Non-invasive method and system for automated administration of diverse security constrained servers

US 8,849,960 B2
Filed: 02/11/2005
Issued: 09/30/2014
Est. Priority Date: 02/11/2005
Status: Active Grant

First Claim

Patent Images

1. A computerized method of automatically administering a plurality of diverse security-constrained servers, the computerized method comprising:

querying a secure access management database on a storage device, with a computer executing logic contained on a medium, for information relating to profile and access parameters for a plurality of diverse security-constrained servers, wherein a resultant list obtained from the querying at least partially determines which sets of commands will be automatically transmitted to at least one of the plurality of servers wherein the secure access management database is remote from the plurality of servers;

automatically transmitting, with the computer executing logic contained on the medium, a first set of the commands to the at least one of the plurality of servers, wherein the first set of the commands includes access commands configured to gain secure access to the at least one of the plurality of servers;

automatically and non-invasively obtaining, with the computer executing logic contained on the medium, administrator level access on the at least one of the plurality of the servers using the first set of automatically transmitted commands;

automatically transmitting, with the computer executing logic contained on the medium, a second set of the commands to the at least one of the plurality of servers wherein the second set of the commands include action commands configured to perform administrative tasks on the at least one of the plurality of servers; and

intrusively administering the at least one of the plurality of the servers, with the computer executing logic contained on the medium and an agent installed on the at least one of the plurality of servers, using the administrator level access and the second set of automatically transmitted commands.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to one embodiment of the invention, method of automatically administering a plurality of servers includes automatically transmitting commands to at least one of the plurality of servers. Administrator level access is non-invasively obtained on the at least one of the plurality of the servers utilizing the automatically transmitted commands. The at least one of the plurality of the servers is administered using the administrator level access and the automatically transmitted commands.

Citations

14 Claims

1. A computerized method of automatically administering a plurality of diverse security-constrained servers, the computerized method comprising:
- querying a secure access management database on a storage device, with a computer executing logic contained on a medium, for information relating to profile and access parameters for a plurality of diverse security-constrained servers, wherein a resultant list obtained from the querying at least partially determines which sets of commands will be automatically transmitted to at least one of the plurality of servers wherein the secure access management database is remote from the plurality of servers;
  
  automatically transmitting, with the computer executing logic contained on the medium, a first set of the commands to the at least one of the plurality of servers, wherein the first set of the commands includes access commands configured to gain secure access to the at least one of the plurality of servers;
  
  automatically and non-invasively obtaining, with the computer executing logic contained on the medium, administrator level access on the at least one of the plurality of the servers using the first set of automatically transmitted commands;
  
  automatically transmitting, with the computer executing logic contained on the medium, a second set of the commands to the at least one of the plurality of servers wherein the second set of the commands include action commands configured to perform administrative tasks on the at least one of the plurality of servers; and
  
  intrusively administering the at least one of the plurality of the servers, with the computer executing logic contained on the medium and an agent installed on the at least one of the plurality of servers, using the administrator level access and the second set of automatically transmitted commands.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the administrator level access is a root level access.
  - 3. The method of claim 1, wherein the administering the at least one of the plurality of the servers includes changing a root level password with the computer executing logic contained on the medium and the agent installed on the at least one of the plurality of servers.
  - 4. The method of claim 1, wherein the second set of automatically transmitted commands include entry commands and action commands, further comprising:
    - utilizing the entry commands, with the computer executing logic contained on the medium, to gain administrator level access to the at least one of the plurality of servers with login commands; and
      
      utilizing the action commands, with the computer executing logic contained on the medium and the agent installed on the at least one of the plurality of servers, to intrusively administer the at least one of the plurality of servers.
  - 5. The method of claim 4, wherein for the transmittal of each of the access commands, entry commands, and action commands the method further comprises:
    - receiving, with the computer executing logic contained on the medium, a response from the at least one of the plurality of servers;
      
      searching, with the computer executing logic contained on the medium, the response for at least one keyword;
      
      cross-referencing, with the computer executing logic contained on the medium, the at least one keyword with an empirical table; and
      
      determining, with the computer executing logic contained on the medium, the next command to transmit to the at least one of the plurality of servers based at least partially upon an entry cross-referenced with the at least one keyword.
  - 6. The method of claim 4, wherein for the transmittal of each of the access commands, entry commands, and action commands the method further comprises:
    - receiving, with the computer executing logic contained on the medium, a response from the at least one of the plurality of servers;
      
      searching, with the computer executing logic contained on the medium, the response for at least one keyword;
      
      cross-referencing, with the computer executing logic contained on the medium, the at least one keyword with an empirical table; and
      
      determining, with the computer executing logic contained on the medium, the next command to transmit to the at least one of the plurality of servers based at least partially upon an entry cross-referenced with the at least one keyword and state and event awareness information.
  - 7. The method of claim 1, wherein the non-invasively obtaining administrator level access on the at least one of the plurality of the servers includes:
    - receiving, with the computer executing logic contained on the medium, a response from the at least one of the plurality of servers;
      
      searching, with the computer executing logic contained on the medium, the response for at least one keyword;
      
      cross-referencing, with the computer executing logic contained on the medium, the at least one keyword with an empirical table; and
      
      determining, with the computer executing logic contained on the medium, the next command to transmit to the at least one of the plurality of servers based at least partially upon an entry cross-referenced with the at least one keyword.

8. A computer network administration system, comprising:
- a non-transitory computer readable storage medium; and
  
  software stored on the non-transitory computer readable storage medium and operable to;
  
  query a secure access management database for information relating to profile and access parameters for a plurality of diverse security-constrained servers, wherein a resultant list obtained from the querying at least partially determines which set of commands will be automatically transmitted to at least one of the plurality of servers wherein the secure access management database is remote from the plurality of servers;
  
  automatically transmit a first set of the commands to the at least one of the plurality of servers, wherein the first set of the commands includes access commands configured to gain secure access to the at least one of the plurality of the servers;
  
  non-invasively obtain administrator level access on the at least one of the plurality of the servers using the first set of automatically transmitted commands;
  
  automatically transmit a second set of the commands to the at least one of the plurality of servers, wherein the second set of the commands include action commands configured to perform administrative tasks on the at least one of the plurality of servers; and
  
  intrusively administer, with an agent installed on the at least one of the plurality of servers, the at least one of the plurality of the servers using the administrator level access and the second set of automatically transmitted commands.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer network administration system of claim 8, wherein the administrator level access is a root level access.
  - 10. The computer network administration system of claim 8, wherein the software in administering the at least one of the plurality of the servers is operable to change a root level password.
  - 11. The computer network administration system of claim 8, wherein the second set of automatically transmitted commands include entry commands and action commands, and the software is further operable to:
    - utilize the entry commands to gain administrator level access to the at least one of the plurality of servers with login commands; and
      
      utilize the action commands to intrusively administer the at least one of the plurality of servers.
  - 12. The computer network administration system of claim 11, wherein the software in the transmittal of each of the access commands, entry commands, and action commands is further operable to:
    - receive a response from the at least one of the plurality of servers;
      
      search the response for at least one keyword;
      
      cross-reference the at least one keyword with an empirical table; and
      
      determine the next command to transmit to the at least one of the plurality of servers based at least partially upon an entry cross-referenced with the at least one keyword.
  - 13. The computer network administration system of claim 11, wherein the software in the transmittal of each of the access commands, entry commands, and action commands is further operable to:
    - receive a response from the at least one of the plurality of servers;
      
      search the response for at least one keyword;
      
      cross-reference the at least one keyword with an empirical table; and
      
      determine the next command to transmit to the at least one of the plurality of servers based at least partially upon an entry cross-referenced with the at least one keyword and state and event awareness information.
  - 14. The computer network administration system of claim 8, wherein the software in the non-invasively obtaining administrator level access on the at least one of the plurality of the servers is further operable to:
    - receive a response from the at least one of the plurality of servers;
      
      search the response for at least one keyword;
      
      cross-reference the at least one keyword with an empirical table; and
      
      determine the next command to transmit to the at least one of the plurality of servers based at least partially upon an entry cross-referenced with the at least one keyword.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Chakravarty, Srinath S.
Primary Examiner(s)
Donabed, Ninos
Assistant Examiner(s)
RICHARDSON, THOMAS W

Application Number

US11/057,103
Publication Number

US 20060184649A1
Time in Patent Office

3,518 Days
Field of Search

709/220, 709/223, 717/177, 707/10
US Class Current

709/220
CPC Class Codes

G06F 21/31   User authentication

H04L 63/083   using passwords cryptograph...

H04L 63/10   for controlling access to d...

Y10S 707/959   Network

Non-invasive method and system for automated administration of diverse security constrained servers

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Non-invasive method and system for automated administration of diverse security constrained servers

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links