Authorizing an action request in a networked computing environment
First Claim
Patent Images
1. A computer-implemented method for minimizing an effect of a disruptive action in a networked computing environment, comprising:
- receiving an action request to perform a disruptive action associated with a cloud computing resource, wherein the networked computing environment is a cloud computing environment and the disruptive action is an action that has a potential to have a disruptive effect;
determining connected systems potentially affected by the requested action from a list of systems capable of being affected by the disruptive action based on a port and a protocol being accessed by the connected systems, the connected systems having an open connection to the cloud computing resource;
determining actual users of each of the connected systems by referencing a database of the cloud computing environment to find a technical owner of each of the connected systems, wherein the actual users comprise active users having an open connection to the computing resource and being actively engaged with the computing resource, passive users having an open connection to the computing resource but not actively engaged with the computing resource, and inactive users comprising an administrator;
sending a notification requesting a response to one or more of the actual users, the notification comprising a message selected from the group consisting of;
an email message, a text message, an instant message, a pop-up window, and a mobile push notification;
receiving a response to the notification from one or more of the actual users, the response comprising a response activity to be executed by the cloud computing resource, the completion of which is a condition for the user to authorize the requested action, and the response comprising a message selected from the group consisting of;
an email message, a text message, an instant message, a pop-up window, and a mobile push notification;
analyzing user data comprising resource usage activity associated with each responding actual user and a role of each responding actual user;
weighting the response of each responding actual user based on the resource usage activity associated with each responding actual user and the role of each responding actual user, the weighting following a set of rules comprising;
assigning a higher priority to a response of an actual user having an active connection than to a response of an actual user having an inactive connection, assigning a higher priority to a response of an actual user with a history of database querying than to a response of an actual user having an open but inactive database connection, assigning a higher priority to a response of an actual user performing a database operation than to a response of an actual user having an open but inactive database connection, and assigning a higher priority to a response of an actual user who is an administrator than to a response of an actual user who is not an administrator; and
determining, based on the weighted responses, whether to grant authorization to perform the requested action, wherein the requested action is performed when authorization is granted and a sufficient failover server is available.
2 Assignments
0 Petitions
Accused Products
Abstract
An approach for authorizing an action requested by a user in a networked computing environment (e.g., a cloud computing environment) is provided. In a typical embodiment, a request for a particular action associated with a computing resource is received. The connected systems which may be affected by the requested action are identified. The actual users of the connected systems are determined. A response from each of the actual users is requested. The responses are collected and weighted to determine if authorization for the requested action is granted.
16 Citations
20 Claims
-
1. A computer-implemented method for minimizing an effect of a disruptive action in a networked computing environment, comprising:
-
receiving an action request to perform a disruptive action associated with a cloud computing resource, wherein the networked computing environment is a cloud computing environment and the disruptive action is an action that has a potential to have a disruptive effect; determining connected systems potentially affected by the requested action from a list of systems capable of being affected by the disruptive action based on a port and a protocol being accessed by the connected systems, the connected systems having an open connection to the cloud computing resource; determining actual users of each of the connected systems by referencing a database of the cloud computing environment to find a technical owner of each of the connected systems, wherein the actual users comprise active users having an open connection to the computing resource and being actively engaged with the computing resource, passive users having an open connection to the computing resource but not actively engaged with the computing resource, and inactive users comprising an administrator; sending a notification requesting a response to one or more of the actual users, the notification comprising a message selected from the group consisting of;
an email message, a text message, an instant message, a pop-up window, and a mobile push notification;receiving a response to the notification from one or more of the actual users, the response comprising a response activity to be executed by the cloud computing resource, the completion of which is a condition for the user to authorize the requested action, and the response comprising a message selected from the group consisting of;
an email message, a text message, an instant message, a pop-up window, and a mobile push notification;analyzing user data comprising resource usage activity associated with each responding actual user and a role of each responding actual user; weighting the response of each responding actual user based on the resource usage activity associated with each responding actual user and the role of each responding actual user, the weighting following a set of rules comprising;
assigning a higher priority to a response of an actual user having an active connection than to a response of an actual user having an inactive connection, assigning a higher priority to a response of an actual user with a history of database querying than to a response of an actual user having an open but inactive database connection, assigning a higher priority to a response of an actual user performing a database operation than to a response of an actual user having an open but inactive database connection, and assigning a higher priority to a response of an actual user who is an administrator than to a response of an actual user who is not an administrator; anddetermining, based on the weighted responses, whether to grant authorization to perform the requested action, wherein the requested action is performed when authorization is granted and a sufficient failover server is available. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for minimizing an effect of a disruptive action in a networked computing environment, comprising:
-
a memory medium comprising instructions; a bus coupled to the memory medium; and a processor coupled to the bus that when executing the instructions causes the system to; receive an action request to perform a disruptive action associated with a cloud computing resource, wherein the networked computing environment is a cloud computing environment and the disruptive action is an action that has a potential to have a disruptive effect; determine connected systems potentially affected by the requested action from a list of systems capable of being affected by the disruptive action based on a port and a protocol being accessed by the connected systems, the connected systems having an open connection to the cloud computing resource; determine actual users of each of the connected systems by referencing a database of the cloud computing environment to find a technical owner of each of the connected systems, wherein the actual users comprise active users having an open connection to the computing resource and being actively engaged with the computing resource, passive users having an open connection to the computing resource but not actively engaged with the computing resource, and inactive users comprising an administrator; send a notification requesting a response to one or more of the actual users, the notification comprising a message selected from the group consisting of;
an email message, a text message, an instant message, a pop-up window, and a mobile push notification;receive a response from one or more of the actual users, the response comprising a response activity to be executed by the cloud computing resource, the completion of which is a condition for the user to authorize the requested action, and the response comprising a message selected from the group consisting of;
an email message, a text message, an instant message, a pop-up window, and a mobile push notification;analyze user data comprising resource usage activity associated with each responding actual user and a role of each responding actual user; weight the response of each responding actual user based on the resource usage activity associated with each responding actual user and the role of each responding actual user, the weighting following a set of rules comprising;
assigning a higher priority to a response of an actual user having an active connection than to a response of an actual user having an inactive connection, assigning a higher priority to a response of an actual user with a history of database querying than to a response of an actual user having an open but inactive database connection, assigning a higher priority to a response of an actual user performing a database operation than to a response of an actual user having an open but inactive database connection, and assigning a higher priority to a response of an actual user who is an administrator than to a response of an actual user who is not an administrator; anddetermine, based on the weighted responses, whether to grant authorization to perform the requested action, wherein the requested action is performed when authorization is granted and a sufficient failover server is available. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer program product for minimizing an effect of a disruptive action in a cloud computing environment, the computer program product comprising a computer readable hardware storage device, and program instructions stored on the computer readable hardware storage device, to:
-
receive an action request to perform a disruptive action associated with a cloud computing resource, wherein the networked computing environment is a cloud computing environment and the disruptive action is an action that has a potential to have a disruptive effect; determine connected systems potentially affected by the requested action from a list of systems capable of being affected by the disruptive action based on a port and a protocol being accessed by the connected systems, the connected systems having an open connection to the cloud computing resource; determine actual users of each of the connected systems by referencing a database of the cloud computing environment to find a technical owner of each of the connected systems, wherein the actual users comprise active users having an open connection to the computing resource and being actively engaged with the computing resource, passive users having an open connection to the computing resource but not actively engaged with the computing resource, and inactive users comprising an administrator; send a notification requesting a response to one or more of the actual users, the notification comprising a message selected from the group consisting of;
an email message, a text message, an instant message, a pop-up window, and a mobile push notification;receive a response from one or more of the actual users, the response comprising a response activity to be executed by the cloud computing resource, the completion of which is a condition for the user to authorize the requested action, and the response comprising a message selected from the group consisting of;
an email message, a text message, an instant message, a pop-up window, and a mobile push notification;analyze user data comprising resource usage activity associated with each responding actual user and a role of each responding actual user; weight the response of each responding actual user based on the resource usage activity associated with each responding actual user and the role of each responding actual user, the weighting following a set of rules comprising;
assigning a higher priority to a response of an actual user having an active connection than to a response of an actual user having an inactive connection, assigning a higher priority to a response of an actual user with a history of database querying than to a response of an actual user having an open but inactive database connection, assigning a higher priority to a response of an actual user performing a database operation than to a response of an actual user having an open but inactive database connection, and assigning a higher priority to a response of an actual user who is an administrator than to a response of an actual user who is not an administrator; anddetermine, based on the weighted responses, whether to grant authorization to perform the requested action, wherein the requested action is performed when authorization is granted and a sufficient failover server is available. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification