System and/or method for enforcing software compliance and selectively modifying software deemed non-compliant
First Claim
1. An apparatus for enforcing a compliance requirement for a software application in execution in a virtualized computing environment, the apparatus comprising:
- at least one processor and a memory, the memory comprising instructions executable by the at least one processor to control the apparatus to at least;
(a) identify a resource instantiated for execution of the application;
(b) retrieve a compliance characteristic for the application, the compliance characteristic being retrieved based on the identified resource and having associated a compliance criterion based on a formal parameter, the compliance criterion defining a set of states for the instantiated resource that comply with the compliance criterion and therefore constitute compliant resource states;
(c) select a software component for providing an actual parameter corresponding to the formal parameter, the actual parameter being based on data concerning the resource;
(d) evaluate the compliance criterion using the actual parameter;
(e) in response to a determination that the resource has a state that is outside the set of compliant resource states, the determination being based on the evaluation of the compliance criterion, modify the software application to a modified software application having associated a resource with a state belonging to the set of compliant resource states; and
(f) repeatedly monitor for change to one or more of the resources,wherein (a), (b), and (d) are responsive to each detection that one or more resources is/are changed, andwherein, in (c), the selected software component is selected based on an identification of one or more data items providable by the software component.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for enforcing a compliance requirement for a software application executing in a virtualized computing environment are disclosed. An identifier identifies a resource instantiated for the application'"'"'s execution. A retriever retrieves a compliance characteristic for the application. The compliance characteristic is retrieved based on the identified resource and has an associated compliance criterion based on a formal parameter. The compliance criterion defines compliant resource states. A selector selects a software component for providing an actual parameter corresponding to the formal parameter . An evaluator evaluates the compliance criterion using the actual parameter. An application modifier, responsive to the resource lacking a compliant resource state, modifies the software application to have a resource with a compliant state. The identifier, selector, and evaluator respond to resource changes. The selector selects the software component based on an identification of one or more data items that the software component can provide.
26 Citations
19 Claims
-
1. An apparatus for enforcing a compliance requirement for a software application in execution in a virtualized computing environment, the apparatus comprising:
-
at least one processor and a memory, the memory comprising instructions executable by the at least one processor to control the apparatus to at least; (a) identify a resource instantiated for execution of the application; (b) retrieve a compliance characteristic for the application, the compliance characteristic being retrieved based on the identified resource and having associated a compliance criterion based on a formal parameter, the compliance criterion defining a set of states for the instantiated resource that comply with the compliance criterion and therefore constitute compliant resource states; (c) select a software component for providing an actual parameter corresponding to the formal parameter, the actual parameter being based on data concerning the resource; (d) evaluate the compliance criterion using the actual parameter; (e) in response to a determination that the resource has a state that is outside the set of compliant resource states, the determination being based on the evaluation of the compliance criterion, modify the software application to a modified software application having associated a resource with a state belonging to the set of compliant resource states; and (f) repeatedly monitor for change to one or more of the resources, wherein (a), (b), and (d) are responsive to each detection that one or more resources is/are changed, and wherein, in (c), the selected software component is selected based on an identification of one or more data items providable by the software component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for enforcing a compliance requirement for a software application in execution in a virtualized computing environment, the method comprising:
-
(a) identifying a resource instantiated for execution of the application; (b) retrieving a compliance characteristic for the application, the compliance characteristic being retrieved based on the identified resource and having associated a compliance criterion based on a formal parameter, the compliance criterion defining a set of states for the instantiated resource that comply with the compliance criterion and therefore constitute compliant resource states; (c) selecting a software component for providing an actual parameter corresponding to the formal parameter, the actual parameter being based on data concerning the resource; (d) evaluating the compliance criterion using the actual parameter; (e) in response to a determination that the resource has a state that is outside the set of compliant resource states, the determination being based on the evaluation of the compliance criterion, modifying the software application to a modified software application having associated a resource with a state belonging to the set of compliant resource states; and (f) repeatedly monitoring for change to one or more of the resources, wherein (a), (b), and (d) are responsive to each detection that one or more resources is/are changed, and wherein, in (c), the selection of the software component is based on an identification of one or more data items providable by the software component. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer program product comprising computer program code to, when loaded into a computer system and executed thereon, cause the computer to enforce a compliance requirement for a software application in execution in a virtualized computing environment by performing functionality comprising:
-
(a) identifying a resource instantiated for execution of the application; (b) retrieving a compliance characteristic for the application, the compliance characteristic being retrieved based on the identified resource and having associated a compliance criterion based on a formal parameter, the compliance criterion defining a set of states for the instantiated resource that comply with the compliance criterion and therefore constitute compliant resource states; (c) selecting a software component for providing an actual parameter corresponding to the formal parameter, the actual parameter being based on data concerning the resource; (d) evaluating the compliance criterion using the actual parameter; (e) in response to a determination that the resource has a state that is outside the set of compliant resource states, the determination being based on the evaluation of the compliance criterion, modifying the software application to a modified software application having associated a resource with a state belonging to the set of compliant resource states; and (f) repeatedly monitoring for change to one or more of the resources, wherein (a), (b), and (d) are responsive to each detection that one or more resources is/are changed, and wherein, in (c), the selection of the software component is based on an identification of one or more data items providable by the software component.
-
Specification