Retiring target machines by a provisioning server

US 9,134,987 B2
Filed: 05/29/2009
Issued: 09/15/2015
Est. Priority Date: 05/29/2009
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

identifying, by a processor, a target machine to be removed from a network or to be retasked in the network;

instructing, by the processor, the target machine over the network using a first network protocol to power cycle to initiate a network transfer of an eraser agent, wherein the power cycle comprises powering down and powering up the target machine;

causing a transfer, by the processor after the power cycle, of the eraser agent over the network to a helper client executing on the target machine, using a second network protocol in response to said identifying, wherein the eraser agent is not previously stored on the target machine, wherein the eraser agent is to boot the target machine and to securely erase information stored on a computer readable storage media device associated with the target machine and not erase information associated with the helper client and the eraser agent; and

instructing, by the processor, the target machine over the network using the first network protocol to power cycle to initiate execution of the eraser agent to securely erase the information, wherein the eraser agent utilizes a secure process to securely erase the information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A provisioning server can provide and interact with an eraser agent on target machines. The eraser agent can execute on one or more target machines to erase all the contents of storage on the target machines. In particular, the eraser agent can utilize secure algorithms to alter and obscure the information stored the storage devices of the target machines. The provisioning server can instruct the target machines to alter their power state (e.g. power cycle), if necessary, to provide and to initiate the eraser agent.

171 Citations

21 Claims

1. A method, comprising:
- identifying, by a processor, a target machine to be removed from a network or to be retasked in the network;
  
  instructing, by the processor, the target machine over the network using a first network protocol to power cycle to initiate a network transfer of an eraser agent, wherein the power cycle comprises powering down and powering up the target machine;
  
  causing a transfer, by the processor after the power cycle, of the eraser agent over the network to a helper client executing on the target machine, using a second network protocol in response to said identifying, wherein the eraser agent is not previously stored on the target machine, wherein the eraser agent is to boot the target machine and to securely erase information stored on a computer readable storage media device associated with the target machine and not erase information associated with the helper client and the eraser agent; and
  
  instructing, by the processor, the target machine over the network using the first network protocol to power cycle to initiate execution of the eraser agent to securely erase the information, wherein the eraser agent utilizes a secure process to securely erase the information.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, the method further comprising copying the information stored on the target machine to another target machine prior to erasing the information.
  - 3. The method of claim 1, the method further comprising provisioning software to the target machine utilizing at least one provisioning object, after erasing the information.
  - 4. The method of claim 3, wherein the at least one provisioning object comprises at least one of a profile for provisioning the software, a template for provisioning the software, a software distribution record for provisioning the software, or a record for the target machine.
  - 5. The method of claim 1, wherein the eraser agent utilizes the secure process to obscure or alter the information.
  - 6. The method of claim 1, wherein instructing the target machine to power cycle comprises instructing a power management system to power down and power up the target machine.
  - 7. The method of claim 1, wherein causing the transfer of the eraser agent comprises instructing the helper client to retrieve the eraser agent.

8. A non-transitory computer readable storage medium including instructions that, when executed by a processor, cause the processor to:
- identify a target machine to be removed from a network or to be retasked in the network;
  
  instruct the target machine over the network using a first network protocol to power cycle to initiate a network transfer of an eraser agent, wherein the power cycle comprises powering down and powering up the target machine;
  
  cause a transfer, after the power cycle, of the eraser agent over the network to a helper client executing on one of the identified target machine, using a second network protocol in response to said identifying, wherein the eraser agent is not previously stored on the target machine, wherein the eraser agent is to boot the target machine and to securely erase information stored on a computer readable storage media device associated with the target machine and not erase information associated with the helper client and the eraser agent; and
  
  instruct the target machine over the network using the first network protocol to power cycle to initiate execution of the eraser agent to securely erase the information, wherein the eraser agent utilizes a secure process to securely erase the information.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer readable storage medium of claim 8, the processor further to copy the information stored on the target machine to another target machine prior to erasing the information.
  - 10. The computer readable storage medium of claim 8, the processor further to provision software to the target machine utilizing at least one provisioning object, after erasing the information.
  - 11. The computer readable storage medium of claim 10, wherein the at least one provisioning object comprises at least one of a profile for provisioning the software, a template for provisioning the software, a software distribution record for provisioning the software, or a record for the target machine.
  - 12. The computer readable storage medium of claim 8, wherein the eraser agent utilizes the secure process to obscure or alter the information.
  - 13. The computer readable storage medium of claim 8, wherein instructing the target machine to power cycle, the processor further to instruct a power management system to power down and power up the target machine.
  - 14. The computer readable storage medium of claim 8, wherein causing the transfer of the eraser agent the processor further to instruct the helper client to retrieve the eraser agent.

15. A computing system comprising:
- a memory to store instructions for a provisioning application; and
  
  a processor, coupled to the memory, to execute the instructions, the processor to;
  
  identify a target machine to be removed from a network or to be retasked in the network;
  
  instruct the target machine over the network using a first network protocol to power cycle to initiate a network transfer of an eraser agent, wherein the power cycle comprises powering down and powering up the target machine;
  
  cause a transfer after the power cycle, of the eraser agent over the network to a helper client executing on the target machine, using a second network protocol in response to said identifying, wherein the eraser agent is not previously stored on the target machine, wherein the eraser agent is to boot the target machine and to securely erase information stored on a computer readable storage media device associated with the target machine and not erase information associated with the helper client and the eraser agent; and
  
  instruct the target machine over the network using the first network protocol to power cycle to initiate execution of the eraser agent to securely erase the information, wherein the eraser agent utilizes a secure process to securely erase the information.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The computing system of claim 15, the processor further to copy the information stored on the target machine to another target machine prior to erasing the information.
  - 17. The computing system of claim 15, the processor further to provision software to the target machine utilizing at least one provisioning object, after erasing the information.
  - 18. The computing system of claim 17, wherein the at least one provisioning object comprises at least one of a profile for provisioning the software, a template for provisioning the software, a software distribution record for provisioning the software, or a record for the target machine.
  - 19. The computing system of claim 15, wherein the eraser agent utilizes the secure process to obscure or alter the information.
  - 20. The computing system of claim 15, wherein to instruct the target machine to power cycle, the processor further to instruct a power management system to power down and power up the target machine.
  - 21. The computing system of claim 15, wherein to cause the transfer of the eraser agent, the processor further to instruct the helper client to retrieve the eraser agent.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
DeHaan, Michael Paul
Primary Examiner(s)
BIAGINI, CHRISTOPHER D

Application Number

US12/475,427
Publication Number

US 20100306380A1
Time in Patent Office

2,300 Days
Field of Search

709/221
US Class Current

1/1
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/60   Protecting data

G06F 8/60   Software deployment

G06F 8/62   Uninstallation

H04L 41/0806   for initial configuration o...

Retiring target machines by a provisioning server

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

171 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Retiring target machines by a provisioning server

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

171 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links