Method and system for modeling options for opaque management data for a user and/or an owner

US 8,745,701 B2
Filed: 01/07/2013
Issued: 06/03/2014
Est. Priority Date: 05/10/2007
Status: Active Grant

First Claim

Patent Images

1. A method for network management, the method comprising:

authenticating, in a system managed via one or more Distributed Management Task Force (DMTF) protocols, requested access operations performed during opaque management data operations in a network device according to one or more Common Information Model (CIM) data model access profiles by utilizing one or more instances of at least one of a CIM_Role and a CIM_Privilege via one or more instances of a CIM_Identity class, wherein the opaque management data operations are handled by the network device using one or more instances of a CIM based OpaqueManagementData class.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Distributed Management Task Force (DMTF) management profiles, based on the Common Information Model (CIM) protocol, may be utilized to perform access authentication during opaque management data profile operations based on DMTF/CIM Role Based Authorization (RBA) profile and/or Simple Identity Management (SIM) profiles. Instances of CIM_Identity class may be utilized to enable validation of ownership and/or access rights, via instances of CIM_Role class and/or instances of CIM_Privilege class for a plurality of common users and/or applications. Quota related operations may be performed via “QuotaAffectsElement” associations between instances of CIM_Identity class and instances of the CIM_OpaqueManagementDataService class. The “QuotaAffectsElement” association may comprise “AllocationQuota” and/or “AllocatedBytes” properties to enable tracking and/or validating of quota related information within the opaque management data profile.

19 Citations

20 Claims

1. A method for network management, the method comprising:
- authenticating, in a system managed via one or more Distributed Management Task Force (DMTF) protocols, requested access operations performed during opaque management data operations in a network device according to one or more Common Information Model (CIM) data model access profiles by utilizing one or more instances of at least one of a CIM_Role and a CIM_Privilege via one or more instances of a CIM_Identity class, wherein the opaque management data operations are handled by the network device using one or more instances of a CIM based OpaqueManagementData class.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method according to claim 1, comprising validating access related information via said Common Information Model (CIM) data model access profiles during said opaque management data operations, wherein said access related information comprises ownership, access rights, or quota information.
  - 3. The method according to claim 2, wherein said CIM data model access profiles comprise Role Based Authorization (RBA) or Simple Identity Management (SIM) based profiles.
  - 4. The method according to claim 3, comprising utilizing a plurality of instances of the CIM_Identity class while utilizing RBA/SIM based profiles to perform said validation of said access related information.
  - 5. The method according to claim 4, comprising utilizing a plurality of CIM_Account classes to represent a plurality of common users sharing a common instance of said CIM_Identity class.
  - 6. The method according to claim 4, comprising utilizing a plurality of CIM_UserEntity classes to represent a plurality of common applications sharing a common instance of said CIM_Identity class.
  - 7. The method according to claim 4, comprising associating instances of a CIM_OpaqueManagementData class with corresponding instances of said CIM_Identity class via OpaqueManagementDataUserElement associations to enable performing said validation of said access related information.
  - 8. The method according to claim 7, wherein individual ones of said OpaqueManagementDataUserElement associations comprise ownership or access right properties and information to enable performing said validation of said access related information.
  - 9. The method according to claim 4, comprising associating instances of a CIM_OpaqueManagementDataService class with corresponding instances of said CIM_Identity class via QuotaAffectsElement associations to enable performing quota related operations.
  - 10. The method according to claim 9, wherein each of said QuotaAffectsElement associations comprises quota related properties or information to enable performing said quota related operations.
  - 11. The method according to claim 10, wherein said quota related properties comprise “
    - AllocationQuota”
      
      or “
      
      AllocatedBytes”
      
      properties.

12. A system for network management, the system comprising:
- one or more processors in a network device managed via a Distributed Management Task Force (DMTF) protocol, said one or more processor enable authentication of access operations performed during opaque management data operations in said network device via one or more Common Information Model (CIM) data model access profiles utilizing one or more instances of at least one of a CIM_Role and a CIM_Privilege via one or more instances of a CIM_Identity class, wherein the opaque management data operations are handled by the network device using one or more instances of a CIM based OpaqueManagementData class.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The system according to claim 12, wherein said one or more processors enable validation of access related information via said CIM data model access profiles during said opaque management data operations, wherein said access related information comprises ownership, access rights, or quota information.
  - 14. The system according to claim 13, wherein said CIM data model access profiles comprise Role Based Authorization (RBA) or Simple Identity Management (SIM) based profiles.
  - 15. The system according to claim 14, wherein said one or more processors enable utilization of instances of a CIM_Identity class while utilizing RBA/SIM based profiles to perform said validation of access related information.
  - 16. The system according to claim 15, wherein said one or more processors enable utilization of a plurality of CIM_Account classes to represent a plurality of common users sharing a common instance of said CIM_Identity class.
  - 17. The system according to claim 15, wherein said one or more processors enable utilization of a plurality of CIM_UserEntity classes to represent a plurality of common applications sharing a common instance of said CIM_Identity class.
  - 18. The system according to claim 15, wherein said one or more processors enable association of instances of a CIM_OpaqueManagementData class with corresponding instances of said CIM_Identity class via OpaqueManagementDataUserElement associations to enable performing said validation of said access related information.

19. A non-transitory computer-readable medium having a program that, when executed by processing circuitry in a system managed via one or more Distributed Management Task Force (DMTF) protocols, causes the processing circuitry to:
- authenticate requested access operations performed during opaque management data operations in a network device according to one or more Common Information Model (CIM) data model access profiles by utilizing one or more instances of at least one of a CIM_Role and a CIM_Privilege via one or more instances of a CIM_Identity class, wherein the opaque management data operations are handled by the network device using one or more instances of a CIM based OpaqueManagementData class.
- View Dependent Claims (20)
- - 20. The non-transitory computer-readable medium of claim 19, wherein the program further causes the processing circuitry to:
    - validate access related information via said Common Information Model (CIM) data model access profiles during said opaque management data operations, wherein said access related information comprises ownership, access rights, or quota information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avago Technologies International Sales Pte Limited (Broadcom, Inc.)
Original Assignee
Broadcom Corporation (Broadcom, Inc.)
Inventors
Rajagopal, Murali, Shah, Hemal
Primary Examiner(s)
Vaughan, Michael R

Application Number

US13/735,195
Publication Number

US 20130125216A1
Time in Patent Office

512 Days
Field of Search
US Class Current

726/4
CPC Class Codes

H04L 63/08 for authentication of entit...

H04L 63/102 Entity profiles

Method and system for modeling options for opaque management data for a user and/or an owner

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

19 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for modeling options for opaque management data for a user and/or an owner

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links