US20040059747A1 - Method and apparatus for restoring computer resources - Google Patents

Method and apparatus for restoring computer resources Download PDF

Info

Publication number
US20040059747A1
US20040059747A1 US10/668,907 US66890703A US2004059747A1 US 20040059747 A1 US20040059747 A1 US 20040059747A1 US 66890703 A US66890703 A US 66890703A US 2004059747 A1 US2004059747 A1 US 2004059747A1
Authority
US
United States
Prior art keywords
resource
computer
restorable
providing
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10/668,907
Inventor
Sompong Olarig
Michael Angelo
Thomas Bonola
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hewlett Packard Development Co LP
Original Assignee
Hewlett Packard Development Co LP
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hewlett Packard Development Co LP filed Critical Hewlett Packard Development Co LP
Priority to US10/668,907 priority Critical patent/US20040059747A1/en
Publication of US20040059747A1 publication Critical patent/US20040059747A1/en
Assigned to HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. reassignment HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. CHANGE OF NAME (SEE DOCUMENT FOR DETAILS). Assignors: COMPAQ INFORMATION TECHNOLOGIES GROUP LP
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Definitions

  • This invention relates generally to computer systems, and, more particularly, to a method and apparatus for restoring computer resources.
  • a computer network is a connection of points (e.g., a plurality of computers) that have been interconnected by a series of communication paths.
  • any number of individual computer networks may be interconnected with other computer networks, which may increase the complexity of the overall system.
  • computer networks may be used to increase the productivity of those computers that are connected to the network.
  • a computer connected to a network may communicate with other computers that are also connected to the network.
  • the computer network may be used to share data, peripherals, or any other resources that are made available on the network.
  • a server may function as a centralized point on the network.
  • a plurality of client computers may be interconnected such that the server controls the movement of data across the network.
  • the server may service requests from a plurality of client computers that are connected to the network.
  • Some computer networks include a plurality of interconnected servers, each controlling their own group of client computers or being dedicated to performing a particular function on the network.
  • the manufacturer of the computer system provide restoration CDs to facilitate restoration of a failed computer system to its initial purchased state.
  • This technique has numerous disadvantages. First, it does not account for any configuration changes that took effect after the system was purchased. As a result the user would have to remember all of the changes, manually locate the files associated with the configuration change, and install the files. Additionally, numerous upgrades to the resources might have been completed to the computer system since its initial purpose. These upgrades would be undone by restoring the system to its factory-fresh state. Again, the user would have to remember and manually locate and install the upgraded resources.
  • the present invention is directed to overcoming, or at least reducing the effects of, one or more of the problems set forth above.
  • One aspect of the present invention is seen in a method for restoring resources on a computer.
  • the method includes providing a configuration database including resource information, receiving a restoration request including a computer identifier associated with the computer, accessing the configuration database based on the computer identifier to identify a restorable resource associated with the computer, and providing the restorable resource to the computer.
  • a computer system including a computer and a configuration manager.
  • the computer has a plurality of installed resources.
  • the configuration manager is coupled to the computer and adapted to store a configuration database including resource information associated with the computer, receive a restoration request from the computer including a computer identifier associated with the computer, access the configuration database to identify a restorable resource based on the computer identifier associated with the computer, and provide the restorable resource to the computer.
  • FIG. 1 is a simplified block diagram of a computer network having a server coupled to a plurality of clients and a configuration manager;
  • FIG. 2 is a diagram illustrating a configuration table maintained by the configuration manager of FIG. 1;
  • FIG. 3 is a flow chart illustrating a method for restoring computer resources in accordance with one embodiment of the present invention.
  • the computer network 10 may be configured using a variety of known topologies.
  • the computer network 10 may be configured as a ring, bus, or any other known configuration for interconnecting computers.
  • the computer network 10 is configured using a star topology and comprises a server 14 , a hub 18 , and a plurality of clients 20 that are coupled to the hub 18 .
  • the hub 18 may comprise a variety of conventional switching or routing devices, depending upon the particular application.
  • the hub 18 may be used as an intermediary between the server 14 and the clients 20 .
  • the hub 18 directs the flow of data between the server 14 and the clients 20 .
  • each client 20 attached to the hub 18 may be identified by a unique address. Accordingly, based on the unique address, data may be routed from the server 14 to the appropriate client 20 .
  • the hub 18 may control the flow of data from the clients 20 to the server 14 (i.e., the hub 18 may be a bi-directional device.)
  • the hub 18 may operate in conjunction with the server 14 to transfer data between two clients 20 . Although only one hub 18 is shown in FIG.
  • a plurality of hubs 18 may be included in the computer network 10 , which may increase the number of clients 20 that may be attached to the network 10 .
  • a plurality of servers may be added to the computer network 10 , each additional server (not shown) having its own group of clients to serve or functioning to provide a particular function for the network (e.g., internet access, printing services, e-mail services, etc.)
  • the server 14 and the clients 20 may transfer data using TCP/IP, SNA, APPN, or any other protocol adapted to facilitate the movement of data.
  • the clients 20 may be personal computers (PC).
  • the clients 20 may be IBM compatible PCs or Macintosh® computers.
  • each client 20 may include an operating system, such as Windows® 95/98, Windows®, NT, MAC OS7/8, etc.
  • the server 14 and the clients 20 may have unique configurations of system resources, e.g., system firmware, software applications, operating systems (OS), OS drivers, and system partition utilities. Such system resources may be frequently upgraded by their respective manufacturers. However, not all of the computers 14 , 20 on the network may have the same versions of the resources in effect. For example, an older client 20 may not have sufficient processing resources to operate efficiently using a newer vintage resource, and hence, the resource was not upgraded intentionally. Also, older versions of particular resources are sometimes selected to prevent undesirable interactions with other resources.
  • system resources e.g., system firmware, software applications, operating systems (OS), OS drivers, and system partition utilities.
  • OS operating systems
  • a configuration manager 22 is provided to track the particular configurations of the computers 14 , 20 on the computer network 10 .
  • the configuration manager 22 may be incorporated into the server 14 , it may be a stand-alone computer coupled as a client on the computer network 10 , or it may be an external computer (i.e., as shown in FIG. 1) coupled to the computer network 10 through an external connection such as a modem connection or an internet connection.
  • the configuration manager 22 maintains a configuration database 100 to track the installed resources on the computers 14 , 20 in the computer network 10 .
  • Each computer 14 , 20 in the computer network 10 has a unique identifier, such as a predefined address, a serial number, or any other unique identifier.
  • the configuration database 100 includes an identifier field 110 for storing the unique identifier of a particular computer 14 , 20 , a resource field 120 for storing the name of a particular resource installed on the computer (e.g., software application, firmware, driver), a resource location field 130 identifying the location of the resource (e.g., path and file name, internet address), a version field 140 identifying the version of the resource installed, and a security field 150 used for validating or authenticating a particular resource.
  • the security field 150 may include one or more security keys.
  • the present invention may be implemented with or without the security field 150 , depending on the degree of security desired. Also, additional information may be stored in the configuration database.
  • the configuration manager 22 is accessed to determine the resources previously installed on the client 20 .
  • the configuration database 100 provides information for reconstituting the resources.
  • Dependencies between various resources may also be stored in the configuration database 100 .
  • the particular resources are identified by name, and locations are used to indicate where they can be found.
  • the resource location field 130 may contain a link directly to a manufacturer's web site that includes the resource.
  • the entire resource e.g., software file
  • the version field 140 specifies the appropriate version of the resource.
  • the version field 140 may contain information such as the upgrade level of the resource.
  • a base resource may have been upgraded or patched from rev. 1 to rev. 2 to rev. 3.
  • the upgrade level information stored in the version field 140 may allow the resource to be upgraded from the original resource to rev. 3 directly, without requiring the intermediate upgrades.
  • the version field 140 may also specify what language (e.g., English, German, French, etc.) the version should be.
  • the security field 150 may include a security key associated with the particular manufacturer so that the resource can be authenticated. It is possible for a resource to be corrupted or maliciously modified during transmission from the manufacturer to the entity restoring the resources on the client 20 . A security scheme reduces the likelihood of such events.
  • the use of the security field 150 is described below as it may be implemented to provide authentication and/or privacy.
  • a variety of security techniques are known in the art.
  • An exemplary technique involves the use of public and private keys and hashes to create digital signatures.
  • each user has two complementary keys, a publicly revealed key and a private key. Each key unlocks the code that the other key locks. Knowing the public key does not help you deduce the corresponding private key.
  • the public key can be published and widely disseminated across a communications network.
  • a public key may be provided for the manufacturers of the resources.
  • the manufacturer public key may be supplied by the configuration manager 22 and stored in the security field 150 .
  • the manufacturer public key is only useful to decrypt data that was encrypted with the manufacturer's corresponding private key.
  • Digital signatures are used to provide message authentication.
  • the sender for example a software vendor or system administrator, uses his own private key to encrypt a “hash” of the message thereby “signing” the message.
  • a message digest is a cryptographically-strong, one-way hash function. It is somewhat analogous to a “checksum” or Cyclic Redundancy Check (CRC) error checking code, in that it compactly represents the message and is used to detect changes in the message. Unlike a CRC, however, it is computationally infeasible, if not virtually impossible, for an attacker to devise a substitute message that would produce an identical message digest.
  • the message digest gets encrypted by the sender's private key, creating a digital signature of the message.
  • Various digest standards have been proposed, such as Secure Hash Algorithm (SHA) or Message Digest 5 (MD5).
  • any number of security key arrangements may be used.
  • a single secret key known to the user may be used.
  • the user may encrypt the registration data using a secret key and the configuration manager 22 may not be able to view the contents of the registration information.
  • the manufacturer's public key could be used by the computer 14 , 20 to authenticate the resource by verifying the digital signature. This proves that the sender was the true originator of the message, and that the message has not been subsequently altered by anyone else, because the sender alone possesses the private key that made that digital signature. Forgery of a signed message is infeasible, and the sender cannot later repudiate his digital signature.
  • Additional security can be provided by combining the sender's (e.g., manufacturer or operator of the configuration manager 22 ) signature with a key associated with the operator of the computer network 10 .
  • authentication can be provided by first signing a message with the sender's private key, then encrypting the signed message with the recipient's public key. The recipient reverses these steps by first decrypting the message with his own private key, then checking the enclosed digital signature with the sender's public key. In this way, the encrypted message cannot be read by anyone but the recipient, and it can only have been created by the sender.
  • a variant of a key management scheme involves sharing a “secret key” between the parties.
  • the secret key is subsequently used for the creation, sharing, and refreshment of short-lived “session keys.”
  • a session key is derived independently on both sides of the connection using the shared secret key and a random seed number.
  • the session key is then exchanged between the parties. Messages going to the respective parties are then encrypted using their respective keys. This technique provides a low-overhead means for providing secure communications.
  • the session key may be changed as frequently as desired.
  • the security field 150 may contain both the manufacturer's public key and the public key of the operator of the computer network 10 .
  • the configuration manager 22 receives a signed resource (i.e., encrypted with the manufacturer's private key) from the manufacturer, encrypts the signed resource with the operator's public key, and transmits the manufacturer's public key and the encrypted and signed resource to the operator.
  • a signed resource i.e., encrypted with the manufacturer's private key
  • the manufacturer's public key is combined in an archive with the signed resource and the archive is encrypted with the operator's public key.
  • the operator decrypts the archive with his private key, unlocks the manufacturer's public key, and uses the manufacturer's public key to authenticate the resource.
  • the degree of security desired may depend on the particular entity controlling the configuration manager 22 .
  • the configuration manager 22 operates as a subscription service, where the operator of the computer network 10 registers all of the computers 14 , 20 with a third party.
  • a subscription service model a user can be billed conveniently when requests are made to restore resources, when resources are registered, or both. Billing may be conducted based on the number of resources registered or the amount of space used. In a simple case, where the cost would be presumably less, just the resource names and locations would be stored. In another case, where the subscription fee would be higher, the actual resources could be stored. A price break may be given if a user registers multiple computers with the same installed resources.
  • the third party subscription service continuously tracks and updates the locations of the resources and the manufacturer's public keys.
  • the operator may encrypt the information sent to the configuration manager 22 with his private key to ensure that false records of the installed resources are not sent.
  • a higher degree of authentication may be desired.
  • the configuration manager 22 is part of the computer network 10 proper. In such a case authentication using the manufacturer's public key may be desired, while the secondary encryption with the operator's keys may be omitted.
  • the configuration manager 22 is part of the computer network 10 , and it maintains its own archive of resources. Due to the high degree of control, the security schemes may be entirely omitted.
  • the configuration manager 22 provides the functionality to quickly and easily restore the resources on the faulted computer 14 , 20 .
  • the additional security features maintain the privacy of the configuration, the anonymity of the configuration, and the integrity of the configuration.
  • Restoration or migration of the system configuration may be performed easily without requiring detailed knowledge from the user.
  • the restoration of the resources may be performed remotely or locally.
  • the server 14 or the configuration manager 22 could boot (although not required) the failed client 20 remotely and place it in a known state.
  • the server 14 or the configuration manager 22 could attempt to parse the physical disk, determine the logical data structures on the drive(s), attempt data recovery, and replace system files that were corrupt and/or inhibiting the local boot.
  • This functionality is similar to removing the drive from the faulted computer 20 , installing it into an operable system that can read the drive, retrieve/replace/repair the drive data, and then installing the drive back into the original system.
  • another machine would not be required to recover drive data.
  • FIG. 3 a method for restoring computer resources in accordance with the present invention is described.
  • the method is described within the context of the computer network 10 provided in FIG. 1 and the configuration database 100 shown in FIG. 2.
  • resources on a particular computer e.g., one of the clients 20
  • the registration process includes identifying each resource on a particular computer 20 to the configuration manager 22 .
  • the computer 20 being registered provides its unique identifier, the name of the resource, and the version of the resource to the configuration manager 22 for populating the identifier field 110 , the resource field 120 , and the version field 140 , respectively.
  • Encryption keys and/or digital signatures may be employed as described above if desired.
  • the configuration manager 22 determines the information for the resource location field 130 and possibly the security field 150 (e.g., the manufacturer's public key).
  • a restoration request including a computer identifier associated with the client 20 is received.
  • the configuration database 100 is accessed, based on the computer identifier, to identify restorable resources associated with the client 20 in block 220 .
  • the restorable resources are provided to the client 20 in block 230 .
  • the resources may be provided directly by the configuration manager 22 , or alternatively, the configuration manager may provide links to the manufacturer's internet sites where the resource can be found.
  • the resources received by the client 20 may be authenticated in block 240 .
  • the resources are installed on the client 22 in block 250 to restore its configuration.
  • the recovery functions of the configuration manager may be combined with automatic upgrading features, such as those described in U.S. Pat. No. 5,586,304, entitled “Automatic Computer Upgrading,” and incorporated herein by reference in its entirety.
  • the upgrading and/or recovery service may be provided on a subscription basis by a third party vendor. Because the configuration manager 22 acts as a gatekeeper for resource recovery it can track usage for billing purposes. Also, during recovery of a failed client 20 , the upgrading functionality might be used to suggest resources that may have newer versions the operator might wish to install in lieu of the previous versions.
  • the degree of authentication is light.
  • System resources are registered with the configuration manager 22 .
  • licensed material information is provided and any software dependencies are defined. Providing licensing information protects against software piracy violations.
  • a restoration request is received, the user is validated (e.g, using a password) and the installation proceeds. A full or partial restoration may be requested.
  • an identity key for the user is provided, and the registration information is encrypted using the identity key.
  • the identity key is archived for future use in restoration.
  • the identity key allows for maintaining the anonymity of the user.
  • the user is validated using the stored identity key, and the full or partial restoration commences.
  • an identity key is provided by the configuration manager 22 , and a user key is defined by the user.
  • the registration information is encrypted or signed by the user with the user key and with the identity key.
  • the registration contents are not visible to the configuration manager 22 and billing may be specified based on the amount of space used.
  • the user would have responsibility for the contents of the registration information.
  • the user key could be archived with the registration information and used by the configuration manager 22 to view the contents and generate a bill based on the applications or line items included.

Abstract

A method for restoring resources on a computer is provided. The method includes providing a configuration database including resource information, receiving a restoration request including a computer identifier associated with the computer, accessing the configuration database based on the computer identifier to identify a restorable resource associated with the computer, and providing the restorable resource to the computer. A computer system includes a computer and a configuration manager. The computer has a plurality of installed resources. The configuration manager is coupled to the computer and adapted to store a configuration database including resource information associated with the computer, receive a restoration request from the computer including a computer identifier associated with the computer, access the configuration database to identify a restorable resource based on the computer identifier associated with the computer, and provide the restorable resource to the computer.

Description

    BACKGROUND OF THE INVENTION
  • 1. Field of the Invention [0001]
  • This invention relates generally to computer systems, and, more particularly, to a method and apparatus for restoring computer resources. [0002]
  • 2. Description of the Related Art [0003]
  • A computer network is a connection of points (e.g., a plurality of computers) that have been interconnected by a series of communication paths. Moreover, any number of individual computer networks may be interconnected with other computer networks, which may increase the complexity of the overall system. Generally, computer networks may be used to increase the productivity of those computers that are connected to the network. For example, a computer connected to a network may communicate with other computers that are also connected to the network. Furthermore, the computer network may be used to share data, peripherals, or any other resources that are made available on the network. [0004]
  • Generally, a server may function as a centralized point on the network. For example, using any of the network topologies discussed above, a plurality of client computers may be interconnected such that the server controls the movement of data across the network. Typically, the server may service requests from a plurality of client computers that are connected to the network. Some computer networks include a plurality of interconnected servers, each controlling their own group of client computers or being dedicated to performing a particular function on the network. [0005]
  • When a particular server or client computer on a network fails (e.g., due to a hard disk crash), time-consuming, manual actions are typically required to reinstate the prior operating environment of the failed device. For example, a new hard disk may be installed, followed by the installation of at least a basic operating system to make the computer operable. Then all of the resources on the computer are manually installed. These resources might include firmware, software, or operating system (OS) resources, including OS and device driver software (i.e., drivers). Finally, any previously applied upgrades must be located and applied. It is often the case where many or all of the computers that make up the clients and servers on a particular network have unique configurations. The constant and rapid change in the computer industry virtually ensures that computers added to the network at different times will have differing hardware and software configurations, and thus, different resources. Reinstalling the computer resources requires special technical expertise, and results in significant downtime of the particular computer or possibly the entire network (i.e., if the server is the failed device). [0006]
  • In some cases, the manufacturer of the computer system provide restoration CDs to facilitate restoration of a failed computer system to its initial purchased state. This technique has numerous disadvantages. First, it does not account for any configuration changes that took effect after the system was purchased. As a result the user would have to remember all of the changes, manually locate the files associated with the configuration change, and install the files. Additionally, numerous upgrades to the resources might have been completed to the computer system since its initial purpose. These upgrades would be undone by restoring the system to its factory-fresh state. Again, the user would have to remember and manually locate and install the upgraded resources. [0007]
  • The present invention is directed to overcoming, or at least reducing the effects of, one or more of the problems set forth above. [0008]
    • SUMMARY OF THE INVENTION
  • One aspect of the present invention is seen in a method for restoring resources on a computer. The method includes providing a configuration database including resource information, receiving a restoration request including a computer identifier associated with the computer, accessing the configuration database based on the computer identifier to identify a restorable resource associated with the computer, and providing the restorable resource to the computer. [0009]
  • Another aspect of the present invention is seen in a computer system including a computer and a configuration manager. The computer has a plurality of installed resources. The configuration manager is coupled to the computer and adapted to store a configuration database including resource information associated with the computer, receive a restoration request from the computer including a computer identifier associated with the computer, access the configuration database to identify a restorable resource based on the computer identifier associated with the computer, and provide the restorable resource to the computer.[0010]
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The invention may be understood by reference to the following description taken in conjunction with the accompanying drawings, in which like reference numerals identify like elements, and in which: [0011]
  • FIG. 1 is a simplified block diagram of a computer network having a server coupled to a plurality of clients and a configuration manager; [0012]
  • FIG. 2 is a diagram illustrating a configuration table maintained by the configuration manager of FIG. 1; [0013]
  • FIG. 3 is a flow chart illustrating a method for restoring computer resources in accordance with one embodiment of the present invention.[0014]
  • While the invention is susceptible to various modifications and alternative forms, specific embodiments thereof have been shown by way of example in the drawings and are herein described in detail. It should be understood, however, that the description herein of specific embodiments is not intended to limit the invention to the particular forms disclosed, but on the contrary, the intention is to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the invention as defined by the appended claims. [0015]
    • DETAILED DESCRIPTION OF SPECIFIC EMBODIMENTS
  • Illustrative embodiments of the invention are described below. In the interest of clarity, not all features of an actual implementation are described in this specification. It will of course be appreciated that in the development of any such actual embodiment, numerous implementation-specific decisions must be made to achieve the developers' specific goals, such as compliance with system-related and business-related constraints, which will vary from one implementation to another. Moreover, it will be appreciated that such a development effort might be complex and time-consuming, but would nevertheless be a routine undertaking for those of ordinary skill in the art having the benefit of this disclosure. [0016]
  • Referring to FIG. 1, a block diagram of a [0017] computer network 10 is shown. The computer network 10 may be configured using a variety of known topologies. For example, the computer network 10 may be configured as a ring, bus, or any other known configuration for interconnecting computers. In one embodiment, the computer network 10 is configured using a star topology and comprises a server 14, a hub 18, and a plurality of clients 20 that are coupled to the hub 18. It is contemplated that the hub 18 may comprise a variety of conventional switching or routing devices, depending upon the particular application.
  • The [0018] hub 18 may be used as an intermediary between the server 14 and the clients 20. Generally, the hub 18 directs the flow of data between the server 14 and the clients 20. For example, each client 20 attached to the hub 18 may be identified by a unique address. Accordingly, based on the unique address, data may be routed from the server 14 to the appropriate client 20. Furthermore, the hub 18 may control the flow of data from the clients 20 to the server 14 (i.e., the hub 18 may be a bi-directional device.) Moreover, the hub 18 may operate in conjunction with the server 14 to transfer data between two clients 20. Although only one hub 18 is shown in FIG. 1, it is contemplated that a plurality of hubs 18 may be included in the computer network 10, which may increase the number of clients 20 that may be attached to the network 10. Additionally, a plurality of servers (not shown) may be added to the computer network 10, each additional server (not shown) having its own group of clients to serve or functioning to provide a particular function for the network (e.g., internet access, printing services, e-mail services, etc.)
  • It is contemplated that a variety of protocols may be used to control the flow of data in the [0019] network 10. For example, the server 14 and the clients 20 may transfer data using TCP/IP, SNA, APPN, or any other protocol adapted to facilitate the movement of data. The clients 20 may be personal computers (PC). For example, the clients 20 may be IBM compatible PCs or Macintosh® computers. In addition to the client software, each client 20 may include an operating system, such as Windows® 95/98, Windows®, NT, MAC OS7/8, etc.
  • The [0020] server 14 and the clients 20 may have unique configurations of system resources, e.g., system firmware, software applications, operating systems (OS), OS drivers, and system partition utilities. Such system resources may be frequently upgraded by their respective manufacturers. However, not all of the computers 14, 20 on the network may have the same versions of the resources in effect. For example, an older client 20 may not have sufficient processing resources to operate efficiently using a newer vintage resource, and hence, the resource was not upgraded intentionally. Also, older versions of particular resources are sometimes selected to prevent undesirable interactions with other resources.
  • A configuration manager [0021] 22 is provided to track the particular configurations of the computers 14, 20 on the computer network 10. The configuration manager 22 may be incorporated into the server 14, it may be a stand-alone computer coupled as a client on the computer network 10, or it may be an external computer (i.e., as shown in FIG. 1) coupled to the computer network 10 through an external connection such as a modem connection or an internet connection. The configuration manager 22 maintains a configuration database 100 to track the installed resources on the computers 14, 20 in the computer network 10. Each computer 14, 20 in the computer network 10 has a unique identifier, such as a predefined address, a serial number, or any other unique identifier.
  • Turning to FIG. 2, a diagram of the [0022] configuration database 100 is provided. The configuration database 100 includes an identifier field 110 for storing the unique identifier of a particular computer 14, 20, a resource field 120 for storing the name of a particular resource installed on the computer (e.g., software application, firmware, driver), a resource location field 130 identifying the location of the resource (e.g., path and file name, internet address), a version field 140 identifying the version of the resource installed, and a security field 150 used for validating or authenticating a particular resource. The security field 150 may include one or more security keys. The present invention may be implemented with or without the security field 150, depending on the degree of security desired. Also, additional information may be stored in the configuration database.
  • Following a failure on one of the [0023] clients 20, the configuration manager 22 is accessed to determine the resources previously installed on the client 20. The configuration database 100 provides information for reconstituting the resources. Dependencies between various resources may also be stored in the configuration database 100. The particular resources are identified by name, and locations are used to indicate where they can be found. For example, the resource location field 130 may contain a link directly to a manufacturer's web site that includes the resource. Alternatively, the entire resource (e.g., software file) may be stored in a physical location (e.g., a hard disk drive) accessible to the configuration manager 22. The version field 140 specifies the appropriate version of the resource. The version field 140 may contain information such as the upgrade level of the resource. For example, a base resource may have been upgraded or patched from rev. 1 to rev. 2 to rev. 3. The upgrade level information stored in the version field 140 may allow the resource to be upgraded from the original resource to rev. 3 directly, without requiring the intermediate upgrades. The version field 140 may also specify what language (e.g., English, German, French, etc.) the version should be. The security field 150 may include a security key associated with the particular manufacturer so that the resource can be authenticated. It is possible for a resource to be corrupted or maliciously modified during transmission from the manufacturer to the entity restoring the resources on the client 20. A security scheme reduces the likelihood of such events.
  • The use of the [0024] security field 150 is described below as it may be implemented to provide authentication and/or privacy. A variety of security techniques are known in the art. An exemplary technique involves the use of public and private keys and hashes to create digital signatures. In public key cryptography systems, each user has two complementary keys, a publicly revealed key and a private key. Each key unlocks the code that the other key locks. Knowing the public key does not help you deduce the corresponding private key. The public key can be published and widely disseminated across a communications network. In the context of this application, a public key may be provided for the manufacturers of the resources. The manufacturer public key may be supplied by the configuration manager 22 and stored in the security field 150. The manufacturer public key is only useful to decrypt data that was encrypted with the manufacturer's corresponding private key.
  • Digital signatures are used to provide message authentication. The sender, for example a software vendor or system administrator, uses his own private key to encrypt a “hash” of the message thereby “signing” the message. A message digest is a cryptographically-strong, one-way hash function. It is somewhat analogous to a “checksum” or Cyclic Redundancy Check (CRC) error checking code, in that it compactly represents the message and is used to detect changes in the message. Unlike a CRC, however, it is computationally infeasible, if not virtually impossible, for an attacker to devise a substitute message that would produce an identical message digest. The message digest gets encrypted by the sender's private key, creating a digital signature of the message. Various digest standards have been proposed, such as Secure Hash Algorithm (SHA) or Message Digest 5 (MD5). [0025]
  • Although the following example described the use of a public/private key pair, any number of security key arrangements may be used. For example, a single secret key known to the user may be used. For example, the user may encrypt the registration data using a secret key and the configuration manager [0026] 22 may not be able to view the contents of the registration information.
  • In the context of this application, before installing a resource, the manufacturer's public key could be used by the [0027] computer 14, 20 to authenticate the resource by verifying the digital signature. This proves that the sender was the true originator of the message, and that the message has not been subsequently altered by anyone else, because the sender alone possesses the private key that made that digital signature. Forgery of a signed message is infeasible, and the sender cannot later repudiate his digital signature.
  • Additional security can be provided by combining the sender's (e.g., manufacturer or operator of the configuration manager [0028] 22) signature with a key associated with the operator of the computer network 10. For example, authentication can be provided by first signing a message with the sender's private key, then encrypting the signed message with the recipient's public key. The recipient reverses these steps by first decrypting the message with his own private key, then checking the enclosed digital signature with the sender's public key. In this way, the encrypted message cannot be read by anyone but the recipient, and it can only have been created by the sender.
  • A variant of a key management scheme involves sharing a “secret key” between the parties. The secret key is subsequently used for the creation, sharing, and refreshment of short-lived “session keys.” In one exemplary embodiment, a session key is derived independently on both sides of the connection using the shared secret key and a random seed number. The session key is then exchanged between the parties. Messages going to the respective parties are then encrypted using their respective keys. This technique provides a low-overhead means for providing secure communications. The session key may be changed as frequently as desired. [0029]
  • In the context of the present invention, the [0030] security field 150 may contain both the manufacturer's public key and the public key of the operator of the computer network 10. The configuration manager 22 receives a signed resource (i.e., encrypted with the manufacturer's private key) from the manufacturer, encrypts the signed resource with the operator's public key, and transmits the manufacturer's public key and the encrypted and signed resource to the operator. For example, the manufacturer's public key is combined in an archive with the signed resource and the archive is encrypted with the operator's public key. The operator then decrypts the archive with his private key, unlocks the manufacturer's public key, and uses the manufacturer's public key to authenticate the resource.
  • The degree of security desired may depend on the particular entity controlling the configuration manager [0031] 22. In one embodiment, the configuration manager 22 operates as a subscription service, where the operator of the computer network 10 registers all of the computers 14, 20 with a third party. Using a subscription service model, a user can be billed conveniently when requests are made to restore resources, when resources are registered, or both. Billing may be conducted based on the number of resources registered or the amount of space used. In a simple case, where the cost would be presumably less, just the resource names and locations would be stored. In another case, where the subscription fee would be higher, the actual resources could be stored. A price break may be given if a user registers multiple computers with the same installed resources. The third party subscription service continuously tracks and updates the locations of the resources and the manufacturer's public keys. When registering the computers 14, 20, the operator may encrypt the information sent to the configuration manager 22 with his private key to ensure that false records of the installed resources are not sent. In such an embodiment, where much of the traffic is not over secured lines (e.g., the internet), a higher degree of authentication may be desired. In another embodiment, the configuration manager 22 is part of the computer network 10 proper. In such a case authentication using the manufacturer's public key may be desired, while the secondary encryption with the operator's keys may be omitted. In still another embodiment, the configuration manager 22 is part of the computer network 10, and it maintains its own archive of resources. Due to the high degree of control, the security schemes may be entirely omitted.
  • Regardless of the level of security employed, the configuration manager [0032] 22 provides the functionality to quickly and easily restore the resources on the faulted computer 14, 20. The additional security features maintain the privacy of the configuration, the anonymity of the configuration, and the integrity of the configuration. Restoration or migration of the system configuration may be performed easily without requiring detailed knowledge from the user. The restoration of the resources may be performed remotely or locally. For example, the server 14 or the configuration manager 22 could boot (although not required) the failed client 20 remotely and place it in a known state. Alternatively, the server 14 or the configuration manager 22 could attempt to parse the physical disk, determine the logical data structures on the drive(s), attempt data recovery, and replace system files that were corrupt and/or inhibiting the local boot. This functionality is similar to removing the drive from the faulted computer 20, installing it into an operable system that can read the drive, retrieve/replace/repair the drive data, and then installing the drive back into the original system. However, using the technique described above, another machine would not be required to recover drive data.
  • Turning now to FIG. 3, a method for restoring computer resources in accordance with the present invention is described. The method is described within the context of the [0033] computer network 10 provided in FIG. 1 and the configuration database 100 shown in FIG. 2. In block 200, resources on a particular computer (e.g., one of the clients 20) are registered in the configuration database 100. The registration process includes identifying each resource on a particular computer 20 to the configuration manager 22. The computer 20 being registered provides its unique identifier, the name of the resource, and the version of the resource to the configuration manager 22 for populating the identifier field 110, the resource field 120, and the version field 140, respectively. Encryption keys and/or digital signatures may be employed as described above if desired. The configuration manager 22 determines the information for the resource location field 130 and possibly the security field 150 (e.g., the manufacturer's public key).
  • As shown in [0034] block 210, in the event of a failure on the client 20, a restoration request including a computer identifier associated with the client 20 is received. The configuration database 100 is accessed, based on the computer identifier, to identify restorable resources associated with the client 20 in block 220. The restorable resources are provided to the client 20 in block 230. The resources may be provided directly by the configuration manager 22, or alternatively, the configuration manager may provide links to the manufacturer's internet sites where the resource can be found. Optionally, the resources received by the client 20 may be authenticated in block 240. The resources are installed on the client 22 in block 250 to restore its configuration.
  • The recovery functions of the configuration manager may be combined with automatic upgrading features, such as those described in U.S. Pat. No. 5,586,304, entitled “Automatic Computer Upgrading,” and incorporated herein by reference in its entirety. The upgrading and/or recovery service may be provided on a subscription basis by a third party vendor. Because the configuration manager [0035] 22 acts as a gatekeeper for resource recovery it can track usage for billing purposes. Also, during recovery of a failed client 20, the upgrading functionality might be used to suggest resources that may have newer versions the operator might wish to install in lieu of the previous versions.
  • To further illustrate various embodiments of the present invention, several exemplary scenarios with different levels of security are described below. In a first example, the degree of authentication is light. System resources are registered with the configuration manager [0036] 22. During the registration process, licensed material information is provided and any software dependencies are defined. Providing licensing information protects against software piracy violations. Subsequently, when a restoration request is received, the user is validated (e.g, using a password) and the installation proceeds. A full or partial restoration may be requested.
  • In a second example, where a higher degree of security is desired, an identity key for the user is provided, and the registration information is encrypted using the identity key. The identity key is archived for future use in restoration. The identity key allows for maintaining the anonymity of the user. In response to receiving a restoration request, the user is validated using the stored identity key, and the full or partial restoration commences. [0037]
  • Finally, in a third example with an even higher degree of security, an identity key is provided by the configuration manager [0038] 22, and a user key is defined by the user. The registration information is encrypted or signed by the user with the user key and with the identity key. In this manner, the registration contents are not visible to the configuration manager 22 and billing may be specified based on the amount of space used. The user would have responsibility for the contents of the registration information. In another variant, the user key could be archived with the registration information and used by the configuration manager 22 to view the contents and generate a bill based on the applications or line items included.
  • The particular embodiments disclosed above are illustrative only, as the invention may be modified and practiced in different but equivalent manners apparent to those skilled in the art having the benefit of the teachings herein. Furthermore, no limitations are intended to the details of construction or design herein shown, other than as described in the claims below. It is therefore evident that the particular embodiments disclosed above may be altered or modified and all such variations are considered within the scope and spirit of the invention. Accordingly, the protection sought herein is as set forth in the claims below. [0039]

Claims (64)

What is claimed:
1. A method for restoring resources on a computer, comprising:
providing a configuration database including resource information;
receiving a restoration request including a computer identifier associated with the computer;
accessing the configuration database based on the computer identifier to identify a restorable resource associated with the computer; and
providing the restorable resource to the computer.
2. The method of claim 1, further comprising installing the restorable resource on the computer.
3. The method of claim 1, wherein providing the restorable resource to the computer includes providing the restorable resource to a server connected to the computer.
4. The method of claim 3, further comprising accessing the computer through the server to install the restorable resource on the computer.
5. The method of claim 1, wherein providing the restorable resource to the computer includes providing an address for the restorable address.
6. The method of claim 1, further comprising authenticating the restoration request.
7. The method of claim 1, wherein providing the restorable resource comprises providing an encrypted restorable resource.
8. The method of claim 7, wherein the encrypted restorable resource is encrypted with a private key, the method further comprising providing a public key corresponding to the private key to the computer.
9. The method of claim 8, further comprising:
decrypting the encrypted restorable resource using the public key; and
installing the restorable resource on the computer.
10. The method of claim 1, further comprising encrypting the restorable resource with a public key associated with the computer.
11. The method of claim 10, further comprising:
decrypting the encrypted restorable resource using a private key corresponding to the public key; and
installing the restorable resource on the computer.
12. The method of claim 1, further comprising registering a plurality of installed resources associated with the computer in the configuration database.
13. The method of claim 12, wherein registering the plurality of installed resources includes providing a resource name and a computer identifier associated with the computer.
14. The method of claim 13 wherein registering the plurality of installed resources includes providing the resource name and computer identifier in an encrypted file.
15. The method of claim 1, further comprising billing a user based on the restoration request.
16. The method of claim 12, further comprising billing a user based on the plurality of installed resources registered.
17. The method of claim 1, wherein providing the configuration database includes providing a configuration database having resource identifying information, resource version information, and resource location information.
18. The method of claim 1, wherein providing the restorable resource comprises:
sharing a secret key with the computer;
encrypting a random number with the secret key;
generating a session key based on the secret key and the encrypted random number; and
providing the restorable resource using the session key.
19. The method of claim 1, further comprising;
registering a set of installed resources for a plurality of computers;
billing a user at a first rate for installed resources that are unique to one of the computers; and
billing the user at a second rate, different than the first rate, for installed resources that are common to at least two of the computers.
20. The method of claim 12, wherein registering the plurality of installed resources includes at least one of providing an address for the installed resource and storing the installed resource, and the method further comprises billing a user at a first rate for installed resources that registered by providing the address for the installed resource, and billing the user at a second rate, different than the first rate, for installed resources that are registered by storing the installed resource.
21. The method of claim 1, further comprising:
identifying an available upgrade for the restorable resource; and
offering the upgrade of the restorable resource in lieu of the restorable resource.
22. A computer system, comprising:
a computer having a plurality of installed resources; and
a configuration manager coupled to the computer and adapted to store a configuration database including resource information associated with the computer, receive a restoration request from the computer including a computer identifier associated with the computer, access the configuration database to identify a restorable resource based on the computer identifier associated with the computer, and provide the restorable resource to the computer.
23. The computer system of claim 22, wherein the computer is adapted to install the restorable resource.
24. The computer system of claim 22, further comprising a server coupled to the computer and adapted to receive the restorable resource and install the restorable resource on the computer.
25. The computer system of claim 22, further comprising a server coupled to the computer, the configuration manager being housed on the server.
26. The computer system of claim 22, wherein the configuration manager is adapted to provide the restorable resource to the computer by providing an address for the restorable address.
27. The computer system of claim 22, wherein the configuration manager is adapted to authenticate the restoration request.
28. The computer system of claim 22, wherein the configuration manager is adapted to provide an encrypted restorable resource.
29. The computer system of claim 28, wherein the encrypted restorable resource is encrypted with a private key, and the configuration manager is adapted to provide a public key corresponding to the private key to the computer.
30. The computer system of claim 29, wherein the computer is adapted to decrypt the encrypted restorable resource using the public key and install the restorable resource on the computer.
31. The computer system of claim 24, wherein the configuration manager is adapted to provide an encrypted restorable resource to the server, the encrypted restorable resource is encrypted with a private key, and the configuration manager is adapted to provide a public key corresponding to the private key to the server.
32. The computer system of claim 31, wherein the server is adapted to decrypt the encrypted restorable resource using the public key and install the restorable resource on the computer.
33. The computer system of claim 22, wherein the configuration manager is adapted to encrypt the restorable resource with a public key associated with the computer.
34. The computer system of claim 33, wherein the computer is adapted to decrypt the encrypted restorable resource using a private key corresponding to the public key and install the restorable resource.
35. The computer system of claim 24, wherein the configuration manager is adapted to encrypt the restorable resource with a public key associated with the computer, and the server is adapted to decrypt the encrypted restorable resource using a private key corresponding to the public key and install the restorable resource on the computer.
36. The computer system of claim 22, wherein the computer is adapted to register a plurality of installed resources associated with the computer in the configuration database.
37. The computer system of claim 36, wherein the computer is adapted to register the plurality of installed resources by providing a resource name and a computer identifier associated with the computer.
38. The computer system of claim 37, wherein the computer is adapted to provide the resource name and computer identifier in an encrypted file.
39. The computer system of claim 22, wherein the configuration manager is adapted to store billing information based on the restoration request.
40. The computer system of claim 36, wherein the configuration manager is adapted to store billing information based on the plurality of installed resources registered.
41. The computer system of claim 40, wherein the configuration manager is adapted to store billing information based on the plurality of installed resources registered.
42. The computer system of claim 22, wherein the configuration database includes resource identifying information, resource version information, and resource location information.
43. The computer system of claim 22, further comprising a plurality of computers, each having installed resources registered in the configuration database, and wherein the configuration manager is adapted to generate billing information using a first rate for installed resources that are unique to one of the computers, and generate billing information using second rate, different than the first rate, for installed resources that are common to at least two of the computers.
44. The computer system of claim 36, wherein the configuration manager is adapted to provide the restorable resource by performing at least one of providing an address for the installed resource and providing a previously stored installed resource, and the method further comprises generating billing information using a first rate for installed resources that registered by providing the address for the installed resource, and generating billing information using a second rate, different than the first rate, for installed resources that are registered by storing the installed resource.
45. The computer system of claim 22, wherein the configuration manager is adapted to share a secret key with the computer, encrypt a random number with the secret key, generate a session key based on the secret key and the encrypted random number, and provide the restorable resource using the session key.
46. The computer system of claim 22, wherein the configuration manager is adapted to identify an available upgrade for the restorable resource and offer the upgrade of the restorable resource in lieu of the restorable resource.
47. A program storage device, comprising:
a configuration database including resource information;
program instructions, that when executed by a processing device perform a method for restoring a resource on a computer, the method comprising:
receiving a restoration request including a computer identifier associated with the computer;
accessing the configuration database based on the computer identifier to identify a restorable resource associated with the computer; and
providing the restorable resource to the computer.
48. The program storage device of claim 47, wherein providing the restorable resource to the computer in the method includes providing the restorable resource to a server connected to the computer.
49. The program storage device of claim 47, wherein providing the restorable resource to the computer in the method includes providing an address for the restorable address.
50. The program storage device of claim 47, wherein the method further comprises authenticating the restoration request.
51. The program storage device of claim 47, wherein providing the restorable resource in the method comprises providing an encrypted restorable resource.
52. The program storage device of claim 51, wherein the encrypted restorable resource is encrypted with a private key, and the method further comprises providing a public key corresponding to the private key to the computer.
53. The program storage device of claim 47, wherein the method further comprises encrypting the restorable resource with a public key associated with the computer.
54. The program storage device of claim 47, wherein the method further comprises generating billing information based on the restoration request.
55. The program storage device of claim 47, wherein the method further comprises generating billing information based on the resource information in the configuration database.
56. The program storage device of claim 47, wherein the configuration database includes resource identifying information, resource version information, and resource location information.
57. The program storage device of claim 47, wherein the configuration database includes information related to installed resources on a plurality of computers, and the method further comprises:
generating billing information using a first rate for installed resources that are unique to one of the computers; and
generating billing information using a second rate, different than the first rate, for installed resources that are common to at least two of the computers.
58. The method of claim 47, wherein providing the restorable resource in the method comprises at least one of providing an address for the restorable resource and providing a previously stored copy of the restorable resource, and the method further comprises generating billing information using a first rate for providing the address for the restorable resource, and generating billing information at a second rate, different than the first rate, for providing the previously stored copy of the restorable resource.
59. The program storage device of claim 47, wherein providing the restorable resource in the method comprises:
sharing a secret key with the computer;
generating a session key based on the secret key and a random number; and
providing the restorable resource using the session key.
60. The program storage device of claim 47, wherein the method further comprises:
identifying an available upgrade for the restorable resource; and
offering the upgrade of the restorable resource in lieu of the restorable resource.
61. A system for updating a computer system having a plurality of installed resources, comprising a configuration manager adapted to store a configuration database including resource information associated with the computer, receive a restoration request from the computer including a computer identifier associated with the computer, access the configuration database to identify a restorable resource based on the computer identifier associated with the computer, and provide the restorable resource to the computer.
62. The computer system of claim 61, wherein the configuration manager is adapted to provide an address for the restorable address to the computer.
63. The computer system of claim 61, wherein the configuration database includes resource identifying information, resource version information, and resource location information.
64. A computer system for restoring resources on a computer, comprising:
means for storing resource information;
means for receiving a restoration request including a computer identifier associated with the computer;
means for accessing the resource information based on the computer identifier to identify a restorable resources associated with the computer; and
means for providing the restorable resource to the computer.
US10/668,907 2000-03-31 2003-09-23 Method and apparatus for restoring computer resources Abandoned US20040059747A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US10/668,907 US20040059747A1 (en) 2000-03-31 2003-09-23 Method and apparatus for restoring computer resources

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/540,386 US6633978B1 (en) 2000-03-31 2000-03-31 Method and apparatus for restoring computer resources
US10/668,907 US20040059747A1 (en) 2000-03-31 2003-09-23 Method and apparatus for restoring computer resources

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US09/540,386 Continuation US6633978B1 (en) 2000-03-31 2000-03-31 Method and apparatus for restoring computer resources

Publications (1)

Publication Number Publication Date
US20040059747A1 true US20040059747A1 (en) 2004-03-25

Family

ID=28792269

Family Applications (2)

Application Number Title Priority Date Filing Date
US09/540,386 Expired - Lifetime US6633978B1 (en) 2000-03-31 2000-03-31 Method and apparatus for restoring computer resources
US10/668,907 Abandoned US20040059747A1 (en) 2000-03-31 2003-09-23 Method and apparatus for restoring computer resources

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US09/540,386 Expired - Lifetime US6633978B1 (en) 2000-03-31 2000-03-31 Method and apparatus for restoring computer resources

Country Status (1)

Country Link
US (2) US6633978B1 (en)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020188660A1 (en) * 2001-06-08 2002-12-12 Yuji Shigyo Count system for a number of peripheral devices and for a user-number of software, and royalty settling system
US20040249908A1 (en) * 2003-06-09 2004-12-09 Anthony Valladares Vending network resources
US20070073764A1 (en) * 2004-05-03 2007-03-29 Microsoft Corporation Systems and methods for automatic database or file system maintenance and repair
US20090150611A1 (en) * 2007-12-10 2009-06-11 Microsoft Corporation Management of external memory functioning as virtual cache
US7596570B1 (en) * 2003-11-04 2009-09-29 Emigh Aaron T Data sharing
US20100070701A1 (en) * 2008-09-15 2010-03-18 Microsoft Corporation Managing cache data and metadata
US20100077197A1 (en) * 2004-05-03 2010-03-25 Microsoft Corporation Non-volatile memory cache performance improvement
US20100305783A1 (en) * 2004-06-30 2010-12-02 Tucker Michael J Enhanced vertical situation display
US20100306760A1 (en) * 2003-10-22 2010-12-02 Mulligan J Scott Software setup system
US20120005165A1 (en) * 2010-06-30 2012-01-05 Industrial Technology Research Institute Data backup, recovery and deletion method through a distributed network and system thereof
US8166101B2 (en) 2003-08-21 2012-04-24 Microsoft Corporation Systems and methods for the implementation of a synchronization schemas for units of information manageable by a hardware/software interface system
US8238696B2 (en) 2003-08-21 2012-08-07 Microsoft Corporation Systems and methods for the implementation of a digital images schema for organizing units of information manageable by a hardware/software interface system
US8489815B2 (en) 2008-09-15 2013-07-16 Microsoft Corporation Managing cache data and metadata
US8909861B2 (en) 2004-10-21 2014-12-09 Microsoft Corporation Using external memory devices to improve system performance
US8914557B2 (en) 2005-12-16 2014-12-16 Microsoft Corporation Optimizing write and wear performance for a memory
US9361183B2 (en) 2008-09-19 2016-06-07 Microsoft Technology Licensing, Llc Aggregation of write traffic to a data store

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7363633B1 (en) * 2000-04-24 2008-04-22 Microsoft Corporation Registering and storing dependencies among applications and objects in a computer system and communicating the dependencies to a recovery or backup service
JP2002236590A (en) * 2000-12-08 2002-08-23 Seiko Epson Corp Installing method for software
US7194619B2 (en) * 2002-03-26 2007-03-20 International Business Machines Corporation Remotely booting devices in a dense server environment without manually installing authentication parameters on the devices to be booted
US6711676B1 (en) * 2002-10-15 2004-03-23 Zomaya Group, Inc. System and method for providing computer upgrade information
US7185020B2 (en) * 2003-10-01 2007-02-27 Hewlett-Packard Development Company, L.P. Generating one or more block addresses based on an identifier of a hierarchical data structure
US7930503B2 (en) * 2004-01-26 2011-04-19 Hewlett-Packard Development Company, L.P. Method and apparatus for operating multiple security modules
US7382880B2 (en) * 2004-01-26 2008-06-03 Hewlett-Packard Development Company, L.P. Method and apparatus for initializing multiple security modules
US7293168B2 (en) * 2004-12-15 2007-11-06 Hewlett-Packard Development Company, L.P. System and method for initially configuring and booting a device using a device identifier
US8261253B2 (en) * 2006-01-25 2012-09-04 The Boeing Company Method for restoring software applications on desktop computers
US8266433B1 (en) * 2009-04-30 2012-09-11 Netapp, Inc. Method and system for automatically migrating encryption keys between key managers in a network storage system
US10394538B2 (en) 2017-02-09 2019-08-27 International Business Machines Corporation Optimizing service deployment in a distributed computing environment

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6411943B1 (en) * 1993-11-04 2002-06-25 Christopher M. Crawford Internet online backup system provides remote storage for customers using IDs and passwords which were interactively established when signing up for backup services

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2880268B2 (en) * 1990-07-30 1999-04-05 株式会社日立製作所 How to change network configuration definition information
US5469573A (en) * 1993-02-26 1995-11-21 Sytron Corporation Disk operating system backup and recovery system
US5758154A (en) * 1996-06-05 1998-05-26 Microsoft Corporation Method and system for storing configuration data into a common registry
US6175932B1 (en) * 1998-04-20 2001-01-16 National Instruments Corporation System and method for providing state capture and restoration to an I/O system
US6256635B1 (en) * 1998-05-08 2001-07-03 Apple Computer, Inc. Method and apparatus for configuring a computer using scripting

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6411943B1 (en) * 1993-11-04 2002-06-25 Christopher M. Crawford Internet online backup system provides remote storage for customers using IDs and passwords which were interactively established when signing up for backup services

Cited By (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020188660A1 (en) * 2001-06-08 2002-12-12 Yuji Shigyo Count system for a number of peripheral devices and for a user-number of software, and royalty settling system
US7305673B2 (en) * 2001-06-08 2007-12-04 Fujifilm Corporation Count system for a number of peripheral devices and for a user-number of software, and royalty settling system
US20040249908A1 (en) * 2003-06-09 2004-12-09 Anthony Valladares Vending network resources
US7558855B2 (en) * 2003-06-09 2009-07-07 Hewlett-Packard Development Company, L.P. Vending network resources
US8238696B2 (en) 2003-08-21 2012-08-07 Microsoft Corporation Systems and methods for the implementation of a digital images schema for organizing units of information manageable by a hardware/software interface system
US8166101B2 (en) 2003-08-21 2012-04-24 Microsoft Corporation Systems and methods for the implementation of a synchronization schemas for units of information manageable by a hardware/software interface system
US20100306760A1 (en) * 2003-10-22 2010-12-02 Mulligan J Scott Software setup system
US7596570B1 (en) * 2003-11-04 2009-09-29 Emigh Aaron T Data sharing
US9405693B2 (en) 2004-05-03 2016-08-02 Microsoft Technology Licensing, Llc Non-volatile memory cache performance improvement
US8255645B2 (en) 2004-05-03 2012-08-28 Microsoft Corporation Non-volatile memory cache performance improvement
US20100077197A1 (en) * 2004-05-03 2010-03-25 Microsoft Corporation Non-volatile memory cache performance improvement
US8041904B2 (en) 2004-05-03 2011-10-18 Microsoft Corporation Non-volatile memory cache performance improvement
US10216637B2 (en) 2004-05-03 2019-02-26 Microsoft Technology Licensing, Llc Non-volatile memory cache performance improvement
US20070073764A1 (en) * 2004-05-03 2007-03-29 Microsoft Corporation Systems and methods for automatic database or file system maintenance and repair
US20100305783A1 (en) * 2004-06-30 2010-12-02 Tucker Michael J Enhanced vertical situation display
US8909861B2 (en) 2004-10-21 2014-12-09 Microsoft Corporation Using external memory devices to improve system performance
US9690496B2 (en) 2004-10-21 2017-06-27 Microsoft Technology Licensing, Llc Using external memory devices to improve system performance
US9317209B2 (en) 2004-10-21 2016-04-19 Microsoft Technology Licensing, Llc Using external memory devices to improve system performance
US9529716B2 (en) 2005-12-16 2016-12-27 Microsoft Technology Licensing, Llc Optimizing write and wear performance for a memory
US11334484B2 (en) 2005-12-16 2022-05-17 Microsoft Technology Licensing, Llc Optimizing write and wear performance for a memory
US8914557B2 (en) 2005-12-16 2014-12-16 Microsoft Corporation Optimizing write and wear performance for a memory
US8631203B2 (en) 2007-12-10 2014-01-14 Microsoft Corporation Management of external memory functioning as virtual cache
US20090150611A1 (en) * 2007-12-10 2009-06-11 Microsoft Corporation Management of external memory functioning as virtual cache
US20100070701A1 (en) * 2008-09-15 2010-03-18 Microsoft Corporation Managing cache data and metadata
US9032151B2 (en) 2008-09-15 2015-05-12 Microsoft Technology Licensing, Llc Method and system for ensuring reliability of cache data and metadata subsequent to a reboot
US10387313B2 (en) 2008-09-15 2019-08-20 Microsoft Technology Licensing, Llc Method and system for ensuring reliability of cache data and metadata subsequent to a reboot
US8489815B2 (en) 2008-09-15 2013-07-16 Microsoft Corporation Managing cache data and metadata
US9448890B2 (en) 2008-09-19 2016-09-20 Microsoft Technology Licensing, Llc Aggregation of write traffic to a data store
US9361183B2 (en) 2008-09-19 2016-06-07 Microsoft Technology Licensing, Llc Aggregation of write traffic to a data store
US10509730B2 (en) 2008-09-19 2019-12-17 Microsoft Technology Licensing, Llc Aggregation of write traffic to a data store
US8275752B2 (en) * 2010-06-30 2012-09-25 Industrual Technology Resesarch Institute Data backup method through distributed network, involves generating data segment copies to transmit to peer storage servers based on metadata with segment distribution matrix by calculating redundancy corresponding to data segments
US20120005165A1 (en) * 2010-06-30 2012-01-05 Industrial Technology Research Institute Data backup, recovery and deletion method through a distributed network and system thereof

Also Published As

Publication number Publication date
US6633978B1 (en) 2003-10-14

Similar Documents

Publication Publication Date Title
US6633978B1 (en) Method and apparatus for restoring computer resources
US10693916B2 (en) Restrictions on use of a key
US7415509B1 (en) Operations architectures for netcentric computing systems
US20200084188A1 (en) Secure software updates
US8412927B2 (en) Profile framework for token processing system
US8295492B2 (en) Automated key management system
US6393420B1 (en) Securing Web server source documents and executables
Bellissimo et al. Secure Software Updates: Disappointments and New Challenges.
JP4310063B2 (en) Client-side digital content loading method
US10007767B1 (en) System and method for securing tenant data on a local appliance prior to delivery to a SaaS data center hosted application service
US6073172A (en) Initializing and reconfiguring a secure network interface
US9769158B2 (en) Guided enrollment and login for token users
US8321921B1 (en) Method and apparatus for providing authentication and encryption services by a software as a service platform
US7016950B2 (en) System and method for restricting data transfers and managing software components of distributed computers
US8646070B1 (en) Verifying authenticity in data storage management systems
CN112131041A (en) Method, apparatus and computer program product for managing data placement
US20030105876A1 (en) Automatic generation of verifiable customer certificates
US20080313743A1 (en) Network Software License Management and Piracy Protection
WO2022182341A1 (en) Trusted computing for digital devices
US20240126886A1 (en) Trusted Computing for Digital Devices
Bialaski et al. Solaris and LDAP naming services: deploying LDAP in the Enterprise

Legal Events

Date Code Title Description
AS Assignment

Owner name: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P., TEXAS

Free format text: CHANGE OF NAME;ASSIGNOR:COMPAQ INFORMATION TECHNOLOGIES GROUP LP;REEL/FRAME:014628/0103

Effective date: 20021001

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION