Patent application number | Description | Published |
20080244575 | Tessellated virtual machines conditionally linked for common computing goals - In a computing environment, an association and layout of virtual machines exist as a system of multiple applications instantiated for a common computing goal, such as providing a data center with an email system for an enterprise. In that every application need not always be operational or have applicability in every scenario, applications are only instantiated upon actionable requests for various services. Representatively, a communication channel is initialized between at least two applications, but instantiation of one of the applications is delayed until an actionable request between the applications occurs. In this manner, policy or governance can be enforced and/or computing resources can be conserved. Various features relate to defined incoming and outgoing connectors of virtual machines of the applications and their functional interaction to satisfy initial connectivity issues and to later instantiate needed applications. Libraries, software program products, and policy management are other features, to name a few. | 10-02-2008 |
20080244687 | FEDERATED ROLE PROVISIONING - In various embodiments, techniques for federated role provisioning are provided. A federated role definition for a resource is constructed and distributed. The federated role definition includes a role hierarchy having role assignments and constraints for dynamically resolving and binding a resource to particular ones of the role assignments. A resource may have role assignments statically bound to its identity and dynamically bound to its identity. Furthermore, some role assignments may be inherited from the role hierarchy. | 10-02-2008 |
20080244688 | VIRTUALIZED FEDERATED ROLE PROVISIONING - In various embodiments, techniques for virtualized federated role provisioning are provided. An entire policy and role provisioning environment is packaged in a first environment and sent to a second environment. The second environment authenticates and initiates the policy and role provisioning environment as a virtualized federated role provisioning service or a shared policy decision point service. The shared policy decision point service dynamically resolves policy, roles, and constraints for requesting resources within the second environment and supplies this information to a local policy enforcement point service that enforces roles on the resources. | 10-02-2008 |
20080276134 | SECURE PROBLEM RESOLUTION TECHNIQUES FOR COMPLEX DATA RESPONSE NETWORKS - In various embodiments, techniques for secure problem resolution associated with complex data response networks are provided. Error messages associated with an executing problem service are trapped and hidden from a principal. The error messages are associated with a randomly generated incident identifier. The incident identifier is supplied to the principal. The principal gains access to the error messages when the principal successfully authenticates for access and supplies the incident identifier. | 11-06-2008 |
20100043049 | IDENTITY AND POLICY ENABLED COLLABORATION - Techniques for identity and policy enabled collaboration are provided. Access to assets of an enterprise is governed by identity relationships. A policy defines security restrictions between collaborating network resources based on identities assigned to the network resources. During collaboration, the security restrictions are enforced. | 02-18-2010 |
20100050239 | AUTOMATED SERVICE PLATFORM PROSPECTING - Techniques for automated service platform prospecting are provided. A prospector process is sent out in advance to scout for potential network sites that provide computing infrastructure and computing services (platforms) to self-contained computing environments. The prospector process validates the potential network sites for use and gathers site characteristics that are used to configure the self-contained computing environments when they are to be installed and executed on those network sites. | 02-25-2010 |
20100211771 | KEY DISTRIBUTION - Methods and systems are provided for trusted key distribution. A key distribution or an identity service acts as an intermediary between participants to a secure network. The service provisions and manages the distribution of keys. The keys are used for encrypting communications occurring within the secure network. | 08-19-2010 |
20100223459 | KEY DISTRIBUTION - Methods and systems are provided for trusted key distribution. A key distribution or an identity service acts as an intermediary between participants to a secure network. The service provisions and manages the distribution of keys. The keys are used for encrypting communications occurring within the secure network. | 09-02-2010 |
20100239095 | KEY DISTRIBUTION - Methods and systems are provided for trusted key distribution. A key distribution or an identity service acts as an intermediary between participants to a secure network. The service provisions and manages the distribution of keys. The keys are used for encrypting communications occurring within the secure network. | 09-23-2010 |
20110010339 | TECHNIQUES FOR CLOUD CONTROL AND MANAGEMENT - Techniques for cloud control and management are provided. The control, creation, and management of workloads in distributed infrastructures are coordinated via a master Configuration Management Database (CMDB). The master CMDB is also used to unify the multiple distributed infrastructures so that the workloads are rationalized. Moreover, data centers are coordinated with the distributed infrastructures so the configuration settings and policies included in the master CMDB are enforced and synchronized throughout the network. | 01-13-2011 |
20110041171 | TECHNIQUES FOR VIRTUAL REPRESENTATIONAL STATE TRANSFER (REST) INTERFACES - Techniques for virtual Representational State Transfer (REST) interfaces are provided. A proxy is interposed between a client and a REST service over a network. The proxy performs independent authentication of the client and provides credentials to the client and for the client to authenticate to the REST service using a REST service authentication mechanism. The proxy inspects requests and responses and translates the requests and responses into formats expected by the client and the REST service. Moreover, the proxy enforces policy and audits the requests and responses occurring between the client and the REST service over the network. | 02-17-2011 |
20110119729 | IDENTITY AND POLICY ENFORCED INTER-CLOUD AND INTRA-CLOUD CHANNEL - Techniques for identity and policy enforced cloud communications are presented. Cloud channel managers monitor messages occurring within a cloud or between independent clouds. Policy actions are enforced when processing the messages. The policy actions can include identity-based restrictions and the policy actions are specific to the messages and/or clouds within which the messages are being processed. | 05-19-2011 |
20110197188 | EXTENDING FUNCTIONALITY OF LEGACY SERVICES IN COMPUTING SYSTEM ENVIRONMENT - Methods and apparatus involve extending functionality of legacy services. A legacy application has functionality designed for use on an original computing device. In a modern environment, virtual machines (VMs) operate as independent guests on processors and memory by way of scheduling control from a virtualization layer (e.g., hypervisor). At least one VM is provisioned to modify standard entry points of the original legacy application for new accessing of various system functions of the hardware platform. Representative functions include network access, processors, and storage. Policy decision points variously located are further employed to ensure compliance with computing policies. Multiple platforms and computing clouds are contemplated as are VMs in support roles and dedicated software appliances. In this manner, continued use of legacy services in modern situations allows participation in more capable environments and application capabilities heretofore unimagined. Other embodiments contemplate computing systems and computer program products, to name a few. | 08-11-2011 |
20120284780 | TECHNIQUES FOR ESTABLISHING A TRUSTED CLOUD SERVICE - Techniques for establishing a trusted cloud service are provided. Packages are created for services that include certificates, configuration information, trust information, and images for deploying instances of the services. The packages can be used to deploy the services in trusted environments and authenticated to deploy in sub environments of un-trusted environments. The sub environments are trusted by the trusted environments. Also, clouds are prospected for purposes of identifying desirable clouds and creating the packages for deployment. | 11-08-2012 |
20140189775 | TECHNIQUES FOR SECURE DEBUGGING AND MONITORING - Techniques for secure debugging and monitoring are presented. An end user requests a secure token for logging information with a remote service. A secure monitoring and debugging token service provides the secure token. The remote service validates the secure token and configures itself for capturing information and reporting the captured information based on the secure token. | 07-03-2014 |
20140282547 | EXTENDING FUNCTIONALITY OF LEGACY SERVICES IN COMPUTING SYSTEM ENVIRONMENT - Methods and apparatus involve extending functionality of legacy services. A legacy application has functionality designed for use on an original computing device. In a modern environment, virtual machines (VMs) operate as independent guests on processors and memory by way of scheduling control from a virtualization layer (e.g., hypervisor). At least one VM is provisioned to modify standard entry points of the original legacy application for new accessing of various system functions of the hardware platform. Representative functions include network access, processors, and storage. Policy decision points variously located are further employed to ensure compliance with computing policies. Multiple platforms and computing clouds are contemplated as are VMs in support roles and dedicated software appliances. In this manner, continued use of legacy services in modern situations allows participation in more capable environments and application capabilities heretofore unimagined. Other embodiments contemplate computing systems and computer program products, to name a few. | 09-18-2014 |
20140298407 | FEDERATED ROLE PROVISIONING - In various embodiments, techniques for federated role provisioning are provided. A federated role definition for a resource is constructed and distributed. The federated role definition includes a role hierarchy having role assignments and constraints for dynamically resolving and binding a resource to particular ones of the role assignments. A resource may have role assignments statically bound to its identity and dynamically bound to its identity. Furthermore, some role assignments may be inherited from the role hierarchy. | 10-02-2014 |
20140351894 | TECHNIQUES FOR ESTABLISHING A TRUSTED CLOUD SERVICE - Techniques for establishing a trusted cloud service are provided. Packages are created for services that include certificates, configuration information, trust information, and images for deploying instances of the services. The packages can be used to deploy the services in trusted environments and authenticated to deploy in sub environments of un-trusted environments. The sub environments are trusted by the trusted environments. Also, clouds are prospected for purposes of identifying desirable clouds and creating the packages for deployment. | 11-27-2014 |
20140365656 | IDENTITY AND POLICY ENFORCED INTER-CLOUD AND INTRA-CLOUD CHANNEL - Techniques for identity and policy enforced cloud communications are presented. Cloud channel managers monitor messages occurring within a cloud or between independent clouds. Policy actions are enforced when processing the messages. The policy actions can include identity-based restrictions and the policy actions are specific to the messages and/or clouds within which the messages are being processed. | 12-11-2014 |