Multi-tenant audit awareness in support of cloud environments

US 9,460,169 B2
Filed: 01/12/2011
Issued: 10/04/2016
Est. Priority Date: 01/12/2011
Status: Active Grant

First Claim

Patent Images

1. A method of managing log data generated by resources hosted in a multi-tenant shared pool of configurable computing resources, comprising:

aggregating and normalizing log information received from a plurality of the resources hosted in the multi-tenant shared pool of configurable computing resources, at least one of the configurable computing resources being a multi-tenant unaware resource that is shared among at least first and second tenants, the multi-tenant unaware resource generating log information that does not include any information that, by itself, can serve to distinguish which of the first and second tenants use the multi-tenant unaware resource, the log information being normalized by mapping data within the log information into one or more name/value pairs;

receiving input data as tenants carry out transactions in the multi-tenant shared pool of configurable computing resources, the input data being other than the generated log information generated by the multi-tenant unaware resource;

parsing the input data and the aggregated and normalized log information to identify a tenant associated with each of a set of transactions, wherein parsing compares an event pattern in a transaction against a set of filters; and

for each of the set of transactions, and based on the parsing identifying a match between an event pattern in a transaction against a filter in the set of filters, annotating log data associated with the tenant and the particular transaction to include a tenant-specific identifier;

wherein at least one of the aggregating, parsing and annotating operations is carried out in program code executing in a hardware element.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cloud enablement aggregation proxy (CEAP) receives and processes audit data from audited resources before such data is stored in a database. The CEAP manages log data for resources hosted in a multi-tenant shared pool of configurable computing resources (e.g., a compute cloud). A method for managing log data begins by the proxy aggregating and normalizing log information received from a plurality of the resources. The aggregated and normalized log information is then parsed to identify a tenant associated with each of a set of transactions. For each of the set of transactions, the CEAP annotates log data associated with the tenant and the particular transaction to include a tenant-specific identifier. An optional tenant separation proxy (TSP) separates the annotated log data on a per tenant basis prior to storage, and the tenant-specific log data may be stored in per tenant data structures or dedicated tenant log event databases to facilitate subsequent compliance or other analysis.

97 Citations

View as Search Results

21 Claims

1. A method of managing log data generated by resources hosted in a multi-tenant shared pool of configurable computing resources, comprising:
- aggregating and normalizing log information received from a plurality of the resources hosted in the multi-tenant shared pool of configurable computing resources, at least one of the configurable computing resources being a multi-tenant unaware resource that is shared among at least first and second tenants, the multi-tenant unaware resource generating log information that does not include any information that, by itself, can serve to distinguish which of the first and second tenants use the multi-tenant unaware resource, the log information being normalized by mapping data within the log information into one or more name/value pairs;
  
  receiving input data as tenants carry out transactions in the multi-tenant shared pool of configurable computing resources, the input data being other than the generated log information generated by the multi-tenant unaware resource;
  
  parsing the input data and the aggregated and normalized log information to identify a tenant associated with each of a set of transactions, wherein parsing compares an event pattern in a transaction against a set of filters; and
  
  for each of the set of transactions, and based on the parsing identifying a match between an event pattern in a transaction against a filter in the set of filters, annotating log data associated with the tenant and the particular transaction to include a tenant-specific identifier;
  
  wherein at least one of the aggregating, parsing and annotating operations is carried out in program code executing in a hardware element.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method as described in claim 1 further including storing the annotated log data for multiple tenants.
  - 3. The method as described in claim 2 further including separating the annotated log data on a per tenant basis prior to storing.
  - 4. The method as described in claim 1 wherein the set of filters includes a filter that uniquely associates a tenant-specific identifier and a particular event pattern.
  - 5. The method as described in claim 4 wherein the annotating step enriches event pattern data to include the tenant-specific identifier that is associated with a match between the event pattern in a transaction and one of the filters in the set of filters.
  - 6. The method as described in claim 1 wherein each of the resources is a multi-tenant unaware resource.
  - 7. The method as described in claim 1 further including performing a compliance analysis on per tenant-specific log data.

8. Apparatus to manage log data generated by resources hosted in a multi-tenant shared pool of configurable computing resources, comprising:
- a processor;
  
  computer memory holding computer program instructions executed by the processor to perform operations comprising;
  
  aggregating and normalizing log information received from a plurality of the resources hosted in the multi-tenant shared pool of configurable computing resources, at least one of the configurable computing resources being a multi-tenant unaware resource that is shared among at least first and second tenants, the multi-tenant unaware resource generating log information that does not include any information that, by itself, can serve to distinguish which of the first and second tenants use the multi-tenant unaware resource, the log information being normalized by mapping data within the log information into one or more name/value pairs;
  
  receiving input data as tenants carry out transactions in the multi-tenant shared pool of configurable computing resources, the input data being other than the generated log information generated by the multi-tenant unaware resource;
  
  parsing the input data and the aggregated and normalized log information to identify a tenant associated with each of a set of transactions, wherein parsing compares an event pattern in a transaction against a set of filters; and
  
  for each of the set of transactions, and based on the parsing identifying a match between an event pattern in a transaction against a filter in the set of filters, annotating log data associated with the tenant and the particular transaction to include a tenant-specific identifier.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The apparatus as described in claim 8 wherein the operations further include storing the annotated log data for multiple tenants.
  - 10. The apparatus as described in claim 9 wherein the operations further include separating the annotated log data on a per tenant basis prior to storing.
  - 11. The apparatus as described in claim 8 wherein the set of filters includes a filter that uniquely associates a tenant-specific identifier and a particular event pattern.
  - 12. The apparatus as described in claim 11 wherein the annotating step enriches event pattern data to include the tenant-specific identifier that is associated with a match between the event pattern in a transaction and one of the filters in the set of filters.
  - 13. The apparatus as described in claim 9 wherein each of the resources is a multi-tenant unaware resource.
  - 14. The apparatus as described in claim 9 wherein the operations further include performing a compliance analysis on per tenant-specific log data.

15. A computer program product in a non-transitory computer readable medium for use in a data processing system to manage log data generated by resources hosted in a multi-tenant shared pool of configurable computing resources, the computer program product holding computer program instructions which, when executed by the data processing system, perform a method comprising:
- aggregating and normalizing log information received from a plurality of the resources hosted in the multi-tenant shared pool of configurable computing resources, at least one of the configurable computing resources being a multi-tenant unaware resource that is shared among at least first and second tenants, the multi-tenant unaware resource generating log information that does not include any information that, by itself, can serve to distinguish which of the first and second tenants use the multi-tenant unaware resource, the log information being normalized by mapping data within the log information into one or more name/value pairs;
  
  receiving input data as tenants carry out transactions in the multi-tenant shared pool of configurable computing resources, the input data being other than the generated log information generated by the multi-tenant unaware resource;
  
  parsing the input data and the aggregated and normalized log information to identify a tenant associated with each of a set of transactions, wherein parsing compares an event pattern in a transaction against a set of filters; and
  
  for each of the set of transactions, and based on the parsing identifying a match between an event pattern in a transaction against a filter in the set of filters, annotating log data associated with the tenant and the particular transaction to include a tenant-specific identifier.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The computer program product as described in claim 15 wherein the method further includes storing the annotated log data for multiple tenants.
  - 17. The computer program product as described in claim 16 wherein the method further includes separating the annotated log data on a per tenant basis prior to storing.
  - 18. The computer program product as described in claim 15 wherein the set of filters includes a filter that uniquely associates a tenant-specific identifier and a particular event pattern.
  - 19. The computer program product as described in claim 18 wherein the annotating step enriches event pattern data to include the tenant-specific identifier that is associated with a match between the event pattern in a transaction and one of the filters in the set of filters.
  - 20. The computer program product as described in claim 15 wherein each of the resources is a multi-tenant unaware resource.
  - 21. The computer program product as described in claim 15 wherein the method further includes performing a compliance analysis on per tenant-specific log data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Hinton, Heather M., Cohen, Richard Jay
Primary Examiner(s)
Spieler, William

Application Number

US13/004,945
Publication Number

US 20120179646A1
Time in Patent Office

2,092 Days
Field of Search

707/736
US Class Current

1/1
CPC Class Codes

G06F 16/25 Integrating or interfacing ...

Multi-tenant audit awareness in support of cloud environments

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

97 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Multi-tenant audit awareness in support of cloud environments

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

97 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links