Automated change approval
First Claim
1. An automated method for facilitating management of a data processing environment comprising:
- by a computer;
creating in digital form a first record of first one or more changes made to a first data processing device of the data processing environment, wherein the changes made to the first data processing device are represented at least in part by one or more hashes of software or of data on the first data processing device;
creating in digital form a second record of second one or more changes directed to be made to a second data processing device of the data processing environment, wherein the changes directed to be made to the second data processing device are represented at least in part by one or more hashes of software or of data on the second data processing device;
receiving an indication from a user that the first record is to be used as a template of approved changes;
comparing data in the second record to data in the template according to one or more of;
(a) whether an object name and hash in the template and the second record match;
(b) whether an object name in the template and the second record match;
or (c) whether a rule name in the template and the second record match; and
in response to the comparing, determining that the data in the second record does not match the data in the template and providing an alert response, wherein the providing the alert response comprises displaying a report that includes detected changes at the second processing device that match the changes specified in the template and detected data at the second processing device that does not match the changes specified in the template,wherein the second data processing device is a networking device, a router, a switch, a server, a desktop computer, a laptop computer, a tablet computer, a personal digital assistant, a cellular phone, a set top box, or a media player.
5 Assignments
0 Petitions
Accused Products
Abstract
An automated method for facilitating management of a data processing environment is disclosed. In various embodiments, the method may include facilitating creation of a first memorialization, in digital form, of first one or more changes made to a first data processing device of the data processing environment. In various embodiments, the method may further include facilitating creation of a second and a third memorialization, both in digital form, of second and third one or more changes made to a second and a third data processing device of the data processing environment, respectively. In various embodiments, the method may still further include facilitating automated approval of the second and third changes made to the second and third data processing devices, using the first, second and third memorializations. Other embodiments of the present invention may include, but are not limited to, apparatus adapted to facilitate practice of the above-described method.
-
Citations
72 Claims
-
1. An automated method for facilitating management of a data processing environment comprising:
by a computer; creating in digital form a first record of first one or more changes made to a first data processing device of the data processing environment, wherein the changes made to the first data processing device are represented at least in part by one or more hashes of software or of data on the first data processing device; creating in digital form a second record of second one or more changes directed to be made to a second data processing device of the data processing environment, wherein the changes directed to be made to the second data processing device are represented at least in part by one or more hashes of software or of data on the second data processing device; receiving an indication from a user that the first record is to be used as a template of approved changes; comparing data in the second record to data in the template according to one or more of;
(a) whether an object name and hash in the template and the second record match;
(b) whether an object name in the template and the second record match;
or (c) whether a rule name in the template and the second record match; andin response to the comparing, determining that the data in the second record does not match the data in the template and providing an alert response, wherein the providing the alert response comprises displaying a report that includes detected changes at the second processing device that match the changes specified in the template and detected data at the second processing device that does not match the changes specified in the template, wherein the second data processing device is a networking device, a router, a switch, a server, a desktop computer, a laptop computer, a tablet computer, a personal digital assistant, a cellular phone, a set top box, or a media player. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
9. A non-transitory computer-readable medium storing computer-executable instructions which when executed by a computer cause the computer to perform a method, the method comprising:
-
facilitating creation of a first record of first one or more changes made to a first data processing device of a data processing environment, wherein the changes made to the first data processing device and indicated by the first record are represented at least in part by hashes of software or of data on the first data processing device; facilitating creation of a second record of second one or more changes directed to be made to a second data processing device of the data processing environment, wherein the changes directed to be made to the second data processing device and indicated by the second record are represented at least in part by hashes of software or of data on the second data processing device; receiving an indication from a user that the first record is to be used as a template of approved changes; comparing data in the second record to data in the template, according to one or more of;
(a) whether an object name and hash in the template and the second record match;
(b) whether an object name in the template and the second record match;
or (c) whether a rule name in the template and the second record match; andin response to the comparing, automatically providing an alert response if the data in the second record does not match the data in the template; wherein the alert response comprises a report that includes an unapproved change at the second data processing device that does not match any of the approved changes specified in the template of approved changes, and wherein the second data processing device comprises a networking device, a router, a switch, a server, a desktop computer, a laptop computer, a tablet computer, a personal digital assistant, a cellular phone, a set to box, or a media player. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A system for facilitating management of a data processing environment, the system comprising:
one or more computers configured to; facilitate creation in digital form of a first record of first one or more changes made to a first data processing device of the data processing environment, wherein the changes made to the first data processing device and indicated by the first record are represented at least in part by hashes of software or of data on the first data processing device; facilitate creation in digital form of a second record of second one or more changes directed to be made to a second data processing device of the data processing environment, wherein the changes directed to be made to the second data processing device and indicated by the second record are represented at least in part by hashes of software or of data on the second data processing device; receive an indication from a user that the first record is to be used as a template of approved changes; compare data in the second record to data in the template according to one or more of;
(a) whether an object name and hash in the template and the second record match;
(b) whether an object name in the template and the second record match;
or (c) whether a rule name in the template and the second record match;responsive to the comparison, determine that the data in the second record does not match the data in the template; and responsive to the determination, provide an alert response, the alert response comprising a report indicating the data of the second record that does not match the changes specified in the template, wherein the second data processing device is a device selected from the group consisting of a networking device, a router, a switch, a server, a desktop computer, a laptop computer, a tablet computer, a personal digital assistant, a cellular phone, a set top box, and a media player. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
23. A non-transitory computer-readable medium storing computer-executable instructions which when executed by a computer cause the computer to perform a method, the method comprising:
-
creating in digital form a first record of first changes made to a first data processing device of a data processing environment, wherein the changes made to the first data processing device are identified at least in part by hashes of software or of data on the first data processing device; creating in digital form a second record of second one or more changes made to a second data processing device of the data processing environment, wherein the changes made to the second data processing device are identified at least in part by hashes of software or of data on the second data processing device; receiving an indication from a user that the first record is to be used as a template of approved changes; facilitating automated approval of the second changes made to the second data processing devices by comparing data in the second record to data in the template according to one or more of;
(a) whether an object name and hash in the template and the second record match;
(b) whether an object name in the template and the second record match;
or (c) whether a rule name in the template and the second record match; anddisplaying a report that identifies detected changes at the second processing device that match the changes specified in the template or detected changes at the second processing device that do not match the changes specified in the template, wherein the second data processing device is a networking device or a server. - View Dependent Claims (24)
-
-
25. A system for facilitating management of a data processing environment, the system comprising:
one or more computers configured to; create, in digital form, a first record of changes made to a first data processing device of the data processing environment, wherein the changes made to the first data processing device are indicated in the first record at least in part by hashes of software or of data on the first data processing device; create, in digital form, a plurality of secondary records of changes made to a plurality of secondary data processing devices of the data processing environment, wherein the changes made to the secondary data processing devices are indicated in the secondary records at least in part by hashes of software or of data on the respective secondary data processing devices; receive an indication from a user that the first record is to be used as a template of approved changes; compare data in the secondary records to data in the template according to one or more of;
(a) whether an object name and hash in the template and the secondary records match;
or (b) whether an object name in the template and the secondary records match; anddisplay a report that comprises one or more of detected changes at the second processing device that match the changes specified in the template or of detected changes at the second processing device that do not match the changes specified in the template, wherein the second data processing devices are networking devices or servers. - View Dependent Claims (26, 27, 28, 29, 30)
-
31. A method for maintaining data security in a distributed network of different types of data processing devices, comprising:
-
storing a first digital record of a first data change made to a first data processing device; receiving an indication from a user that the first digital record comprises an approved data change template; storing a second digital record of a second data change made to a second data processing device of the network of different types of data processing devices; comparing at least a portion of the second digital record to the approved data change template so as to determine whether the at least a portion of the second digital record matches the approved data change template; generating a report of a failed match when the at least a portion of the second digital record does not match the approved data change template; and generating a report of a match when the at least a portion of the second digital record matches the approved data change template; wherein the approved data change template comprises a first object name and a first hash, and the second digital record comprises a second object name and a second hash; wherein the comparing the at least a portion of the second digital record to the approved data change template so as to determine whether the at least a portion of the second digital record matches the approved data change template comprises; identifying whether the first object name matches the second object name, and identifying whether the first hash matches the second hash; wherein the first data processing device comprises a test server; and wherein the second data processing device comprises a production server. - View Dependent Claims (32, 33, 34, 35)
-
-
36. A system for maintaining data security in a distributed network of different types of data processing devices, comprising:
-
a first storage device configured to store a first digital record of a first data change made to a first data processing device, store an indication from a user that the first digital record comprises an approved data change template, and store a second digital record comprising a second data change made to a second data processing device of the distributed network of different types of data processing devices; and a processor configured to compare the second data change of the second digital record to the approved data change template so as to determine whether the second data change matches the approved data change template, wherein the approved data change template comprises a first object name and a first hash, and the second data change of the second digital record comprises a second object name and a second hash; wherein the processor is configured to identify;
(a) whether the first object name matches the second object name and identify whether the first hash matches the second hash;
(b) whether the first object name matches the second object name;
or (c) whether the first hash matches the second hash;wherein the processor is further configured to display a report that indicates one or more identified changes at the second processing device that match the changes specified in the template or one or more identified changes at the second processing device that do not match the changes specified in the template; wherein the first data processing device comprises a test server; and wherein the second data processing device comprises a production server. - View Dependent Claims (37, 38, 39, 40)
-
-
41. A method for maintaining data security in a distributed network of different types of data processing devices including routers, switches, servers, desktop computers, laptop computers, tablet computers, personal digital assistants, cellular phones, set to boxes, or media players comprising:
-
storing a first digital record of a first data change made to a first data processing device of the distributed network of different types of data processing devices; receiving an indication from a user that the first digital record comprises an approved data change template; storing a second digital record comprising a second data change made to a second data processing device of the distributed network of different types of data processing devices; comparing the second data change of the second digital record to the approved data change template so as to determine whether the second data change matches the approved data change template; generating an approval response when the second data change matches the approved data change template; and displaying an indication that the second data change matches the approved data change template, wherein the approved data change template comprises a first object name and a first hash, and the second data change of the second digital record comprises a second object name and a second hash, wherein the comparing the second data change of the second digital record to the approved data change template so as to determine whether the second data change matches the approved data change template comprises identifying whether the first object name matches the second object name and identifying whether the first hash matches the second hash, wherein the generating the approval response is performed when the first object name matches the second object name and the first hash matches the second hash. - View Dependent Claims (42, 43, 44, 45, 46)
-
-
47. A system for maintaining data security in a distributed network of different types of data processing devices that includes routers, switches, servers, desktop computers, laptop computers, tablet computers, personal digital assistants, cellular phones, set top boxes, or media players, comprising:
-
a storage device configured to store a first digital record of a first data change made to a first data processing device of the distributed network of different types of data processing devices, to store an indication from a user that the first digital record comprises an approved data change template, and to store a second digital record comprising a second data change made to a second data processing device of the network of different types of data processing devices; a processor configured to compare the second data change to the approved data change template so as to determine whether the second data change matches the approved data change template, and generate an approval response when the second data change matches the approved data change template, wherein the comparing the second data change to the approved data change template so as to determine whether the second data change matches the approved data change template comprises identifying whether a first object name matches a second object name and identifying whether a first hash matches a second hash, wherein the generating the approval response is performed when the first object name matches the second object name and the first hash matches the second hash, and wherein the processor is further configured to generate a report indicating that the second data change matches the approved data change template. - View Dependent Claims (48, 49, 50, 51, 52, 53)
-
-
54. A method for maintaining data security in a distributed network of different types of data processing devices that includes routers, switches, servers, desktop computers, laptop computers, tablet computers, personal digital assistants, cellular phones, set to boxes, or media players, comprising:
-
storing a first digital record of an approved set of data changes made to a first data processing device of the distributed network of different types of data processing devices; receiving a second digital record comprising state data of a second data processing device of the network of different types of data processing devices; comparing the state data of the second digital record to the approved set of data changes made to the first data processing device so as to determine whether the state data matches the approved set of data changes; and providing an alert as a result of the state data of the second data processing device not matching the approved set of data changes made to the first data processing device, the alert comprising a display indicating one or more data changes to the second data processing device that do not match the approved set of data changes, wherein the approved set of data changes made to the first data processing device comprises a first hash value. - View Dependent Claims (55, 56, 57, 58, 59)
-
-
60. A data security system for maintaining data security in a distributed network of different types of data processing devices that includes routers, switches, servers, desktop computers, laptop computers, tablet computers, personal digital assistants, cellular phones, set to boxes, or media players, comprising:
-
a storage device configured to store a first digital record of an approved set of data changes made to a first data processing device of the distributed network of different types of data processing devices; and a processor configured to receive a second digital record comprising state data of a second data processing device of the network of different types of data processing devices;
compare the state data of the second digital record to the approved set of data changes so as to determine whether the state data matches the approved set of data changes; and
provide an alert as a result of the state data of the second data processing device not matching the approved set of data changes made to the first data processing device, the alert comprising a display indicating one or more data changes to the second data processing device that do not match the approved set of data changes,wherein the approved set of data changes made to the first data processing device comprises a first hash value. - View Dependent Claims (61, 62, 63, 64, 65, 66)
-
-
67. A system for maintaining data security in a distributed network of different types of data processing devices, comprising:
-
means for receiving a first digital record of an approved data change made to a test server; means for receiving a second digital record of a state of a production server of the distributed network of different types of data processing devices; means for comparing the second digital record to the approved data change so as to determine whether the state of the production server matches the approved data change, wherein the approved data change comprises a first object name and a first hash, and the state of the second digital record comprises a second object name and a second hash; and wherein the comparing the second digital record to the approved data change so as to determine whether the state of the production server matches the approved data change comprises identifying whether the first hash matches the second hash; and means for generating an alert response when the first hash does not match the second hash, wherein the generating the alert response comprises generating a display indicating one or more approved changes at the production server, one or more missing changes at the production server, or one or more unapproved changes at the production server. - View Dependent Claims (68, 69)
-
-
70. A data security system for maintaining data security in a distributed network of different types of data processing devices, comprising:
-
a data security controller configured to receive a first digital record comprising an approved data change made to a test server in the distributed network of data processing devices, receive a second digital record associated with a requested data change to a production server of the distributed network of different types of data processing devices, compare the requested data change of the second digital record to the approved data change of the first digital record so as to determine whether the requested data change matches the approved data change, and generate a remediation response when the requested data change does not match the approved data change, wherein the approved data change comprises a first object name and a first hash, and the requested data change comprises a second object name and a second hash, wherein the data security controller is configured to identify whether the first object name matches the second object name, or whether the first hash matches the second hash, wherein the data security controller is configured to generate the remediation response when the first object name does not match the second object name or when the first hash does not match the second hash, and wherein the data security controller is configured to generate a display of at least one of a number of approved changes at the production server or a number of missing or unapproved changes at the production server. - View Dependent Claims (71, 72)
-
Specification