System and method for distributed management of shared computers

US 7,711,121 B2
Filed: 11/02/2004
Issued: 05/04/2010
Est. Priority Date: 10/24/2000
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method comprising:

verifying identities of a landlord device and a tenant device, wherein each identity is verified by ascertaining how each device is coupled to a computer;

generating, in the computer implemented locally at a data center facility, a landlord key pair and a tenant key pair, each key pair including a private key and a public key, the landlord key pair being used to establish secure communication between the computer and a landlord device, and the tenant key pair being used to establish secure communication between the computer and a tenant device;

the landlord device manages hardware operations of a cluster and is implemented locally at the data center facility;

the tenant device manages software of the cluster and is implemented at a location remote from the data center facility;

keeping the landlord private key and the tenant private key secure in the computer without disclosing the keys to any other device;

forwarding the landlord public key and the tenant public key to the landlord device; and

forwarding the tenant public key to the tenant device.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A multi-tiered server management architecture is employed including an application development tier, an application operations tier, and a cluster operations tier. In the application development tier, applications are developed for execution on one or more server computers. In the application operations tier, execution of the applications is managed and sub-boundaries within a cluster of servers can be established. In the cluster operations tier, operation of the server computers is managed without concern for what applications are executing on the one or more server computers and boundaries between clusters of servers can be established. The multi-tiered server management architecture can also be employed in co-location facilities where clusters of servers are leased to tenants, with the tenants implementing the application operations tier and the facility owner (or operator) implementing the cluster operations tier.

521 Citations

13 Claims

1. A computer implemented method comprising:
- verifying identities of a landlord device and a tenant device, wherein each identity is verified by ascertaining how each device is coupled to a computer;
  
  generating, in the computer implemented locally at a data center facility, a landlord key pair and a tenant key pair, each key pair including a private key and a public key, the landlord key pair being used to establish secure communication between the computer and a landlord device, and the tenant key pair being used to establish secure communication between the computer and a tenant device;
  
  the landlord device manages hardware operations of a cluster and is implemented locally at the data center facility;
  
  the tenant device manages software of the cluster and is implemented at a location remote from the data center facility;
  
  keeping the landlord private key and the tenant private key secure in the computer without disclosing the keys to any other device;
  
  forwarding the landlord public key and the tenant public key to the landlord device; and
  
  forwarding the tenant public key to the tenant device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A computer implemented method as recited in claim 1, further comprising generating a storage key to encrypt data to be stored on a mass storage device.
  - 3. A computer implemented method as recited in claim 2, further comprising discarding the current storage key each time the tenant private key is changed, and generating a new storage key.
  - 4. A computer implemented method as recited in claim 2, wherein the generating the storage key comprises combining a landlord symmetric key and a tenant symmetric key to generate the storage key.
  - 5. A computer implemented method as recited in claim 1, further comprising forwarding the tenant key to the tenant device via the landlord device.
  - 6. A computer implemented method as recited in claim 1, wherein the landlord device comprises a cluster operations management console.
  - 7. A computer implemented method as recited in claim 1, wherein the tenant device comprises an application operations management console.

8. A computer implemented method comprising:
- verifying identities of a cluster operation management console and an application console, wherein each identity is verified by ascertaining how each console is coupled to a computer;
  
  generating, in the computer implemented locally at a data center facility, a cluster operation key pair and an application key pair, each key pair including a private key and a public key, the cluster operation key pair being used to establish secure communication between the computer and the cluster operations management console, and the application key pair being used to establish secure communication between the computer and the application console, wherein;
  
  the cluster operations management console manages hardware operations of a cluster and is implemented locally at the data center facility;
  
  the application console manages software of the cluster and is implemented at a location remote from the data center facility;
  
  keeping the cluster operation private key and the application private key secure in the computer without disclosing the keys to any other device;
  
  forwarding the cluster operation public key and the application public key to the cluster operations management console; and
  
  forwarding the application public key to the application console.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. A computer implemented method as recited in claim 8, further comprising generating a storage key to encrypt data to be stored on a mass storage device.
  - 10. A computer implemented method as recited in claim 9, further comprising discarding a current storage key each time the application private key is changed, and generating a new storage key.
  - 11. A computer implemented method as recited in claim 9, wherein generating the storage key comprises combining a cluster operation symmetric key and a application symmetric key to generate the storage key.
  - 12. A computer implemented method as recited in claim 8, wherein the application console comprises an application development console utilized to develop software applications.
  - 13. A computer implemented method as recited in claim 8, wherein the application console comprises an application operation management console utilized to monitor software application operation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Zhigu Holdings Limited
Original Assignee
Microsoft Corporation
Inventors
Tabbara, Bassam, Hunt, Galen C., Welland, Robert V., Hydrie, Aamer, Stutz, David S., Levi, Steven P.
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Tran; Tongoc

Application Number

US10/979,565
Publication Number

US 20050091078A1
Time in Patent Office

2,009 Days
Field of Search

709/220, 709223-225, 380/30, 380/45, 380/278, 380/279, 380281-285
US Class Current

380/282
CPC Class Codes

H04L 41/042   comprising distributed mana...

H04L 41/0659   by isolating or reconfiguri...

H04L 41/0661   by reconfiguring faulty ent...

H04L 63/06   for supporting key manageme...

H04L 69/40   for recovering from a failu...

System and method for distributed management of shared computers

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

521 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for distributed management of shared computers

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

521 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links