Distributed computing system

US 9,195,852 B2
Filed: 07/27/2012
Issued: 11/24/2015
Est. Priority Date: 07/29/2011
Status: Active Grant

First Claim

Patent Images

1. An apparatus for use as a device within a distributed computing system, the distributed computer system comprising a plurality of devices interconnected by a data network, the interconnected devices being communicable with each other using messages transmitted over the data network, the apparatus comprising:

a monitoring component and a correction component; and

at least one processor configured to execute the monitoring component and the correction component,wherein the monitoring component is operable to monitor the output of a policy controlled device, the policy controlled device forming one of the devices of the distributed computer system, the policy controlled device being associated with one or more policies which are applied to the policy controlled device in order to control the behavior of the policy controlled device, each said applied policy specifying a trigger event or events and an action or actions to be performed by the policy controlled device as a result of the trigger event being detected as having occurred,the monitoring component being further operable to compare the monitored output with one or more specified expected outputs and to generate a correction request in the event that the comparison indicates a divergence between the expected and observed outputs;

wherein the correction component is operable to perform corrective actions as specified in the correction request generated by the monitoring component; and

wherein each said applied policy further specifies the expected outputs with which the monitored output is compared by the monitor.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A Policy Enforcement Point (PEP) enforcement module (100) comprises: a monitor (110), (120, 130, 140) for monitoring the output of a policy controlled module or PEP (200) operating within a distributed computer system and a correction performer module (150). The PEP (200) is associated with one or more policies (400) which are applied to the PEP. Each policy specifies a trigger event or events and an action or actions to be performed as a result of the trigger event occurring as well as expected output from the PEP (200) when it performs a specified action or actions. The monitor monitors output produced by the PEP (200) as a result of operating in compliance with a policy, and it compares the monitored output with one or more specified expected outputs specified in the policy. In the event that the comparison indicates a divergence between the expected and observed outputs a correction evaluator (140) evaluates an appropriate corrective action to take and issues a request to the correction performer module to perform such corrective action. The correction performer module (150) then performs the corrective actions as specified by the correction evaluator (140).

Citations

13 Claims

1. An apparatus for use as a device within a distributed computing system, the distributed computer system comprising a plurality of devices interconnected by a data network, the interconnected devices being communicable with each other using messages transmitted over the data network, the apparatus comprising:
- a monitoring component and a correction component; and
  
  at least one processor configured to execute the monitoring component and the correction component,wherein the monitoring component is operable to monitor the output of a policy controlled device, the policy controlled device forming one of the devices of the distributed computer system, the policy controlled device being associated with one or more policies which are applied to the policy controlled device in order to control the behavior of the policy controlled device, each said applied policy specifying a trigger event or events and an action or actions to be performed by the policy controlled device as a result of the trigger event being detected as having occurred,the monitoring component being further operable to compare the monitored output with one or more specified expected outputs and to generate a correction request in the event that the comparison indicates a divergence between the expected and observed outputs;
  
  wherein the correction component is operable to perform corrective actions as specified in the correction request generated by the monitoring component; and
  
  wherein each said applied policy further specifies the expected outputs with which the monitored output is compared by the monitor.
- View Dependent Claims (2, 3, 4)
- - 2. The apparatus according to claim 1, wherein:
    - the monitored output includes log data; and
      
      the monitoring component includes a log analyzer for analyzing the log data.
  - 3. The apparatus according to claim 1, wherein the correction component includes means for modifying the policy controlled device or the behavior thereof, including replacing the policy controlled device in question, without modifying a policy applied to the policy controlled device.
  - 4. The apparatus according to claim 1, wherein the monitoring component includes an indicator value updater for updating an indicator value based on the comparison of the monitored output with the expected output and a decision maker for monitoring the indicator value and determining whether a pre-specified condition associated with the indicator value is satisfied.

5. A method of operating a distributed computer system, which comprises a plurality of devices interconnected by a data network, the interconnected devices being communicable with each other using messages transmitted over the data network, the distributed computer system including a policy controlled device whose behavior is at least partly specified by one or more policies, each of the one or more policies specifying a trigger event or events and an action or actions to be performed by the policy controlled device in response to a trigger event being detected, and wherein each policy additionally specifies expected output from the policy controlled device, the method comprising:
- comparing the output from the policy controlled device with the expected output specified in a policy; and
  
  performing corrective actions in the event that the comparison indicates a difference between the monitored output and the expected output,wherein each applied policy further specifies the expected outputs with which the monitored output is compared by the monitor.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The method according to claim 5, wherein the monitored output includes log data and further comprising monitoring the output log data.
  - 7. The method according to claim 5, wherein performing corrective actions comprises modifying the output of, or the input to, the policy controlled device or the behavior thereof, without modifying a policy applied to the policy controlled device.
  - 8. The method according to claim 5, further comprising:
    - updating an indicator value based on the comparison of the monitored output with the expected output,monitoring the indicator value, anddetermining whether a pre-specified condition associated with the indicator value is satisfied.
  - 9. A non-transitory computer readable storage medium including executable instructions programmed to cause a processor, when executing the instructions, to carry out the method of claim 5.

10. An apparatus for use as a device within a distributed computing system, the distributed computer system comprising a plurality of devices interconnected by a data network, the interconnected devices being communicable with each other using messages transmitted over the data network, the apparatus comprising:
- a communication circuit; and
  
  at least one processor and memory coupled thereto;
  
  wherein the at least one processor and the communication circuit are configured to cooperate with one another to enable the apparatus to interface with at least the data network, the at least one processor being further configured to control the apparatus to at least execute functionality comprising;
  
  monitoring the output of a policy controlled device, the policy controlled device forming one of the devices of the distributed computer system, the policy controlled device being associated with one or more policies applied to the policy controlled device in order to control the behavior of the policy controlled device, each said applied policy specifying a trigger event or events and an action or actions to be performed by the policy controlled device as a result of the trigger event being detected as having occurred;
  
  comparing the monitored output with one or more specified expected outputs;
  
  generating a correction request in the event that the comparison indicates a divergence between the expected and observed outputs; and
  
  causing performance of corrective actions, as specified in the generated correction request; and
  
  wherein each said applied policy further specifies the expected outputs with which the monitored output is compared by the monitor.
- View Dependent Claims (11, 12, 13)
- - 11. The apparatus according to claim 10, wherein the monitored output includes log data, and wherein the log data;
    - the at least one processor being configured to control the apparatus to execute further functionality comprising analyzing the log data.
  - 12. The apparatus according to claim 10, wherein the at least one processor is configured to control the apparatus to execute further functionality comprising modifying the policy controlled device or the behavior thereof, including replacing the policy controlled device in question, without modifying a policy applied to the policy controlled device.
  - 13. The apparatus according to claim 10, wherein the at least one processor is configured to control the apparatus to execute further functionality comprising:
    - updating an indicator value based on the comparison of the monitored output with the expected output; and
      
      monitoring the indicator value and determining whether a pre-specified condition associated with the indicator value is satisfied.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
British Telecommunications PLC (BT Group PLC)
Original Assignee
British Telecommunications PLC (BT Group PLC)
Inventors
Dimitrakos, Theo, Krishnan Nair, Srijith, Gheorghe, Gabriela, Crispo, Bruno
Primary Examiner(s)
Okeke, Izunna

Application Number

US14/234,931
Publication Number

US 20140173687A1
Time in Patent Office

1,215 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06Q 10/10   Office automation; Time man...

G16H 10/60   for patient-specific data, ...

Distributed computing system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Distributed computing system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links