Imaged-based method for transport and authentication of virtualized workflows
First Claim
Patent Images
1. A computer implemented method comprising:
- packaging, after a first user completed a first task of a workflow, a local processing environment associated with the workflow into a self-contained image together with a temporary access token representing a verifiable identity wherein the self-contained image and its verifiable identity are digitally signed by a local identity service within the local processing environment, and the local processing environment is packaged by a virtual workflow packaging service executed by a processing device;
supplying, by the virtual workflow packaging service, the self-contained image with the temporary access token for authenticating the self-contained image before the self-contained image is subsequently installed and processed in a remote processing environment;
configuring, by the virtual workflow packaging service, the self-contained image and its verifiable identity for targeting to the remote processing environment, wherein said configuring is digitally signed by the local identity service and wherein said configuring further acquires processor and memory resources associated with the remote processing environment;
sending the configured self-contained image and its verifiable identity to the remote processing environment via a network;
obtaining, by a virtual workflow initiation service, the self-contained image in response to a directive that triggers an acquisition of the self-contained image;
sending, by the virtual workflow initiation service via the network, the temporary access token acquired from the self-contained image to a remote identity service for authenticating the self-contained image, and, in response to a successful authentication, generating, to the self-contained image, a permanent unique identity to be used within the local processing environment;
supplying, by the virtual workflow initiation service, the permanent unique identity of the self-contained image for use within the local processing environment;
verifying, by the virtual workflow initiation service after supplying the permanent unique identity, that the digitally signed self-contained image is unchanged from when it was received from the remote processing environment;
configuring, by the virtual workflow initiation service, a virtual machine within the local processing environment for the workflow;
placing the workflow to a processing state within the virtual machine before the workflow is initiated for use within the local processing environment;
initiating, by the virtual workflow initiation service, the workflow within the virtual machine of the local processing environment, to a second user to complete a subsequent task in response to a scheduling constraint, by superimposing the processor and memory resources included in the virtual machine over a hardware environment of the second user; and
capturing and reporting, using a policy executed by an auditing service, activities associated with the workflow as it is initiated within the virtual machine, according to a type of information captured, a manner in which said information is reported, a timing of the reporting, recipients of the reporting and notifications raised in response to the auditing service.
17 Assignments
0 Petitions
Accused Products
Abstract
Techniques for virtualized workflow processing are presented. A processing state of workflow within a first processing environment is imaged and configured for a second processing environment. The image is received in the second processing environment where it is authenticated and initiated within the second processing environment as a virtual machine.
72 Citations
2 Claims
-
1. A computer implemented method comprising:
-
packaging, after a first user completed a first task of a workflow, a local processing environment associated with the workflow into a self-contained image together with a temporary access token representing a verifiable identity wherein the self-contained image and its verifiable identity are digitally signed by a local identity service within the local processing environment, and the local processing environment is packaged by a virtual workflow packaging service executed by a processing device; supplying, by the virtual workflow packaging service, the self-contained image with the temporary access token for authenticating the self-contained image before the self-contained image is subsequently installed and processed in a remote processing environment; configuring, by the virtual workflow packaging service, the self-contained image and its verifiable identity for targeting to the remote processing environment, wherein said configuring is digitally signed by the local identity service and wherein said configuring further acquires processor and memory resources associated with the remote processing environment; sending the configured self-contained image and its verifiable identity to the remote processing environment via a network; obtaining, by a virtual workflow initiation service, the self-contained image in response to a directive that triggers an acquisition of the self-contained image; sending, by the virtual workflow initiation service via the network, the temporary access token acquired from the self-contained image to a remote identity service for authenticating the self-contained image, and, in response to a successful authentication, generating, to the self-contained image, a permanent unique identity to be used within the local processing environment; supplying, by the virtual workflow initiation service, the permanent unique identity of the self-contained image for use within the local processing environment; verifying, by the virtual workflow initiation service after supplying the permanent unique identity, that the digitally signed self-contained image is unchanged from when it was received from the remote processing environment; configuring, by the virtual workflow initiation service, a virtual machine within the local processing environment for the workflow; placing the workflow to a processing state within the virtual machine before the workflow is initiated for use within the local processing environment; initiating, by the virtual workflow initiation service, the workflow within the virtual machine of the local processing environment, to a second user to complete a subsequent task in response to a scheduling constraint, by superimposing the processor and memory resources included in the virtual machine over a hardware environment of the second user; and capturing and reporting, using a policy executed by an auditing service, activities associated with the workflow as it is initiated within the virtual machine, according to a type of information captured, a manner in which said information is reported, a timing of the reporting, recipients of the reporting and notifications raised in response to the auditing service. - View Dependent Claims (2)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMicro Focus Software, Inc. (Open Text Corporation)
-
Original AssigneeNovell Incorporated (Open Text Corporation)
-
InventorsCarter, Stephen R.
-
Primary Examiner(s)Rotaru, Octavian
-
Application NumberUS11/692,309Publication NumberTime in Patent Office3,149 DaysField of Search718/1, 726/15, 716/15, 705/7.26, 705/51US Class Current1/1CPC Class CodesG06F 2009/4557 Distribution of virtual mac...G06F 21/10 Protecting distributed prog...G06F 21/121 Restricting unauthorised ex...G06F 21/30 Authentication, i.e. establ...G06F 21/33 using certificatesG06Q 10/06 Resources, workflows, human...G06Q 10/06316 Sequencing of tasks or workH04L 63/08 for authentication of entit...
