System and/or method for enforcing software compliance and selectively modifying software deemed non-compliant

US 9,841,981 B2
Filed: 06/12/2014
Issued: 12/12/2017
Est. Priority Date: 06/19/2013
Status: Active Grant

First Claim

Patent Images

1. An apparatus for enforcing a compliance requirement for a software application in execution in a virtualized computing environment, the apparatus comprising:

at least one processor and a memory, the memory comprising instructions executable by the at least one processor to control the apparatus to at least;

(a) identify a resource instantiated for execution of the application;

(b) retrieve a compliance characteristic for the application, the compliance characteristic being retrieved based on the identified resource and having associated a compliance criterion based on a formal parameter, the compliance criterion defining a set of states for the instantiated resource that comply with the compliance criterion and therefore constitute compliant resource states;

(c) select a software component for providing an actual parameter corresponding to the formal parameter, the actual parameter being based on data concerning the resource;

(d) evaluate the compliance criterion using the actual parameter;

(e) in response to a determination that the resource has a state that is outside the set of compliant resource states, the determination being based on the evaluation of the compliance criterion, modify the software application to a modified software application having associated a resource with a state belonging to the set of compliant resource states; and

(f) repeatedly monitor for change to one or more of the resources,wherein (a), (b), and (d) are responsive to each detection that one or more resources is/are changed, andwherein, in (c), the selected software component is selected based on an identification of one or more data items providable by the software component.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for enforcing a compliance requirement for a software application executing in a virtualized computing environment are disclosed. An identifier identifies a resource instantiated for the application'"'"'s execution. A retriever retrieves a compliance characteristic for the application. The compliance characteristic is retrieved based on the identified resource and has an associated compliance criterion based on a formal parameter. The compliance criterion defines compliant resource states. A selector selects a software component for providing an actual parameter corresponding to the formal parameter . An evaluator evaluates the compliance criterion using the actual parameter. An application modifier, responsive to the resource lacking a compliant resource state, modifies the software application to have a resource with a compliant state. The identifier, selector, and evaluator respond to resource changes. The selector selects the software component based on an identification of one or more data items that the software component can provide.

26 Citations

View as Search Results

19 Claims

1. An apparatus for enforcing a compliance requirement for a software application in execution in a virtualized computing environment, the apparatus comprising:
- at least one processor and a memory, the memory comprising instructions executable by the at least one processor to control the apparatus to at least;
  
  (a) identify a resource instantiated for execution of the application;
  
  (b) retrieve a compliance characteristic for the application, the compliance characteristic being retrieved based on the identified resource and having associated a compliance criterion based on a formal parameter, the compliance criterion defining a set of states for the instantiated resource that comply with the compliance criterion and therefore constitute compliant resource states;
  
  (c) select a software component for providing an actual parameter corresponding to the formal parameter, the actual parameter being based on data concerning the resource;
  
  (d) evaluate the compliance criterion using the actual parameter;
  
  (e) in response to a determination that the resource has a state that is outside the set of compliant resource states, the determination being based on the evaluation of the compliance criterion, modify the software application to a modified software application having associated a resource with a state belonging to the set of compliant resource states; and
  
  (f) repeatedly monitor for change to one or more of the resources,wherein (a), (b), and (d) are responsive to each detection that one or more resources is/are changed, andwherein, in (c), the selected software component is selected based on an identification of one or more data items providable by the software component.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The apparatus of claim 1, wherein the modification in (e) further includes instantiating one or more additional resources from a pool of resources for the software application.
  - 3. The apparatus of claim 1, wherein the modification in (e) further includes replacing the resource with a new resource.
  - 4. The apparatus of claim 1, wherein the modification in (e) further includes modifying a configuration of the resource.
  - 5. The apparatus of claim 1, wherein:
    - the identified resource is a first resource instantiated for execution of the application,the memory comprises further instructions executable by the at least one processor to control the apparatus to at least identify a second resource instantiated for execution of the application, andthe modification of the software application in (e) further includes modifying the second resource.
  - 6. The apparatus of claim 1, wherein the software component is a first software component and, in response to the determination, a second software component that is configured to undertake the modification in (e) is selected during the selection of (c).
  - 7. The apparatus of claim 1 wherein the compliance criterion is a first criterion in a set of multiple compliance criteria for the compliance characteristic, each of the multiple compliance criteria being based on a formal parameter,wherein one or more additional software components is/are selected in (c) to provide an actual parameter corresponding to a formal parameter for each other criterion in the set of multiple compliance criteria, andwherein the evaluation of (d) further comprises evaluating each of the compliance criteria using a corresponding actual parameter to determine the level of compliance.
  - 8. The apparatus of claim 1, wherein the data concerning the resource is raw data from the resource, and wherein the actual parameter is extracted from the raw data.
  - 9. The apparatus of claim 8, wherein the selected software component is selected in response to a known ability to generate the one or more data items using the actual parameter, and wherein the one or more data items are relevant to the compliance criterion.
  - 10. The apparatus of claim 1, wherein the selected software component is selected from a plurality of different candidate software components, each of these software components being configured to provide one or more data items related to a resource.
  - 11. The apparatus of claim 1, wherein (a)-(f) are performed while the application is running in the virtualized computing environment, and wherein the data concerning the resource is raw data from the resource.

12. A method for enforcing a compliance requirement for a software application in execution in a virtualized computing environment, the method comprising:
- (a) identifying a resource instantiated for execution of the application;
  
  (b) retrieving a compliance characteristic for the application, the compliance characteristic being retrieved based on the identified resource and having associated a compliance criterion based on a formal parameter, the compliance criterion defining a set of states for the instantiated resource that comply with the compliance criterion and therefore constitute compliant resource states;
  
  (c) selecting a software component for providing an actual parameter corresponding to the formal parameter, the actual parameter being based on data concerning the resource;
  
  (d) evaluating the compliance criterion using the actual parameter;
  
  (e) in response to a determination that the resource has a state that is outside the set of compliant resource states, the determination being based on the evaluation of the compliance criterion, modifying the software application to a modified software application having associated a resource with a state belonging to the set of compliant resource states; and
  
  (f) repeatedly monitoring for change to one or more of the resources,wherein (a), (b), and (d) are responsive to each detection that one or more resources is/are changed, andwherein, in (c), the selection of the software component is based on an identification of one or more data items providable by the software component.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The method of claim 12, wherein modifying the software application includes instantiating one or more additional resources from a pool of resources for the software application.
  - 14. The method of claim 12, wherein modifying the software application includes replacing the resource with a new resource.
  - 15. The method of claim 12, wherein modifying the software application includes modifying a configuration of the resource.
  - 16. The method of claim 12, wherein the identified resource is a first resource instantiated for execution of the application, the method further comprising identifying a second resource instantiated for execution of the application, wherein modifying the software application includes modifying the second resource.
  - 17. The method of claim 12, wherein the software component is a first software component, the method further comprising in further response to the determination, selecting a second software component, wherein the second software component is configured to undertake the modifying.
  - 18. The method of claim 12, wherein the compliance criterion is a first criterion in a set of multiple compliance criteria for the compliance characteristic, each of the multiple compliance criteria being based on a formal parameter,wherein the selecting further comprises selecting one or more additional software components for providing an actual parameter corresponding to a formal parameter for each other criterion in the set of multiple compliance criteria, andwherein the evaluating step further comprises evaluating each of the compliance criteria using a corresponding actual parameter to determine the level of compliance.

19. A non-transitory computer program product comprising computer program code to, when loaded into a computer system and executed thereon, cause the computer to enforce a compliance requirement for a software application in execution in a virtualized computing environment by performing functionality comprising:
- (a) identifying a resource instantiated for execution of the application;
  
  (b) retrieving a compliance characteristic for the application, the compliance characteristic being retrieved based on the identified resource and having associated a compliance criterion based on a formal parameter, the compliance criterion defining a set of states for the instantiated resource that comply with the compliance criterion and therefore constitute compliant resource states;
  
  (c) selecting a software component for providing an actual parameter corresponding to the formal parameter, the actual parameter being based on data concerning the resource;
  
  (d) evaluating the compliance criterion using the actual parameter;
  
  (e) in response to a determination that the resource has a state that is outside the set of compliant resource states, the determination being based on the evaluation of the compliance criterion, modifying the software application to a modified software application having associated a resource with a state belonging to the set of compliant resource states; and
  
  (f) repeatedly monitoring for change to one or more of the resources,wherein (a), (b), and (d) are responsive to each detection that one or more resources is/are changed, andwherein, in (c), the selection of the software component is based on an identification of one or more data items providable by the software component.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
British Telecommunications PLC (BT Group PLC)
Original Assignee
British Telecommunications PLC (BT Group PLC)
Inventors
Dimitrakos, Theo, Georgalas, Nektarios, El-Moussa, Fadi, Pawar, Pramod, Vafiadis, George
Primary Examiner(s)
Teets, Bradley

Application Number

US14/899,911
Publication Number

US 20160139938A1
Time in Patent Office

1,279 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 9/44505   Configuring for program ini...

G06F 9/45533   Hypervisors; Virtual machin...

G06F 9/5077   Logical partitioning of res...

System and/or method for enforcing software compliance and selectively modifying software deemed non-compliant

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

26 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System and/or method for enforcing software compliance and selectively modifying software deemed non-compliant

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links