of managed users;
  
  in response to a request for a user of the plurality of managed users, updating configuration information for at least one hardware device using at least one administrative network resource to enable the user to utilize the at least one hardware device, updating the configuration information including disabling a communication path for at least one network switch along a communications path between the at least one hardware device and the at least one administrative network resource to disable communications between the hardware device and the at least one administrative network resource, a use context of the at least one hardware device being changed such that the at least one hardware device is unable to communicate with the at least one administrative network resource for the duration of the time the user is utilizing the at least one hardware device;
  
  monitoring network traffic for the at least one hardware device;
  
  when network traffic is detected that is indicative of a reboot of the at least one hardware device, performing at least one remedial action; and
  
  when the user is finished utilizing the at least one hardware device, updating the configuration information such that the at least one hardware device is able to communicate with the at least one administrative network resource.
- View Dependent Claims (20, 21)
- - 20. The computer-implemented method of claim 19, wherein the network traffic is monitored offline using log information or in real time.
  - 21. The computer-implemented method of claim 19, wherein the network traffic indicative of a reboot includes at least one of a Dynamic Host Configuration Protocol (DHCP) request or a pattern of packet timing.

22. A system for blocking access to network resources for a hardware device accessible to a user, comprising:
- a processor; and
  
  a memory device including instructions that, when executed by the processor, cause the processor to;
  
  provide a plurality of hardware devices for use, each hardware device operating in an administrative network context and capable of accessing at least one administrative network resource;
  
  in response to a request for a user of the plurality of managed users, update configuration information for at least one hardware device using the at least one administrative network resource to enable the user to utilize the at least one hardware device;
  
  before the user is capable of utilizing the at least one hardware device, switch the hardware device to a user network context wherein the hardware device is unable to access the at least one administrative network resource to modify the configuration information on the at least one hardware device for the duration of the time the user is utilizing the at least one hardware device; and
  
  after the user is finished utilizing the at least one hardware device, switch the at least one hardware device back to the administrative network context,wherein the hardware device is a host machine including at least one network port configured to communicate with the administrative network resource, andwherein switching the hardware device to a user network context comprises modifying a state of the at least one network port to prevent communications between the host machine and the at least one administrative network resource.
- View Dependent Claims (23, 24, 25)
- - 23. The system of claim 22, wherein the network resource is a provisioning system, and wherein updating the configuration information includes loading a customer image on the hardware device.
  - 24. The system of claim 22, wherein switching the hardware device to the user network context comprises setting configuration information for at least one network switch along any communications path between the hardware device and the at least one administrative network resource to disable communications between the hardware device and the at least one administrative network resource.
  - 25. The system of claim 22, wherein the instructions when executed further cause the processor to:
    - detect at least an attempt by the hardware device to access information from the at least one administrative network resource; and
      
      execute at least one action in response, the action including at least logging information for the detected attempt, notifying a user, isolating the hardware device, disabling specific communications from the network device, or removing power from the hardware device.

26. A non-transitory computer readable storage medium storing instructions for blocking access to network resources for a hardware device accessible to a user, the instructions when executed by a processor causing the processor to:
- provide a plurality of hardware devices for use, each hardware device operating in an administrative network context and capable of accessing at least one administrative network resource;
  
  in response to a request for a first user, update configuration information for at least one hardware device using the at least one administrative network resource to enable the user to utilize the at least one hardware device;
  
  before the first user is capable of utilizing the at least one hardware device, switch the hardware device to a user network context wherein the hardware device is unable to access the at least one administrative network resource to modify the configuration information on the at least one hardware device for the duration of the time the user is utilizing the at least one hardware device; and
  
  after the user is finished utilizing the at least one hardware device, switch the at least one hardware device back to the administrative network context,wherein the hardware device is a host machine including at least one network port configured to communicate with the at least one administrative network resource, andwherein switching the hardware device to the user network context comprises modifying a state of the at least one network port to prevent communications between the host machine and the at least one administrative network resource.
- View Dependent Claims (27, 28)
- - 27. The non-transitory computer readable storage medium of claim 26, wherein the network resource is a provisioning system, and wherein updating the configuration information includes loading a customer image on the hardware device.
  - 28. The non-transitory computer readable storage medium of claim 26, wherein switching the hardware device to the user network context comprises setting configuration information for at least one network switch along any communications path between the hardware device and the at least one administrative network resource to disable communications between the hardware device and the at least one administrative network resource.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Corddry, Matthew T., Marr, Michael David, Hamilton, James R., De Santis, Peter N.
Primary Examiner(s)
Colin, Carl
Assistant Examiner(s)
ELMORE, JOHN E

Application Number

US12/557,411
Time in Patent Office

1,258 Days
Field of Search

726/4
US Class Current

726/3
CPC Class Codes

G06F 9/4401   Bootstrapping security arra...

H04L 63/10   for controlling access to d...

H04L 67/125   involving control of end-de...

H04L 67/535   Tracking the activity of th...

Managing hardware reboot and reset in shared environments

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Managing hardware reboot and reset in shared environments

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links