Patent application number | Description | Published |
20110231817 | SYSTEM AND METHOD FOR EVALUATING AND SELECTING SOFTWARE COMPONENTS AND SERVICES - A system that includes one or more computer processors is configured to receive parameters relating to non-functional attributes of a proposed software component, parameters relating to non-functional attributes of one or more available software components, and a weight for each of the non-functional attributes. The system calculates a quality and a risk for each available software component as a function of the parameters of the proposed software component, the parameters for the one or more available software components, and the weight for each of the non-functional attributes. The system outputs to a display device one or more of the quality and the risk for the one or more available software components. | 09-22-2011 |
20110264471 | CERTIFIED IT SERVICES IN-A-BOX - A system, in a cloud computing environment (“CCE”) includes a data processor. One or more cloud computing auditing components are configured to monitor the CCE in accordance with a predefined insurance level agreement (“ILA”) and to create a log of one or more CCE events indicated by the ILA. A neutral data warehouse is configured to store the log. A reporting module generates one or more reports for a party indicated by the ILA from the log in the neutral data warehouse in accordance with the ILA. | 10-27-2011 |
20110264571 | BROKERING AND PAYMENT OPTIMIZATION FOR CLOUD COMPUTING - A system includes a receiving module to receive a purchase inquiry for a cloud computing service from a consumer in a first currency. A pricing module is used to price-out the cloud computing service from a provider where the cloud computing service is provided in a second currency. A reconciliation module reconciles the purchase of the cloud computing service in the consumer's geographical location and currency with the provider's location and currency. | 10-27-2011 |
20110265064 | DETECTING, USING, AND SHARING IT DESIGN PATTERNS AND ANTI-PATTERNS - Various embodiments described and illustrated herein include at least one of systems, methods, and software to identify, use, or share patterns and anti-patterns. Embodiments that include pattern and anti-pattern identification operate to identify candidate patterns and anti-patterns within a deployed system and to confirm or receive confirmation that the identified candidates are indeed patterns or anti-patterns. Embodiments that use patterns and anti-patterns operate to consume the identified patterns and anti-patterns to improve system performance. The embodiments that share patterns and anti-patterns include mechanisms whereby patterns and anti-patterns can be sent to and received from other systems. | 10-27-2011 |
20110270804 | AGILE RE-ENGINEERING OF INFORMATION SYSTEMS - Various embodiments described and illustrated herein include at least one of systems, methods, and software to identify and resolve violations of system and process performance measuring metrics. Following identification of such a violation, some embodiments may identify and cause a solution to be implemented. Following implementation of a solution, the violated metrics are again applied and the results evaluated to verify resolution of the metric violation. Some embodiments may repeat this process until the metric violation or violations are resolved. | 11-03-2011 |
20120116747 | Recommending Alternatives For Providing A Service - In certain embodiments, one or more current service elements that can provide a service for a client are monitored. An event associated with a current service element is detected. One or more candidate service elements are analyzed with respect to the one or more current service elements operating for the client. The one or more candidate service elements operate in a client scenario corresponding to the client. A recommendation is provided in response to the analysis. | 05-10-2012 |
20120116831 | Using Cloud Brokering Services for an Opportunistic Cloud Offering - In accordance with one embodiment of the present disclosure, a method comprises publishing descriptions available from a plurality of publishing parties. The descriptions describe a plurality of published services available for a requesting party to request. The method receives requests to broker a transaction from the requesting party, associates a requested service to one of the published services, and facilitates a transaction for the one of the published services. | 05-10-2012 |
20120290110 | Evaluating Composite Applications Through Graphical Modeling - According to one embodiment of the present disclosure, a method for evaluating composite applications through graphical modeling may be provided. The method may include displaying one or more characteristic objects that are graphically associated with a first entity object. An indication of a score calculation methodology of the first entity object and an indication of a score calculation methodology of each characteristic object may be received. A score of each characteristic object may be determined. Each score may be based on at least one or more measurements of a measured object that is graphically associated with the first entity object and the score calculation methodology of the respective characteristic object. A score of the first entity object may be determined and displayed, the determination based on at least each score of the one or more characteristic objects and the score calculation methodology of the first entity object. | 11-15-2012 |
20130060824 | SYSTEM FOR EMBEDDED KNOWLEDGE MANAGEMENT - A system includes a toolbar configured to receive a knowledge nugget relating to a software architecture. The knowledge nugget includes information relating to the software architecture, an identification of the creator of the knowledge nugget, a link to information relating to the knowledge nugget, a blog relating to the knowledge nugget, a tag to enable search and retrieval of the knowledge nugget, and a point of contact for discussion relating to the knowledge nugget. The toolbar is further configured to analyze the knowledge nugget, and to store the knowledge nugget in a transient database or a permanent database as a function of the analysis. | 03-07-2013 |
20130061219 | System and Method for Self-Aware Virtual Machine Image Deployment Enforcement - According to one embodiment of the present disclosure, a method includes receiving a request to instantiate a virtual machine image in a virtualization environment. The method also includes sending a request for verification of the virtualization environment. The method further includes receiving information from the enforcement module in response to the request for verification of the virtualization environment. The method further includes determining whether the virtualization environment is verified based on the information received. | 03-07-2013 |
20130227699 | SYSTEM AND METHOD FOR VIRTUAL IMAGE SECURITY IN A CLOUD ENVIRONMENT - Provided herein are systems and method enabling secure virtual image access in a virtual or cloud computing environment. The systems and methods include assigning a status to indicator to guest virtual machines (virtual images) that provide applications and other services to cloud consumers in the cloud environment. A virtual appliance machine in the cloud environment maintains the status of the guest virtual machines and makes decisions based on the status as to whether to allow access to the guest virtual machines. These decisions are transmitted to local elements on the guest virtual machines, which enforce access control on a local level. In this manner, unauthorized virtual image access is prevented providing increased security and data integrity. | 08-29-2013 |
20130227710 | SYSTEM AND METHOD FOR SECURING LEASED IMAGES IN A CLOUD ENVIRONMENT - Provided is a system, method, and computer-readable storage medium having one or more computer-readable instructions thereon for providing leased images in cloud computing environments. The method includes monitoring a usage of a leased image provided by a cloud vendor, by a client computing device. A threshold period of time associated with the usage is determined. Whether an access to the leased image should be terminated based upon an expiry of the threshold period of time or based upon a request received from the client computing device is determined. The image is locked based upon whether the access to the leased image should be terminated. An access request received for the locked image is monitored; and access to the locked image is enabled when it is determined that the access request is valid. | 08-29-2013 |
20130291052 | TRUSTED PUBLIC INFRASTRUCTURE GRID CLOUD - Systems and methods of implementing a secured cloud environment allow for design and instantiation of a security policy at the infrastructure level. An example system may comprise a first module to facilitate selecting at least two cloud computing component templates from a cloud computing component catalog. The system may comprise a second module to facilitate defining a connection between the at least two selected cloud computing component templates. The system may comprise a third module to facilitate assigning a security level and a policy to at least one of the at least two selected cloud computing component templates. The system may comprise a fourth module to facilitate building a cloud computing component blueprint. | 10-31-2013 |
20130305046 | System and Method for Virtual Machine Data Protection in a Public Cloud - According to one embodiment of the present disclosure, a method includes partitioning a disk image file into a plurality of segments. The method also includes generating a unique key for each segment, storing the unique keys in an image mapping file, and transmitting the image mapping file to a particular one of a plurality of nodes on a network. The method further includes transmitting a first segment and a second segment of the plurality of segments to different nodes of the plurality of nodes. | 11-14-2013 |
20130311229 | PROACTIVE RISK ASSESSMENT FOR SYSTEM ARCHITECTURE EVOLUTIONS - Risks from system architecture evolutions are assessed by an apparatus that comprises a database comprising a plurality of roadmaps for a corresponding plurality of components that may be used to form an enterprise architecture, the roadmaps identifying the planned characteristics of the plurality of components. The apparatus also comprises a modeling module executed by a processor to identify the components that form the enterprise architecture, to identify the current characteristics of those components, and to map those components to the roadmaps for corresponding components among the plurality of components in the database. In addition, the apparatus comprises a risk identification module executed by the processor to identify which of the components that form the enterprise architecture have current characteristics that are different from the corresponding planned characteristics. | 11-21-2013 |
20140019335 | SYSTEMS AND METHODS FOR SELF-SERVICE CLOUD-BASED ARENAS FOR INFORMATION TECHNOLOGY-DRIVEN SITUATIONAL MANAGEMENT - A method includes receiving information from an information provider. The information received from the information provider may comprise metrics collected from a sensor that have been manipulated, meta-data that describes the manipulation, quality information associated with the metrics, and semantic information associated with the metrics. The method includes a process of transforming and correlating the information received from the information provider, such that the information becomes transformed and correlated information. The method includes a process of transmitting the transformed and correlated information to a registered information consumer. The method includes a process of establishing a first account pursuant to the information received from the information provider. The method includes a process of establishing a second account pursuant to the transformed and correlated information transmitted to the registered information consumer. The method includes a process of applying a payment policy based on the first account and the second account. | 01-16-2014 |
20140019617 | MANAGING ACCESS TO RESOURCES OF COMPUTER SYSTEMS USING CODIFIED POLICIES GENERATED FROM POLICIES - A computer system is disclosed that includes a policy repository, a policy codifier, and a policy manager. The policy repository contains policies. The policy codifier generates codified policies from the policies. The policy manager manages access to resources of the computer system responsive to the codified policies. Related methods and computer program products for operating computer systems are also disclosed. | 01-16-2014 |
20140026231 | SELF-GENERATION OF VIRTUAL MACHINE SECURITY CLUSTERS - A method of operating a virtual computing system includes receiving at a security controller security data corresponding to a candidate virtual machine that is proposed to be included in a virtualization environment managed by a virtualization environment manager, comparing the security data of the candidate virtual machine to security data of other virtual machines in the virtualization environment, and in response to the comparison, recommending that the virtualization environment manager exclude the candidate virtual machine from the virtualization environment. Related systems and computer program products are disclosed. | 01-23-2014 |
20140053226 | SELF-ADAPTIVE AND PROACTIVE VIRTUAL MACHINE IMAGES ADJUSTMENT TO ENVIRONMENTAL SECURITY RISKS IN A CLOUD ENVIRONMENT - A computer system includes a security coordinator configured to be communicatively coupled to a plurality of managed machines deployed in a same computing environment and managed by an environment manager. The security coordinator is configured to detect a security condition with respect to a first one of the managed machines, and to automatically initiate modification of a second one of the managed machines in the same computing environment responsive to detection of the security condition. The security coordinator is configured to initiate the modification of the second one of the managed machines prior to occurrence of a security condition therein and prior to action by the environment manager with respect to the second one of the managed machines in response to the detected security condition. | 02-20-2014 |
20140075494 | MANAGING SECURITY CLUSTERS IN CLOUD COMPUTING ENVIRONMENTS USING AUTONOMOUS SECURITY RISK NEGOTIATION AGENTS - A method includes receiving at a similarity arbitrator information about a security policy of a candidate virtual machine that is proposed to be included in a cluster of virtual machines, comparing the security policy of the candidate virtual machine to the security policies of a plurality of virtual machines in the cluster, and in response to the comparison, recommending that a virtualization environment manager exclude the candidate virtual machine from the cluster or include the candidate virtual machine in the cluster. Related systems and computer program products are also disclosed. | 03-13-2014 |
20140081684 | SYSTEM AND METHOD FOR PROACTIVE OPTIMIZATION OF SELF-ACTIVATED SERVICES - A method includes monitoring a service provided to a consumer to determine an actual quality attribute of the service provided to the consumer. The method further includes comparing a potential quality attribute of an alternative service with the actual quality attribute of the service provided to the consumer to determine a difference between the potential quality attribute and the actual quality attribute. In addition, the method includes comparing the difference between the potential quality attribute and the actual quality attribute with a potential action preference of the consumer. The method also includes performing an action according to the potential action preference in response to determining that the difference between the potential quality attribute and the actual quality attribute satisfies a specific criterion defined in the potential action preference. | 03-20-2014 |
20140089901 | EMBEDDING PERFORMANCE MONITORING INTO MASHUP APPLICATION DEVELOPMENT - Computer systems, methods and program products can facilitate embedding performance monitoring into a mashup application that is being created in a mashup application development environment. A mashup application analyzer identifies mashup application performance monitors that are applicable to a mashup application that is being created in a mashup application development environment. An instructor is provided to instruct the mashup application development environment to embed selected ones up of the performance monitors into the mashup application that is being created in the mashup application development environment, responsive to a selection from the performance monitors. A provisioner instructs the mashup application development environment how to provision the selected ones of the mashup application performance monitors in the mashup application that is being created in the mashup application development environment, responsive to a selection of provisioning options for the selected ones of the mashup application performance monitors. | 03-27-2014 |
20140089916 | CENTRALIZED, POLICY-DRIVEN MAINTENANCE OF STORAGE FOR VIRTUAL MACHINE DISKS (VMDKS) AND/OR PHYSICAL DISKS - In a method of operating a computing system, a disk image corresponding to a production managed machine is mounted on a service managed machine that performs operations distinct from those performed by the production managed machine in providing a computing service. The disk image is scanned at the service managed machine to determine a corrective action to be performed with respect to the disk image, and performance of the corrective action for the disk image of the production managed machine is initiated at the service managed machine. Related systems and computer program products are also discussed. | 03-27-2014 |
20140096134 | SYSTEM AND METHOD FOR ENFORCEMENT OF SECURITY CONTROLS ON VIRTUAL MACHINES THROUGHOUT LIFE CYCLE STATE CHANGES - Systems and methods associated with virtual machine security are described herein. One example method includes instantiating a guest virtual machine in a virtual computing environment. The method also includes installing a life cycle agent on the guest virtual machine, assigning an identifying certificate, a set of policies, and an encryption key to the guest virtual machine, and providing the certificate, policies, and encryption key to the guest virtual machine. The certificate, policies, and encryption key may then be used by the guest virtual machine to authenticate itself within the virtual computing environment and to protect data stored on the guest virtual machine. | 04-03-2014 |
20140115709 | SECURED DELETION OF INFORMATION - Secure deletion of a storage device includes monitoring the storage device, determining whether a predetermined condition occurs, and accessing the storage device when it is determined that the predetermined condition occurs. Further, deleted information to be securely wiped is identified in accordance with a predetermined unified policy for a virtual environment comprising the storage device. Alternatively, information being deleted is intercepted when it is determined that the information being deleted satisfies a predetermined condition. The identified or intercepted deleted information is securely wiped from the storage device by filling a portion of the storage device associated with the deleted information with zero bytes before the deleted information is marked as deleted. The secured wiping of deleted information may occur in accordance with a predetermined enterprise-wide policy. | 04-24-2014 |
20140373180 | SYSTEM AND METHOD FOR VIRTUAL IMAGE SECURITY IN A CLOUD ENVIRONMENT - Systems and methods enabling secure virtual image access in a virtual or cloud computing environment. The systems and methods include assigning a status to indicator to guest virtual machines (virtual images) that provide applications and other services to cloud consumers in the cloud environment. A virtual appliance machine in the cloud environment maintains the status of the guest virtual machines and makes decisions based on the status as to whether to allow access to the guest virtual machines. These decisions are transmitted to local elements on the guest virtual machines, which enforce access control on a local level. In this manner, unauthorized virtual image access is prevented providing increased security and data integrity. | 12-18-2014 |
20150052110 | AGILE RE-ENGINEERING OF INFORMATION SYSTEMS - Various embodiments described and illustrated herein include at least one of systems, methods, and software to identify and resolve violations of system and process performance measuring metrics. Following identification of such a violation, some embodiments may identify and cause a solution to be implemented. Following implementation of a solution, the violated metrics are again applied and the results evaluated to verify resolution of the metric violation. Some embodiments may repeat this process until the metric violation or violations are resolved. | 02-19-2015 |
Patent application number | Description | Published |
20090049000 | GRAPHICAL MODEL-DRIVEN SYSTEM FOR KNOWLEDGE MANAGEMENT TOOLS - According to one embodiment of the disclosure, a graphical model-driven system includes a graphical knowledge pattern system coupled to a modeler interface. The graphical knowledge pattern system has a graphical knowledge pattern library for the storage of a plurality of graphical knowledge patterns that are configured to classify information according to one or more information related criteria. The modeler interface is operable to receive a request for information from the user interface and retrieve information from one or more knowledge based systems according to one or more information related criteria of a particular graphical knowledge pattern. | 02-19-2009 |
20100070981 | System and Method for Performing Complex Event Processing - A method for performing complex event processing includes receiving events from at least one entity at a grid of complex event processing (CEP) units, each of the CEP units comprising a modular architecture for receiving events from event suppliers, recursively processing events, and transmitting events to event consumers. The method further includes generating event inferences based on the plurality of events by one or more CEP units of the grid of CEP units. | 03-18-2010 |
20110072486 | System, Method, and Software for Enforcing Access Control Policy Rules on Utility Computing Virtualization in Cloud Computing Systems - According to one embodiment, a system comprises one or more processors coupled to a memory and executing logic. A policy life cycle component is configured to maintain a repository of security policies. The repository of security policies comprises policies governing access to a virtual host and to a plurality of virtual machines running on the virtual host. The policy life cycle component is also configured to issue a compound policy for an identified virtual operating system running on the virtual host. The compound policy provides a virtual host policy and access rules for each of the plurality of virtual machines running on the virtual host. A topology manager is configured to receive the compound policy from the policy life cycle component, assign the compound to an access control agent, and maintain a security policy topology. The security policy topology stores associations between access control agents and compound policies. | 03-24-2011 |
20110072487 | System, Method, and Software for Providing Access Control Enforcement Capabilities in Cloud Computing Systems - According to one embodiment, a system comprises one or more processors coupled to a memory. The one or more processors when executing logic encoded in the memory provide a topology manager. The topology manager is configured to maintain a security topology of a plurality of hosts. The security topology associates one or more virtual hosts policies with a plurality of virtual hosts in a cloud computing deployment. The topology manager is also configured to request a query for one or more hosts that are candidates to be enforced. A portability manager is configured to receive a request to deploy an access control agent on the one or more candidate hosts, determine an optimal agent to be deployed from a list of available agents, and deploy the optimal agent on the one or more candidate hosts. | 03-24-2011 |
20110208606 | Information Technology Services E-Commerce Arena for Cloud Computing Environments - A system and method for IT services e-commerce arena for cloud computing environments is disclosed. The method includes receiving, from each of a plurality of service clients, a request for processing time on a processor. The method also includes receiving, from each of a plurality of service providers, an offer for processing time on a processor operated by each respective service provider. Additionally, the method includes generating a buyer group based on information included in each respective request, wherein the buyer group comprises a selected one or more of the plurality of service clients to receive processing time on a processing resource and selecting one of the plurality of service providers to provide processing time on the processor operated by the selected service provider to the service clients in the buyer group. Further, the method includes initiating a transaction between each of the service clients in the buyer group and the selected service provider. | 08-25-2011 |
20110213712 | Cloud Broker and Procurement System and Method - A cloud broker and procurement system and method is closed. In particular embodiments, the method includes receiving an offer of a computing resource from each of a plurality of providers. The method further includes receiving, from each of the plurality of providers, a service level agreement associated with each respective offered computing resource. Additionally, the method includes normalizing each of the service level agreements associated with the offered computing resources. The method further includes receiving a request from a requesting computer for a computing resource and selecting, based at least in part on the normalized service level agreements, one of the providers to provide the requested computing resource. The method also includes transmitting a service match indicator to the client, wherein the service match indicator indicates a time at which the offered computing resource will be utilized, and utilizing the computing resource on the selected provider. | 09-01-2011 |