Policy implementation in a networked computing environment
First Claim
1. A computer-implemented method for implementing policies in a networked computing environment, comprising:
- evaluating an applicability of a policy to a set of layers of a network stack in the networked computing environment, the policy being drawn from a set of policies stored in at least one computer storage device, the set of layers comprising;
a business processes as a service layer providing at least one of;
business application services or industry solutions,a platform as a service layer comprising;
an applications services sub-layer providing collaboration, analytics, and process management,an application lifecycle sub-layer providing developer and tester collaboration, development automation, and lifecycle traceability,an integration sub-layer providing process integration, application and data integration, identity integration, management integration, and spillover/failover services, anda workload services sub-layer providing elastic application runtimes, elastic application resources, workload and topology patterns, dynamic workload management, fine-drained service level agreement enforcement, application health management and self-healing, continuously available applications, multi-tenant applications, and workload and data mobility, and an infrastructure as a service layer comprising;
an operations support system sub-layer providing service quality management, image management, service asset management, service operations management, and service automation management;
an optimization sub-layer providing;
heterogeneous platform management, workload acceleration, optimized workload placement, virtualized computation, network and storage, and power management, anda security sub-layer providing;
security management, tenant isolation, identity management, intrusion detection, and data protection;
determining an effectiveness of the policy as applied to the set of layers; and
determining, based on the effectiveness, a protocol for implementing the policy for at least one layer of the set of layers.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present invention relate to an approach for resolving and/or implementing policies based on layers of a network stack (e.g., cloud computing stack). Specifically, for a given policy that is being resolved, the system first evaluates the applicability of the policy to each layer in the network stack. For a given policy, the system then evaluates the relative effectiveness of applying the policy to achieve the overall goal of the policy. Based on the best fit evaluation of the relative comparison, the system then decides how and where the policy is enacted (e.g., determines a protocol for implementing the policy).
-
Citations
20 Claims
-
1. A computer-implemented method for implementing policies in a networked computing environment, comprising:
-
evaluating an applicability of a policy to a set of layers of a network stack in the networked computing environment, the policy being drawn from a set of policies stored in at least one computer storage device, the set of layers comprising; a business processes as a service layer providing at least one of;
business application services or industry solutions,a platform as a service layer comprising; an applications services sub-layer providing collaboration, analytics, and process management, an application lifecycle sub-layer providing developer and tester collaboration, development automation, and lifecycle traceability, an integration sub-layer providing process integration, application and data integration, identity integration, management integration, and spillover/failover services, and a workload services sub-layer providing elastic application runtimes, elastic application resources, workload and topology patterns, dynamic workload management, fine-drained service level agreement enforcement, application health management and self-healing, continuously available applications, multi-tenant applications, and workload and data mobility, and an infrastructure as a service layer comprising; an operations support system sub-layer providing service quality management, image management, service asset management, service operations management, and service automation management; an optimization sub-layer providing;
heterogeneous platform management, workload acceleration, optimized workload placement, virtualized computation, network and storage, and power management, anda security sub-layer providing;
security management, tenant isolation, identity management, intrusion detection, and data protection;determining an effectiveness of the policy as applied to the set of layers; and determining, based on the effectiveness, a protocol for implementing the policy for at least one layer of the set of layers. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for implementing policies in a networked computing environment, comprising:
-
a memory medium comprising instructions; a bus coupled to the memory medium; and a processor coupled to the bus that when executing the instructions causes the system to; evaluate an applicability of a policy to a set of layers of a network stack in the networked computing environment, the policy being drawn from a set of policies stored in at least one computer storage device, the set of layers comprising; a business processes as a service layer providing at least one of; business application services or industry solutions, a platform as a service layer comprising; an applications services sub-layer providing collaboration, analytics, and process management, an application lifecycle sub-layer providing developer and tester collaboration, development automation, and lifecycle traceability, an integration sub-layer providing process integration, application and data integration, identity integration, management integration, and spillover/failover services, and a workload services sub-layer providing elastic application runtimes, elastic application resources, workload and topology patterns, dynamic workload management, fine-drained service level agreement enforcement, application health management and self-healing, continuously available applications, multi-tenant applications, and workload and data mobility, and an infrastructure as a service layer comprising an operations support system sub-layer providing;
service quality management, image management, service asset management, service operations management, and service automation management;an optimization sub-layer providing; heterogeneous platform management, workload acceleration, optimized workload placement, virtualized computation, network and storage, and power management, and a security sub-layer providing;
security management, tenant isolation, identity management, intrusion detection, and data protection;determine an effectiveness of the policy as applied to the set of layers; and determine, based on the effectiveness, a protocol for implementing the policy for at least one layer of the set of layers. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer program product for implementing policies in a networked computing environment, the computer program product comprising a computer readable hardware storage device, and program instructions stored on the computer readable storage media, to:
-
evaluate an applicability of a policy to a set of layers of a network stack in the networked computing environment, the policy being drawn from a set of policies stored in at least one computer storage device, the set of layers comprising; a business processes as a service layer providing at least one of;
business application services or industry solutions,a platform as a service layer comprising; an applications services sub-layer providing collaboration, analytics, and process management, an application lifecycle sub-layer providing developer and tester collaboration, development automation, and lifecycle traceability, an integration sub-layer providing process integration, application and data integration, identity integration, management integration, and spillover/failover services, and a workload services sub-layer providing elastic application runtimes, elastic application resources, workload and topology patterns, dynamic workload management, fine-drained service level agreement enforcement, application health management and self-healing, continuously available applications, multi-tenant applications, and workload and data mobility, and an infrastructure as a service layer comprising an operations support system sub-layer providing;
service quality management, image management, service asset management, service operations management, and service automation management;an optimization sub-layer providing; heterogeneous platform management, workload acceleration, optimized workload placement, virtualized computation, network and storage, and power management, and a security sub-layer providing;
security management, tenant isolation, identity management, intrusion detection, and data protection;determine an effectiveness of the policy as applied to the set of layers; and determine, based on the effectiveness, a protocol for implementing the policy for at least one layer of the set of layers. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification