Depopulation of user data from network

US 9,558,195 B2
Filed: 02/27/2009
Issued: 01/31/2017
Est. Priority Date: 02/27/2009
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

identifying, by a processing device of a network management platform, at least one user ID associated with at least one user having a changed status in a network, wherein the network is associated with the network management platform, data sources, and user data;

identifying, by the processing device of the network management platform, data sources hosting a set of user processes, a set of files, and a set of user profiles in the network;

accessing communication paths between the network management platform and the processing device-identified data sources hosting the set of user processes, the set of files, and the set of user profiles in the network;

generating a discovery command in view of the processing device-identified data sources;

transmitting the discovery command from the network management platform to the processing device-identified data sources hosting the set of user processes, the set of files, and the set of user profiles in the network;

receiving a response to the discovery command in the network management platform, the response indicating presence of user data in the data sources in view of the communication paths;

identifying non-indexed user data associated with the at least one user ID in the data sources in view of the response to the discovery command; and

modifying the non-indexed user data in the network in view of the changed status of the at least one user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments relate to systems and methods for depopulation of user data from a network. A network management platform can communicate with a set of managed machines in a network, and generally manage user accounts including user IDs, associated network processes, services, application files, data files, and/or other user data. In embodiments, a user may have a change in status, such as departing from the organization operating the network, changing their name or user name, or other updates. In such cases, a systems administrator may need to update or delete files, processes, services, and/or other user data associated with the user from the network. The network management platform can interrogate the network for files, processes, or other resources associated with the user ID of interest. The search can exhaustively interrogate every available node in the network, to update or purge all files associated with the subject user ID(s).

333 Citations

18 Claims

1. A method comprising:
- identifying, by a processing device of a network management platform, at least one user ID associated with at least one user having a changed status in a network, wherein the network is associated with the network management platform, data sources, and user data;
  
  identifying, by the processing device of the network management platform, data sources hosting a set of user processes, a set of files, and a set of user profiles in the network;
  
  accessing communication paths between the network management platform and the processing device-identified data sources hosting the set of user processes, the set of files, and the set of user profiles in the network;
  
  generating a discovery command in view of the processing device-identified data sources;
  
  transmitting the discovery command from the network management platform to the processing device-identified data sources hosting the set of user processes, the set of files, and the set of user profiles in the network;
  
  receiving a response to the discovery command in the network management platform, the response indicating presence of user data in the data sources in view of the communication paths;
  
  identifying non-indexed user data associated with the at least one user ID in the data sources in view of the response to the discovery command; and
  
  modifying the non-indexed user data in the network in view of the changed status of the at least one user.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the modifying comprises migrating the non-indexed user data from the at least one user ID to at least a second user ID.
  - 3. The method of claim 1, wherein the modifying comprises deleting the non-indexed user data associated with the at least one user ID from the network.
  - 4. The method of claim 1, wherein transmitting the discovery command comprises communicating with available nodes in the network via a secure channel to identify the non-indexed user data associated with the at least one user ID.
  - 5. The method of claim 1, wherein the changed status of the at least one user comprises at least one of a change in user name, a change in network user ID, a change in employment status, a change in level of security access level, or a change in network subscription status.
  - 6. The method of claim 1, wherein transmitting the discovery command comprises multiple scanning of the network repeated until termination criteria are met.

7. A system, comprising:
- an interface to a network, wherein the network is associated with a network management platform, data sources, and user data; and
  
  a processing device of the network management platform to communicate via the interface with the network to;
  
  identify at least one user ID associated with at least one user having a changed status in the network;
  
  identify data sources hosting a set of user processes, a set of files, and a set of user profiles in the network;
  
  access communication paths between the network management platform and the processing device-identified data sources hosting the set of user processes, the set of files, and the set of user profiles in the network;
  
  generate a discovery command in view of the processing device-identified data sources;
  
  transmit the discovery command from the network management platform to the processing device-identified data sources hosting the set of user processes, the set of files, and the set of user profiles in the network;
  
  receive a response to the discovery command in the network management platform, the response to indicate presence of user data in the data sources in view of the communication paths;
  
  identify non-indexed user data associated with the at least one user ID in the data sources in view of the response to the discovery command; and
  
  modify the non-indexed user data in the network in view of the changed status of the at least one user.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein the processing device is further to migrate the non-indexed user data from the at least one user ID to at least a second user ID.
  - 9. The system of claim 7, wherein the processing device is further to delete the non-indexed user data associated with the at least one user ID from the network.
  - 10. The system of claim 7, wherein the processing device is further to communicate with available nodes in the network via a secure channel to identify the non-indexed user data associated with the at least one user ID.
  - 11. The system of claim 7, wherein the changed status of the at least one user comprises at least one of a change in user name, a change in network user ID, a change in employment status, a change in level of security access level, or a change in network subscription status.
  - 12. The system of claim 7, wherein the processing device is further to repeat scanning of the network until termination criteria are met.

13. A non-transitory computer readable medium storing instructions which, when executed, cause a processing device to:
- identify, by the processing device of a network management platform, at least one user ID associated with at least one user having a changed status in a network, wherein the network is associated with the network management platform, data sources, and user data;
  
  identify, by the processing device of the network management platform, data sources hosting a set of user processes, a set of files, and a set of user profiles in the network;
  
  generating a discovery command in view of the processing device-identified data sources;
  
  transmit the discovery command from the network management platform to the processing device-identified data sources hosting the set of user processes, the set of files, and the set of user profiles in the network;
  
  access communication paths between the network management platform and the processing device-identified data sources hosting the set of user processes, the set of files, and the set of user profiles in the network;
  
  receive a response to the discovery command in the network management platform, the response to indicate presence of user data in the data sources in view of the communication paths;
  
  identify non-indexed user data associated with the at least one user ID in the data sources in view of the response to the discovery command; and
  
  modify the non-indexed user data in the network in view of the changed status of the at least one user.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The non-transitory computer readable medium of claim 13, wherein to modify, the processing device is further to migrate the non-indexed user data from the at least one user ID to at least a second user ID.
  - 15. The non-transitory computer readable medium of claim 13, wherein to modify, the processing device is further to delete the non-indexed user data associated with the at least one user ID from the network.
  - 16. The non-transitory computer readable medium of claim 13, wherein to transmit the discovery command, the processing device is further to communicate with available nodes in the network via a secure channel to identify the non-indexed user data associated with the at least one user ID.
  - 17. The non-transitory computer readable medium of claim 13, wherein the changed status of the at least one user comprises at least one of a change in user name, a change in network user ID, a change in employment status, a change in level of security access level, or a change in network subscription status.
  - 18. The non-transitory computer readable medium of claim 13, wherein to transmit the discovery command comprises multiple scanning of the network repeated until termination criteria are met.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
DeHaan, Michael Paul, Likins, Adrian Karstan, Vidal, Seth Kelby
Primary Examiner(s)
Chea, Philip
Assistant Examiner(s)
Ma, Wing

Application Number

US12/395,456
Publication Number

US 20100223369A1
Time in Patent Office

2,895 Days
Field of Search

709/223
US Class Current

1/1
CPC Class Codes

G06F 16/162 Delete operations erasing i...

Depopulation of user data from network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

333 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

Depopulation of user data from network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

333 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others