Grid security intrusion detection configuration mechanism
First Claim
1. A computer system, comprising:
- a grid cluster comprising hardware devices in the form of at least a root computer node in communication with a non-root computer node through a network connection;
a security agent local to the non-root node to monitor security for the non-root node and to respond to a detected security violation of the non-root node, wherein monitoring security for the non-root node by the security agent includes controlling access to resources associated with the non-root node;
a security controller local to the root node to monitor security for the non-root node through the security agent of the non-root node and a second security agent local to the root node, wherein the security agent of the non-root node communicates the detected security violation to the security controller, the security controller to determine a response to the security violation including removal of the non-root node from the grid cluster;
a component table local to the non-root node, the component table to identify an application and at least one characteristic of the application within the non-root node;
an agent environment table local to the non-root node, the agent environment table to reference all executable programs for all applications registered in the component table, with each application having a security level setting and identified services; and
a set of rules in said environment table to manage control of a security violation, the rules to dictate a first class of violations for management by a tool local to the non-root node subject to the violation and a second class of violations for management by the security controller.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, apparatus, and article of manufacture are provided to support security in a distributed grid computer cluster. Each non-node root node in the cluster is configured with a local security agent, and the root node is configured with a security controller to manage each of the security agents of each non-root node. The security agent of each non-root node is in communication with an associated configuration file that contains data private to the respective non-root node, to allow the security agent to manage security local to the node. The security controller of the root node is in communication with a controller configuration file that contains data that applies to all security agents in the grid cluster, to allow the controller to manage the security agents.
-
Citations
11 Claims
-
1. A computer system, comprising:
-
a grid cluster comprising hardware devices in the form of at least a root computer node in communication with a non-root computer node through a network connection; a security agent local to the non-root node to monitor security for the non-root node and to respond to a detected security violation of the non-root node, wherein monitoring security for the non-root node by the security agent includes controlling access to resources associated with the non-root node; a security controller local to the root node to monitor security for the non-root node through the security agent of the non-root node and a second security agent local to the root node, wherein the security agent of the non-root node communicates the detected security violation to the security controller, the security controller to determine a response to the security violation including removal of the non-root node from the grid cluster; a component table local to the non-root node, the component table to identify an application and at least one characteristic of the application within the non-root node; an agent environment table local to the non-root node, the agent environment table to reference all executable programs for all applications registered in the component table, with each application having a security level setting and identified services; and a set of rules in said environment table to manage control of a security violation, the rules to dictate a first class of violations for management by a tool local to the non-root node subject to the violation and a second class of violations for management by the security controller. - View Dependent Claims (2, 3, 4)
-
-
5. A method for managing security in a grid cluster, comprising:
-
configuring the grid cluster with at least a root node in communication with a non-root node through a network connection; monitoring security of the non-root node local to the non-root node through a local security agent, including responding to a detected security violation of the non-root node, wherein the security agent controls access to resources associated with the non-root node; monitoring security for the non-root node through a security controller of the root node and through the security agent of the non-root node and a second security agent local to the root node, wherein the security agent of the non-root node communicates the detected security violation to the security controller, the security controller determining a response to the security violation including removing the non-root node from the grid cluster; configuring a component table local to the non-root node for identifying an application and at least one characteristic of the application within the non-root node; providing an agent environment table local to the non-root node, the table referencing all executable programs for all application registered in the component table, with each application having a security level setting and identified services; and managing control of a security violation through a set of rules in said environment table, including dictating a first class of violations for management by a tool local to the non-root node subject to the violation and a second class of violations for management by the security controller. - View Dependent Claims (6, 7)
-
-
8. An article comprising:
-
a computer-readable device including computer program instructions configured to manage security for a grid cluster, the instructions comprising; instructions to configure the grid cluster with at least a root node in communication with a first non-root node through a network connection; instructions to monitor security of the non-root node local to the non-root node through a local security agent, including responding to a detected security violation local to the non-root node, wherein the security agent controls access to resources associated with the non-root node; instructions to monitor security of the non-root node local to the root node through a security controller local to the root node, wherein the security agent of the non-root node communicates the detected security violations to the security controller, the security controller determining a response to the security violation including removing the non-root node from the grid cluster; instructions to configure a component table local to the non-root node, the component table to identify an application and at least one characteristic of the application within the non-root node; instructions to provide an agent environment table local to the non-root node, the table referencing all executable programs for all applications registered in the component table, with each component having a security level setting and identified services; and instructions in the environment table to manage control of a security violation, the instructions dictating a first class of violations for management by a tool local to the non-root node subject to the violation, and a second class of violations for management by the security controller. - View Dependent Claims (9, 10, 11)
-
Specification