US20110126197A1 - System and method for controlling cloud and virtualized data centers in an intelligent workload management system - Google Patents
System and method for controlling cloud and virtualized data centers in an intelligent workload management system Download PDFInfo
- Publication number
- US20110126197A1 US20110126197A1 US12/645,114 US64511409A US2011126197A1 US 20110126197 A1 US20110126197 A1 US 20110126197A1 US 64511409 A US64511409 A US 64511409A US 2011126197 A1 US2011126197 A1 US 2011126197A1
- Authority
- US
- United States
- Prior art keywords
- image
- service
- cloud
- virtual machine
- software
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0631—Resource planning, allocation, distributing or scheduling for enterprises or organisations
- G06Q10/06313—Resource planning in a project environment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
Definitions
- the invention relates to a system and method for controlling cloud and virtualized data centers in an intelligent workload management, and in particular, to a computing environment having a model-driven, service-oriented architecture for creating collaborative threads to manage workloads, and further to creating cloud images having embedded management agents and identity services for validating the cloud images prior to deployment into the cloud and virtualized data centers and controlling, monitoring, and auditing activity associated with the cloud images following deployment into the cloud and virtualized data centers.
- Cloud computing generally refers to a computing environment with dynamically scalable and often virtualized resources, which are typically provided as services over the Internet.
- cloud computing environments often employ the concept of virtualization as a preferred paradigm for hosting workloads on any appropriate hardware.
- the cloud computing model has become increasingly viable for many enterprises for various reasons, including that the cloud infrastructure may permit information technology resources to be treated as utilities that can be automatically provisioned on demand, while also limiting the cost of services to actual resource consumption.
- consumers of resources provided in cloud computing environments can leverage technologies that might otherwise be unavailable.
- cloud computing and cloud storage become more pervasive, many enterprises will find that moving data center to cloud providers can yield economies of scale, among other advantages.
- cloud computing environments are generally designed to support generic business practices, meaning that individuals and organizations typically lack the ability to change many aspects of the platform.
- concerns regarding performance, latency, reliability, and security present significant challenges, as outages and downtime can lead to lost business opportunities and decreased productivity, while the generic platform may present governance, risk, and compliance concerns.
- organizations deploy workloads beyond the boundaries of their data centers lack of visibility into the computing environment may result in significant management problems.
- help desk systems typically involve a customer submitting a trouble ticket to a remedy system, with a human operator then using various tools to address the problem and close the ticket, while monitoring systems that watch the infrastructure to remediate problems may remain isolated from the interaction between the customer and the help desk despite such interaction being relevant to the monitoring system's function.
- a system and method for intelligent workload management may generally provide a computing environment having a fluid architecture, whereby the computing environment may create common threads to manage workloads that converge information relating to user identities and access credentials, provisioned and requested services, and physical and virtual infrastructure resources, among other things.
- services provided in the computing environment may generally include various aggregated physical and/or virtual resources, while applications may include various aggregated services and workloads may include various compositions of whole services, separate services, and/or sub-services that work together.
- the intelligent workload management system may create a workload to manage provisioning the user with a tuned appliance configured to perform the particular function or application, whereby the tuned appliance may provide the requested service for the user.
- the workload management system may create a resource store that points to a storage location for the appliance, declare a service level agreement and any runtime requirements that constrain deployment for the appliance, obtain a certificate that provides attestation tokens for the user and the appliance, and create a profile that provides an audit trail of actual lifecycle behavior for the appliance (e.g., events and performance metrics relating to the appliance).
- workflows created in the computing environment may converge various sources of information within a common thread, which the workload management system may use to manage the workload (e.g., actual metrics for a particular workload can be compared to anticipated metrics for the workload to determine whether various services underlying the workload function as intended).
- the system and method for intelligent workload management may operate in a model-driven architecture, which may merge information relating to user identities with services that may be running in an information technology infrastructure.
- the information merged in the model-driven architecture may be referenced to determine specific users or organizational areas within the infrastructure that may be impacted in response to a particular change to the infrastructure model.
- the model-driven architecture may track context for information technology workloads from start to finish. As such, tracking context for the information technology workloads may provide audit trails that can then be used to identify a relevant user, application, system, or other entity that can provide assistance with a particular issue.
- the audit trail that the model-driven architecture enables may track end-to-end workload activities and thereby provide visibility and notice to users, applications, systems, services, or any other suitable entity that may be impacted by the workload.
- the system and method for intelligent workload management may enable agile and flexible management for an information technology infrastructure, which may enable the infrastructure to move at the speed of modern business.
- the system and method for intelligent workload management may further operate in a service-oriented architecture unifying various heterogeneous technologies, which may provide businesses with the capability to deploy information technology resources in a manner that can meet business objectives.
- the service-oriented architecture may provide adaptable, interoperable, and user-friendly information technology tools to manage the infrastructure in a manner that addresses many typical business challenges that information technology organizations face.
- model-driven architecture may employ virtualization features to provide manageable workloads that can move efficiently through the infrastructure
- service-oriented architecture may merge different technologies to provide various coordinated systems that can cooperate to optimally execute portions of an overall orchestrated workload.
- the model-driven and service-oriented architectures may collectively derive data from the information technology infrastructure, which may inform intelligent information technology choices that meet the needs of businesses and users.
- the system and method for intelligent workload management may be used to manage workloads created in response to service requests.
- any suitable user, application, system, or other entities may request a service from the workload management system, wherein the request may include a desired performance level (or service level) for the service, any components or criteria required for the service, comments to provision the service in a certain manner, or any other suitable information for the requested service.
- human and/or automated approvers (or service delivery managers) may collaboratively manage the service request and determine whether the service can be provisioned as requested.
- the approvers may provide feedback on the service provisioning decision, which may create an interactive collaborative “conversation” between requesters, approvers, and other entities in the management thread.
- various security policies may be built into the model to automatically approve or deny certain requests, wherein the security policies may be dynamically updated in response to handling similar requests (e.g., a request for Bit Torrent storage may be automatically denied because a particular security policy indicates that peer-to-peer file sharing violates a company policy).
- services provisioned in the workload management system may include any suitable combination of physical infrastructure resources and virtualized infrastructure resources.
- the workload management system may manage physical infrastructure resources and virtualized infrastructure resources to support provisioning virtualized services.
- the service-oriented architecture employed in the workload management system may enable management for the physical infrastructure resources (e.g., rack-mounting, configuring, and otherwise physically installing servers, storage resources, and other devices), and may further enable management for the virtualized infrastructure resources (e.g., pre-configuring provisioned services with identity management features, denying, flagging, or auditing service requests from unauthorized entities, etc.).
- the workload management system may be considered a service in that the workload management service may be built dynamically in response to service requests (e.g., because a management infrastructure can introduce computational burdens just as any other resource, limiting the existence of the workload management infrastructure to an on-demand service can free computational resources for other tasks having a greater need for immediacy).
- the workload management system may store a history of interaction between requesters, approvers, and other entities in service provisioning threads, and may further record, log, and save traffic and activity between such entities in the service provisioning threads.
- various processes that occur during service provisioning may be recorded and injected into a real-time stream that can subsequently be played back, thereby capturing the service provisioning processes as a whole, including any responses that human and/or automated entities may provide during the collaborative process.
- the workload management system may expose portions of the infrastructure model to entities involved in the management processes.
- the workload management system may expose “just enough context” to entities involved in the management processes, whereby the involved entities may view the respective portions of the infrastructure model for which such entities have management responsibility (e.g., prior to implementing any particular change to the infrastructure, the workload management system may query the model and determine an impact of the change, notify impacted entities, etc.).
- virtualized services provisioned in the workload management system may further include injection points for adding and/or removing information from the provisioned services.
- any particular virtualized service may generally include a layered architecture that includes injection points for inserting “zero residue” management agents that can manage the service and ensure that the service functions correctly.
- zero residue management agents may be inserted within virtualized services at build time, run time, or any other suitable point in a lifecycle for the virtualized services, wherein the particular management agents inserted within the virtualized services may depend on a type of management required.
- the workload management system may analyze a configuration of the service, a lifecycle point for the service, or other suitable information for the service to derive a recipe of the management agents to be injected (e.g., the recipe may depend on a required service level for the service, a current operational state for the infrastructure model, services running in the infrastructure, a type of management required for the running services, etc.).
- FIG. 1A illustrates a block diagram of an exemplary model-driven architecture in a system for intelligent workload management, according to one aspect of the invention.
- FIG. 1B illustrates a block diagram of an exemplary service-oriented architecture in the system for intelligent workload management, according to one aspect of the invention.
- FIG. 2 illustrates a flow diagram of an exemplary method for intelligent workload management, according to one aspect of the invention.
- FIG. 3 illustrates an exemplary system for generating single sign-on workload identities in the workload management system, according to one aspect of the invention.
- FIG. 4 illustrates an exemplary method for generating single sign-on workload identities in the workload management system, according to one aspect of the invention.
- FIG. 5A illustrates a block diagram of an exemplary service distribution that can be managed with zero residue management agents in the intelligent workload management system
- FIG. 5B illustrates an exemplary lifecycle for a service distribution managed with the zero residue management agents, according to one aspect of the invention.
- FIG. 6 illustrates a flow diagram of an exemplary method for managing different modes of a service distribution lifecycle with the zero residue management agents in the intelligent workload management system, according to one aspect of the invention.
- FIG. 7 illustrates a block diagram of an exemplary system for controlling cloud and virtualized data centers in the intelligent workload management system, according to one aspect of the invention.
- FIG. 8 illustrates a flow diagram of an exemplary method for controlling cloud and virtualized data centers in the intelligent workload management system, according to one aspect of the invention.
- FIG. 1A illustrates an exemplary model-driven architecture 100 A in a system for intelligent workload management
- FIG. 1B illustrates an exemplary service-oriented architecture 100 B in the system for intelligent workload management
- the model-driven architecture 100 A shown in FIG. 1A and the service-oriented architecture 100 B shown in FIG. 1B may include various components that operate in a substantially similar manner to provide the functionality that will be described in further detail herein.
- any description provided herein for components having identical reference numerals in FIGS. 1A and 1B will be understood as corresponding to such components in both FIGS. 1A and 1B , whether or not explicitly described.
- model-driven architecture 100 A illustrated in FIG. 1A and the service-oriented architecture 100 B illustrated in FIG. 1B may provide an agile, responsive, reliable, and interoperable information technology environment, which may address various problems associated with managing an information technology infrastructure 110 (e.g., growing revenues and cutting costs, managing governance, risk, and compliance, reducing times to innovate and deliver products to markets, enforcing security and access controls, managing heterogeneous technologies and information flows, etc.).
- an information technology infrastructure 110 e.g., growing revenues and cutting costs, managing governance, risk, and compliance, reducing times to innovate and deliver products to markets, enforcing security and access controls, managing heterogeneous technologies and information flows, etc.
- the model-driven architecture 100 A and the service-oriented architecture 100 B may provide a coordinated design for the intelligent workload management system (or alternatively “the workload management system”), wherein the coordinated design may integrate technologies for managing identities, enforcing policies, assuring compliance, managing computing and storage environments, providing orchestrated virtualization, enabling collaboration, and providing architectural agility, among other things.
- the model-driven architecture 100 A and the service-oriented architecture 100 B may therefore provide a flexible framework that may enable the workload management system to allocate various resources 114 in the information technology infrastructure 110 in a manner that balances governance, risk, and compliance with capacities for internal and external resources 114 .
- the workload management system may operate within the flexible framework that the model-driven architecture 100 A and the service-oriented architecture 100 B to deliver information technology tools for managing security, performance, availability, and policy objectives for services provisioned in the information technology infrastructure 110 .
- the technologies integrated by the model-driven architecture 100 A and the service-oriented architecture 100 B may enable managing identities in the information technology infrastructure 110 .
- managing identities may present an important concern in the context of managing services in the information technology infrastructure 110 because security, performance, availability, policy objectives, and other variables may have different importance for different users, customers, applications, systems, or other resources 114 that operate in the information technology infrastructure 110 .
- the model-driven architecture 100 A and the service-oriented architecture 100 B may include various components that enable identity management in the information technology infrastructure 110 .
- the workload management system may include an access manager 120 (e.g., Novell Access Manager), which may communicate with an identity vault 125 and control access to content, applications, services, and other resources 114 in the information technology infrastructure 110 .
- the access manager 120 may enforce various policy declarations to provide authentication services for any suitable component in the information technology infrastructure 110 .
- the identity vault 125 may include various directories that organize user accounts, roles, policies, and other identity information that the access manager 120 can reference to generate authorization decisions.
- the access manager 120 and the identity vault 125 may further support federated user identities, wherein a user at any particular client resource 115 may submit single sign-on authentication credentials to the access manager 120 , which may then control access to any suitable resource 114 in the information technology infrastructure 110 with the single sign-on authentication credentials (e.g., user names, identifiers, passwords, smart cards, biometrics, etc.).
- the identity information stored in the identity vault 125 may be provided to a synchronization engine 150 , whereby the synchronization engine 150 may provide interoperable and transportable identity information throughout the architecture (e.g., via an identity fabric within an event bus 140 that manages transport throughout the architecture).
- providing the identity information stored in the identity vault 125 to the synchronization engine 150 may form portable identities that correspond to independent digital representations for various users, applications, systems, or other entities that interact with the information technology infrastructure 110 .
- the identities maintained in the synchronization engine 150 may generally include abstractions that can provide access to authoritative attributes, active roles, and valid policies for entities that the identity abstractions represent.
- synchronizing the identity information stored in the identity vault 125 with the synchronization engine 150 may provide independent and scalable digital identities that can be transported across heterogeneous applications, services, networks, or other systems, whereby the workload management system may handle and validate the digital identities in a cooperative, interoperable, and federated manner.
- the identities stored in the identity vault 125 and synchronized with the synchronization engine 150 may be customized to define particular attributes and roles that the identities may expose. For example, a user may choose to create one identity that exposes every attribute and role for the user to applications, services, or other systems that reside within organizational boundaries, another identity that limits the attributes and roles exposed to certain service providers outside the organizational boundaries, and another identity that provides complete anonymity in certain contexts.
- the identities maintained in the synchronization engine 150 may therefore provide awareness over any authentication criteria that may be required to enable communication and collaboration between entities that interact with the workload management system.
- the synchronization engine 150 may include a service that can enforce policies controlling whether certain information stored in the identity vault 125 can be shared (e.g., through the access manager 120 or other information technology tools that can manage and customize identities).
- the workload management system may further manage identities in a manner that enables infrastructure workloads to function across organizational boundaries, wherein identities for various users, applications, services, and other resources 114 involved in infrastructure workloads may be managed with role aggregation policies and logic that can support federated authentication, authorization, and attribute services.
- the access manager 120 , the identity vault 125 , and the synchronization engine 150 may manage identity services externally to applications, services, and other resources 114 that consume the identities, which may enable the workload management system to control access to services for multiple applications using consistent identity interfaces.
- the access manager 120 , the identity vault 125 , and the synchronization engine 150 may define standard interfaces for managing the identity services, which may include authentication services, push authorization services (e.g., tokens, claims, assertions, etc.), pull authorization services (e.g., requests, queries, etc.), push attribute services (e.g., updates), pull attribute services (e.g., queries), and audit services.
- authentication services e.g., authentication services, push authorization services (e.g., tokens, claims, assertions, etc.), pull authorization services (e.g., requests, queries, etc.), push attribute services (e.g., updates), pull attribute services (e.g., queries), and audit services.
- push authorization services e.g., tokens, claims, assertions, etc.
- pull authorization services e.g., requests, queries, etc.
- push attribute services e.g., updates
- pull attribute services e.g., queries
- audit services e.g., audit services.
- the workload management system may employ the identity services provided in the model-driven architecture 100 A and the service-oriented architecture 100 B to apply policies for representing and controlling roles for multiple identities within any particular session that occurs in the information technology infrastructure 110 .
- the workload management system may manage the session with multiple identities that encompass the user, the backup service, and the client machine 115 .
- the workload management system may further determine that the identity for the client machine 115 represents an unsecured machine that resides outside an organizational firewall, which may result in the workload management system retrieving a policy from the identity vault 125 and/or the synchronization engine 150 and applying the policy to the session (e.g., the policy may dynamically prevent the machine 115 and the user from being active in the same session).
- the workload management system may manage multiple identities that may be involved in any particular service request to control and secure access to applications, services, and other resources 114 in the information technology infrastructure 110 .
- the model-driven architecture 100 A and the service-oriented architecture 100 B may further provide identity services for delegating rights in delegation chains that may involve various different levels of identities.
- any particular user may have various roles, attributes, or other identities that define various rights for the user.
- the rights delegation identity service may enable the user to delegate a time-bounded subset of such rights to a particular service, wherein the service can then make requests to other services on behalf of the user during the delegated time.
- a user may delegate rights to a backup service that permits the backup service to read a portion of a clustered file system 195 during a particular time interval (e.g., 2 a.m. to 3 a.m.).
- the identity services may enable the file system 195 to audit identities for the backup service and the user, and further to constrain read permissions within the file system 195 based on the relevant rights defined by the identities for the backup service for the user.
- the model-driven architecture 100 A and the service-oriented architecture 100 B may further provide identity services for defining relative roles, wherein relative roles may be defined where a principal user, application, service, or other entity can only assume a particular role for a particular action when a target of the action has a particular set of identities.
- relative roles may be defined where a principal user, application, service, or other entity can only assume a particular role for a particular action when a target of the action has a particular set of identities.
- a user having a doctor role may only assume a doctor-of-record relative role if an identity for a target of the doctor-of-record action refers to one of the user's patients.
- applications may request controlled access to information about an identity for a certain user, wherein the application may, retrieve the requested information directly from the access-controlled identity for the user.
- the workload management system may determine the information requested by the application and create a workload that indicates to the user the information requested by the application and any action that the application may initiate with the requested information. The user may then make an informed choice about whether to grant the application access to the requested information.
- having identities to enable applications may eliminate a need for application-specific data storage or having the application access separate a directory service or another identity information source.
- the identity management services may create crafted identities combined from various different types of identity information for various users, applications, services, systems, or other information technology resources 114 .
- the identity information may generally be stored and maintained in the identity vault 125
- the identity information can be composed and transformed through the access manager 120 and/or the synchronization engine 150 , with the resulting identity information providing authoritative statements for represented entities that span multiple authentication domains within and/or beyond boundaries for the information technology infrastructure 110 .
- an identity for a user may be encapsulated within a token that masks any underlying credential authentication, identity federation, and attribute attestation.
- the identity services may further support identities that outlive entities that the identities represent and multiple identity subsets within a particular identity domain or across multiple identity domains.
- the identity services provided in the model-driven architecture 100 A and the service-oriented architecture 100 B may include various forms of authentication, identifier mapping, token transformation, identity attribute management, and identity relationship mapping.
- the technologies integrated by the model-driven architecture 100 A and the service-oriented architecture 100 B may enable enforcing policies in the information technology infrastructure 110 .
- enforcing policies may present an important concern in the context of managing services in the information technology infrastructure 110 because policies may be driven from multiple hierarchies and depend on operational, legislative, and organizational requirements that can overlap, contradict, and/or override each other.
- the model-driven architecture 100 A and the service-oriented architecture 100 B may include various components for defining policies in standardized languages that can be translated, merged, split, or otherwise unified as needed.
- the workload management system may have multiple policy decision points and policy definition services for consistently managing and enforcing policies in the information technology infrastructure 110
- the model-driven architecture 100 A and the service-oriented architecture 100 B may provide standard policy languages and service interfaces that enable the workload management system to make consistent decisions based on flexible user needs.
- any suitable resource 114 (including workloads and computational infrastructure) may be provided with access to standardized instrumentation that provides knowledge regarding information that may be available, desired, or allowed in the workload management system.
- the workload management system may invoke various cooperating policy services to determine suitable physical resources 114 a (e.g., physical servers, hardware devices, etc.), virtualized resources 114 b (e.g., virtual machine images, virtualized servers, etc.), configuration resources 114 c (e.g.; management agents, translation services, etc.), storage resources (e.g., the clustered file system 195 , one or more databases 155 , etc.), or other resources 114 for a particular workload.
- suitable physical resources 114 a e.g., physical servers, hardware devices, etc.
- virtualized resources 114 b e.g., virtual machine images, virtualized servers, etc.
- configuration resources 114 c e.g.; management agents, translation services, etc.
- storage resources e.g., the clustered file system 195 , one or more databases 155 , etc.
- the synchronization engine 150 may dynamically retrieve various policies stored in the databases 155 , and an event audit service 135 b may then evaluate the policies maintained in the synchronization engine 150 independently from services that subsequently enforce policy decisions (e.g., the event audit service 135 b may determine whether the policies permit access to certain information for a particular application and the application may then enforce the policy determination).
- an event audit service 135 b may determine whether the policies permit access to certain information for a particular application and the application may then enforce the policy determination).
- the event audit service 135 b may include a standardized policy definition service that can be used to define policies that span multiple separate application and management domains.
- the policy definition service may create, manage, translate, and/or process policies separately from other service administration domains and interfaces.
- the policy definition service may provide interoperability for the separate domains and interfaces, and may further enable compliance services that may be provided in a correlation system 165 and remediation services that may be provided in a workload service 135 a.
- the policy definition service provided within the event audit service 135 b may be configured to obtain data relating to a current state and configuration for resources 114 managed in the infrastructure 110 in addition to data relating to dependencies or other interactions between the managed resources 114 .
- a management infrastructure 170 may include a discovery engine 180 b that dynamically monitors various events that the infrastructure 110 generates and pushes onto the event bus 140 , which may include an event backplane for transporting the events.
- the discovery engine 180 b may query the infrastructure 110 to determine relationships and dependencies among users, applications, services, and other resources 114 in the infrastructure 110 .
- the discovery engine 180 b may monitor the event bus 140 to obtain the events generated in the infrastructure 110 and synchronize the events to the synchronization engine 150 , and may further synchronize information relating to the relationships and dependencies identified in the infrastructure 110 to the synchronization engine 150 .
- the event audit service 135 b may then evaluate any events, resource relationships, resource dependencies, or other information describing the operational state and the configuration state of the infrastructure 110 in view of any relevant policies and subsequently provide any such policy evaluations to requesting entities.
- the policy definition service may include standard interfaces for defining policies in terms of requirements, controls, and rules.
- the requirements may generally be expressed in natural language in order to describe permitted functionality, prohibited functionality, desirable functionality, and undesirable functionality, among other things (e.g., the event audit service 135 b may capture legislative regulations, business objectives, best practices, or other policy-based requirements expressed in natural language).
- the controls may generally associate the requirements to particular objects that may be managed in the workload management system, such as individual users, groups of users, physical resources 114 a , virtualized resources 114 b , or any other suitable object or resource 114 in the infrastructure 110 .
- the policy definition service may further define types for the controls.
- the type may include an authorization type that associates an identity with a particular resource 114 and action (e.g., for certain identities, authorizing or denying access to a system or a file, permission to alter or deploy a policy, etc.), or the type may include an obligation type that mandates a particular action for an identity.
- action e.g., for certain identities, authorizing or denying access to a system or a file, permission to alter or deploy a policy, etc.
- the type may include an obligation type that mandates a particular action for an identity.
- translating requirements into controls may partition the requirements into multiple controls that may define policies for a particular group of objects.
- rules may apply certain controls to particular resources 114 , wherein rules may represent concrete policy definitions.
- the rules may be translated directly into a machine-readable and machine-executable format that information technology staff may handle and that the event audit service 135 b may evaluate in order to manage policies.
- the rules may be captured and expressed in any suitable domain specific language, wherein the domain specific language may provide a consistent addressing scheme and data model to instrument policies across multiple domains.
- a definitive software library 190 may include one or more standardized policy libraries for translating between potentially disparate policy implementations, which may enable the event audit service 135 b to provide federated policies interoperable across multiple different domains.
- the rules that represent the policy definitions may include identifiers for an originating policy implementation, which the policy definition service may then map to the controls that the rules enforce and to the domain specific policy language used in the workload management system (e.g., through the definitive software library 190 ).
- the technologies integrated by the model-driven architecture 100 A and the service-oriented architecture 100 B may enable monitoring for compliance assurances in the information technology infrastructure 110 .
- compliance assurance may present an important concern in the context of managing services in the information technology infrastructure 110 because policy enforcement encompasses issues beyond location, access rights, or other contextual information within the infrastructure (e.g., due to increasing mobility in computing environments).
- the model-driven architecture 100 A and the service-oriented architecture 100 B may define metadata that bounds data to characteristics of data.
- the workload management system may employ a standard metadata format to provide interoperability between policies from multiple organizations to enable the policies to cooperate with one another and provide policy-based service control.
- certain infrastructure workloads may execute under multiple constraints defined by users, the infrastructure 110 , sponsoring organizations, or other entities, wherein compliance assurance may provide users with certification that the workloads were properly assigned and executed according to the constraints.
- sponsoring organizations and governing bodies may define control policies that constrain workloads, wherein compliance assurance in this context may include ensuring that only authorized workloads have been executed against approved resources 114 .
- the model-driven architecture 100 A and the service-oriented architecture 100 B may provide preventative compliance assurance through a compliance management service that supports remediation in addition to monitoring and reporting.
- a compliance management service that supports remediation in addition to monitoring and reporting.
- the workload management system may generate compliance reports 145 that indicate whether any constraints defined for the workloads have been satisfied (e.g., that authorized entities perform the correct work in the correct manner, as defined within the workloads).
- compliance may generally be defined to include measuring and reporting on whether certain policies effectively ensure confidentiality and availability for information within workloads, wherein the resulting compliance reports 145 may describe an entire process flow that encompasses policy definition, relationships between configurations and activities that do or do not comply with the defined policies, and identities of users, applications, services, systems, or other resources 114 involved in the process flow.
- the workload management system may provide the compliance management service for workloads having specifications defined by users, and further for workloads having specifications defined by organizations.
- users may generally define various specifications to identify operational constraints and desired outcomes for workloads that the users create, wherein the compliance management service may certify to the users whether or not the operational constraints and desired outcomes have been correctly implemented.
- organizations may define various specifications identifying operational constraints and desired outcomes for ensuring that workloads comply with governmental regulations, corporate best practices, contracts, laws, and internal codes of conduct.
- the compliance management service may integrate the identity management services and the policy definition service described above to provide the workload management system with control over configurations, compliance event coverage, and remediation services in the information technology infrastructure 110 .
- the compliance management service may operate within a workload engine 180 a provided within the management infrastructure 170 and/or a workload service 135 b in communication with the synchronization engine 150 .
- the workload engine 180 a and/or the workload service 135 b may therefore execute the compliance management service to measure and report on whether workloads comply with relevant policies, and further to remediate any non-compliant workloads.
- the compliance management service may use the integrated identity management services to measure and report on users, applications, services, systems, or other resources 114 that may be performing operational activity that occurs in the information technology infrastructure 110 .
- the compliance management service may interact with the access manager 120 , the identity vault 125 , the synchronization engine 150 , or any other suitable source that provides federated identity information to retrieve identities for the entities performing the operational activity, validate the identities, determine relationships between the identities, and otherwise map the identities to the operational activity.
- the correlation system 165 may provide analytic services to process audit trails for any suitable resource 114 (e.g., correlating the audit trails and then mapping certain activities to identities for resources 114 involved in the activities).
- the correlation system 165 may invoke one or more automated remediation workloads to initiate appropriate action for addressing the policy violations.
- the compliance management service may further use the integrated policy definition service to monitor and report on the operational activity that occurs in the information technology infrastructure 110 and any policy evaluation determinations that the event audit service 135 b generates through the policy definition service.
- the workload engine 180 a and/or the workload service 135 b may retrieve information from a configuration management database 185 a or other databases 155 that provide federated configuration information for managing the resources 114 in the information technology infrastructure 110 .
- the workload engine 180 a and/or the workload service 135 b may therefore execute the compliance management service to perform scheduled and multi-step compliance processing, wherein the compliance processing may include correlating operational activities with identities and evaluating policies that may span various different policy domains in order to govern the information technology infrastructure 110 .
- the model-driven architecture 100 A and the service-oriented architecture 100 B may provide various compliance management models may be used in the compliance management service.
- the compliance management models may include a wrapped compliance management model that manages resources 114 lacking internal awareness over policy-based controls.
- the compliance management service may augment the resources 114 managed in the wrapped compliance model with one or more policy decision points and/or policy enforcement points that reside externally to the managed resources 114 (e.g., the event audit service 135 b ).
- the policy decision points and/or the policy enforcement points may intercept any requests directed to the resources 114 managed in the wrapped compliance model, generate policy decisions that indicate whether the resources 114 can properly perform the requests, and then enforce the policy decisions (e.g., forwarding the requests to the resources 114 in response to determining that the resources 114 can properly perform the requests, denying the requests in response to determining that the resources 114 can properly perform the requests, etc.).
- the event audit service 135 b may further execute the compliance management service to wrap, coordinate, and synthesize an audit trail that includes data obtained from the managed resources 114 and the wrapping policy definition service.
- the compliance management models may include a delegated compliance management model to manage resources 114 that implement a policy enforcement point and reference an external policy decision point, wherein the resources 114 managed in the delegated compliance management model may have limited internal awareness over policy-based controls.
- the compliance management service may interleave policy decisions or other control operations generated by the external policy decision point with the internally implemented policy enforcement point to provide compliance assurance for the resources 114 managed in the delegated compliance management model.
- the delegated compliance management model may therefore represent a hybrid compliance model, which may apply to any suitable service that simultaneously anticipates compliance instrumentation but lacks internal policy control abstractions (e.g., the internally implemented policy enforcement point may anticipate the compliance instrumentation, while the externally referenced policy decision point has the relevant policy control abstractions).
- the compliance management service may have fewer objects to coordinate than in the wrapped compliance management model, but the event audit service 135 b may nonetheless execute the compliance management service to coordinate and synthesize an audit trail that includes data obtained from the managed resources 114 and the delegated external policy decision point.
- the compliance management models may include an embedded compliance management model that manages resources 114 that internally implement policy enforcement points and policy decision points, wherein the resources 114 managed in the embedded compliance management model may have full internal awareness over policy-based controls.
- the resources 114 managed in the embedded compliance management model may employ the internally implemented policy enforcement points and policy decision points to instrument any service and control operations for requests directed to the resources 114 .
- resources 114 managed in the embedded compliance management model may expose configuration or customization options via an externalized policy administration point.
- the embedded compliance management model may provide an integrated and effective audit trail for compliance assurance, which may often leave the compliance management service free to perform other compliance assurance processes.
- the compliance management service may obtain information for any resource 114 managed in the information technology infrastructure 110 from the configuration management database 185 a or other databases 155 that include a federated namespace for the managed resources 114 , configurations for the managed resources 114 , and relationships among the managed resources 114 .
- the compliance management service may reference the configuration management database 185 a or other the databases 155 to arbitrate configuration management in the infrastructure 110 and record previous configurations histories for the resources 114 in the configuration management database 185 a or other databases 155 .
- the compliance management service may generally maintain information relating to identities, configurations, and relationships for the managed resources 114 , which may provide a comparison context for analyzing subsequent requests to change the infrastructure 110 and identifying information technology services that the requested changes may impact.
- the technologies integrated by the model-driven architecture 100 A and the service-oriented architecture 100 B may include managing computing and storage environments that support services in the infrastructure 110 .
- the computing and storage environments used to support services in the infrastructure 110 may employ Linux operating environments, which may generally include an operating system distribution with a Linux kernel and various open source packages (e.g., gcc, glibc, etc.) that collectively provide the Linux operating environments.
- the Linux operating environments may generally provide a partitioned distribution model for managing the computing and storage environments employed in the workload management system.
- a particular Linux distribution may be bundled for operating environments pre-installed in the workload management system (e.g., openSUSE, SUSE Linux Enterprise, etc.), which may enable vendors of physical hardware resources 114 a to support every operating system that the vendors' customers employ without overhead that may introduced with multiple pre-installed operating environment choices.
- the workload management system e.g., openSUSE, SUSE Linux Enterprise, etc.
- the partitioned distribution model may partition the Linux operating environments into a physical hardware distribution (often referred to as a “pDistro”), which may include physical resources 114 a that run over hardware to provide a physical hosting environment for virtual machines 114 b .
- the physical hardware distribution may include the Linux kernel and various hypervisor technologies that can run the virtual machines 114 b over the underlying physical hosting environment, wherein the physical hardware distribution may be certified for existing and future-developed hardware environments to enable the workload management system to support future advances in the Linux kernel and/or hypervisor technologies.
- the workload management system may release the physical hardware distribution in a full Linux distribution version to provide users with the ability to take advantage of future advances in technologies at a faster release cycle.
- the partitioned distribution model may further partition the Linux operating environments into a virtual software distribution (often referred to as a “vDistro”), which may include virtual machines 114 b deployed for specific applications or services that run, enable, and otherwise support workloads. More particularly, any particular virtual software distribution may generally include one or more Linux package or pattern deployments, whereby the virtual machines 114 b may include virtual machines images with “just enough operating system” (JeOS) to support the package or pattern deployments needed to run the applications or services for the workloads.
- the virtual software distribution may include a particular Linux product (e.g., SUSE Linux Enterprise Server) bundled with hardware agnostic virtual drivers, which may provide configuration resources 114 c for tuning virtualized resources 114 b for optimized performance.
- the particular virtual software distribution may be certified for governmental security requirements and for certain application vendors, which may enable the workload management system to update any physical resources 114 a in the physical hardware distribution underlying the virtual software distribution without compromising support contracts with such vendors.
- the workload management system may enable support for any particular Linux application or version, which may drive Linux integration and adoption across the information technology infrastructure 110 .
- the workload management system may employ Linux applications and distributions created using a build system that enables any suitable application to be built and tested on different versions of Linux distributions (e.g., an openSUSE Build Service, SUSE Studio, etc.). For example, in response to receiving a request that includes unique specifications for a particular Linux application, the workload management system may notify distribution developers to include such specifications in the application, with the specifications then being made available to other application developers.
- a build system that enables any suitable application to be built and tested on different versions of Linux distributions
- SUSE Studio etc.
- the workload management system may notify distribution developers to include such specifications in the application, with the specifications then being made available to other application developers.
- the Linux build system employed in the workload management system may enable distribution engineers and developers to detect whether changes to subsequent application releases conflict with or otherwise break existing applications.
- changes in systems, compiler versions, dependent libraries, or other resources 114 may cause errors in the subsequent application releases, wherein commonly employing the Linux build system throughout the workload management system may provide standardized application support.
- the workload management system may employ certified implementations of the Linux Standard Base (LSB), which may enable independent software vendors (ISVs) to verify compliance, and may further provide various support services that can provide policy-based automated remediation for the Linux operating environments through the LSB Open Cluster Framework (OCF).
- LSB Linux Standard Base
- ISVs independent software vendors
- OCF Open Cluster Framework
- the Linux operating environments in the workload management system may provide engines that support orchestrated virtualization, collaboration, and architectural agility, as will be described in greater detail below. Further, to manage identities, enforce policies, and assure compliance, the Linux operating environments may include a “syslog” infrastructure that coordinate and manages various internal auditing requirements, while the workload management system may further provide an audit agent to augment the internal auditing capabilities that the “syslog” infrastructure provides (e.g., the audit agent may operate within the event audit service 135 b to uniformly manage the Linux kernel, the identity services, the policy services, and the compliance services across the workload management system).
- partitioning the monolithic Linux distribution within a multiple layer model that includes physical hardware distributions and virtual software distributions may enable each layer of the operating system to be developed, delivered, and supported at different schedules.
- a scheduling system 180 c may coordinate such development, delivery, and support in a manner that permits dynamic changes to the physical resources 114 a in the infrastructure 110 , which provide stability and predictability for the infrastructure 110 .
- partitioning the Linux operating environments into physical hardware distributions and virtual software distributions may further enable the workload management system to run workloads in computing and storage environments that may not necessarily be co-located or directly connected to physical storage systems that contain persistent data.
- the workload management system may support various interoperable and standardized protocols that provide communication channels between users, applications, services, and a scalable replicated storage system, such as the clustered file system 195 illustrated in FIG. 1A , wherein such protocols may provide authorized access between various components at any suitable layer within the storage system.
- the clustered file system 195 may generally include various block storage devices, each of which may host various different file systems.
- the workload management system may provide various storage replication and version management services for the clustered file system 195 , wherein the various block storage devices in the clustered file system 195 may be organized in a hierarchical stack, which may enable the workload management system to separate the clustered file system 195 from operating systems and collaborative workloads.
- the storage replication and version management services may enable applications and storage services to run in cloud computing environments located remotely from client resources 115 .
- various access protocols may provide communication channels that enable secure physical and logical distributions between subsystem layers in the clustered file system 195 (e.g., a Coherent Remote File System protocol, a Dynamic Storage Technology protocol, which may provide a file system-to-file system protocol that can place a particular file in one of various different file systems based on various policies, or other suitable protocols).
- a Coherent Remote File System protocol e.g., a Coherent Remote File System protocol, a Dynamic Storage Technology protocol, which may provide a file system-to-file system protocol that can place a particular file in one of various different file systems based on various policies, or other suitable protocols.
- traditional protocols for access files from a client resource 115 e.g., HTTP, NCP, AFP, NFS, etc.
- the definitive software library 190 may provide mappings between authorization and semantic models associated with the access protocols and similar elements of the clustered file system 195 , wherein the mappings may be dynamically modified to handle any new protocols that support cross-device replication, device snapshots, block-level duplication, data transfer, and/or services for managing identities, policies, and compliance.
- the storage replication and version management services may enable users to create workloads that define identity and policy-based storage requirements, wherein team members identities may be used to dynamically modify the team members and any access rights defined for the team members (e.g., new team members may be added to a “write access” group, users that leave the team may be moved to a “read access” group or removed from the group, policies that enforce higher compliance levels for Sarbanes-Oxley may be added in response to an executive user joining the team, etc.).
- team members identities may be used to dynamically modify the team members and any access rights defined for the team members (e.g., new team members may be added to a “write access” group, users that leave the team may be moved to a “read access” group or removed from the group, policies that enforce higher compliance levels for Sarbanes-Oxley may be added in response to an executive user joining the team, etc.).
- a user that heads a distributed cross-department team developing a new product may define various members for the team and request permission for self-defined access levels for the team members (e.g., to enable the team members to individually specify a storage amount, redundancy level, and bandwidth to allocate).
- the workload management system may then provide fine grained access control for a dynamic local storage cache, which may move data stored in the in the clustered file system 195 to a local storage for a client resource 115 that accesses the data (i.e., causing the data to appear local despite being persistently managed in the clustered file system 195 remotely from the client resource 115 ).
- individual users may then use information technology tools define for local area networks to access and update the data, wherein the replication and version management services may further enable the individual users to capture consistent snapshots that include a state of the data across various e-mail systems, databases 155 , file systems 195 , cloud storage environments, or other storage devices.
- the storage replication and version management services may further enable active data migration and auditing for migrated data. For example, policies or compliance issues may require data to be maintained for a longer lifecycle than hardware and storage systems, wherein the workload management system may actively migrate certain data to long-term hardware or an immutable vault in the clustered file system 195 to address such policies or compliance issues.
- identity-based management for the data stored in the clustered file system 195 may enable the workload management system to control, track, and otherwise audit ownership and access to the data, and the workload management system may further classify and tag the data stored in the clustered file system 195 to manage the data stored therein (e.g., the data may be classified and tagged to segregate short-term data from long-term data, maintain frequently used data on faster storage systems, provide a content-addressed mechanism for efficiently searching potentially large amounts of data, etc.).
- the workload management system may use the storage replication and version management services to generate detailed reports 145 for the data managed in the clustered file system.
- the storage replication and version management services may further provide replication services at a file level, which may enable the workload management system to control a location, an identity, and a replication technique (e.g., block-level versus byte-level) for each file in the clustered file system 195 .
- the storage replication and version management services may further enable the workload management system to manage storage costs and energy consumption (e.g., by controlling a number of copies created for any particular file, a storage medium used to store such copies, a storage location used to store such copies, etc.).
- integrating federated identities managed in the identity vault 125 with federated policy definition services may enable the workload management system to manage the clustered file system 195 without synchronizing or otherwise copying every identity with separate identity stores associated with different storage subsystems.
- the technologies integrated by the model-driven architecture 100 A and the service-oriented architecture 100 B may provide orchestrated virtualization for managing services provided in the information technology infrastructure 110 .
- virtualization generally ensures that a machine runs at optimal utilization by allowing services to run anywhere, regardless of requirements or limitations that underlying platforms or operating systems may have.
- the workload management system may define standardized partitions that control whether certain portions of the operating system execute over hardware provided in a hosting environment, or inside virtual machines 114 b that decouple applications and services from the hardware on which the virtual machines 114 b have been deployed.
- the workload management system may further employ a standardized image for the virtual machines 114 b , provide metadata wrappers for encapsulating the virtual machines 114 b , and provide various tools for managing the virtual machines 114 b (e.g., “zero residue” management agents that can patch and update running instances of virtual machines 114 b stored in the clustered file system 195 , databases 155 , or other repositories).
- a standardized image for the virtual machines 114 b may further employ a standardized image for the virtual machines 114 b , provide metadata wrappers for encapsulating the virtual machines 114 b , and provide various tools for managing the virtual machines 114 b (e.g., “zero residue” management agents that can patch and update running instances of virtual machines 114 b stored in the clustered file system 195 , databases 155 , or other repositories).
- the virtualized services provided in the workload management system may simplify processes for developing and deploying applications, which may enable optimal utilization of physical resources 114 a in the infrastructure.
- virtualization may be used to certify the Linux operating environments employed in the infrastructure 110 for any suitable platform that include various physical resources 114 a .
- the workload management system may partition the Linux operating environments into a multiple-layer distribution that includes a physical distribution and a virtual distribution, wherein the physical distribution may represent a lower-level interface to physical resources 114 a that host virtual machines 114 b , while the virtual distribution may represent any applications or services hosted on the virtual machines 114 b.
- the physical distribution may include a minimally functional kernel that bundles various base drivers and/or independent hardware vendor drivers matched to the physical resources 114 a that host the virtual machines 114 b .
- the physical distribution may further include a pluggable hypervisor that enables multiple operating systems to run concurrently over the hosting physical resources 114 a , a minimal number of software packages that provide core functionality for the physical distribution, and one or more of the zero residue management agents that can manage any virtualized resources 114 b that may be hosted on the physical resources 114 a .
- package selections available to the workload management system may include packages for the kernel, the hypervisor, the appropriate drivers, and the management agents that may be needed to support brands or classes of the underlying physical resources 114 a.
- the virtual distribution may include a tuned appliance, which may generally encapsulate an operating system and other data that supports a particular application.
- the virtual distribution may further include a workload profile encapsulating various profiles for certifying the appliance with attestation tokens (e.g., profiles for resources 114 , applications, service level agreements, inventories, cost, compliance, etc.).
- attestation tokens e.g., profiles for resources 114 , applications, service level agreements, inventories, cost, compliance, etc.
- the virtual distribution may be neutral with respect to the physical resources 114 a included in the physical distribution, wherein the virtual distribution may be managed independently from any physical drivers and applications hosted by a kernel for the virtual distribution (e.g., upgrades for the kernels and physical device drivers used in the physical distributions may be managed independently from security patches or other management for the kernels and applications used in the virtual distributions).
- partitioning the physical distributions from the virtual distributions may remove requirements for particular physical resources 114 a and preserve records for data that may require a specific application running on
- the workload management system may secure the virtualized resources 114 b in a similar manner as applications deployed on the physical resources 114 a .
- the workload management system may employ any access controls, packet filtering, or other techniques used to secure the physical resources 114 a to enforce containment and otherwise secure the virtualized resources 114 b , wherein the virtualized resources 114 b may preserve benefits provided by running a single application on a single physical server 114 a while further enabling consolidation and fluid allocation of the physical resources 114 a .
- the workload management system may include various information technology tools that can be used to determine whether new physical resources 114 a may be needed to support new services, deploy new virtual machines 114 b , and establish new virtual teams that include various collaborating entities.
- the information technology tools may include a trending tool that indicate maximum and minimum utilizations for the physical resources 114 a , which may indicate when new physical resources 114 a may be needed. For example, changes to virtual teams, different types of content, changes in visibility, or other trends for the virtualized resources 114 b may cause changes in the infrastructure 110 , such as compliance, storage, and fault tolerance obligations, wherein the workload management system may detect such changes and automatically react to intelligently manage that the resources 114 in the infrastructure 110 .
- the information technology tools may further include a compliance tool providing a compliance envelope for applications running or services provided within any suitable virtual machine 114 b .
- the compliance envelope may save a current state of the virtual machine 114 b at any suitable time and then push an updated version of the current state to the infrastructure 110 , whereby the workload management system may determine whether the current state of the virtual machine 114 b complies with any policies that may have been defined for the virtual machine 114 b .
- the workload management system may support deploying virtual machines 114 b in demilitarized zones, cloud computing environments, or other data centers that may be remote from the infrastructure 110 , wherein the compliance envelope may provide a security wrapping to safely move such virtual machines 114 b and ensure that only entities with approved identities can access the virtual machines 114 b.
- the virtualized resources 114 b may enable the workload management system to manage development and deployment for services and applications provisioned in the infrastructure 110 .
- the workload management system may host multiple virtual machines 114 b on one physical machine 114 a to optimize utilization levels for the physical resources 114 a , which may dynamically provisioned physical resources 114 a that enable mobility for services hosted in the virtual machines 114 b .
- mobile services may enable the workload management system to implement live migration for services that planned maintenance events may impact without adversely affecting an availability of such services, while the workload management system may implement clustering or other availability strategies to address unplanned events, such as hardware or software failures.
- the workload management system may further provide various containers to manage the virtual machines 114 b , wherein the containers may include a security container, an application container, a service level agreement container, or other suitable containers.
- the security container may generally provide hardware-enforced isolation and protection boundaries for various virtual machines 114 b hosted on a physical resource 114 a and the hypervisor hosting the virtual machines 114 b .
- the hardware-enforced isolation and protection boundaries may be coupled with a closed management domain to provide a secure model for deploying the virtual machines 114 b (e.g., one or more security labels can be assigned to any particular virtual machine 114 b to contain viruses or other vulnerabilities within the particular virtual machine 114 b ).
- the application container may package the service within a particular virtual machine image 114 b .
- the virtual machine image 114 b may include a kernel and a runtime environment optimally configured and tuned for the hosted service.
- the service level agreement container may dynamically monitor, meter, and allocate resources 114 to provide quality of service guarantees on a per-virtual machine 114 b basis in a manner transparent to the virtual machine kernel 114 b.
- the various containers used to manage the virtual machines 114 b may further provide predictable and custom runtime environments for virtual machines 114 b .
- the workload management system may embed prioritization schemes within portions of an operating system stack associated with a virtual machine 114 b that may adversely impact throughput in the operating system. For example, unbounded priority inversion may arise in response to a low-priority task holding a kernel lock and thereby blocking a high-priority task, resulting in an unbounded latency for the high-priority task.
- the prioritization schemes may embed a deadline processor scheduler in the hypervisor of the virtual machine 114 b and build admission control mechanisms into the operating system stack, which may enable the workload management system to distribute loads across different virtual machine 114 b and support predictable computing.
- the workload management system may decompose kernels and operating systems for virtual machines 114 b to provide custom runtime environments. For example, in the context of a typical virtual machine 114 b , an “unprivileged guest” virtual machine 114 b may hand off processing to a “helper” virtual machine 114 b at a device driver level.
- the workload management system may use the decomposed kernels and operating systems to dynamically implement an operating system for a particular virtual machine 114 b at runtime (e.g., the dynamically implemented operating system may represent a portable runtime that can provide a kernel for a virtual machine 114 b that hosts a service running a server-class application, which may be customized as a runtime environment specific to that service and application).
- the dynamically implemented operating system may represent a portable runtime that can provide a kernel for a virtual machine 114 b that hosts a service running a server-class application, which may be customized as a runtime environment specific to that service and application).
- the workload management system may further employ different virtualization technologies in different operating environments.
- the workload management system may implement Type 1 hypervisors for virtualized server resources 114 b and Type 2 hypervisors for virtualized workstation, desktop, or other client resources 115 .
- Type 1 hypervisors generally control and virtualize underlying physical resources 114 a to enable hosting guest operating systems over the physical resources 114 a (e.g., providing coarse-level scheduling to partition the physical resources 114 a in a manner that can meet quality of service requirements for each of the guest operating systems hosted on the physical resources 114 a ).
- the workload management system may implement Type 1 hypervisors for virtualized server resources 114 b to leverage performance and fault isolation features that such hypervisors provide.
- Type 2 hypervisors generally include use a host operating system as the hypervisor, which use Linux schedulers to allocate resources 114 to guest operating systems hosted on the hypervisor.
- Type 2 hypervisor architectures such as the VMware GSX Server, Microsoft Virtual PC, and Linux KVM, hosted virtual machines 114 b appear as a process similar to any other hosted process.
- the workload management system may provide centralized desktop management and provisioning using Type 2 hypervisors.
- the workload management system may manage and maintain desktop environments as virtual appliances 114 b hosted in the infrastructure 110 and then remotely deliver the desktop environments to remote client resources 115 (e.g., in response to authenticating an end user at a particular client resource 115 , the virtual appliance 114 b carrying the appropriate desktop environment may be delivered for hosting to the client resource 115 , and the client resource 115 may transfer persistent states for the desktop environment to the infrastructure 110 to ensure that the client resource 115 remains stateless).
- orchestrated virtualization may generally refer to implementing automated policy-based controls for virtualized services.
- an orchestrated data center may ensure compliance with quality of service agreements for particular groups of users, applications, or activities that occur in the information technology infrastructure 110 .
- the workload management system may therefore provide a policy-based orchestration service to manage virtualized resources 114 b , wherein the orchestration service may gather correct workload metrics without compromising performance in cloud computing environments or other emerging service delivery models.
- workloads that users define may be executed using coordinated sets of virtual machines 114 b embedding different application-specific operating systems, wherein the workload management system may provision and de-provision the virtual machines 114 b to meet requirements defined in the workload (e.g., using standard image formats and metadata wrappers to encapsulate the workloads, embed standard hypervisors in the virtual machines 114 b , physical-to-virtual (P2V) or virtual-to-virtual (V2V) conversion tools to translate between different image formats, etc.).
- P2V physical-to-virtual
- V2V virtual-to-virtual
- the workload management system coordinate such resources using a closed-loop management infrastructure 170 that manages declarative policies, fine-grained access controls, and orchestrated management and monitoring tools.
- the workload management system may further manage the orchestrated data center to manage any suitable resources 114 involved in the virtualized workloads, which may span multiple operating systems, applications, and services deployed on various physical resources 114 a and/or virtualized resources 114 b (e.g., a physical server 114 a and/or a virtualized server 114 b ).
- the workload management system may balance resources 114 in the information technology infrastructure 110 , which may align management of resources 114 in the orchestrated data center with business needs or other constraints defined in the virtualized workloads (e.g., deploying or tuning the resources 114 to reduce costs, eliminate risks, etc.).
- the configuration management database 185 a may generally describe every resource 114 in the infrastructure 110 , relationships among the resources 114 , and changes, incidents, problems, known errors, and/or known solutions for managing the resources 114 in the infrastructure 110 .
- the policy-based orchestration service may provide federated information indexing every asset or other resource 114 in the infrastructure 110 , wherein the workload management system may reference the federated information to automatically implement policy-controlled best practices (e.g., as defined in the Information Technology Infrastructure Library) to manage changes to the infrastructure 110 and the orchestrated data center.
- the configuration management database 185 a may model dependencies, capacities, bandwidth constraints, interconnections, and other information for the resources 114 in the infrastructure 110 , which may enable the workload management system to perform impact analysis, “what if” analysis, and other management functions in a policy-controlled manner.
- the configuration management database 185 a may include a federated model of the infrastructure 110 , wherein the information stored therein may originate from various different sources.
- the configuration management database 185 a may appear as one “virtual” database incorporating information from various sources without introducing overhead otherwise associated with creating one centralized database that potentially includes large amounts of duplicative data.
- the orchestration service may automate workloads across various physical resources 114 a and/or virtualized resources 114 b using policies that match the workloads to suitable resources 114 .
- deploying an orchestrated virtual machine 114 b for a requested workload may include identifying a suitable host virtual machine 114 b that satisfies any constraints defined for the workload (e.g., matching tasks to perform in the workload to resources 114 that can perform such tasks).
- deploying the orchestrated virtual machine 114 b for the workload may include the workload management system positioning an operating system image on the host virtual machine 114 b , defining and running the orchestrated virtual machine 114 b on the chosen host virtual machine 114 b , and then monitoring, restarting, or moving the virtual machine 114 b as needed to continually satisfy the workload constraints.
- the orchestration service may include various orchestration sub-services that collectively enable management over orchestrated workloads.
- the orchestration service may be driven by a blueprint sub-service that defines related resources 114 provisioned for an orchestrated workload, which the workload management system may manage as a whole service including various different types of resources 114 .
- a change management sub-service may enable audited negotiation for service change requests, including the manner and timing for committing the change requests (e.g., within an approval workload 130 ).
- the sub-services may further include an availability management sub-service that can control and restart services in a policy-controlled manner, a performance management sub-service that enforces runtime service level agreements and policies, a patch management sub-service that automatically patches and updates resources 114 in response to static or dynamic constraints, and a capacity management sub-service that can increase or reduce capacities for resources 114 in response to current workloads.
- an availability management sub-service that can control and restart services in a policy-controlled manner
- a performance management sub-service that enforces runtime service level agreements and policies
- a patch management sub-service that automatically patches and updates resources 114 in response to static or dynamic constraints
- a capacity management sub-service that can increase or reduce capacities for resources 114 in response to current workloads.
- the availability management sub-service may automatically migrate a virtual machine 114 b to another physical host 114 a in response to a service restart failing on a current physical host 114 a more than a policy-defined threshold number of times.
- the service in response to determining that a service running at eighty percent utilization can be cloned, the service may be cloned to create a new instance of the service and the new instance of the service may be started automatically.
- the patch management sub-service may test the patch against a test instance of the service and subsequently apply the patch to the running service instance in response to the test passing.
- an exemplary service instance may include a service level agreement requiring a certain amount of available storage for the service instance, wherein the capacity management sub-service may allocate additional storage capacity to the service instance in response to determining that the storage capacity currently available to the service instance has fallen below a policy-defined threshold (e.g., twenty percent).
- a policy-defined threshold e.g., twenty percent
- the orchestration service may incorporate workflow concepts to manage approval workloads 130 or other management workloads, wherein a workload database 185 b may store information that the workload management system can use to manage the workloads.
- an approval workload 130 may include a request to provision a particular service to a particular user in accordance with particular constraints, wherein the approval workload 130 may include a sequence of activities that includes a suitable management entity reviewing the constraints defined for the service, determining whether any applicable policies permit or prohibit provisioning the service for the user, and deploying the service in response to determining that the service can be provisioned, among other things.
- the workload engine 180 a may execute the orchestration service to map the sequence of activities defined for any particular workload to passive management operations and active dynamic orchestration operations.
- the workload database 185 b may stores various declarative service blueprints that provide master plans and patterns for automatically generating service instances, physical distribution images and virtual distribution images that can be shared across the workload management system to automatically generate the service instances, and declarative response files that define packages and configuration settings to automatically apply to the service instances.
- the technologies integrated by the model-driven architecture 100 A and the service-oriented architecture 100 B may enable collaboration between entities that interact with the services provided in the information technology infrastructure 110 .
- collaboration may generally involve dynamic teams that cross traditional security and policy boundaries.
- the workload management system may enable continued collaboration even when some of the participants sharing the data and applications may be temporarily offline (e.g., the workload management system may authorize certain users to allocate portions of local client resources 115 to support cross-organizational endeavors).
- the workload management system may provide a standard interface 160 designed to enable dynamic collaboration for end users that simplify interaction with complex systems, which may provide organizations with opportunities for more productive and agile workloads.
- the workload management system may provide a collaboration service that enables workloads to span multiple users; applications, services, systems, or other resources 114 .
- multiple users may collaborate and share data and other resources 114 throughout the workload management system, both individually and within virtual teams (e.g., via a service bus that transports data relating to services or other resources 114 over the event bus 140 ).
- the workload management system may support virtual team creation that can span organizational and geographic boundaries, wherein affiliations, content, status, and effectiveness may be represented for identities that have membership in any particular virtual team (e.g., to enable online and offline interaction between team members).
- the workload management system may provide enriched collaboration content (e.g., images, video, text, data feeds), and may efficiently transport the collaboration content between team members (e.g., via the service bus).
- the workload management system may integrate desktops, laptops, personal digital assistants, smart phones, or other suitable client resources 115 into virtual team collaboration experiences in order to meet emerging demands for mobile, interoperable, and integrated access.
- the collaboration enabled in the workload management system may operate in an adaptive collaborative environment, which may unify technologies for online integrated media sharing with offline authoring and editing.
- the collaboration service may generally include a web-based platform that support inter-organization and intra-organization management for virtual teams, interoperability between various different collaboration products, social networking to deliver information that enables the virtual teams to interact efficiently either online or offline, and federated searches against any suitable information source, among other things.
- the collaboration service may include various collaboration sub-services that collectively enable the adaptive collaborative environment, including a client sub-service, an aggregation sub-service, an information sub-service, a real-time collaboration sub-service, and a metadata sub-service.
- the client sub-service may provide communication interfaces with real-time online systems, offline systems, and user interfaces.
- functionality for the client sub-service may be provided in a web-based interface that supports interaction with the real-time online systems in addition to software that can execute locally at client resources 115 to provide offline access to shared data and real-time meetings that may involve shared applications and shared desktops.
- the client sub-service may communicate with the aggregation sub-service to coordinate the communication and collaboration across various information sources, wherein the aggregation sub-service may route messages to the appropriate information sources in appropriate formats.
- the information sub-service may integrate the different information sources within the collaborative environment.
- the virtual teams may connect and collaborate using information that originates anywhere across the infrastructure 110 , and the information sub-service may enable members of the virtual teams to discuss information or other content from the various sources in an interactive manner.
- the real-time collaboration sub-service may interact with the information sub-service to provide real-time meetings that include audio content, video content, instant message content, and other forms of communication content in real-time collaborative contexts within the infrastructure 110 and with third-parties.
- the metadata sub-service may provide a “helper” service to the aggregation and information sub-services, collecting ancillary metadata generated during interaction between virtual team members and create collaborative threads to maintain contexts that generated the data. Furthermore, the metadata sub-service may evaluate the ancillary metadata to discover new and relevant links between information sources and integrate data that can potentially originate from various disparate information sources. For example, the metadata sub-service may provide a uniform format for classifying data collected during collaborative contexts, which may provide a single source for virtual team members to search and display the data across any suitable collaboration source.
- the metadata sub-service may index and unify data collected from disparate network sources, including various search engines and content aggregation services, to help the virtual team members to locate information that may be interesting or otherwise relevant to the collaborative contexts.
- the various sub-services integrated within the collaboration service may provide a collaborative environment that supports dynamic interaction across organizational boundaries and different information sources in a manner that can account for any particular virtual team member's personal preferences.
- the technologies integrated by the model-driven architecture 100 A and the service-oriented architecture 100 B may collectively provide various services that the workload management system can use to manage workloads and enable intelligent choices in an information technology infrastructure 110 .
- various horizontal integration components may be distributed in the workload management system to integrate the various technologies employed in the model-driven architecture 100 A and the service-oriented architecture 100 B and provide an agile and interoperable information technology infrastructure 110 .
- the horizontal integration components distributed across the workload management system may provide agility and interoperability to the information technology infrastructure 110 through support for various emerging service delivery models, including Web 2.0, Software as a Service (SaaS), mashups, hardware, software, and virtual appliances, cloud computing, grid computing, and thin clients, among others.
- SaaS Software as a Service
- every service, application, or other resource 114 in the workload management system may be provided with an application programming interface 160 that can provide connectivity between different operating systems, programming languages, graphical user interface toolkits, or other suitable services, applications, or resources 114 .
- the application programming interface 160 may include a Representational State Transfer (REST) application program interface 160 , which may use standard methods defined in the Hypertext Transfer Protocol (HTTP), wherein using standardized types to format data may ensure interoperability.
- REST interface 160 may define a Uniform Resource Identifier (URI) that represents a unique identity for any suitable entity, and may further define relationships between the represented identities with hyperlinks that can be selected to access information for related identities, attribute claims, roles, policies, workloads, collaboration spaces, and workflow processes.
- URIs Uniform Resource Identifier
- the REST interface 160 may provide an interface to a data ecosystem that can be navigated in a web-based environment that can be used anywhere in the workload management system.
- the REST interface 160 may declare a namespace having version controls and standard methods to read and write to the data ecosystem, and may include a URI registry containing the URIs that represent the identities in the data ecosystem.
- any suitable resource 114 may programmatically discover other identities that communicate using the REST interface 160 (e.g., the REST interface 160 may be implemented in a communication gateway 112 a to physical resources 114 a , a communication gateway 112 b to virtualized resources 114 a , a communication gateway 112 c to configuration resources 114 c , etc.).
- the workload management system may extend an application program interface stack for the supplied REST interface 160 , which may enable new services, applications, and other resources 114 to be integrated into the workload management system in a manner that automatically inherits the identity-based and policy-controlled services implemented in the workload management system.
- the supplied application program interface stack may generally include a unified adapter and a proxy to existing and future technologies using protocols to enable services that communicate through the REST interface 160 regardless of whether the services reside in the infrastructure 110 , a cloud computing environment, a third party data center, or elsewhere (e.g., web service protocols, lightweight directory protocols, messaging queue protocols, remote procedure call protocols, etc.).
- a Recipe-based Development Kit may provide full source code examples for various operating systems, programming languages, and graphical user interface toolkits.
- the workload engine 180 a may manage creation of application program interface keys for the REST interface 160 stack, whereby auditing and policy-based approvals may be supported for provisioning the application program interface keys.
- the workload management system may deploy widgets to client desktops 115 , wherein the widget may track identities and contexts that include attempts to access the REST interface 160 stack.
- platform authentication and policy checks may be triggered against the accessing identity and the context that the keys supply.
- the application program interface keys may enable the workload management system to meter costs for the information technology infrastructure 110 .
- the standardized stack supplied for the REST application program interface 160 may provide support for industry standard authentication and authorization methods, which may enable identity-managed and policy-controlled auditing for events and access controls.
- the extensibility of the REST application program interface 160 may enable integration with any suitable existing or future-developed system.
- the REST interface 160 may be configured with standards such as the Atom Syndication Format and Atom Publishing Protocol to integrate feed synchronization, JavaScript Object Notation and Extensible. Markup Language (XML) to integrate enterprise portals, mashups, and social networking platforms.
- XML Markup Language
- a user may simply enter a URI for the resource 114 in an existing web browser feed aggregator (e.g., Firefox bookmarks).
- an existing web browser feed aggregator e.g., Firefox bookmarks.
- FIG. 2 illustrates an exemplary method 200 for intelligent workload management.
- the intelligent workload management method 200 may be used to manage approval workloads created in response to service requests.
- an operation 210 may include creating an approval workload in response to a receiving a request for a service from any suitable user, application, system, or other entity having an identity in the workload management system.
- the request may generally specify any components needed to configure the service for a particular task (e.g., a raw machine hosting an operating system and storage may be requested to deploy a particular application in the raw machine, an existing service may be requested to specify any suitable combination of components that can deploy the application, etc.).
- the request may further specify desired a performance level (or service level) for the service (e.g., availability, release capacity, financial constraints, continuity, etc.), any comments for provisioning the service in a certain manner (e.g., provision the service as soon as possible, according to a particular schedule or policy, to particular members in a virtual team, with a particular configuration, etc.).
- a performance level or service level
- service level for the service
- any comments for provisioning the service in a certain manner e.g., provision the service as soon as possible, according to a particular schedule or policy, to particular members in a virtual team, with a particular configuration, etc.
- the request may generally include any suitable criteria that the requesting entity specifies to define constraints for deploying the requested service, wherein the workload management system may create the approval workload in operation 210 to determine whether or not the requested service can be provisioned in a manner that meets the constraints defined in the request.
- the approval workload may generally define a task that includes various human and/or automated approvers (or service delivery managers) collaboratively managing the service request to determine whether the service can be provisioned as requested.
- an operation 220 may include the workload management system querying a configuration management database to obtain an infrastructure model describing any computing resources and storage resources available to run the requested service.
- the model of the computing resources obtained in operation 220 may include various rack-mounted servers and/or blade servers, which may include multi-core processors (e.g., sixty-four bit processors), a multiple gigabyte local memory, a serial-attached Redundant Array of Independent Disks (RAID), Ethernet and Storage Area Network (SAN) interfaces, and embedded hardware that can support virtualization.
- the computing resources may further run an appropriate operating system for the underlying physical architecture, including a virtual machine monitor (e.g., a hypervisor), various device drivers, a management kernel, and any suitable management agents.
- the management kernel and the management agents may collectively provide support for remotely deploying virtual machines to be executed by the hypervisors present on the computing resources, which may enable the workload management system to group and organize the computing resources.
- a globally unique identifier e.g., a URI
- the computing resources may be grouped or otherwise organized according to any suitable combination of a type (e.g., thin blade, symmetric multiprocessing, etc.), intended purpose (e.g., test, production, etc.), owner, physical location, or other classifying types.
- the workload management system may configure one or more of the computing resources to function in isolation or cooperatively with other computing resources to create high-availability clusters.
- the model of the storage resources obtained in operation 220 may include various SAN disk-block storage arrays and/or file servers, whereby the storage resources may be collectively pooled and protected with identity-based policy controls.
- the computing resources described above may access the storage resources on behalf of virtual machines deployed in the infrastructure, wherein the storage resources may be individually managed during lifecycles of the virtual machines in a dynamic manner.
- the workload management system may group and organize the storage resources in a similar manner as the computing resources, wherein the workload management system may manage the storage resources according to any suitable combination of a type (e.g., available RAID-5 disks), intended purpose (e.g., temporary, protected, remotely replicated, etc.), owner, physical location, or other classifying types.
- the model of the computing resources and the storage resources obtained in operation 220 may further include various relationships between the resources, wherein the relationships may include dependencies, capacities, and bandwidth requirements.
- any particular virtual, machine deployed in the infrastructure may generally run on physical computing resources, wherein the model may include federated information that links a network address, identities, and other information for the virtual machine with any computing resources and storage resources that have been allocated to the virtual machine, which may enable lifecycle management for the virtual machine.
- the configuration management database may generally provide federated knowledge detailing any suitable entity managed in the workload management system and relationships between such managed entities.
- an operation 225 may determine whether the workload management system can provision the service requested in the approval workload in a manner that meets any constraints that the request defined for the service.
- the workload management system may determine whether the infrastructure model indicates that the infrastructure has available computing resources and storage resources suitable to provision the requested service.
- the workload management system may employ the identity management and policy enforcement services to determine whether the service can be provisioned to the requesting entity without violating any relevant policies. For example, to authenticate and configure a desktop machine for a chief financial officer, a biometric authorization component (e.g., a fingerprint reader) may be installed in the desktop machine.
- a biometric authorization component e.g., a fingerprint reader
- the identity management and policy enforcement services may collectively prohibit the workload management system from deploying services to the desktop machine that would add a keystroke logger, remove the biometric authorization component, or violate another policy with respect to the chief financial officer identity.
- requests for Bit Torrent storage may be denied regardless of an identity for the requesting identity because a policy prohibits peer-to-peer file sharing.
- the workload management system may deny the request and send an appropriate denial notification to the requesting entity in an operation 230 .
- the denial notification may provide a reason for denying the service request, which may provide information that can be referenced to analyze subsequent requests having similar criteria, modify the request based on available resources or relevant policies, audit approval processes in a compliance review, or otherwise referenced.
- the workload management system may approve the request and then initiate provisioning for the service in an operation 235 .
- the workload management system may reserve appropriate physical computing resources, virtual computing resources, and/or storage resources to run the service, wherein operation 235 may include determining whether such resources can be automatically and/or immediately allocated.
- certain workloads may be prioritized to ensure that business objectives can be met, wherein the workload management system may defer the approval workload in operation 235 in response to determining that allocating the resources to the approval workload may occupy resources needed for higher priority workloads (e.g., because the reserved resources are currently subject to a “blackout” period for patching or updating the resources).
- the workload management system may manage creation of a provisioning plan for the service in an operation 240 .
- operation 240 may include various automated and/or human entities interacting to create the provisioning plan, wherein the provisioning plan may include pre-empting the approval workload until workloads in a high priority queue have completed, moving the approval workload to the high priority queue, dynamically allocating additional resources to the approval workload (e.g., pre-empting lower priority workloads), or otherwise balancing utilization of the resources in the infrastructure between business processes and system processes that may have, different priorities.
- the workload management system may coordinate the interaction between the entities that create the provisioning plan in operation 240 (e.g., because the service cannot be provisioned until a certain process has completed, a certain entity provides feedback, etc.).
- operation 240 may generally include various processes and interactions between entities, which the workload management system may manage to create the plan for suitably provisioning the approved service.
- the workload management system may provision the requested service in an operation 250 .
- operation 250 may include allocating an operating system image, a resource inventory, and software to an orchestrated virtual machine that can run the service and embedding lifecycle control information within the orchestrated virtual machine to enable management for the virtual machine and the computing resources allocated to the service.
- one or more of the computing resources in the infrastructure may be configured as an image creation server, wherein the image creation servers may be dedicated to creating and installing virtual machines in various ways.
- multiple image creation servers may be employed to create and install the virtual machines, or one or more of the image creation servers may be configured to create “in-place” virtual machines, wherein such virtual machines may be incubated on particular computing resources that further execute the virtual machines.
- operation 250 may include invoking an image creation service, which may create a virtual machine image to run the requested service.
- the image creation service may contact an image repository that contains various ready-to-run virtual machine images, and then appropriately download one or more of the virtual machine images that can run the requested service.
- the image creation service may then clone and configure the virtual machine image downloaded from the image repository based on any constraints that the request defines for the service.
- operation 250 may generally include creating a new virtual machine having an operating system image, external storage references, and control information particularly configured for the requested service (e.g., based on identities, policies, service level agreements, lifecycle management, etc.), and may further include deploying the newly created virtual machine to computing resources that have been reserved to run the requested service.
- the image creation service may provide a push model for deploying the virtual machine image, wherein the image creation service may instruct the image repository to multi-cast the image to multiple computing resources.
- the push model implementation may pre-stage the multi-casted virtual machine image for deployment over various potential deployment targets.
- the workload management system may update the infrastructure model in an operation 260 .
- any resources, identities, policies, or other information associated with the provisioned service may be indexed within a global namespace in the federated configuration management database.
- the workload management system may reference the updated infrastructure model to track registered virtual machines that have been provisioned and deployed in the infrastructure, hierarchical relationships between the registered virtual machines and the resources, identities, policies, or other information associated with the virtual machines, and otherwise provide lifecycle management for the virtual machines, as will be described in greater detail below.
- an operation 270 may include the workload management system sending a service provisioning notification to the requesting entity, wherein the notification sent in operation 270 may indicate that the service has been successfully provisioned, provide information that can be referenced to analyze subsequent requests having similar criteria, audit approval processes in a compliance review, or otherwise provide information relevant to the provisioned service.
- the workload management system may manage the provisioned service in an operation 280 in response to successfully provisioning the service in operation 250 .
- updating the infrastructure model in operation 260 may provide information that the workload management system can reference to provide lifecycle management for services provisioned and deployed in the infrastructure. For example, various lifecycle rules and control information may be used to respond to variable computing demands, changes, and unexpected events in the infrastructure, wherein services that run within virtual machines may introspectively monitor and report on health of the hosted services.
- the provisioned service may be managed in operation 280 with the lifecycle control information embedded in the host virtual machines (e.g., monitoring real-time execution states and other health conditions, automatically managing identities and policies in response to monitored health conditions, retiring resources reserved or allocated the virtual machine that may no longer be needed, etc.).
- lifecycle control information embedded in the host virtual machines (e.g., monitoring real-time execution states and other health conditions, automatically managing identities and policies in response to monitored health conditions, retiring resources reserved or allocated the virtual machine that may no longer be needed, etc.).
- the workload management system may cooperate with the lifecycle controls embedded in the host virtual machines to manage the provisioned service.
- the workload management system may aggregate information relating to the monitored states reported from individual virtual machine instances and record such information within a context describing a current state of the infrastructure model.
- physical constraints, dependencies, current performance trends, and other real-time execution states may be monitored to schedule virtual machines that run provisioned services to computing resources for execution in a manner that satisfies any identity constraints, policy controls, service level agreements, or other constraints that have been defined for the services.
- operation 280 may include applying policy-defined thresholds to any status events generated by the monitored computing resources, storage resources, virtual machines, or other resources (e.g., responding to a monitored variable that exceeds or falls below a policy-defined threshold for more than a policy-defined time period).
- operation 280 may further include managing version controls for virtual machine images, which may provide support for inserting management agents that can tune or patch the virtual machine images as needed, and rolling the virtual machine images back to a “pristine” state, among other things.
- the techniques described above the intelligent workload management method 200 may generally provide lifecycle management from creating a virtual machine image that can host a requested service through eventual retirement of the virtual machine image.
- the lifecycle management techniques may provide federated information for managing an entire information technology infrastructure, which may be used to assure compliance with legal and contractual obligations for any suitable hardware or software that an organization may use, create detailed plans for implementing or rolling back proposed changes to the infrastructure, detect, resolve, and otherwise remediate, incidents in the infrastructure, reactively and proactively manage problems in the infrastructure with known workarounds, fixes, and permanent infrastructure changes, and ensure that every service in the infrastructure meets or exceeds service level requirements, among other things.
- FIG. 3 illustrates an exemplary block diagram of a system 300 for generating single sign-on workload identities
- FIG. 4 illustrates an exemplary flow diagram of a method 400 that may operate in the system 300 for generating single sign-on workload identities.
- FIG. 3 or FIG. 4 will be understood as corresponding to techniques that can be performed in the system 300 shown in FIG. 3 or the method 400 shown in FIG. 4 , whether or not explicitly described.
- generating single sign-on workload identities may generally include creating an authentication token that defines various credentials or permissions assigned to any suitable user, application, system, service, resource, or other entity having an identity managed in the workload management system. More particularly, an operating system that executes services or other applications on a client device 315 may generally maintain various authentication credentials for any identities managed locally to the operating system, or the operating system may contact an authentication server 320 to obtain authentication credentials for any single sign-on identities that the operating system does not locally manage. In one implementation, the authentication server 320 may therefore provide a single sign-on identity source that contains authentication credentials for every managed entity, wherein single sign-on identity management may be provided for any suitable workload managed in the workload management system.
- the system and method for generating single sign-on workload identities may be used to generate single sign-on authentication tokens, wherein a workload engine 380 may reference the single sign-on authentication tokens to provide identity management for any suitable service request (e.g., to verify that an entity that requests a new service has proper authorization prior to actually provisioning the new service, to verify that an entity that requests access to an existing service has proper authorization prior to granting access to the service, etc.).
- the authentication server 320 e.g., Novell Access Manager
- the authentication server 320 may communicate with an identity vault 325 that organizes user accounts, roles, policies, and other identity information within various directories.
- any suitable entity may submit an authentication request to the authentication server 320 , wherein the authentication request may include single sign-on authentication credentials (e.g., a user name, identifier, password, smart card input, biometric input, etc.).
- communication element 2 may then include the authentication server retrieving the authentication credentials for the requesting entity from the federated identity information stored in the identity vault 325 .
- the authentication server may then generate an authentication token for the requesting entity from the authentication credentials retrieved from the identity vault 325 , wherein the authentication token may represent a portable data abstraction that encapsulates any authoritative attribute, active role, valid policy, or other access credential for the entity associated with the authorization token.
- the authorization token may mask any underlying credential authentication, identity federation, and attribute attestation, wherein the authorization token may be referenced to obtain authoritative statements that indicate whether to authorize or deny any suitable request received from the entity associated with the authorization token.
- the authentication token may be returned to the client device 315 that originated the request, whereby any operating systems, applications, services or other resources on the client device 315 that require authentication credentials may use the authentication token to authenticate or deny local requests received from the entity associated with the authorization token.
- the workload management system may include a workload engine 380 that can use authentication tokens generated by the authentication server 320 to manage workloads that include service requests. Furthermore, the workload engine 380 may use authentication tokens for various entities that may be represented in multiple different authentication domains, which may enable workloads to function across different organizational boundaries.
- an operation 430 (or communication element 5 ) may include receiving a workload that defines a particular service requested by the entity operating the client device 315 , wherein the entity may specify various additional entities that may need access to the requested service.
- an operation 440 (or communication element 6 ) may include the workload engine 380 managing the workload to obtain authentication tokens for the requesting entity in addition to authentication tokens for any additional entities specified in the request.
- the entities managed in the workload management system may define various types of customized identities, such that the authentication tokens obtained in operation 440 (and communication element 6 ) may represent authentication credentials for any suitable combination of identities that represent the requesting entity and/or the various additional entities (e.g., identities providing limited or complete anonymity, aggregated roles across various federated authentication domains, rights delegated to and/or by other identities, relative roles with respect to other identities, etc.).
- identities providing limited or complete anonymity, aggregated roles across various federated authentication domains, rights delegated to and/or by other identities, relative roles with respect to other identities, etc.
- an operation 450 may then include the workload engine 380 analyzing the authentication tokens obtained from the authentication server 320 to identify any authentication credentials that the authentication tokens represent. As such, the workload engine 380 may reference the identified authentication credentials in an operation 460 to determine whether the identities for the requesting entity (and/or the additional entities) have proper authorization for the requested service. The workload engine 380 may then generate an authentication determination for the workload using the authentication tokens that include federated identity information for the relevant identities in addition to any policies that may be relevant to any identities involved in the workload (e.g., the client machine 315 , other services or applications running on the client machine 315 , or any other suitable identity involved in a session associated with the workload, as described in further detail above).
- an operation 470 may include the workload engine 380 notifying the requesting entity that the service request has been denied.
- an operation 480 may include notifying the requesting entity that the service request has been approved and subsequently provisioning the requested service.
- operation 480 may further include embedding the authentication tokens obtained in operation 440 (and communication element 6 ) within an image created for the approved service.
- any particular workload may include a request to provision a new service, a request to update identities managed in an existing service, or a another suitable request to manage identities associated with the approved service request.
- operation 480 may further include the workload engine 380 embedding the authentication tokens within one or more virtual machine images that host the service, whereby any suitable identity associated with the virtual machine images may be managed with the single sign-on authentication tokens obtained from the authentication server 380 .
- authentication tokens for the various team members may be embedded into a virtual machine image that an image creation system creates to host the new service.
- authentication tokens for new members of the team may be embedded within the service image to grant the new members access to the service image, while authentication tokens for any members that leave the team may be removed from the service image to prevent former members of the team from continuing to have access to the service image.
- the tokens embedded within the image may be limited to the subset having proper credentials, or the workload management system may determine whether members lacking proper credentials have other managed identities with the proper credentials and insert tokens within the image that correspond to the other managed identities.
- authentication tokens generated at the single sign-on authentication server 380 may be used in various ways to pre-configure or re-configure a virtual machine with embedded authentication credentials for identities managed in the virtual machine.
- any suitable resource in the workload management system may reference the authentication tokens embedded within the virtual machine to manage the identities associated with the virtual machine, whereby the single sign-on authentication tokens may generally provide a portable data abstraction to run identity management services anywhere in the workload management system.
- FIG. 5A illustrates a block diagram of an exemplary service distribution 500 A that can be managed with one or more zero residue management agents 580 in the workload management system
- FIG. 5B illustrates an exemplary lifecycle 500 B for the service distribution 500 A managed with the zero residue management agents 580
- the workload management system may use various orchestrated virtualization services to create and manage a partitioned operating environment for the service distribution 500 A, wherein the operating environment may be partitioned into a physical distribution layer and a virtual distribution layer.
- the physical distribution layer and the virtual distribution layer may collectively define a standard partition model for the service distribution 500 A, which may provide control over whether to execute certain portions of the service distribution 500 A over physical hardware in a hosting environment or within virtual machines that abstract any physical hardware that hosts the virtual machines.
- the standard partition model may permit the service distribution 500 A to run anywhere in an infrastructure, regardless of any requirements or limitations associated with underlying hardware or software platforms, which may enable optimal utilization for the service distribution 500 A.
- the physical distribution layer in the service distribution 500 A may provide an interface to physical hardware resources that host components in the virtual distribution layer.
- the physical distribution layer may include a minimal functional kernel 550 that bundles various hardware drivers matched to the physical hardware that hosts the components in the virtual distribution layer (e.g., local area network drivers, independent hardware vendor drivers, variable drivers that support certain hardware platforms, etc.).
- the physical distribution layer may further include a pluggable hypervisor 560 , which may enable the service distribution 500 A to concurrently run various different operating systems 520 over the hosting physical hardware, and minimal core packages 570 that provide software supporting functionality for the components in the physical distribution layer.
- the physical distribution layer may further include an injection point 580 for dynamically inserting and removing one or more zero residue management agents that can manage the lifecycle 500 B for the service distribution 500 A.
- the virtual distribution layer in the service distribution 500 A may provide a tuned appliance, which the physical distribution layer executes over any underlying physical hardware that hosts the service distribution 500 A.
- the virtual distribution layer may include a storage pointer 510 that identifies one or more local or remote storage locations allocated to contain a persistent state for the service distribution 500 A (e.g., within a clustered file system organized with storage replication and version management services), in addition to an operating system 520 that includes a minimal number of packages, patterns, or other software components needed to support any applications 530 in the tuned appliance (e.g., the operating system 520 may include “just enough operating system” (JeOS) 520 to support the applications 530 provided in the service distribution 500 A).
- JeOS just enough operating system
- the virtual distribution layer may include one or more configurations 540 that can be used to configure the storage pointer 510 , the operating system 520 , and/or the applications 530 in the virtual distribution layer, wherein the configurations 540 may define a workload profile for the service distribution 500 A.
- the workload profile may include various bundled virtual drivers for tuning components in the virtual distribution layer, attestation tokens defining unique identities and authentication credentials for the components in the virtual distribution layer, a service level declaration that defines any memory, processing, availability, disaster recovery, or other deployment constraints for the service distribution 500 A.
- the components in the virtual distribution layer may be neutral with respect to the components in the physical distribution layer, which may enable the zero residue managements 580 to independently manage any of the components in the virtual or physical distribution layers.
- the workload management system may employ one or more standard formats to create images for the physical distribution layer and/or the virtual distribution layer and encapsulate the physical distribution image and/or the virtual distribution image within one or more metadata wrappers.
- the zero residue management agents 580 may be dynamically deployed within the service distribution 500 A to manage various different modes during the lifecycle 500 B of the service distribution 500 A.
- the lifecycle 500 B of the service distribution 500 A may enter the creation mode, wherein a creation management agent 580 may execute a bootstrap process to advertise that the service distribution 500 A exists and appropriately download any additional management agents 580 to manage the different modes of the lifecycle 500 B for the service distribution 500 A.
- one or more of the management agents 580 may be identified based on a current mode in the lifecycle 5008 and dynamically inserted into the service distribution 500 A.
- the relevant management agents 580 may be identified based on the embedded authentication tokens (e.g., in response to a trouble ticket request from a user that describes a problem with a particular service distribution 500 A that the user interacts with, the particular service distribution 500 A may be located by searching for an service distributions 500 A having an embedded authentication token associated with the user, and an appropriate management agent 580 may then be deployed to the particular service distribution 500 A having the embedded authentication token to diagnose or otherwise provide assistance in resolving the problem with the distribution 500 A).
- the relevant management agents 580 may be identified based on the embedded authentication tokens (e.g., in response to a trouble ticket request from a user that describes a problem with a particular service distribution 500 A that the user interacts with, the particular service distribution 500 A may be located by searching for an service distributions 500 A having an embedded authentication token associated with the user, and an appropriate management agent 580 may then be deployed to the particular service distribution 500 A having the embedded authentication token to diagnose or otherwise provide assistance in resolving the problem with the distribution 500 A).
- the identified management agent 580 may then perform any management tasks associated with the current lifecycle mode, and in response to completing the management tasks, the management agent 580 may then be removed from the service distribution 500 A.
- removing the management agent 580 from the service distribution 500 A may generally include removing any runtime state associated with the management agent 580 and rolling back any changes that the management agent 580 applied to the service distribution 500 A in order to perform the management tasks.
- a test management agent 580 that executes during the test mode may disable a YaST configuration tool 540 that otherwise controls installation and system management for the virtual distribution layer operating environment, whereby rolling back the changes applied to the service distribution 500 A may include re-enabling the YaST configuration tool in response to the test management agent 580 completing the management tasks for the test mode.
- a patch management agent 580 may be inserted into the service distribution 500 A to patch or otherwise update any suitable component in the service distribution 500 A during the maintenance mode, wherein runtime states and temporary changes applied by the patch management agent 580 may be removed from the service distribution 500 A with the patch management agent 580 in response to the maintenance mode completing.
- removing the runtime state associated with the management agents 580 and any temporary changes that the management agents 580 applies to the service distribution 500 A during the various lifecycle modes may ensure that the service distribution 500 A has been restored to a “golden” or “pristine” state prior to entering a next lifecycle mode.
- the zero residue management agents 580 may be dynamically inserted into the service distribution 500 A to execute appropriate management tasks for a current lifecycle mode, and then appropriately removed in a manner that leaves the service distribution 500 A unmodified except for any persistent changes that the management tasks apply to the service distribution 500 A.
- a configuration management agent 580 may be inserted into the service distribution 500 A to modify the storage pointer 510 to point to a new local or remote storage location in response to an original storage location allocated to the service distribution 500 A failing or running short on available storage resources, whereby the service distribution 500 A may be unchanged except for the modified storage pointer 510 .
- a tuning management agent 580 may be similarly inserted into the service distribution 500 A during the maintenance mode to independently apply any upgrades or other modifications that can tune functionality for the service distribution 500 A (e.g., the tuning management agent 580 may upgrade the kernel 550 and device drivers in the physical distribution layer independently from security patches applied to the operating system 520 or applications 530 in the virtual distribution layer, and in response to completing the upgrades, the service distribution 500 A may optionally be re-released to ensure that subsequent versions of the service distribution 500 A automatically include the upgrades to the kernel 550 and device drivers and the patches applied to the operating system 520 or applications 530 ).
- the tuning management agent 580 may upgrade the kernel 550 and device drivers in the physical distribution layer independently from security patches applied to the operating system 520 or applications 530 in the virtual distribution layer, and in response to completing the upgrades, the service distribution 500 A may optionally be re-released to ensure that subsequent versions of the service distribution 500 A automatically include the upgrades to the kernel 550 and device drivers and the patches applied to the operating system 520 or applications 530 ).
- one or more policies may define the management agents 580 inserted into the service distribution 500 A during the various modes of the lifecycle 500 B.
- a required service level defined in the workload profile 540 may define a recipe for one or more of the management agents 580 to inject into the service distribution 500 A to ensure that the service distribution 500 A meets or exceeds the required service level (e.g., a configuration management agent 580 may modify the storage pointer 510 to ensure the service distribution 500 A has sufficient storage capacity, a tuning management agent 580 may modify the hypervisor 560 to prepare the service distribution 500 A for migration to different physical host resources that provide greater availability or performance, etc.).
- the recipe for the management agents 580 may be determined automatically (e.g., based on the current mode), based on the applications 530 hosted in the service distribution 500 A and any management that may be needed for such applications 530 , or other suitable criteria.
- one or more of the management agents 580 may be persistently hosted in the service distribution 500 A to capture activity and events that may be relevant to ensuring and auditing compliance with policies, while one or more policies may control whether the service distribution 500 A can move from one lifecycle mode to another (e.g., the policies may restrict moving the service distribution 500 A from the creation mode to the release mode until the workload management system can ensure that the service distribution 500 A meets certain sanity, safety, or policy constraints).
- the zero residue management agents 580 may provide control for various different modes that occur during the lifecycle 500 B of the service distribution 500 A, including a creation mode for initially creating the service distribution 500 A from one or more images stored in a suitable repository, a release mode for delivering the service distribution 500 A to suitable entities that will interact with or host the service distribution 500 A, a production mode for deploying the service distribution 500 A to such entities, a test mode for validating that the service distribution 500 A functions correctly, a maintenance mode for debugging, patching, or otherwise updating the service distribution 500 A, an optional re-release mode for delivering subsequent versions of the service distribution 500 A with any changes applied during the production, test, or maintenance modes, and an eventual retirement mode for de-provisioning any existing versions of the service distribution 500 A in response to the service distribution 500 A becoming outdated or obsolete.
- a creation mode for initially creating the service distribution 500 A from one or more images stored in a suitable repository
- a release mode for delivering the service distribution 500 A to suitable entities that will interact with or host the service distribution 500 A
- FIG. 6 illustrates a flow diagram of an exemplary method 600 for managing different modes of a service distribution lifecycle with zero residue management agents.
- the zero residue management agents shown in FIG. 5A and described in further detail above may be used to manage the different modes of the service distribution lifecycle depending on a current mode of the service distribution.
- managing the service distribution lifecycle may be initiated in an operation 610 , wherein a management workload may be launched to manage the service distribution lifecycle.
- an operation 620 may include determining the current mode of the service distribution (e.g., creation, release, production, test, maintenance, etc.), wherein one or more management agents associated with the current mode may be executed in an operation 630 .
- the management agents associated with the current mode may then continually execute any management tasks associated with the current mode until the workload management system determines that the current mode of the service distribution lifecycle has completed in an operation 640 .
- a monitoring management agent may be executed in operation 630 during release, production, test, maintenance, or other appropriate modes to capture events that may be relevant to monitoring the health of the service distribution, compliance with one or more policies, or other suitable information.
- the monitoring agent may capture changes that occur to the service distribution during the various lifecycle modes, which may provide a record tracking or otherwise describing an evolution of the service distribution (e.g., for reference to diagnose, audit, or otherwise manage the service distribution).
- the management agents executed during operation 630 may add, remove, or disable aspects of the service distribution, wherein the management tasks executed during operation 630 may be controlled based on the current lifecycle mode and any other information relevant to managing identities, policies, compliance, or other aspects of the infrastructure (e.g., certain maintenance tasks may be limiting during well managed modes and restored in other modes).
- operation 640 may determine that the current mode of the service distribution lifecycle has completed based on one or more policies that control whether the service distribution lifecycle can move from one mode to another (e.g., the policies may define approval or rule validation mechanisms).
- the current mode of the lifecycle may complete in response to the management agent executed during operation 630 completing the relevant management tasks, in response to one or more changes to the service distribution that indicate a change in mode, or other suitable criteria.
- the management agent executed during operation 630 may then be removed from the service distribution in an operation 650 , and a pristine or golden state for the service distribution may then be restored in an operation 660 .
- restoring the state for the service distribution may include removing any runtime state associated with the management agent executed during operation 630 and rolling back any temporary changes that the management agent applied to the service distribution during operation 630 .
- an operation 670 may include determining whether or not to retire the service distribution (e.g., in response to the service distribution including outdated or obsolete components), wherein the service distribution may then be retired in an operation 680 .
- retiring the service distribution in operation 680 may include de-provisioning any existing versions of the service distribution, de-allocating any resources associated with the existing versions of the service distribution, migrating information to persistent repositories to enable subsequent auditing of the lifecycles for the de-provisioned service distributions, or other suitable tasks for removing the service distribution from operation in the infrastructure.
- the method 600 may return to operation 620 to identify a next mode of the service distribution lifecycle and initiate execution of one or more management agents for the identified mode. As such, the method 600 may iteratively insert management agents into the service distribution based on the current mode and then remove the management agents from the service distribution until the service distribution eventually retires in operation 680 .
- FIG. 7 illustrates a block diagram of an exemplary system 700 for controlling cloud and virtualized data centers in the intelligent workload management system.
- cloud and virtualized data centers generally include various dynamically allocated resources that can have unpredictable characteristics.
- the system 700 shown in FIG. 7 and described herein may coordinate such dynamically allocated resources in a closed-loop management infrastructure that can manage declarative policies, fine-grained access controls, and orchestrated management and monitoring tools.
- system 700 may operate in the workload management system described in further detail above, and may provide a mechanism to automatically create images that can be deployed to a public cloud (or cloud data center) 790 a that may be external to an information technology infrastructure, and which can further be deployed to a private cloud (or virtualized data center) 790 b that may be local to the infrastructure.
- a public cloud or cloud data center
- private cloud or virtualized data center
- system 700 may be used to install software contained in licensed software repositories 710 a , source code repositories 710 b , or other suitable software sources onto any images that have been deployed to the public cloud 790 a or the private cloud 790 b , control and audit activity that occurs in the images deployed to the public cloud 790 a or the private cloud 790 b , establish and retrieve network addresses (e.g., IP addresses, DHCP addresses, etc.) for cloned images across various operating platforms (e.g., Windows platforms, Linux platforms, etc.), and analyze any impact that the activity occurring in the images deployed to the public cloud 790 a or the private cloud 790 b may have on other machines or images.
- network addresses e.g., IP addresses, DHCP addresses, etc.
- the system 700 shown in FIG. 7 and described herein may generally include various features that can provide predictability in controlling images, virtual machines, or other resources that have been deployed to the public cloud 790 a and/or the private cloud 790 b .
- the system 700 may include a licensed software repository 710 a that contains licensed software, a source code repository 710 b that contains software source code, or any other suitable software repository.
- the licensed software in the licensed software repository 710 a , the software source code in the source code repository 710 b , or other software may then installed over suitable hardware resources to create one or more hardware installations 720 a , installed on a virtual machine to create one or more virtual machine installations 720 b , and/or built within a suitable build system to create one or more auto build installations 720 c .
- an appropriate management agent 725 may be inserted into the installation 720 in response to installing or otherwise creating the hardware installations 720 a , the virtual machine installations 720 b , and the auto build installations 720 c .
- the management agent 725 may provide functionality for performing various tasks to manage the licensed software, source code, or other software included in the installations 720 .
- the tasks performed by the management agents 725 may include retrieving DHCP addresses, establishing static IP addresses, providing remote debugging assistance, and inserting one or more personality tools 775 (e.g., privileged user management) for the installations 720 .
- the hardware installations 720 a , virtual machine installations 720 b , and auto build installations 720 c may each further include a respective identity service 727 that provides a unique identity for the respective installations 720 .
- the identity services 727 may generally include authentication tokens that define one or more federated authorizations or permissions for the respective installations 720 (e.g., across a plurality of authentication domains), as described in further detail above.
- the management agents 725 inserted into the various software installations 720 may interact with the identity services 727 that define the authorizations or permissions for the various software installations 720 to uniquely identify and manage the various installations 720 .
- the identity services 727 may further identify versions, builds, or other information that can uniquely identify the licensed software, source code, or other software included in the installation, which may enable management for such licensed software, source code, or other software (e.g., in response to detecting updates to the licensed software, source code, or other software in the licensed software repository 710 a or the source code repository 710 b , the integrated identity services 727 may be referenced to identify and appropriately update any installations 720 that may have been created from the updated software).
- various operational images may be created from the software installations 720 .
- the virtual machine installations 720 b and the auto build installations 720 c may generally include one or more virtual machine images, as described in further detail above, while the hardware installations 720 a may generally include software that executes directly over underlying hardware resources.
- the operational images created from the virtual machine installations 720 b and the auto build installations 720 c may therefore include the virtual machine images included therein, wherein the operational virtual machine images may be provided to an image management system 740 that stores the operational virtual machine images in a shared repository 750 a (e.g., an image repository).
- a migration system 730 may provide functionality that can create a suitable operational virtual machine image from the hardware installations 720 a .
- the migration system 730 may evaluate any licensed software, source code, packages, or other software included in the hardware installations 720 a and create operational virtual machine images that can run in a virtualized environment.
- the migration system 730 may include a Novell PlateSpin Migrate system 730 , a VMware vCenter Converter system 730 , or any other suitable migration system 730 that provides conversion or migration services between physical and virtual platforms.
- the operational virtual machine image created from the hardware installation 720 a may then be provided to the image management system 740 , which may store the operational virtual machine image in the shared repository 750 a in a similar manner as the virtual machine installations 720 b and the auto build installations 720 c.
- the image management system 740 may automatically store the operational images in the shared repository 750 a in response to determining that the operational images do not need to be tested for operational integrity (e.g., because the operational images include an attestation token indicating that the operational images have already passed operational integrity tests).
- the image management system 740 may optionally invoke a testing engine 745 a that performs one or more operational integrity tests for the operational images prior to storing the operational images in the shared repository 750 a .
- the operational integrity tests performed by the testing engine 745 a may test the operational images against various test scripts designed to verify integrity for the operational images (e.g., validating checksums, installer functionality, etc.).
- the testing engine 745 a determining that one or more of the operational images have passed the operational integrity tests, such operational images may be released to the shared repository 750 a .
- the image management system 740 may invoke a validation engine 740 that supervises debugging and revalidation for such operational images (e.g., generating a validation workload to coordinate collaborative interaction among various entities that debug and revalidate the operational images until the operational images eventually pass the operational integrity tests).
- the validation engine 745 b may then re-invoke the testing engine 745 a to determine whether the operational images have been debugged or otherwise revalidated in a manner that results in the operational images passing the integrity tests, wherein the operational images may be released to the shared repository 750 a in response to passing the integrity tests or prevented from such release in response to not passing the integrity tests.
- the system 700 may further include a discovery engine 760 that continually monitors the shared repository 750 a to detect whether one or more operational images have been newly added to the shared repository 750 a .
- the image management system 740 , the shared repository 750 a , or another suitable component in the system 700 may generate an event in response to one or more operational images being added to the shared repository 750 a , wherein the event may notify or otherwise advertise the new operational images to the discovery engine 760 .
- the discovery engine 760 may prepare the operational images for deployment to the public cloud 790 a or the private cloud 790 b .
- various public clouds 790 a and private clouds 790 b may support different image formats, wherein the discovery engine 760 may convert the operational images into the appropriate image format for the public cloud 790 a or private cloud 790 b where the operational images will be deployed (e.g., an Amazon Machine Image format for the Amazon Elastic Compute Cloud).
- the cloud image repository 750 b may contain various cloud images created from the operational images in the shared repository 750 a , wherein the various cloud images may be in various different formats depending on the image format for the public cloud 790 a or private cloud 790 b that will host the cloud images.
- an image deployment system 770 may be invoked to deploy the cloud images to the appropriate public cloud 790 a or private cloud 790 b .
- the image deployment system 770 may invoke an impact analysis engine 780 that determines a potential impact of deploying the cloud images to the public cloud 790 a or private cloud 790 b .
- deploying the cloud images to the public cloud 790 a or private cloud 790 b may generally include various deployment processes (e.g., starting, stopping, cloning, or migrating the cloud images).
- the impact analysis engine 770 may reference a configuration management database 785 to validate whether the cloud images can be suitably deployed to the public cloud 790 a or the private cloud 790 b .
- the impact analysis engine 770 may reference the configuration management database 785 to verify that other resources detailed in the configuration management database 785 will not be adversely affected by deploying the cloud images (e.g., because the deployment may require substantial bandwidth during a period of peak network traffic).
- the impact analysis engine 770 may communicate with an audit service 795 , a privileged user management service 792 , or other monitoring services provided in the public cloud 790 a or the private cloud 790 b to enhance the impact analysis (e.g., determining whether conditions in the public cloud 790 a or private cloud 790 b may have adverse impacts on the deployment, local infrastructure resources, etc.).
- the image deployment system 770 may deploy the cloud images in the cloud image repository 750 b to the appropriate public cloud 790 a or private cloud 790 b .
- the operational images in the shared repository 750 a may already be appropriate for deployment into the public cloud 790 a or private cloud 790 b without requiring conversion to a cloud image format, in which case the image deployment system 770 may similarly deploy the operational images in the shared repository 750 a to the public cloud 790 a or private cloud 790 b .
- the image deployment system 770 may clone or modify the cloud images or operational images (e.g., to preserve an original version of the cloud images or operational images prior to the cloud deployment).
- the image deployment system 770 may inject a new or aggregated identity service 777 into the cloned or modified images, wherein the new or aggregated identity service 777 may provide a record that identifies a lineage, pedigree, or other relationships for the cloned or modified images.
- the image deployment system 770 may inject one or more personality tools 775 into the cloned or modified images in response to determining that the personality tools 775 have not already been injected (e.g., during creation of the original software installations 720 ).
- the personality tools 775 may generally include tools for privileged user management, remote debugging, or customizing base images (e.g., certain scripts may be applied to a Linux base image in order to customize the base image for particular functions that the image provides).
- the image deployment system 770 may then deploy the cloud images or the operational images to the appropriate public cloud 790 a or private cloud 790 b , wherein the deployed images may be managed in the public cloud 790 a and the private cloud 790 b .
- the images may include embedded management agents 725 that can control and track any activity associated with the deployed images through interaction with the embedded identity services 727 , including verifying that the images comply with any relevant policies or restricting any activity that may not comply with the relevant policies, as described in further detail above.
- the management agents 725 , identity services 727 (and/or 777 ), and personality tools 775 embedded in the images can control, track, and monitor activities for the images that have been deployed to the public cloud 790 a and the private cloud 790 b
- the monitored activity may be provided to an audit service 795 that can remediate the activity in response to any problems with the images, provide compliance assurance for the activity associated with the images, or otherwise analyze activity that occurs in the images following deployment to the public cloud 790 a or the private cloud 790 b .
- the embedded identity services 727 may interact with a privileged user management service 792 in the public cloud 790 a or the private cloud 790 b , wherein the privileged user management service 792 and the audit service 795 may cooperate in various ways to remediate, assure compliance, or otherwise analyze the activity that occurs in the images following deployment to the public cloud 790 a or the private cloud 790 b.
- FIG. 8 illustrates a flow diagram of an exemplary method 800 for controlling cloud and virtualized data centers in the intelligent workload management system.
- the method 800 may generally operate in the system 700 shown in FIG. 7 and described in further detail above, whereby the method 800 may provide predictability in controlling images, virtual machines, or other resources that have been deployed to public clouds (or cloud data centers) and private clouds (or virtualized data centers).
- public clouds or cloud data centers
- private clouds or virtualized data centers
- control over the cloud data centers and the virtualized data centers may be provided through various features that can automatically create and deploy images to the public clouds and the private clouds, install software from repositories that contain licensed software, source code, or other software onto the images deployed to the public or private clouds, control and audit activity that occurs in the deployed images, establish and retrieve network addresses or other network configurations for cloned images across various operating platforms, and analyze impacts that activity occurring in the deployed images may have on other machines or images to generate appropriate decisions for managing and controlling the data centers provided in the public and private clouds.
- the method 800 may retrieve licensed software from a licensed software repository, software source code from a source code repository, or other software from another suitable repository, wherein an operation 810 may include creating a software installation from the licensed software, the software source code, or the other software.
- the software installation created in operation 810 may include a hardware installation installed over suitable hardware resources, a virtual machine installation installed on a virtual machine, and/or an auto build installation built using a suitable build system.
- an appropriate management agent may then be embedded in the software installation in an operation 820 .
- the management agent embedded in the software installation in operation 820 may provide functionality for performing various tasks to manage the licensed software, source code, or other software included in the software installation (e.g., DHCP address retrieval, static IP address assignment, remote debugging, personality or privileged user management insertion, etc.).
- operation 820 may further include embedding an identity service within the software installation created in operation 810 .
- the identity service may generally provide a unique identity for the software installation, and may further include an authentication token that defines one or more federated authorizations or permissions for the software installation across a plurality of authentication domains.
- the management agent and the identity service embedded in the software installation in operation 820 may interact with one another, whereby the management agent may reference the identity service to determine a unique identity for the software installation, resolve the authorizations or permissions for the software installation from the unique identity, and otherwise manage the software installation.
- the identity service may further identify a version, build, or other information that uniquely identifies the licensed software, source code, or other software included in the installation.
- the interaction between the management agent and the identity service may be used to manage the licensed software, source code, or other software included in the installation.
- the embedded management agent may reference the embedded identity service to determine whether the installation was created from licensed software, source code, or other software that has been updated in the licensed software repository or the source code repository and then appropriately update the installation in response to determining that the installation was created from the updated software.
- an operational image may be created from the software installation.
- an operation 825 may include determining whether the software installation includes a hardware installation, a virtual machine installation, or an auto build installation, wherein virtual machine installations and auto build installations generally include one or more virtual machine images, as described in further detail above.
- creating the operational image may include providing the virtual machine images included therein to an image management system that stores the operational virtual machine images in a shared repository (e.g., an image repository).
- hardware installations may generally include software that executes directly over underlying hardware resources, whereby an operation 830 may include creating a virtual machine from the hardware installation to prepare the hardware installation for migration to a virtualized environment.
- operation 830 may invoke a migration system providing functionality for creating operational virtual machine images from hardware installations, wherein the migration system may evaluate any licensed software, source code, packages, or other software included in the hardware installation and appropriately create the operational virtual machine image.
- the migration system may include Novell PlateSpin Migrate, VMware vCenter Converter, or any other migration system that provides conversion or migration services between physical and virtual platforms.
- the operational virtual machine image created from the hardware installation may then be provided to the image management system, which may store the operational virtual machine image in the shared repository in a similar manner as for virtual machine installations or auto build installations.
- an operation 835 in response to providing the operational image created from the software installation to the image management system, may include determining whether or not to test the operational images for operational integrity.
- an operation 860 may include the image management system automatically storing the operational image in the shared repository in response to determining that the operational image does not need to be tested (e.g., because the operational image includes an attestation token indicating that the operational image has already passed operational integrity tests).
- an operation 840 may include the image management system optionally invoking a testing engine that runs one or more operational integrity tests for the operational image prior to storing the operational image in the shared repository.
- an operation 845 may include determining whether the operational image passed the operational integrity tests, wherein the operational image may be released to the shared repository in operation 860 in response to the operational image passing the integrity tests.
- a validation engine may be invoked in an operation 850 , wherein the validation engine may supervise debugging and revalidation for the operational image (e.g., generating a debugging workload to coordinate collaborative interaction among various entities associated with the failed operational image).
- the validation engine may then re-invoke operation 840 to determine whether the operational image has been debugged or otherwise revalidated in a manner that results in the operational image passing the integrity tests, wherein the operational image may be released to the shared repository in operation 860 in response to passing the integrity tests, whereas the operational image may be iteratively debugged and revalidated in operations 840 through 850 until the operational image successfully passes the integrity tests.
- a discovery engine may continually monitor the shared repository to detect whether the operational image has been newly added to the shared repository.
- the image management system, the shared repository, or another component may generate an event in response to adding the operational image to the shared repository, wherein the event may notify or otherwise advertise the new operational image to the discovery engine.
- an operation 870 may include generating a cloud image to prepare the operational image for deployment to the public cloud or the private cloud.
- operation 870 may include converting the operational image into the appropriate image format for the public cloud or private cloud where the operational image will be deployed (e.g., an Amazon Machine Image format for the Amazon Elastic Compute Cloud).
- the cloud image created in operation 870 may be in a cloud image format that depends on an image format used in the public cloud or private cloud that will host the cloud image created in operation 870 .
- an image deployment system may be invoked to deploy the cloud image to the appropriate public cloud or private cloud.
- an operation 875 a may include determining whether to invoke an impact analysis engine that determines a potential impact of deploying the cloud images to the public cloud or private cloud.
- deploying the cloud images to the public cloud or private cloud may generally include various deployment processes (e.g., starting, stopping, cloning, or migrating the cloud images), wherein the impact analysis optionally performed in operation 875 a may include referencing a configuration management database to validate whether the cloud images can be suitably deployed to the public cloud or the private cloud.
- the impact analysis engine may reference the configuration management database to verify that other resources detailed in the configuration management database will not be adversely affected by deploying the cloud images (e.g., because the deployment may require substantial bandwidth during a period of peak network traffic).
- the impact analysis engine may communicate with an audit service, a privileged user management service, or other monitoring services provided in the public cloud or the private cloud to enhance the impact analysis (e.g., determining whether conditions in the public cloud or private cloud may have adverse impacts on the deployment, local infrastructure resources, etc.).
- the image in response to determining that potential adverse impacts may result from deploying the image to the cloud in an operation 875 b , the image may be revalidated in operation 850 , or operation 850 may include other processes to resolve the adverse impacts.
- an operation 880 may include deploying the cloud image to the appropriate public cloud or private cloud.
- the operational image stored in the shared repository in operation 860 may already be appropriate for deployment into the public cloud or private cloud without requiring conversion to a cloud image format in operation 870 , in which case operation 880 may include similarly deploying the operational image stored in operation 860 to the public cloud or private cloud.
- operation 880 to deploy the cloud images or operational images to the public cloud or private cloud, operation 880 ma include cloning or modifying the cloud image or the operational image (e.g., to preserve an original version of the cloud image or operational image prior to the deployment operation 880 ). As such, in response to cloning or modifying the image prior to the cloud deployment, operation 880 may further include injecting a new or aggregated identity service into the cloned or modified image, wherein the new or aggregated identity service may provide a record that identifies a lineage, pedigree, or other relationships for the cloned or modified image.
- operation 880 may include injecting one or more personality tools into the cloned or modified image in response to determining that the personality tools have not already been injected (e.g., during creation of the original software installation in operations 810 and 820 ).
- the personality tools may generally include tools for privileged user management, remote debugging, or customizing base images (e.g., certain scripts may be applied to a Linux base image in order to customize the base image for particular functions that the image provides).
- operation 880 may then include deploying the cloud image or the operational image to the appropriate public cloud or private cloud, wherein operation 880 may further include managing the image deployed to the public or private cloud.
- the image may include an embedded management agent that can control and track any activity associated with the deployed image through interaction with the embedded identity service, including verifying that the image complies with any relevant policies or restricting any activity that may not comply with the relevant policies, as described in further detail above.
- operation 880 may include providing the monitored activity to an audit service in the cloud that can remediate any problems with the image, provide compliance assurance for the activity associated with the image, or otherwise analyze the activity that occurs in the image following deployment to the cloud.
- the embedded identity service may interact with a privileged user management service in the cloud, wherein the privileged user management service and the audit service in the cloud may cooperate in various ways to remediate, assure compliance, or otherwise analyze the activity that occurs in the image following deployment to the cloud.
- Implementations of the invention may be made in hardware, firmware, software, or various combinations thereof.
- the invention may also be implemented as instructions stored on a machine-readable medium, which may be read and executed using one or more processing devices.
- the machine-readable medium may include various mechanisms for storing and/or transmitting information in a form that can be read by a machine (e.g., a computing device).
- a machine-readable storage medium may include read only memory, random access memory, magnetic disk storage media, optical storage media, flash memory devices, and other media for storing information
- a machine-readable transmission media may include forms of propagated signals, including carrier waves, infrared signals, digital signals, and other media for transmitting information.
- firmware, software, routines, or instructions may be described in the above disclosure in terms of specific exemplary aspects and implementations performing certain actions, it will be apparent that such descriptions are merely for the sake of convenience and that such actions in fact result from computing devices, processing devices, processors, controllers, or other devices or machines executing the firmware, software, routines, or instructions.
Abstract
Description
- This application claims the benefit of U.S. Provisional Patent Application Ser. No. 61/264,562, entitled “System and Method for Intelligent Workload Management,” filed on Nov. 25, 2009, the contents of which are hereby incorporated by reference in entirety.
- In addition, this application is further related to co-pending U.S. patent application Ser. No. ______, entitled “System and Method for Intelligent Workload Management,” filed on ______, co-pending U.S. patent application Ser. No. ______, entitled “System and Method for Recording Collaborative Information Technology Processes in an Intelligent Workload Management System,” filed on ______, co-pending U.S. patent application Ser. No. ______, entitled “System and Method for Managing Information Technology Models in an Intelligent Workload Management System,” filed on ______, co-pending U.S. patent application Ser. No. ______, entitled “System and Method for Discovery Enrichment in an Intelligent Workload Management System,” filed on ______, co-pending U.S. patent application Ser. No. ______, entitled “System and Method for Providing Service Layer Blueprints in an Intelligent Workload Management System,” filed on ______, and co-pending U.S. patent application Ser. No. ______, entitled “System and Method for Providing Scorecards to Visualize Services in an Intelligent Workload Management System,” filed on ______, each of which further claim benefit to U.S. Provisional Patent Application Ser. No. 61/264,562, and each of which are hereby further incorporated by reference in entirety.
- The invention relates to a system and method for controlling cloud and virtualized data centers in an intelligent workload management, and in particular, to a computing environment having a model-driven, service-oriented architecture for creating collaborative threads to manage workloads, and further to creating cloud images having embedded management agents and identity services for validating the cloud images prior to deployment into the cloud and virtualized data centers and controlling, monitoring, and auditing activity associated with the cloud images following deployment into the cloud and virtualized data centers.
- “Cloud computing” generally refers to a computing environment with dynamically scalable and often virtualized resources, which are typically provided as services over the Internet. For example, cloud computing environments often employ the concept of virtualization as a preferred paradigm for hosting workloads on any appropriate hardware. The cloud computing model has become increasingly viable for many enterprises for various reasons, including that the cloud infrastructure may permit information technology resources to be treated as utilities that can be automatically provisioned on demand, while also limiting the cost of services to actual resource consumption. Moreover, consumers of resources provided in cloud computing environments can leverage technologies that might otherwise be unavailable. Thus, as cloud computing and cloud storage become more pervasive, many enterprises will find that moving data center to cloud providers can yield economies of scale, among other advantages.
- However, while much of the information technology industry moves toward cloud computing and virtualization environments, existing systems tend to fall short in adequately addressing concerns relating to managing or controlling workloads and storage in such environments. For example, cloud computing environments are generally designed to support generic business practices, meaning that individuals and organizations typically lack the ability to change many aspects of the platform. Moreover, concerns regarding performance, latency, reliability, and security present significant challenges, as outages and downtime can lead to lost business opportunities and decreased productivity, while the generic platform may present governance, risk, and compliance concerns. In other words, once organizations deploy workloads beyond the boundaries of their data centers, lack of visibility into the computing environment may result in significant management problems.
- While these types of problems tend to be pervasive in cloud computing and virtualization environments due to the lack of transparency, existing systems for managing and controlling workloads that are physically deployed and/or locally deployed in home data centers tend to suffer from many similar problems. In particular, information technology has traditionally been managed in silos of automation, which are often disconnected from one another. For example, help desk systems typically involve a customer submitting a trouble ticket to a remedy system, with a human operator then using various tools to address the problem and close the ticket, while monitoring systems that watch the infrastructure to remediate problems may remain isolated from the interaction between the customer and the help desk despite such interaction being relevant to the monitoring system's function.
- As such, because existing systems for managing infrastructure workloads operate within distinct silos that typically do not communicate with one another, context that has been exchanged between two entities can often be lost when the workload moves to the next step in the chain. When issues surrounding workload management are considered in the context of business objectives, wherein information technology processes and business issues collectively drive transitions from one silo to another, modern business tends to move at a speed that outpaces information technology's ability to serve business needs. Although emerging trends in virtualization, cloud computing, appliances, and other models for delivering services have the potential to allow information technology to catch up with the speed of business, many businesses lack the knowledge needed to intelligently implement these new technologies.
- For example, emerging service delivery models often lead to deployed services being composed and aggregated in new and unexpected ways. In particular, rather than designing and modeling systems from the ground up, new functionality is often generated on-the-fly with complex building blocks that tend to include various services and applications that have traditionally been isolated and stand-alone. As such, even though many emerging service delivery models provide administrators and users with a wider range of information technology choices than have ever before been available, the diversity in technology often compounds business problems and increases the demand for an agile infrastructure. Thus, despite the advantages and promise that new service delivery models can offer businesses, existing systems tend to fall short in providing information technology tools that can inform businesses on how to intelligently implement an information technology infrastructure in a manner that best leverage available technology to suit the particular needs of a business.
- According to one aspect of the invention, a system and method for intelligent workload management may generally provide a computing environment having a fluid architecture, whereby the computing environment may create common threads to manage workloads that converge information relating to user identities and access credentials, provisioned and requested services, and physical and virtual infrastructure resources, among other things. In one implementation, services provided in the computing environment may generally include various aggregated physical and/or virtual resources, while applications may include various aggregated services and workloads may include various compositions of whole services, separate services, and/or sub-services that work together. For example, in response to a user requesting a service that performs a particular function or application, the intelligent workload management system (or alternatively “the workload management system”) may create a workload to manage provisioning the user with a tuned appliance configured to perform the particular function or application, whereby the tuned appliance may provide the requested service for the user. To manage the workload, the workload management system may create a resource store that points to a storage location for the appliance, declare a service level agreement and any runtime requirements that constrain deployment for the appliance, obtain a certificate that provides attestation tokens for the user and the appliance, and create a profile that provides an audit trail of actual lifecycle behavior for the appliance (e.g., events and performance metrics relating to the appliance). Thus, workflows created in the computing environment may converge various sources of information within a common thread, which the workload management system may use to manage the workload (e.g., actual metrics for a particular workload can be compared to anticipated metrics for the workload to determine whether various services underlying the workload function as intended).
- According to one aspect of the invention, the system and method for intelligent workload management may operate in a model-driven architecture, which may merge information relating to user identities with services that may be running in an information technology infrastructure. As such, the information merged in the model-driven architecture may be referenced to determine specific users or organizational areas within the infrastructure that may be impacted in response to a particular change to the infrastructure model. Thus, whereas information technology has traditionally been managed within disparate silos, where context exchanged between any two entities may be lost at the next step in the chain, the model-driven architecture may track context for information technology workloads from start to finish. As such, tracking context for the information technology workloads may provide audit trails that can then be used to identify a relevant user, application, system, or other entity that can provide assistance with a particular issue. Moreover, in the context of managing workloads for virtualized services, where different users typically have to communicate with one another on-demand, the audit trail that the model-driven architecture enables may track end-to-end workload activities and thereby provide visibility and notice to users, applications, systems, services, or any other suitable entity that may be impacted by the workload.
- According to one aspect of the invention, the system and method for intelligent workload management may enable agile and flexible management for an information technology infrastructure, which may enable the infrastructure to move at the speed of modern business. For example, the system and method for intelligent workload management may further operate in a service-oriented architecture unifying various heterogeneous technologies, which may provide businesses with the capability to deploy information technology resources in a manner that can meet business objectives. For example, the service-oriented architecture may provide adaptable, interoperable, and user-friendly information technology tools to manage the infrastructure in a manner that addresses many typical business challenges that information technology organizations face. For example, while the model-driven architecture may employ virtualization features to provide manageable workloads that can move efficiently through the infrastructure, the service-oriented architecture may merge different technologies to provide various coordinated systems that can cooperate to optimally execute portions of an overall orchestrated workload. As such, the model-driven and service-oriented architectures may collectively derive data from the information technology infrastructure, which may inform intelligent information technology choices that meet the needs of businesses and users.
- According to one aspect of the invention, the system and method for intelligent workload management may be used to manage workloads created in response to service requests. For example, any suitable user, application, system, or other entities may request a service from the workload management system, wherein the request may include a desired performance level (or service level) for the service, any components or criteria required for the service, comments to provision the service in a certain manner, or any other suitable information for the requested service. In response to receiving the service request, human and/or automated approvers (or service delivery managers) may collaboratively manage the service request and determine whether the service can be provisioned as requested. Furthermore, the approvers may provide feedback on the service provisioning decision, which may create an interactive collaborative “conversation” between requesters, approvers, and other entities in the management thread. In one implementation, various security policies may be built into the model to automatically approve or deny certain requests, wherein the security policies may be dynamically updated in response to handling similar requests (e.g., a request for Bit Torrent storage may be automatically denied because a particular security policy indicates that peer-to-peer file sharing violates a company policy).
- According to one aspect of the invention, services provisioned in the workload management system may include any suitable combination of physical infrastructure resources and virtualized infrastructure resources. For example, to provision virtualized services that can abstract underlying physical platforms and share computing resources in a manner that may address many needs for immediacy in business environments, the workload management system may manage physical infrastructure resources and virtualized infrastructure resources to support provisioning virtualized services. Thus, the service-oriented architecture employed in the workload management system may enable management for the physical infrastructure resources (e.g., rack-mounting, configuring, and otherwise physically installing servers, storage resources, and other devices), and may further enable management for the virtualized infrastructure resources (e.g., pre-configuring provisioned services with identity management features, denying, flagging, or auditing service requests from unauthorized entities, etc.). Moreover, the workload management system may be considered a service in that the workload management service may be built dynamically in response to service requests (e.g., because a management infrastructure can introduce computational burdens just as any other resource, limiting the existence of the workload management infrastructure to an on-demand service can free computational resources for other tasks having a greater need for immediacy).
- According to one aspect of the invention, to manage collaborative service provisioning in contexts that combine physical and virtualized resources, the workload management system may store a history of interaction between requesters, approvers, and other entities in service provisioning threads, and may further record, log, and save traffic and activity between such entities in the service provisioning threads. As such, various processes that occur during service provisioning may be recorded and injected into a real-time stream that can subsequently be played back, thereby capturing the service provisioning processes as a whole, including any responses that human and/or automated entities may provide during the collaborative process. During processes for collaboratively managing the information technology infrastructure, the workload management system may expose portions of the infrastructure model to entities involved in the management processes. In one implementation, the workload management system may expose “just enough context” to entities involved in the management processes, whereby the involved entities may view the respective portions of the infrastructure model for which such entities have management responsibility (e.g., prior to implementing any particular change to the infrastructure, the workload management system may query the model and determine an impact of the change, notify impacted entities, etc.).
- According to one aspect of the invention, virtualized services provisioned in the workload management system may further include injection points for adding and/or removing information from the provisioned services. For example, any particular virtualized service may generally include a layered architecture that includes injection points for inserting “zero residue” management agents that can manage the service and ensure that the service functions correctly. Thus, in one implementation, zero residue management agents may be inserted within virtualized services at build time, run time, or any other suitable point in a lifecycle for the virtualized services, wherein the particular management agents inserted within the virtualized services may depend on a type of management required. For example, the workload management system may analyze a configuration of the service, a lifecycle point for the service, or other suitable information for the service to derive a recipe of the management agents to be injected (e.g., the recipe may depend on a required service level for the service, a current operational state for the infrastructure model, services running in the infrastructure, a type of management required for the running services, etc.).
- Other objects and advantages of the invention will be apparent to those skilled in the art based on the following drawings and detailed description.
-
FIG. 1A illustrates a block diagram of an exemplary model-driven architecture in a system for intelligent workload management, according to one aspect of the invention. -
FIG. 1B illustrates a block diagram of an exemplary service-oriented architecture in the system for intelligent workload management, according to one aspect of the invention. -
FIG. 2 illustrates a flow diagram of an exemplary method for intelligent workload management, according to one aspect of the invention. -
FIG. 3 illustrates an exemplary system for generating single sign-on workload identities in the workload management system, according to one aspect of the invention. -
FIG. 4 illustrates an exemplary method for generating single sign-on workload identities in the workload management system, according to one aspect of the invention. -
FIG. 5A illustrates a block diagram of an exemplary service distribution that can be managed with zero residue management agents in the intelligent workload management system, whileFIG. 5B illustrates an exemplary lifecycle for a service distribution managed with the zero residue management agents, according to one aspect of the invention. -
FIG. 6 illustrates a flow diagram of an exemplary method for managing different modes of a service distribution lifecycle with the zero residue management agents in the intelligent workload management system, according to one aspect of the invention. -
FIG. 7 illustrates a block diagram of an exemplary system for controlling cloud and virtualized data centers in the intelligent workload management system, according to one aspect of the invention. -
FIG. 8 illustrates a flow diagram of an exemplary method for controlling cloud and virtualized data centers in the intelligent workload management system, according to one aspect of the invention. - According to one aspect of the invention,
FIG. 1A illustrates an exemplary model-drivenarchitecture 100A in a system for intelligent workload management, whileFIG. 1B illustrates an exemplary service-orientedarchitecture 100B in the system for intelligent workload management. In one implementation, the model-drivenarchitecture 100A shown inFIG. 1A and the service-orientedarchitecture 100B shown inFIG. 1B may include various components that operate in a substantially similar manner to provide the functionality that will be described in further detail herein. Thus, any description provided herein for components having identical reference numerals inFIGS. 1A and 1B will be understood as corresponding to such components in bothFIGS. 1A and 1B , whether or not explicitly described. - In one implementation, the model-driven
architecture 100A illustrated inFIG. 1A and the service-orientedarchitecture 100B illustrated inFIG. 1B may provide an agile, responsive, reliable, and interoperable information technology environment, which may address various problems associated with managing an information technology infrastructure 110 (e.g., growing revenues and cutting costs, managing governance, risk, and compliance, reducing times to innovate and deliver products to markets, enforcing security and access controls, managing heterogeneous technologies and information flows, etc.). To that end, the model-drivenarchitecture 100A and the service-orientedarchitecture 100B may provide a coordinated design for the intelligent workload management system (or alternatively “the workload management system”), wherein the coordinated design may integrate technologies for managing identities, enforcing policies, assuring compliance, managing computing and storage environments, providing orchestrated virtualization, enabling collaboration, and providing architectural agility, among other things. The model-drivenarchitecture 100A and the service-orientedarchitecture 100B may therefore provide a flexible framework that may enable the workload management system to allocate various resources 114 in theinformation technology infrastructure 110 in a manner that balances governance, risk, and compliance with capacities for internal and external resources 114. For example, as will be described in further detail herein, the workload management system may operate within the flexible framework that the model-drivenarchitecture 100A and the service-orientedarchitecture 100B to deliver information technology tools for managing security, performance, availability, and policy objectives for services provisioned in theinformation technology infrastructure 110. - Identity Management
- In one implementation, as noted above, the technologies integrated by the model-driven
architecture 100A and the service-orientedarchitecture 100B may enable managing identities in theinformation technology infrastructure 110. In particular, managing identities may present an important concern in the context of managing services in theinformation technology infrastructure 110 because security, performance, availability, policy objectives, and other variables may have different importance for different users, customers, applications, systems, or other resources 114 that operate in theinformation technology infrastructure 110. As such, the model-drivenarchitecture 100A and the service-orientedarchitecture 100B may include various components that enable identity management in theinformation technology infrastructure 110. - For example, in one implementation, the workload management system may include an access manager 120 (e.g., Novell Access Manager), which may communicate with an
identity vault 125 and control access to content, applications, services, and other resources 114 in theinformation technology infrastructure 110. In one implementation, theaccess manager 120 may enforce various policy declarations to provide authentication services for any suitable component in theinformation technology infrastructure 110. For example, theidentity vault 125 may include various directories that organize user accounts, roles, policies, and other identity information that theaccess manager 120 can reference to generate authorization decisions. Theaccess manager 120 and theidentity vault 125 may further support federated user identities, wherein a user at anyparticular client resource 115 may submit single sign-on authentication credentials to theaccess manager 120, which may then control access to any suitable resource 114 in theinformation technology infrastructure 110 with the single sign-on authentication credentials (e.g., user names, identifiers, passwords, smart cards, biometrics, etc.). Moreover, the identity information stored in theidentity vault 125 may be provided to asynchronization engine 150, whereby thesynchronization engine 150 may provide interoperable and transportable identity information throughout the architecture (e.g., via an identity fabric within anevent bus 140 that manages transport throughout the architecture). - In one implementation, providing the identity information stored in the
identity vault 125 to thesynchronization engine 150 may form portable identities that correspond to independent digital representations for various users, applications, systems, or other entities that interact with theinformation technology infrastructure 110. In particular, the identities maintained in thesynchronization engine 150 may generally include abstractions that can provide access to authoritative attributes, active roles, and valid policies for entities that the identity abstractions represent. Thus, synchronizing the identity information stored in theidentity vault 125 with thesynchronization engine 150 may provide independent and scalable digital identities that can be transported across heterogeneous applications, services, networks, or other systems, whereby the workload management system may handle and validate the digital identities in a cooperative, interoperable, and federated manner. - In one implementation, the identities stored in the
identity vault 125 and synchronized with thesynchronization engine 150 may be customized to define particular attributes and roles that the identities may expose. For example, a user may choose to create one identity that exposes every attribute and role for the user to applications, services, or other systems that reside within organizational boundaries, another identity that limits the attributes and roles exposed to certain service providers outside the organizational boundaries, and another identity that provides complete anonymity in certain contexts. The identities maintained in thesynchronization engine 150 may therefore provide awareness over any authentication criteria that may be required to enable communication and collaboration between entities that interact with the workload management system. For example, thesynchronization engine 150 may include a service that can enforce policies controlling whether certain information stored in theidentity vault 125 can be shared (e.g., through theaccess manager 120 or other information technology tools that can manage and customize identities). - In one implementation, the workload management system may further manage identities in a manner that enables infrastructure workloads to function across organizational boundaries, wherein identities for various users, applications, services, and other resources 114 involved in infrastructure workloads may be managed with role aggregation policies and logic that can support federated authentication, authorization, and attribute services. For example, in one implementation, the
access manager 120, theidentity vault 125, and thesynchronization engine 150 may manage identity services externally to applications, services, and other resources 114 that consume the identities, which may enable the workload management system to control access to services for multiple applications using consistent identity interfaces. In particular, theaccess manager 120, theidentity vault 125, and thesynchronization engine 150 may define standard interfaces for managing the identity services, which may include authentication services, push authorization services (e.g., tokens, claims, assertions, etc.), pull authorization services (e.g., requests, queries, etc.), push attribute services (e.g., updates), pull attribute services (e.g., queries), and audit services. - As such, in one implementation, the workload management system may employ the identity services provided in the model-driven
architecture 100A and the service-orientedarchitecture 100B to apply policies for representing and controlling roles for multiple identities within any particular session that occurs in theinformation technology infrastructure 110. For example, in response to a session that includes a user logging into aclient machine 115 and invoking a backup service, the workload management system may manage the session with multiple identities that encompass the user, the backup service, and theclient machine 115. The workload management system may further determine that the identity for theclient machine 115 represents an unsecured machine that resides outside an organizational firewall, which may result in the workload management system retrieving a policy from theidentity vault 125 and/or thesynchronization engine 150 and applying the policy to the session (e.g., the policy may dynamically prevent themachine 115 and the user from being active in the same session). Thus, the workload management system may manage multiple identities that may be involved in any particular service request to control and secure access to applications, services, and other resources 114 in theinformation technology infrastructure 110. - In one implementation, the model-driven
architecture 100A and the service-orientedarchitecture 100B may further provide identity services for delegating rights in delegation chains that may involve various different levels of identities. In particular, any particular user may have various roles, attributes, or other identities that define various rights for the user. As such, in one implementation, the rights delegation identity service may enable the user to delegate a time-bounded subset of such rights to a particular service, wherein the service can then make requests to other services on behalf of the user during the delegated time. For example, a user may delegate rights to a backup service that permits the backup service to read a portion of a clusteredfile system 195 during a particular time interval (e.g., 2 a.m. to 3 a.m.). In response to thefile system 195 receiving the read request from the backup service, the identity services may enable thefile system 195 to audit identities for the backup service and the user, and further to constrain read permissions within thefile system 195 based on the relevant rights defined by the identities for the backup service for the user. - In one implementation, the model-driven
architecture 100A and the service-orientedarchitecture 100B may further provide identity services for defining relative roles, wherein relative roles may be defined where a principal user, application, service, or other entity can only assume a particular role for a particular action when a target of the action has a particular set of identities. For example, a user having a doctor role may only assume a doctor-of-record relative role if an identity for a target of the doctor-of-record action refers to one of the user's patients. In another example, applications may request controlled access to information about an identity for a certain user, wherein the application may, retrieve the requested information directly from the access-controlled identity for the user. In particular, the workload management system may determine the information requested by the application and create a workload that indicates to the user the information requested by the application and any action that the application may initiate with the requested information. The user may then make an informed choice about whether to grant the application access to the requested information. Thus, having identities to enable applications may eliminate a need for application-specific data storage or having the application access separate a directory service or another identity information source. - Thus, in the model-driven
architecture 100A and the service-oriented architecture 1008, the identity management services may create crafted identities combined from various different types of identity information for various users, applications, services, systems, or other information technology resources 114. In one implementation, while the identity information may generally be stored and maintained in theidentity vault 125, the identity information can be composed and transformed through theaccess manager 120 and/or thesynchronization engine 150, with the resulting identity information providing authoritative statements for represented entities that span multiple authentication domains within and/or beyond boundaries for theinformation technology infrastructure 110. For example, an identity for a user may be encapsulated within a token that masks any underlying credential authentication, identity federation, and attribute attestation. Moreover, in one implementation, the identity services may further support identities that outlive entities that the identities represent and multiple identity subsets within a particular identity domain or across multiple identity domains. As such, the identity services provided in the model-drivenarchitecture 100A and the service-orientedarchitecture 100B may include various forms of authentication, identifier mapping, token transformation, identity attribute management, and identity relationship mapping. - Policy Enforcement
- In one implementation, as noted above, the technologies integrated by the model-driven
architecture 100A and the service-orientedarchitecture 100B may enable enforcing policies in theinformation technology infrastructure 110. In particular, enforcing policies may present an important concern in the context of managing services in theinformation technology infrastructure 110 because policies may be driven from multiple hierarchies and depend on operational, legislative, and organizational requirements that can overlap, contradict, and/or override each other. As such, the model-drivenarchitecture 100A and the service-orientedarchitecture 100B may include various components for defining policies in standardized languages that can be translated, merged, split, or otherwise unified as needed. To that end, the workload management system may have multiple policy decision points and policy definition services for consistently managing and enforcing policies in theinformation technology infrastructure 110 - As such, in one implementation, the model-driven
architecture 100A and the service-orientedarchitecture 100B may provide standard policy languages and service interfaces that enable the workload management system to make consistent decisions based on flexible user needs. In particular, any suitable resource 114 (including workloads and computational infrastructure) may be provided with access to standardized instrumentation that provides knowledge regarding information that may be available, desired, or allowed in the workload management system. In one implementation, the workload management system may invoke various cooperating policy services to determine suitablephysical resources 114 a (e.g., physical servers, hardware devices, etc.),virtualized resources 114 b (e.g., virtual machine images, virtualized servers, etc.),configuration resources 114 c (e.g.; management agents, translation services, etc.), storage resources (e.g., the clusteredfile system 195, one ormore databases 155, etc.), or other resources 114 for a particular workload. For example, thesynchronization engine 150 may dynamically retrieve various policies stored in thedatabases 155, and anevent audit service 135 b may then evaluate the policies maintained in thesynchronization engine 150 independently from services that subsequently enforce policy decisions (e.g., theevent audit service 135 b may determine whether the policies permit access to certain information for a particular application and the application may then enforce the policy determination). - In one implementation, separating policy evaluation within the
event audit service 135 b from policy enforcement within consuming services may enable the workload management system to access the consuming services and manage policy-based control for the service in an independent and simultaneous manner. Theevent audit service 135 b may include a standardized policy definition service that can be used to define policies that span multiple separate application and management domains. For example, in one implementation, the policy definition service may create, manage, translate, and/or process policies separately from other service administration domains and interfaces. As such, the policy definition service may provide interoperability for the separate domains and interfaces, and may further enable compliance services that may be provided in acorrelation system 165 and remediation services that may be provided in aworkload service 135 a. - In one implementation, to ensure correct and effective policy decisions, the policy definition service provided within the
event audit service 135 b may be configured to obtain data relating to a current state and configuration for resources 114 managed in theinfrastructure 110 in addition to data relating to dependencies or other interactions between the managed resources 114. For example, amanagement infrastructure 170 may include adiscovery engine 180 b that dynamically monitors various events that theinfrastructure 110 generates and pushes onto theevent bus 140, which may include an event backplane for transporting the events. Moreover, thediscovery engine 180 b may query theinfrastructure 110 to determine relationships and dependencies among users, applications, services, and other resources 114 in theinfrastructure 110. As such, thediscovery engine 180 b may monitor theevent bus 140 to obtain the events generated in theinfrastructure 110 and synchronize the events to thesynchronization engine 150, and may further synchronize information relating to the relationships and dependencies identified in theinfrastructure 110 to thesynchronization engine 150. In one implementation, theevent audit service 135 b may then evaluate any events, resource relationships, resource dependencies, or other information describing the operational state and the configuration state of theinfrastructure 110 in view of any relevant policies and subsequently provide any such policy evaluations to requesting entities. - In one implementation, the policy definition service may include standard interfaces for defining policies in terms of requirements, controls, and rules. For example, the requirements may generally be expressed in natural language in order to describe permitted functionality, prohibited functionality, desirable functionality, and undesirable functionality, among other things (e.g., the
event audit service 135 b may capture legislative regulations, business objectives, best practices, or other policy-based requirements expressed in natural language). The controls may generally associate the requirements to particular objects that may be managed in the workload management system, such as individual users, groups of users,physical resources 114 a,virtualized resources 114 b, or any other suitable object or resource 114 in theinfrastructure 110. In one implementation, the policy definition service may further define types for the controls. For example, the type may include an authorization type that associates an identity with a particular resource 114 and action (e.g., for certain identities, authorizing or denying access to a system or a file, permission to alter or deploy a policy, etc.), or the type may include an obligation type that mandates a particular action for an identity. - Thus, in one implementation, translating requirements into controls may partition the requirements into multiple controls that may define policies for a particular group of objects. Furthermore, rules may apply certain controls to particular resources 114, wherein rules may represent concrete policy definitions. For example, the rules may be translated directly into a machine-readable and machine-executable format that information technology staff may handle and that the
event audit service 135 b may evaluate in order to manage policies. In one implementation, the rules may be captured and expressed in any suitable domain specific language, wherein the domain specific language may provide a consistent addressing scheme and data model to instrument policies across multiple domains. For example, adefinitive software library 190 may include one or more standardized policy libraries for translating between potentially disparate policy implementations, which may enable theevent audit service 135 b to provide federated policies interoperable across multiple different domains. As such, the rules that represent the policy definitions may include identifiers for an originating policy implementation, which the policy definition service may then map to the controls that the rules enforce and to the domain specific policy language used in the workload management system (e.g., through the definitive software library 190). - Compliance Assurance
- In one implementation, as noted above, the technologies integrated by the model-driven
architecture 100A and the service-orientedarchitecture 100B may enable monitoring for compliance assurances in theinformation technology infrastructure 110. In particular, compliance assurance may present an important concern in the context of managing services in theinformation technology infrastructure 110 because policy enforcement encompasses issues beyond location, access rights, or other contextual information within the infrastructure (e.g., due to increasing mobility in computing environments). As such, the model-drivenarchitecture 100A and the service-orientedarchitecture 100B may define metadata that bounds data to characteristics of data. To that end, the workload management system may employ a standard metadata format to provide interoperability between policies from multiple organizations to enable the policies to cooperate with one another and provide policy-based service control. For example, certain infrastructure workloads may execute under multiple constraints defined by users, theinfrastructure 110, sponsoring organizations, or other entities, wherein compliance assurance may provide users with certification that the workloads were properly assigned and executed according to the constraints. In another example, sponsoring organizations and governing bodies may define control policies that constrain workloads, wherein compliance assurance in this context may include ensuring that only authorized workloads have been executed against approved resources 114. - As such, in one implementation, the model-driven
architecture 100A and the service-orientedarchitecture 100B may provide preventative compliance assurance through a compliance management service that supports remediation in addition to monitoring and reporting. For example, when workloads move from data centers internal to theinfrastructure 110 into third party processing centers, cloud computing environments, or other environments having reusable computing resource pools where services can be relocated, the workload management system may generatecompliance reports 145 that indicate whether any constraints defined for the workloads have been satisfied (e.g., that authorized entities perform the correct work in the correct manner, as defined within the workloads). Thus, compliance may generally be defined to include measuring and reporting on whether certain policies effectively ensure confidentiality and availability for information within workloads, wherein the resulting compliance reports 145 may describe an entire process flow that encompasses policy definition, relationships between configurations and activities that do or do not comply with the defined policies, and identities of users, applications, services, systems, or other resources 114 involved in the process flow. - In one implementation, the workload management system may provide the compliance management service for workloads having specifications defined by users, and further for workloads having specifications defined by organizations. For example, users may generally define various specifications to identify operational constraints and desired outcomes for workloads that the users create, wherein the compliance management service may certify to the users whether or not the operational constraints and desired outcomes have been correctly implemented. With respect to organizational workloads, organizations may define various specifications identifying operational constraints and desired outcomes for ensuring that workloads comply with governmental regulations, corporate best practices, contracts, laws, and internal codes of conduct. Thus, the compliance management service may integrate the identity management services and the policy definition service described above to provide the workload management system with control over configurations, compliance event coverage, and remediation services in the
information technology infrastructure 110. - In one implementation, the compliance management service may operate within a
workload engine 180 a provided within themanagement infrastructure 170 and/or aworkload service 135 b in communication with thesynchronization engine 150. Theworkload engine 180 a and/or theworkload service 135 b may therefore execute the compliance management service to measure and report on whether workloads comply with relevant policies, and further to remediate any non-compliant workloads. For example, the compliance management service may use the integrated identity management services to measure and report on users, applications, services, systems, or other resources 114 that may be performing operational activity that occurs in theinformation technology infrastructure 110. In particular, the compliance management service may interact with theaccess manager 120, theidentity vault 125, thesynchronization engine 150, or any other suitable source that provides federated identity information to retrieve identities for the entities performing the operational activity, validate the identities, determine relationships between the identities, and otherwise map the identities to the operational activity. For example, in one implementation, thecorrelation system 165 may provide analytic services to process audit trails for any suitable resource 114 (e.g., correlating the audit trails and then mapping certain activities to identities for resources 114 involved in the activities). Furthermore, in response to thecorrelation system 165 processing the audit trails and determining that certain policies have been violated, thecorrelation system 165 may invoke one or more automated remediation workloads to initiate appropriate action for addressing the policy violations. - In one implementation, the compliance management service may further use the integrated policy definition service to monitor and report on the operational activity that occurs in the
information technology infrastructure 110 and any policy evaluation determinations that theevent audit service 135 b generates through the policy definition service. For example, in one implementation, theworkload engine 180 a and/or theworkload service 135 b may retrieve information from aconfiguration management database 185 a orother databases 155 that provide federated configuration information for managing the resources 114 in theinformation technology infrastructure 110. Theworkload engine 180 a and/or theworkload service 135 b may therefore execute the compliance management service to perform scheduled and multi-step compliance processing, wherein the compliance processing may include correlating operational activities with identities and evaluating policies that may span various different policy domains in order to govern theinformation technology infrastructure 110. To that end, the model-drivenarchitecture 100A and the service-orientedarchitecture 100B may provide various compliance management models may be used in the compliance management service. - In one implementation, the compliance management models may include a wrapped compliance management model that manages resources 114 lacking internal awareness over policy-based controls. The compliance management service may augment the resources 114 managed in the wrapped compliance model with one or more policy decision points and/or policy enforcement points that reside externally to the managed resources 114 (e.g., the
event audit service 135 b). For example, the policy decision points and/or the policy enforcement points may intercept any requests directed to the resources 114 managed in the wrapped compliance model, generate policy decisions that indicate whether the resources 114 can properly perform the requests, and then enforce the policy decisions (e.g., forwarding the requests to the resources 114 in response to determining that the resources 114 can properly perform the requests, denying the requests in response to determining that the resources 114 can properly perform the requests, etc.). Thus, because the resources 114 managed in the wrapped compliance model generally perform any requests that the resources 114 receive without considering policy-based controls or compliance issues, theevent audit service 135 b may further execute the compliance management service to wrap, coordinate, and synthesize an audit trail that includes data obtained from the managed resources 114 and the wrapping policy definition service. - In one implementation, the compliance management models may include a delegated compliance management model to manage resources 114 that implement a policy enforcement point and reference an external policy decision point, wherein the resources 114 managed in the delegated compliance management model may have limited internal awareness over policy-based controls. As such, in one implementation, the compliance management service may interleave policy decisions or other control operations generated by the external policy decision point with the internally implemented policy enforcement point to provide compliance assurance for the resources 114 managed in the delegated compliance management model. The delegated compliance management model may therefore represent a hybrid compliance model, which may apply to any suitable service that simultaneously anticipates compliance instrumentation but lacks internal policy control abstractions (e.g., the internally implemented policy enforcement point may anticipate the compliance instrumentation, while the externally referenced policy decision point has the relevant policy control abstractions). Thus, in the delegated compliance management model, the compliance management service may have fewer objects to coordinate than in the wrapped compliance management model, but the
event audit service 135 b may nonetheless execute the compliance management service to coordinate and synthesize an audit trail that includes data obtained from the managed resources 114 and the delegated external policy decision point. - In one implementation, the compliance management models may include an embedded compliance management model that manages resources 114 that internally implement policy enforcement points and policy decision points, wherein the resources 114 managed in the embedded compliance management model may have full internal awareness over policy-based controls. As such, in one implementation, the resources 114 managed in the embedded compliance management model may employ the internally implemented policy enforcement points and policy decision points to instrument any service and control operations for requests directed to the resources 114. In one implementation, to provide flexible compliance assurance, resources 114 managed in the embedded compliance management model may expose configuration or customization options via an externalized policy administration point. Thus, the embedded compliance management model may provide an integrated and effective audit trail for compliance assurance, which may often leave the compliance management service free to perform other compliance assurance processes.
- Accordingly, in one implementation, the compliance management service may obtain information for any resource 114 managed in the
information technology infrastructure 110 from theconfiguration management database 185 a orother databases 155 that include a federated namespace for the managed resources 114, configurations for the managed resources 114, and relationships among the managed resources 114. In addition, the compliance management service may reference theconfiguration management database 185 a or other thedatabases 155 to arbitrate configuration management in theinfrastructure 110 and record previous configurations histories for the resources 114 in theconfiguration management database 185 a orother databases 155. As such, the compliance management service may generally maintain information relating to identities, configurations, and relationships for the managed resources 114, which may provide a comparison context for analyzing subsequent requests to change theinfrastructure 110 and identifying information technology services that the requested changes may impact. - Computing and Storage Environments
- In one implementation, as noted above, the technologies integrated by the model-driven
architecture 100A and the service-orientedarchitecture 100B may include managing computing and storage environments that support services in theinfrastructure 110. In particular, in one implementation, the computing and storage environments used to support services in theinfrastructure 110 may employ Linux operating environments, which may generally include an operating system distribution with a Linux kernel and various open source packages (e.g., gcc, glibc, etc.) that collectively provide the Linux operating environments. In one implementation, the Linux operating environments may generally provide a partitioned distribution model for managing the computing and storage environments employed in the workload management system. Further, in one implementation, a particular Linux distribution may be bundled for operating environments pre-installed in the workload management system (e.g., openSUSE, SUSE Linux Enterprise, etc.), which may enable vendors ofphysical hardware resources 114 a to support every operating system that the vendors' customers employ without overhead that may introduced with multiple pre-installed operating environment choices. - In one implementation, the partitioned distribution model may partition the Linux operating environments into a physical hardware distribution (often referred to as a “pDistro”), which may include
physical resources 114 a that run over hardware to provide a physical hosting environment forvirtual machines 114 b. For example, in one implementation, the physical hardware distribution may include the Linux kernel and various hypervisor technologies that can run thevirtual machines 114 b over the underlying physical hosting environment, wherein the physical hardware distribution may be certified for existing and future-developed hardware environments to enable the workload management system to support future advances in the Linux kernel and/or hypervisor technologies. Alternatively (or additionally), the workload management system may release the physical hardware distribution in a full Linux distribution version to provide users with the ability to take advantage of future advances in technologies at a faster release cycle. - In one implementation, the partitioned distribution model may further partition the Linux operating environments into a virtual software distribution (often referred to as a “vDistro”), which may include
virtual machines 114 b deployed for specific applications or services that run, enable, and otherwise support workloads. More particularly, any particular virtual software distribution may generally include one or more Linux package or pattern deployments, whereby thevirtual machines 114 b may include virtual machines images with “just enough operating system” (JeOS) to support the package or pattern deployments needed to run the applications or services for the workloads. In one implementation, the virtual software distribution may include a particular Linux product (e.g., SUSE Linux Enterprise Server) bundled with hardware agnostic virtual drivers, which may provideconfiguration resources 114 c for tuningvirtualized resources 114 b for optimized performance. - In one implementation, the particular virtual software distribution may be certified for governmental security requirements and for certain application vendors, which may enable the workload management system to update any
physical resources 114 a in the physical hardware distribution underlying the virtual software distribution without compromising support contracts with such vendors. In particular, in response to future changes in technology that may improve support for Linux operating environments, resulting improvements may occur in techniques for building and deploying Linux operating environments. Thus, where many application vendors currently tend to only provide support for certain Linux applications that run in certain Linux versions, the workload management system may enable support for any particular Linux application or version, which may drive Linux integration and adoption across theinformation technology infrastructure 110. In one implementation, for example, the workload management system may employ Linux applications and distributions created using a build system that enables any suitable application to be built and tested on different versions of Linux distributions (e.g., an openSUSE Build Service, SUSE Studio, etc.). For example, in response to receiving a request that includes unique specifications for a particular Linux application, the workload management system may notify distribution developers to include such specifications in the application, with the specifications then being made available to other application developers. - Thus, in one implementation, the Linux build system employed in the workload management system may enable distribution engineers and developers to detect whether changes to subsequent application releases conflict with or otherwise break existing applications. In particular, changes in systems, compiler versions, dependent libraries, or other resources 114 may cause errors in the subsequent application releases, wherein commonly employing the Linux build system throughout the workload management system may provide standardized application support. For example, in one implementation, the workload management system may employ certified implementations of the Linux Standard Base (LSB), which may enable independent software vendors (ISVs) to verify compliance, and may further provide various support services that can provide policy-based automated remediation for the Linux operating environments through the LSB Open Cluster Framework (OCF).
- In one implementation, the Linux operating environments in the workload management system may provide engines that support orchestrated virtualization, collaboration, and architectural agility, as will be described in greater detail below. Further, to manage identities, enforce policies, and assure compliance, the Linux operating environments may include a “syslog” infrastructure that coordinate and manages various internal auditing requirements, while the workload management system may further provide an audit agent to augment the internal auditing capabilities that the “syslog” infrastructure provides (e.g., the audit agent may operate within the
event audit service 135 b to uniformly manage the Linux kernel, the identity services, the policy services, and the compliance services across the workload management system). For example, in one implementation, partitioning the monolithic Linux distribution within a multiple layer model that includes physical hardware distributions and virtual software distributions may enable each layer of the operating system to be developed, delivered, and supported at different schedules. In one implementation, ascheduling system 180 c may coordinate such development, delivery, and support in a manner that permits dynamic changes to thephysical resources 114 a in theinfrastructure 110, which provide stability and predictability for theinfrastructure 110. - In one implementation, partitioning the Linux operating environments into physical hardware distributions and virtual software distributions may further enable the workload management system to run workloads in computing and storage environments that may not necessarily be co-located or directly connected to physical storage systems that contain persistent data. For example, the workload management system may support various interoperable and standardized protocols that provide communication channels between users, applications, services, and a scalable replicated storage system, such as the clustered
file system 195 illustrated inFIG. 1A , wherein such protocols may provide authorized access between various components at any suitable layer within the storage system. - In one implementation, the clustered
file system 195 may generally include various block storage devices, each of which may host various different file systems. In one implementation, the workload management system may provide various storage replication and version management services for the clusteredfile system 195, wherein the various block storage devices in the clusteredfile system 195 may be organized in a hierarchical stack, which may enable the workload management system to separate the clusteredfile system 195 from operating systems and collaborative workloads. As such, the storage replication and version management services may enable applications and storage services to run in cloud computing environments located remotely fromclient resources 115. - In one implementation, various access protocols may provide communication channels that enable secure physical and logical distributions between subsystem layers in the clustered file system 195 (e.g., a Coherent Remote File System protocol, a Dynamic Storage Technology protocol, which may provide a file system-to-file system protocol that can place a particular file in one of various different file systems based on various policies, or other suitable protocols). Furthermore, traditional protocols for access files from a client resource 115 (e.g., HTTP, NCP, AFP, NFS, etc.) may be written to file system specific interfaces defined in the
definitive software library 190. As such, thedefinitive software library 190 may provide mappings between authorization and semantic models associated with the access protocols and similar elements of the clusteredfile system 195, wherein the mappings may be dynamically modified to handle any new protocols that support cross-device replication, device snapshots, block-level duplication, data transfer, and/or services for managing identities, policies, and compliance. - As such, the storage replication and version management services may enable users to create workloads that define identity and policy-based storage requirements, wherein team members identities may be used to dynamically modify the team members and any access rights defined for the team members (e.g., new team members may be added to a “write access” group, users that leave the team may be moved to a “read access” group or removed from the group, policies that enforce higher compliance levels for Sarbanes-Oxley may be added in response to an executive user joining the team, etc.). For example, a user that heads a distributed cross-department team developing a new product may define various members for the team and request permission for self-defined access levels for the team members (e.g., to enable the team members to individually specify a storage amount, redundancy level, and bandwidth to allocate). The workload management system may then provide fine grained access control for a dynamic local storage cache, which may move data stored in the in the clustered
file system 195 to a local storage for aclient resource 115 that accesses the data (i.e., causing the data to appear local despite being persistently managed in the clusteredfile system 195 remotely from the client resource 115). As such, individual users may then use information technology tools define for local area networks to access and update the data, wherein the replication and version management services may further enable the individual users to capture consistent snapshots that include a state of the data across various e-mail systems,databases 155,file systems 195, cloud storage environments, or other storage devices. - In one implementation, the storage replication and version management services may further enable active data migration and auditing for migrated data. For example, policies or compliance issues may require data to be maintained for a longer lifecycle than hardware and storage systems, wherein the workload management system may actively migrate certain data to long-term hardware or an immutable vault in the clustered
file system 195 to address such policies or compliance issues. Furthermore, identity-based management for the data stored in the clusteredfile system 195 may enable the workload management system to control, track, and otherwise audit ownership and access to the data, and the workload management system may further classify and tag the data stored in the clusteredfile system 195 to manage the data stored therein (e.g., the data may be classified and tagged to segregate short-term data from long-term data, maintain frequently used data on faster storage systems, provide a content-addressed mechanism for efficiently searching potentially large amounts of data, etc.). Thus, the workload management system may use the storage replication and version management services to generatedetailed reports 145 for the data managed in the clustered file system. - In one implementation, the storage replication and version management services may further provide replication services at a file level, which may enable the workload management system to control a location, an identity, and a replication technique (e.g., block-level versus byte-level) for each file in the clustered
file system 195. In addition, the storage replication and version management services may further enable the workload management system to manage storage costs and energy consumption (e.g., by controlling a number of copies created for any particular file, a storage medium used to store such copies, a storage location used to store such copies, etc.). Thus, integrating federated identities managed in theidentity vault 125 with federated policy definition services may enable the workload management system to manage the clusteredfile system 195 without synchronizing or otherwise copying every identity with separate identity stores associated with different storage subsystems. - Orchestrated Virtualization
- In one implementation, as noted above, the technologies integrated by the model-driven
architecture 100A and the service-orientedarchitecture 100B may provide orchestrated virtualization for managing services provided in theinformation technology infrastructure 110. In particular, virtualization generally ensures that a machine runs at optimal utilization by allowing services to run anywhere, regardless of requirements or limitations that underlying platforms or operating systems may have. Thus, the workload management system may define standardized partitions that control whether certain portions of the operating system execute over hardware provided in a hosting environment, or insidevirtual machines 114 b that decouple applications and services from the hardware on which thevirtual machines 114 b have been deployed. The workload management system may further employ a standardized image for thevirtual machines 114 b, provide metadata wrappers for encapsulating thevirtual machines 114 b, and provide various tools for managing thevirtual machines 114 b (e.g., “zero residue” management agents that can patch and update running instances ofvirtual machines 114 b stored in the clusteredfile system 195,databases 155, or other repositories). - In one implementation, the virtualized services provided in the workload management system may simplify processes for developing and deploying applications, which may enable optimal utilization of
physical resources 114 a in the infrastructure. Furthermore, virtualization may be used to certify the Linux operating environments employed in theinfrastructure 110 for any suitable platform that include variousphysical resources 114 a. In particular, as described in further detail above, the workload management system may partition the Linux operating environments into a multiple-layer distribution that includes a physical distribution and a virtual distribution, wherein the physical distribution may represent a lower-level interface tophysical resources 114 a that hostvirtual machines 114 b, while the virtual distribution may represent any applications or services hosted on thevirtual machines 114 b. - For example, in one implementation, the physical distribution may include a minimally functional kernel that bundles various base drivers and/or independent hardware vendor drivers matched to the
physical resources 114 a that host thevirtual machines 114 b. In one implementation, the physical distribution may further include a pluggable hypervisor that enables multiple operating systems to run concurrently over the hostingphysical resources 114 a, a minimal number of software packages that provide core functionality for the physical distribution, and one or more of the zero residue management agents that can manage anyvirtualized resources 114 b that may be hosted on thephysical resources 114 a. As such, in response to any particular request to install a physical distribution, package selections available to the workload management system may include packages for the kernel, the hypervisor, the appropriate drivers, and the management agents that may be needed to support brands or classes of the underlyingphysical resources 114 a. - Furthermore, in one implementation, the virtual distribution may include a tuned appliance, which may generally encapsulate an operating system and other data that supports a particular application. In addition, the virtual distribution may further include a workload profile encapsulating various profiles for certifying the appliance with attestation tokens (e.g., profiles for resources 114, applications, service level agreements, inventories, cost, compliance, etc.). Thus, the virtual distribution may be neutral with respect to the
physical resources 114 a included in the physical distribution, wherein the virtual distribution may be managed independently from any physical drivers and applications hosted by a kernel for the virtual distribution (e.g., upgrades for the kernels and physical device drivers used in the physical distributions may be managed independently from security patches or other management for the kernels and applications used in the virtual distributions). Thus, partitioning the physical distributions from the virtual distributions may remove requirements for particularphysical resources 114 a and preserve records for data that may require a specific application running on a specific operating system. - In one implementation, from a business perspective, the workload management system may secure the
virtualized resources 114 b in a similar manner as applications deployed on thephysical resources 114 a. For example, the workload management system may employ any access controls, packet filtering, or other techniques used to secure thephysical resources 114 a to enforce containment and otherwise secure thevirtualized resources 114 b, wherein thevirtualized resources 114 b may preserve benefits provided by running a single application on a singlephysical server 114 a while further enabling consolidation and fluid allocation of thephysical resources 114 a. Furthermore, the workload management system may include various information technology tools that can be used to determine whether newphysical resources 114 a may be needed to support new services, deploy newvirtual machines 114 b, and establish new virtual teams that include various collaborating entities. - In one implementation, the information technology tools may include a trending tool that indicate maximum and minimum utilizations for the
physical resources 114 a, which may indicate when newphysical resources 114 a may be needed. For example, changes to virtual teams, different types of content, changes in visibility, or other trends for thevirtualized resources 114 b may cause changes in theinfrastructure 110, such as compliance, storage, and fault tolerance obligations, wherein the workload management system may detect such changes and automatically react to intelligently manage that the resources 114 in theinfrastructure 110. In one implementation, the information technology tools may further include a compliance tool providing a compliance envelope for applications running or services provided within any suitablevirtual machine 114 b. More particularly, the compliance envelope may save a current state of thevirtual machine 114 b at any suitable time and then push an updated version of the current state to theinfrastructure 110, whereby the workload management system may determine whether the current state of thevirtual machine 114 b complies with any policies that may have been defined for thevirtual machine 114 b. For example, the workload management system may support deployingvirtual machines 114 b in demilitarized zones, cloud computing environments, or other data centers that may be remote from theinfrastructure 110, wherein the compliance envelope may provide a security wrapping to safely move suchvirtual machines 114 b and ensure that only entities with approved identities can access thevirtual machines 114 b. - Thus, from an architectural perspective, the
virtualized resources 114 b may enable the workload management system to manage development and deployment for services and applications provisioned in theinfrastructure 110. For example, rather than dynamically provisioningphysical resources 114 a to deal with transient peaks in load and availability on a per-service basis, which may result in under-utilizedphysical resources 114 a, the workload management system may host multiplevirtual machines 114 b on onephysical machine 114 a to optimize utilization levels for thephysical resources 114 a, which may dynamically provisionedphysical resources 114 a that enable mobility for services hosted in thevirtual machines 114 b. Thus, in one implementation, mobile services may enable the workload management system to implement live migration for services that planned maintenance events may impact without adversely affecting an availability of such services, while the workload management system may implement clustering or other availability strategies to address unplanned events, such as hardware or software failures. - In one implementation, the workload management system may further provide various containers to manage the
virtual machines 114 b, wherein the containers may include a security container, an application container, a service level agreement container, or other suitable containers. The security container may generally provide hardware-enforced isolation and protection boundaries for variousvirtual machines 114 b hosted on aphysical resource 114 a and the hypervisor hosting thevirtual machines 114 b. In one implementation, the hardware-enforced isolation and protection boundaries may be coupled with a closed management domain to provide a secure model for deploying thevirtual machines 114 b (e.g., one or more security labels can be assigned to any particularvirtual machine 114 b to contain viruses or other vulnerabilities within the particularvirtual machine 114 b). Furthermore, in the context of tuned appliances, wherein onevirtual machine 114 b hosts one service that supports one particular application, the application container may package the service within a particularvirtual machine image 114 b. As such, thevirtual machine image 114 b may include a kernel and a runtime environment optimally configured and tuned for the hosted service. Similarly, the service level agreement container may dynamically monitor, meter, and allocate resources 114 to provide quality of service guarantees on a per-virtual machine 114 b basis in a manner transparent to thevirtual machine kernel 114 b. - In one implementation, the various containers used to manage the
virtual machines 114 b may further provide predictable and custom runtime environments forvirtual machines 114 b. In particular, the workload management system may embed prioritization schemes within portions of an operating system stack associated with avirtual machine 114 b that may adversely impact throughput in the operating system. For example, unbounded priority inversion may arise in response to a low-priority task holding a kernel lock and thereby blocking a high-priority task, resulting in an unbounded latency for the high-priority task. As such, in one implementation, the prioritization schemes may embed a deadline processor scheduler in the hypervisor of thevirtual machine 114 b and build admission control mechanisms into the operating system stack, which may enable the workload management system to distribute loads across differentvirtual machine 114 b and support predictable computing. In addition, the workload management system may decompose kernels and operating systems forvirtual machines 114 b to provide custom runtime environments. For example, in the context of a typicalvirtual machine 114 b, an “unprivileged guest”virtual machine 114 b may hand off processing to a “helper”virtual machine 114 b at a device driver level. Thus, to support server-class applications that may depend on having a portable runtime environment, the workload management system may use the decomposed kernels and operating systems to dynamically implement an operating system for a particularvirtual machine 114 b at runtime (e.g., the dynamically implemented operating system may represent a portable runtime that can provide a kernel for avirtual machine 114 b that hosts a service running a server-class application, which may be customized as a runtime environment specific to that service and application). - In one implementation, the workload management system may further employ different virtualization technologies in different operating environments. For example, in one implementation, the workload management system may implement
Type 1 hypervisors forvirtualized server resources 114 b andType 2 hypervisors for virtualized workstation, desktop, orother client resources 115. In particular,Type 1 hypervisors generally control and virtualize underlyingphysical resources 114 a to enable hosting guest operating systems over thephysical resources 114 a (e.g., providing coarse-level scheduling to partition thephysical resources 114 a in a manner that can meet quality of service requirements for each of the guest operating systems hosted on thephysical resources 114 a). Thus, the workload management system may implementType 1 hypervisors forvirtualized server resources 114 b to leverage performance and fault isolation features that such hypervisors provide. In contrast,Type 2 hypervisors generally include use a host operating system as the hypervisor, which use Linux schedulers to allocate resources 114 to guest operating systems hosted on the hypervisor. InType 2 hypervisor architectures, such as the VMware GSX Server, Microsoft Virtual PC, and Linux KVM, hostedvirtual machines 114 b appear as a process similar to any other hosted process. Thus, because workstations, desktops, andother client resources 115 may include hardware that may or may not support virtualization, the workload management system may provide centralized desktop management andprovisioning using Type 2 hypervisors. For example, the workload management system may manage and maintain desktop environments asvirtual appliances 114 b hosted in theinfrastructure 110 and then remotely deliver the desktop environments to remote client resources 115 (e.g., in response to authenticating an end user at aparticular client resource 115, thevirtual appliance 114 b carrying the appropriate desktop environment may be delivered for hosting to theclient resource 115, and theclient resource 115 may transfer persistent states for the desktop environment to theinfrastructure 110 to ensure that theclient resource 115 remains stateless). - In one implementation, orchestrated virtualization may generally refer to implementing automated policy-based controls for virtualized services. For example, an orchestrated data center may ensure compliance with quality of service agreements for particular groups of users, applications, or activities that occur in the
information technology infrastructure 110. The workload management system may therefore provide a policy-based orchestration service to managevirtualized resources 114 b, wherein the orchestration service may gather correct workload metrics without compromising performance in cloud computing environments or other emerging service delivery models. For example, workloads that users define may be executed using coordinated sets ofvirtual machines 114 b embedding different application-specific operating systems, wherein the workload management system may provision and de-provision thevirtual machines 114 b to meet requirements defined in the workload (e.g., using standard image formats and metadata wrappers to encapsulate the workloads, embed standard hypervisors in thevirtual machines 114 b, physical-to-virtual (P2V) or virtual-to-virtual (V2V) conversion tools to translate between different image formats, etc.). Furthermore, in cloud computing environments that can include unpredictable sets of dynamic resources external to theinfrastructure 110, the workload management system coordinate such resources using a closed-loop management infrastructure 170 that manages declarative policies, fine-grained access controls, and orchestrated management and monitoring tools. - In one implementation, the workload management system may further manage the orchestrated data center to manage any suitable resources 114 involved in the virtualized workloads, which may span multiple operating systems, applications, and services deployed on various
physical resources 114 a and/orvirtualized resources 114 b (e.g., aphysical server 114 a and/or avirtualized server 114 b). Thus, the workload management system may balance resources 114 in theinformation technology infrastructure 110, which may align management of resources 114 in the orchestrated data center with business needs or other constraints defined in the virtualized workloads (e.g., deploying or tuning the resources 114 to reduce costs, eliminate risks, etc.). For example, as described in further detail above, theconfiguration management database 185 a may generally describe every resource 114 in theinfrastructure 110, relationships among the resources 114, and changes, incidents, problems, known errors, and/or known solutions for managing the resources 114 in theinfrastructure 110. - As such, the policy-based orchestration service may provide federated information indexing every asset or other resource 114 in the
infrastructure 110, wherein the workload management system may reference the federated information to automatically implement policy-controlled best practices (e.g., as defined in the Information Technology Infrastructure Library) to manage changes to theinfrastructure 110 and the orchestrated data center. For example, theconfiguration management database 185 a may model dependencies, capacities, bandwidth constraints, interconnections, and other information for the resources 114 in theinfrastructure 110, which may enable the workload management system to perform impact analysis, “what if” analysis, and other management functions in a policy-controlled manner. Furthermore, as noted above, theconfiguration management database 185 a may include a federated model of theinfrastructure 110, wherein the information stored therein may originate from various different sources. Thus, through the federated model, theconfiguration management database 185 a may appear as one “virtual” database incorporating information from various sources without introducing overhead otherwise associated with creating one centralized database that potentially includes large amounts of duplicative data. - In one implementation, the orchestration service may automate workloads across various
physical resources 114 a and/orvirtualized resources 114 b using policies that match the workloads to suitable resources 114. For example, deploying an orchestratedvirtual machine 114 b for a requested workload may include identifying a suitable hostvirtual machine 114 b that satisfies any constraints defined for the workload (e.g., matching tasks to perform in the workload to resources 114 that can perform such tasks). In response to identifying allocating and deploying the suitable hostvirtual machine 114 b, deploying the orchestratedvirtual machine 114 b for the workload may include the workload management system positioning an operating system image on the hostvirtual machine 114 b, defining and running the orchestratedvirtual machine 114 b on the chosen hostvirtual machine 114 b, and then monitoring, restarting, or moving thevirtual machine 114 b as needed to continually satisfy the workload constraints. - In one implementation, the orchestration service may include various orchestration sub-services that collectively enable management over orchestrated workloads. For example, the orchestration service may be driven by a blueprint sub-service that defines related resources 114 provisioned for an orchestrated workload, which the workload management system may manage as a whole service including various different types of resources 114. Furthermore, a change management sub-service may enable audited negotiation for service change requests, including the manner and timing for committing the change requests (e.g., within an approval workload 130). The sub-services may further include an availability management sub-service that can control and restart services in a policy-controlled manner, a performance management sub-service that enforces runtime service level agreements and policies, a patch management sub-service that automatically patches and updates resources 114 in response to static or dynamic constraints, and a capacity management sub-service that can increase or reduce capacities for resources 114 in response to current workloads.
- To provide exemplary contexts for some of the orchestration sub-services noted above, the availability management sub-service may automatically migrate a
virtual machine 114 b to anotherphysical host 114 a in response to a service restart failing on a currentphysical host 114 a more than a policy-defined threshold number of times. With respect to the performance management sub-service, in response to determining that a service running at eighty percent utilization can be cloned, the service may be cloned to create a new instance of the service and the new instance of the service may be started automatically. Furthermore, to manage a patch for running instances of a service, the patch management sub-service may test the patch against a test instance of the service and subsequently apply the patch to the running service instance in response to the test passing. Regarding the capacity management sub-service, an exemplary service instance may include a service level agreement requiring a certain amount of available storage for the service instance, wherein the capacity management sub-service may allocate additional storage capacity to the service instance in response to determining that the storage capacity currently available to the service instance has fallen below a policy-defined threshold (e.g., twenty percent). - In one implementation, the orchestration service may incorporate workflow concepts to manage
approval workloads 130 or other management workloads, wherein aworkload database 185 b may store information that the workload management system can use to manage the workloads. For example, in one implementation, anapproval workload 130 may include a request to provision a particular service to a particular user in accordance with particular constraints, wherein theapproval workload 130 may include a sequence of activities that includes a suitable management entity reviewing the constraints defined for the service, determining whether any applicable policies permit or prohibit provisioning the service for the user, and deploying the service in response to determining that the service can be provisioned, among other things. Thus, theworkload engine 180 a may execute the orchestration service to map the sequence of activities defined for any particular workload to passive management operations and active dynamic orchestration operations. For example, theworkload database 185 b may stores various declarative service blueprints that provide master plans and patterns for automatically generating service instances, physical distribution images and virtual distribution images that can be shared across the workload management system to automatically generate the service instances, and declarative response files that define packages and configuration settings to automatically apply to the service instances. - Collaboration
- In one implementation, as noted above, the technologies integrated by the model-driven
architecture 100A and the service-orientedarchitecture 100B may enable collaboration between entities that interact with the services provided in theinformation technology infrastructure 110. In particular, collaboration may generally involve dynamic teams that cross traditional security and policy boundaries. For example, where loosely affiliated organizations share data and applications, the workload management system may enable continued collaboration even when some of the participants sharing the data and applications may be temporarily offline (e.g., the workload management system may authorize certain users to allocate portions oflocal client resources 115 to support cross-organizational endeavors). Thus, the workload management system may provide astandard interface 160 designed to enable dynamic collaboration for end users that simplify interaction with complex systems, which may provide organizations with opportunities for more productive and agile workloads. - In one implementation, the workload management system may provide a collaboration service that enables workloads to span multiple users; applications, services, systems, or other resources 114. For example, multiple users may collaborate and share data and other resources 114 throughout the workload management system, both individually and within virtual teams (e.g., via a service bus that transports data relating to services or other resources 114 over the event bus 140). As such, the workload management system may support virtual team creation that can span organizational and geographic boundaries, wherein affiliations, content, status, and effectiveness may be represented for identities that have membership in any particular virtual team (e.g., to enable online and offline interaction between team members). In one implementation, the workload management system may provide enriched collaboration content (e.g., images, video, text, data feeds), and may efficiently transport the collaboration content between team members (e.g., via the service bus). Furthermore, the workload management system may integrate desktops, laptops, personal digital assistants, smart phones, or other
suitable client resources 115 into virtual team collaboration experiences in order to meet emerging demands for mobile, interoperable, and integrated access. Thus, the collaboration enabled in the workload management system may operate in an adaptive collaborative environment, which may unify technologies for online integrated media sharing with offline authoring and editing. - In one implementation, the collaboration service may generally include a web-based platform that support inter-organization and intra-organization management for virtual teams, interoperability between various different collaboration products, social networking to deliver information that enables the virtual teams to interact efficiently either online or offline, and federated searches against any suitable information source, among other things. For example, in one implementation, the collaboration service may include various collaboration sub-services that collectively enable the adaptive collaborative environment, including a client sub-service, an aggregation sub-service, an information sub-service, a real-time collaboration sub-service, and a metadata sub-service.
- In one implementation, the client sub-service may provide communication interfaces with real-time online systems, offline systems, and user interfaces. In particular, functionality for the client sub-service may be provided in a web-based interface that supports interaction with the real-time online systems in addition to software that can execute locally at
client resources 115 to provide offline access to shared data and real-time meetings that may involve shared applications and shared desktops. For example, in one implementation, the client sub-service may communicate with the aggregation sub-service to coordinate the communication and collaboration across various information sources, wherein the aggregation sub-service may route messages to the appropriate information sources in appropriate formats. Furthermore, to ensure that collaborative contexts reference information that may be distributed across theinfrastructure 110 rather than hosted within one particular application, the information sub-service may integrate the different information sources within the collaborative environment. As such, the virtual teams may connect and collaborate using information that originates anywhere across theinfrastructure 110, and the information sub-service may enable members of the virtual teams to discuss information or other content from the various sources in an interactive manner. The real-time collaboration sub-service may interact with the information sub-service to provide real-time meetings that include audio content, video content, instant message content, and other forms of communication content in real-time collaborative contexts within theinfrastructure 110 and with third-parties. - In one implementation, the metadata sub-service may provide a “helper” service to the aggregation and information sub-services, collecting ancillary metadata generated during interaction between virtual team members and create collaborative threads to maintain contexts that generated the data. Furthermore, the metadata sub-service may evaluate the ancillary metadata to discover new and relevant links between information sources and integrate data that can potentially originate from various disparate information sources. For example, the metadata sub-service may provide a uniform format for classifying data collected during collaborative contexts, which may provide a single source for virtual team members to search and display the data across any suitable collaboration source. Similarly, the metadata sub-service may index and unify data collected from disparate network sources, including various search engines and content aggregation services, to help the virtual team members to locate information that may be interesting or otherwise relevant to the collaborative contexts. As such, the various sub-services integrated within the collaboration service may provide a collaborative environment that supports dynamic interaction across organizational boundaries and different information sources in a manner that can account for any particular virtual team member's personal preferences.
- Architectural Agility
- In one implementation, as noted above, the technologies integrated by the model-driven
architecture 100A and the service-orientedarchitecture 100B may collectively provide various services that the workload management system can use to manage workloads and enable intelligent choices in aninformation technology infrastructure 110. Furthermore, various horizontal integration components may be distributed in the workload management system to integrate the various technologies employed in the model-drivenarchitecture 100A and the service-orientedarchitecture 100B and provide an agile and interoperableinformation technology infrastructure 110. - In particular, the horizontal integration components distributed across the workload management system may provide agility and interoperability to the
information technology infrastructure 110 through support for various emerging service delivery models, including Web 2.0, Software as a Service (SaaS), mashups, hardware, software, and virtual appliances, cloud computing, grid computing, and thin clients, among others. For example, in one implementation, every service, application, or other resource 114 in the workload management system may be provided with anapplication programming interface 160 that can provide connectivity between different operating systems, programming languages, graphical user interface toolkits, or other suitable services, applications, or resources 114. - In one implementation, the
application programming interface 160 may include a Representational State Transfer (REST)application program interface 160, which may use standard methods defined in the Hypertext Transfer Protocol (HTTP), wherein using standardized types to format data may ensure interoperability. In one implementation, theREST interface 160 may define a Uniform Resource Identifier (URI) that represents a unique identity for any suitable entity, and may further define relationships between the represented identities with hyperlinks that can be selected to access information for related identities, attribute claims, roles, policies, workloads, collaboration spaces, and workflow processes. Thus, through the use of URIs, hyperlinks, and other standard HTTP methods, theREST interface 160 may provide an interface to a data ecosystem that can be navigated in a web-based environment that can be used anywhere in the workload management system. In one implementation, theREST interface 160 may declare a namespace having version controls and standard methods to read and write to the data ecosystem, and may include a URI registry containing the URIs that represent the identities in the data ecosystem. Thus, any suitable resource 114 may programmatically discover other identities that communicate using the REST interface 160 (e.g., theREST interface 160 may be implemented in acommunication gateway 112 a tophysical resources 114 a, acommunication gateway 112 b tovirtualized resources 114 a, acommunication gateway 112 c toconfiguration resources 114 c, etc.). - Furthermore, in one implementation, the workload management system may extend an application program interface stack for the supplied
REST interface 160, which may enable new services, applications, and other resources 114 to be integrated into the workload management system in a manner that automatically inherits the identity-based and policy-controlled services implemented in the workload management system. In particular, the supplied application program interface stack may generally include a unified adapter and a proxy to existing and future technologies using protocols to enable services that communicate through theREST interface 160 regardless of whether the services reside in theinfrastructure 110, a cloud computing environment, a third party data center, or elsewhere (e.g., web service protocols, lightweight directory protocols, messaging queue protocols, remote procedure call protocols, etc.). To provide support to developers and users that extend the application program interface stack supplied for theREST interface 160, a Recipe-based Development Kit (RDK) may provide full source code examples for various operating systems, programming languages, and graphical user interface toolkits. - Additionally, in one implementation, the
workload engine 180 a may manage creation of application program interface keys for theREST interface 160 stack, whereby auditing and policy-based approvals may be supported for provisioning the application program interface keys. For example, the workload management system may deploy widgets toclient desktops 115, wherein the widget may track identities and contexts that include attempts to access theREST interface 160 stack. Thus, in response to provisioning or auditing application program interface keys, platform authentication and policy checks may be triggered against the accessing identity and the context that the keys supply. In a similar manner, the application program interface keys may enable the workload management system to meter costs for theinformation technology infrastructure 110. - Thus, the standardized stack supplied for the REST
application program interface 160 may provide support for industry standard authentication and authorization methods, which may enable identity-managed and policy-controlled auditing for events and access controls. Furthermore, the extensibility of the RESTapplication program interface 160 may enable integration with any suitable existing or future-developed system. For example, in one implementation, theREST interface 160 may be configured with standards such as the Atom Syndication Format and Atom Publishing Protocol to integrate feed synchronization, JavaScript Object Notation and Extensible. Markup Language (XML) to integrate enterprise portals, mashups, and social networking platforms. Thus, in the context of feed synchronization to provide automatically notifications in response to any changes to a particular resource 114, a user may simply enter a URI for the resource 114 in an existing web browser feed aggregator (e.g., Firefox bookmarks). Thus, by providing extensible support for any suitable system, application, service, or other resources 114, the features of the RESTapplication program interface 160 may provide agility and interoperability to theinfrastructure 110. - Having described the model-driven and service-oriented
architecture 100A-B that collectively provide the agile, responsive, reliable, and interoperable environment that enables the features of the workload management system, the description to be provided below will address certain particular features of the workload management system. In addition, further detail relating to the architectural foundation and other features of the workload management system may be provided in “Novell Architectural Foundation: A Technical Vision for Computing and Collaborating with Agility,” “Automation for the New Data Center,” and “A Blueprint for Better Management from the Desktop to the Data Center,” the contents of which are hereby incorporated by reference in their entirety. - According to one aspect of the invention,
FIG. 2 illustrates anexemplary method 200 for intelligent workload management. In particular, the intelligentworkload management method 200 may be used to manage approval workloads created in response to service requests. In particular, anoperation 210 may include creating an approval workload in response to a receiving a request for a service from any suitable user, application, system, or other entity having an identity in the workload management system. For example, in one implementation, the request may generally specify any components needed to configure the service for a particular task (e.g., a raw machine hosting an operating system and storage may be requested to deploy a particular application in the raw machine, an existing service may be requested to specify any suitable combination of components that can deploy the application, etc.). In addition, the request may further specify desired a performance level (or service level) for the service (e.g., availability, release capacity, financial constraints, continuity, etc.), any comments for provisioning the service in a certain manner (e.g., provision the service as soon as possible, according to a particular schedule or policy, to particular members in a virtual team, with a particular configuration, etc.). - Thus, in one implementation, the request may generally include any suitable criteria that the requesting entity specifies to define constraints for deploying the requested service, wherein the workload management system may create the approval workload in
operation 210 to determine whether or not the requested service can be provisioned in a manner that meets the constraints defined in the request. For example, in one implementation, the approval workload may generally define a task that includes various human and/or automated approvers (or service delivery managers) collaboratively managing the service request to determine whether the service can be provisioned as requested. Thus, to manage the approval workload, anoperation 220 may include the workload management system querying a configuration management database to obtain an infrastructure model describing any computing resources and storage resources available to run the requested service. - In one implementation, the model of the computing resources obtained in
operation 220 may include various rack-mounted servers and/or blade servers, which may include multi-core processors (e.g., sixty-four bit processors), a multiple gigabyte local memory, a serial-attached Redundant Array of Independent Disks (RAID), Ethernet and Storage Area Network (SAN) interfaces, and embedded hardware that can support virtualization. In addition, the computing resources may further run an appropriate operating system for the underlying physical architecture, including a virtual machine monitor (e.g., a hypervisor), various device drivers, a management kernel, and any suitable management agents. In one implementation, the management kernel and the management agents may collectively provide support for remotely deploying virtual machines to be executed by the hypervisors present on the computing resources, which may enable the workload management system to group and organize the computing resources. For example, a globally unique identifier (e.g., a URI) may be created for each of the computing resources, whereby the computing resources may be grouped or otherwise organized according to any suitable combination of a type (e.g., thin blade, symmetric multiprocessing, etc.), intended purpose (e.g., test, production, etc.), owner, physical location, or other classifying types. Furthermore, the workload management system may configure one or more of the computing resources to function in isolation or cooperatively with other computing resources to create high-availability clusters. - In one implementation, the model of the storage resources obtained in
operation 220 may include various SAN disk-block storage arrays and/or file servers, whereby the storage resources may be collectively pooled and protected with identity-based policy controls. In one implementation, the computing resources described above may access the storage resources on behalf of virtual machines deployed in the infrastructure, wherein the storage resources may be individually managed during lifecycles of the virtual machines in a dynamic manner. Furthermore, the workload management system may group and organize the storage resources in a similar manner as the computing resources, wherein the workload management system may manage the storage resources according to any suitable combination of a type (e.g., available RAID-5 disks), intended purpose (e.g., temporary, protected, remotely replicated, etc.), owner, physical location, or other classifying types. - In one implementation, the model of the computing resources and the storage resources obtained in
operation 220 may further include various relationships between the resources, wherein the relationships may include dependencies, capacities, and bandwidth requirements. For example, any particular virtual, machine deployed in the infrastructure may generally run on physical computing resources, wherein the model may include federated information that links a network address, identities, and other information for the virtual machine with any computing resources and storage resources that have been allocated to the virtual machine, which may enable lifecycle management for the virtual machine. Thus, the configuration management database may generally provide federated knowledge detailing any suitable entity managed in the workload management system and relationships between such managed entities. - In one implementation, in response to querying the configuration management database in
operation 220 to obtain the current model of the infrastructure, anoperation 225 may determine whether the workload management system can provision the service requested in the approval workload in a manner that meets any constraints that the request defined for the service. In particular, the workload management system may determine whether the infrastructure model indicates that the infrastructure has available computing resources and storage resources suitable to provision the requested service. Furthermore, the workload management system may employ the identity management and policy enforcement services to determine whether the service can be provisioned to the requesting entity without violating any relevant policies. For example, to authenticate and configure a desktop machine for a chief financial officer, a biometric authorization component (e.g., a fingerprint reader) may be installed in the desktop machine. Thus, the identity management and policy enforcement services may collectively prohibit the workload management system from deploying services to the desktop machine that would add a keystroke logger, remove the biometric authorization component, or violate another policy with respect to the chief financial officer identity. In another example, requests for Bit Torrent storage may be denied regardless of an identity for the requesting identity because a policy prohibits peer-to-peer file sharing. - Thus, in response to the workload management system determining in
operation 225 that the requested service cannot be provisioned in accordance with the constraints defined in the request (e.g., because the infrastructure lacks sufficient computing resources and/or storage resources to support the service, the requested service violates a relevant policy with respect to an identity for the requesting entity, etc.), the workload management system may deny the request and send an appropriate denial notification to the requesting entity in anoperation 230. For example, the denial notification may provide a reason for denying the service request, which may provide information that can be referenced to analyze subsequent requests having similar criteria, modify the request based on available resources or relevant policies, audit approval processes in a compliance review, or otherwise referenced. - On the other hand, in response to determining in
operation 225 that the requested service can be provisioned in accordance with the requested constraints (e.g., because the infrastructure has sufficient computing resources and storage resources to support the service, the requested service does not violate any policies with respect to the identity for the requesting entity, etc.), the workload management system may approve the request and then initiate provisioning for the service in anoperation 235. In particular, in response to approving the request, the workload management system may reserve appropriate physical computing resources, virtual computing resources, and/or storage resources to run the service, whereinoperation 235 may include determining whether such resources can be automatically and/or immediately allocated. For example, certain workloads may be prioritized to ensure that business objectives can be met, wherein the workload management system may defer the approval workload inoperation 235 in response to determining that allocating the resources to the approval workload may occupy resources needed for higher priority workloads (e.g., because the reserved resources are currently subject to a “blackout” period for patching or updating the resources). - As such, in response to determining that the resources reserved to the service cannot be provisioned automatically and/or immediately, the workload management system may manage creation of a provisioning plan for the service in an
operation 240. In particular,operation 240 may include various automated and/or human entities interacting to create the provisioning plan, wherein the provisioning plan may include pre-empting the approval workload until workloads in a high priority queue have completed, moving the approval workload to the high priority queue, dynamically allocating additional resources to the approval workload (e.g., pre-empting lower priority workloads), or otherwise balancing utilization of the resources in the infrastructure between business processes and system processes that may have, different priorities. Furthermore, in one, implementation, the workload management system may coordinate the interaction between the entities that create the provisioning plan in operation 240 (e.g., because the service cannot be provisioned until a certain process has completed, a certain entity provides feedback, etc.). As such,operation 240 may generally include various processes and interactions between entities, which the workload management system may manage to create the plan for suitably provisioning the approved service. - In one implementation, in response to determining that the resources reserved to the service can be provisioned automatically and immediately, or alternatively in response to successfully creating the provisioning plan for the service in
operation 240, the workload management system may provision the requested service in anoperation 250. In particular,operation 250 may include allocating an operating system image, a resource inventory, and software to an orchestrated virtual machine that can run the service and embedding lifecycle control information within the orchestrated virtual machine to enable management for the virtual machine and the computing resources allocated to the service. In one implementation, one or more of the computing resources in the infrastructure may be configured as an image creation server, wherein the image creation servers may be dedicated to creating and installing virtual machines in various ways. For example, in a large information technology infrastructure that frequently creates virtual machine instances, multiple image creation servers may be employed to create and install the virtual machines, or one or more of the image creation servers may be configured to create “in-place” virtual machines, wherein such virtual machines may be incubated on particular computing resources that further execute the virtual machines. - Thus, in one implementation,
operation 250 may include invoking an image creation service, which may create a virtual machine image to run the requested service. For example, the image creation service may contact an image repository that contains various ready-to-run virtual machine images, and then appropriately download one or more of the virtual machine images that can run the requested service. The image creation service may then clone and configure the virtual machine image downloaded from the image repository based on any constraints that the request defines for the service. As such,operation 250 may generally include creating a new virtual machine having an operating system image, external storage references, and control information particularly configured for the requested service (e.g., based on identities, policies, service level agreements, lifecycle management, etc.), and may further include deploying the newly created virtual machine to computing resources that have been reserved to run the requested service. Alternatively (or additionally), the image creation service may provide a push model for deploying the virtual machine image, wherein the image creation service may instruct the image repository to multi-cast the image to multiple computing resources. Thus, the push model implementation may pre-stage the multi-casted virtual machine image for deployment over various potential deployment targets. - In one implementation, in response to successfully provisioning the service in
operation 250, the workload management system may update the infrastructure model in anoperation 260. For example, any resources, identities, policies, or other information associated with the provisioned service may be indexed within a global namespace in the federated configuration management database. As such, the workload management system may reference the updated infrastructure model to track registered virtual machines that have been provisioned and deployed in the infrastructure, hierarchical relationships between the registered virtual machines and the resources, identities, policies, or other information associated with the virtual machines, and otherwise provide lifecycle management for the virtual machines, as will be described in greater detail below. Furthermore, anoperation 270 may include the workload management system sending a service provisioning notification to the requesting entity, wherein the notification sent inoperation 270 may indicate that the service has been successfully provisioned, provide information that can be referenced to analyze subsequent requests having similar criteria, audit approval processes in a compliance review, or otherwise provide information relevant to the provisioned service. - In one implementation, the workload management system may manage the provisioned service in an
operation 280 in response to successfully provisioning the service inoperation 250. In particular, as noted above, updating the infrastructure model inoperation 260 may provide information that the workload management system can reference to provide lifecycle management for services provisioned and deployed in the infrastructure. For example, various lifecycle rules and control information may be used to respond to variable computing demands, changes, and unexpected events in the infrastructure, wherein services that run within virtual machines may introspectively monitor and report on health of the hosted services. Thus, the provisioned service may be managed inoperation 280 with the lifecycle control information embedded in the host virtual machines (e.g., monitoring real-time execution states and other health conditions, automatically managing identities and policies in response to monitored health conditions, retiring resources reserved or allocated the virtual machine that may no longer be needed, etc.). - In addition, the workload management system may cooperate with the lifecycle controls embedded in the host virtual machines to manage the provisioned service. In particular, the workload management system may aggregate information relating to the monitored states reported from individual virtual machine instances and record such information within a context describing a current state of the infrastructure model. Thus, physical constraints, dependencies, current performance trends, and other real-time execution states may be monitored to schedule virtual machines that run provisioned services to computing resources for execution in a manner that satisfies any identity constraints, policy controls, service level agreements, or other constraints that have been defined for the services. For example,
operation 280 may include applying policy-defined thresholds to any status events generated by the monitored computing resources, storage resources, virtual machines, or other resources (e.g., responding to a monitored variable that exceeds or falls below a policy-defined threshold for more than a policy-defined time period). In another example,operation 280 may further include managing version controls for virtual machine images, which may provide support for inserting management agents that can tune or patch the virtual machine images as needed, and rolling the virtual machine images back to a “pristine” state, among other things. - Thus, the techniques described above the intelligent
workload management method 200 may generally provide lifecycle management from creating a virtual machine image that can host a requested service through eventual retirement of the virtual machine image. Moreover, in addition to introspective health monitoring and maintenance for individual virtual machine images, the lifecycle management techniques may provide federated information for managing an entire information technology infrastructure, which may be used to assure compliance with legal and contractual obligations for any suitable hardware or software that an organization may use, create detailed plans for implementing or rolling back proposed changes to the infrastructure, detect, resolve, and otherwise remediate, incidents in the infrastructure, reactively and proactively manage problems in the infrastructure with known workarounds, fixes, and permanent infrastructure changes, and ensure that every service in the infrastructure meets or exceeds service level requirements, among other things. - According to one aspect of the invention,
FIG. 3 illustrates an exemplary block diagram of asystem 300 for generating single sign-on workload identities, whileFIG. 4 illustrates an exemplary flow diagram of amethod 400 that may operate in thesystem 300 for generating single sign-on workload identities. Thus, the description to be provided herein forFIG. 3 orFIG. 4 will be understood as corresponding to techniques that can be performed in thesystem 300 shown inFIG. 3 or themethod 400 shown inFIG. 4 , whether or not explicitly described. - In one implementation, generating single sign-on workload identities may generally include creating an authentication token that defines various credentials or permissions assigned to any suitable user, application, system, service, resource, or other entity having an identity managed in the workload management system. More particularly, an operating system that executes services or other applications on a
client device 315 may generally maintain various authentication credentials for any identities managed locally to the operating system, or the operating system may contact anauthentication server 320 to obtain authentication credentials for any single sign-on identities that the operating system does not locally manage. In one implementation, theauthentication server 320 may therefore provide a single sign-on identity source that contains authentication credentials for every managed entity, wherein single sign-on identity management may be provided for any suitable workload managed in the workload management system. - For example, in one implementation, the system and method for generating single sign-on workload identities may be used to generate single sign-on authentication tokens, wherein a
workload engine 380 may reference the single sign-on authentication tokens to provide identity management for any suitable service request (e.g., to verify that an entity that requests a new service has proper authorization prior to actually provisioning the new service, to verify that an entity that requests access to an existing service has proper authorization prior to granting access to the service, etc.). For example, in one implementation, the authentication server 320 (e.g., Novell Access Manager) may communicate with anidentity vault 325 that organizes user accounts, roles, policies, and other identity information within various directories. Thus, as shown bycommunication element 1 inFIG. 3 (oroperation 410 inFIG. 4 ), any suitable entity may submit an authentication request to theauthentication server 320, wherein the authentication request may include single sign-on authentication credentials (e.g., a user name, identifier, password, smart card input, biometric input, etc.). - In one implementation,
communication element 2 may then include the authentication server retrieving the authentication credentials for the requesting entity from the federated identity information stored in theidentity vault 325. In an operation 420 (and communication element 3), the authentication server may then generate an authentication token for the requesting entity from the authentication credentials retrieved from theidentity vault 325, wherein the authentication token may represent a portable data abstraction that encapsulates any authoritative attribute, active role, valid policy, or other access credential for the entity associated with the authorization token. As such, the authorization token may mask any underlying credential authentication, identity federation, and attribute attestation, wherein the authorization token may be referenced to obtain authoritative statements that indicate whether to authorize or deny any suitable request received from the entity associated with the authorization token. Furthermore, as shown bycommunication element 4 inFIG. 3 , the authentication token may be returned to theclient device 315 that originated the request, whereby any operating systems, applications, services or other resources on theclient device 315 that require authentication credentials may use the authentication token to authenticate or deny local requests received from the entity associated with the authorization token. - In one implementation, the workload management system may include a
workload engine 380 that can use authentication tokens generated by theauthentication server 320 to manage workloads that include service requests. Furthermore, theworkload engine 380 may use authentication tokens for various entities that may be represented in multiple different authentication domains, which may enable workloads to function across different organizational boundaries. In particular, an operation 430 (or communication element 5) may include receiving a workload that defines a particular service requested by the entity operating theclient device 315, wherein the entity may specify various additional entities that may need access to the requested service. As such, an operation 440 (or communication element 6) may include theworkload engine 380 managing the workload to obtain authentication tokens for the requesting entity in addition to authentication tokens for any additional entities specified in the request. Furthermore, as noted above, the entities managed in the workload management system may define various types of customized identities, such that the authentication tokens obtained in operation 440 (and communication element 6) may represent authentication credentials for any suitable combination of identities that represent the requesting entity and/or the various additional entities (e.g., identities providing limited or complete anonymity, aggregated roles across various federated authentication domains, rights delegated to and/or by other identities, relative roles with respect to other identities, etc.). - In one implementation, an
operation 450 may then include theworkload engine 380 analyzing the authentication tokens obtained from theauthentication server 320 to identify any authentication credentials that the authentication tokens represent. As such, theworkload engine 380 may reference the identified authentication credentials in anoperation 460 to determine whether the identities for the requesting entity (and/or the additional entities) have proper authorization for the requested service. Theworkload engine 380 may then generate an authentication determination for the workload using the authentication tokens that include federated identity information for the relevant identities in addition to any policies that may be relevant to any identities involved in the workload (e.g., theclient machine 315, other services or applications running on theclient machine 315, or any other suitable identity involved in a session associated with the workload, as described in further detail above). Thus, in response to determining that the authentication tokens obtained from theauthentication server 320 indicate that one or more of the identities involved in the workload lack proper authorization, an operation 470 (or communication element 7) may include theworkload engine 380 notifying the requesting entity that the service request has been denied. Alternatively, in response to determining that every identity involved in the workload has proper authorization, an operation 480 (or communication element 7) may include notifying the requesting entity that the service request has been approved and subsequently provisioning the requested service. - Moreover, in response to approving the service request in
operation 460,operation 480 may further include embedding the authentication tokens obtained in operation 440 (and communication element 6) within an image created for the approved service. In particular, as described in further detail above, any particular workload may include a request to provision a new service, a request to update identities managed in an existing service, or a another suitable request to manage identities associated with the approved service request. Thus, in one implementation,operation 480 may further include theworkload engine 380 embedding the authentication tokens within one or more virtual machine images that host the service, whereby any suitable identity associated with the virtual machine images may be managed with the single sign-on authentication tokens obtained from theauthentication server 380. For example, to configure a service newly provisioned to a virtual team having various members, authentication tokens for the various team members may be embedded into a virtual machine image that an image creation system creates to host the new service. Similarly, authentication tokens for new members of the team may be embedded within the service image to grant the new members access to the service image, while authentication tokens for any members that leave the team may be removed from the service image to prevent former members of the team from continuing to have access to the service image. In another example, in response to determining that a subset of the team members have proper authorization credentials for the service and that other team members lack proper authorization credentials, the tokens embedded within the image may be limited to the subset having proper credentials, or the workload management system may determine whether members lacking proper credentials have other managed identities with the proper credentials and insert tokens within the image that correspond to the other managed identities. - Thus, as described in further detail above with reference to
FIG. 1A-B , authentication tokens generated at the single sign-onauthentication server 380 may be used in various ways to pre-configure or re-configure a virtual machine with embedded authentication credentials for identities managed in the virtual machine. Moreover, any suitable resource in the workload management system may reference the authentication tokens embedded within the virtual machine to manage the identities associated with the virtual machine, whereby the single sign-on authentication tokens may generally provide a portable data abstraction to run identity management services anywhere in the workload management system. - According to one aspect of the invention,
FIG. 5A illustrates a block diagram of anexemplary service distribution 500A that can be managed with one or more zeroresidue management agents 580 in the workload management system, whileFIG. 5B illustrates anexemplary lifecycle 500B for theservice distribution 500A managed with the zeroresidue management agents 580. In particular, as shown inFIG. 5A , the workload management system may use various orchestrated virtualization services to create and manage a partitioned operating environment for theservice distribution 500A, wherein the operating environment may be partitioned into a physical distribution layer and a virtual distribution layer. In one implementation, the physical distribution layer and the virtual distribution layer may collectively define a standard partition model for theservice distribution 500A, which may provide control over whether to execute certain portions of theservice distribution 500A over physical hardware in a hosting environment or within virtual machines that abstract any physical hardware that hosts the virtual machines. As such, the standard partition model may permit theservice distribution 500A to run anywhere in an infrastructure, regardless of any requirements or limitations associated with underlying hardware or software platforms, which may enable optimal utilization for theservice distribution 500A. - In one implementation, the physical distribution layer in the
service distribution 500A may provide an interface to physical hardware resources that host components in the virtual distribution layer. For example, the physical distribution layer may include a minimalfunctional kernel 550 that bundles various hardware drivers matched to the physical hardware that hosts the components in the virtual distribution layer (e.g., local area network drivers, independent hardware vendor drivers, variable drivers that support certain hardware platforms, etc.). In one implementation, the physical distribution layer may further include apluggable hypervisor 560, which may enable theservice distribution 500A to concurrently run variousdifferent operating systems 520 over the hosting physical hardware, andminimal core packages 570 that provide software supporting functionality for the components in the physical distribution layer. In addition, as will be described in further detail below, the physical distribution layer may further include aninjection point 580 for dynamically inserting and removing one or more zero residue management agents that can manage thelifecycle 500B for theservice distribution 500A. - In one implementation, the virtual distribution layer in the
service distribution 500A may provide a tuned appliance, which the physical distribution layer executes over any underlying physical hardware that hosts theservice distribution 500A. In particular, the virtual distribution layer may include astorage pointer 510 that identifies one or more local or remote storage locations allocated to contain a persistent state for theservice distribution 500A (e.g., within a clustered file system organized with storage replication and version management services), in addition to anoperating system 520 that includes a minimal number of packages, patterns, or other software components needed to support anyapplications 530 in the tuned appliance (e.g., theoperating system 520 may include “just enough operating system” (JeOS) 520 to support theapplications 530 provided in theservice distribution 500A). In addition, the virtual distribution layer may include one ormore configurations 540 that can be used to configure thestorage pointer 510, theoperating system 520, and/or theapplications 530 in the virtual distribution layer, wherein theconfigurations 540 may define a workload profile for theservice distribution 500A. For example, the workload profile may include various bundled virtual drivers for tuning components in the virtual distribution layer, attestation tokens defining unique identities and authentication credentials for the components in the virtual distribution layer, a service level declaration that defines any memory, processing, availability, disaster recovery, or other deployment constraints for theservice distribution 500A. - Thus, the components in the virtual distribution layer may be neutral with respect to the components in the physical distribution layer, which may enable the zero
residue managements 580 to independently manage any of the components in the virtual or physical distribution layers. In particular, the workload management system may employ one or more standard formats to create images for the physical distribution layer and/or the virtual distribution layer and encapsulate the physical distribution image and/or the virtual distribution image within one or more metadata wrappers. As such, the zeroresidue management agents 580 may be dynamically deployed within theservice distribution 500A to manage various different modes during thelifecycle 500B of theservice distribution 500A. For example, in response to initially creating theservice distribution 500A, thelifecycle 500B of theservice distribution 500A may enter the creation mode, wherein acreation management agent 580 may execute a bootstrap process to advertise that theservice distribution 500A exists and appropriately download anyadditional management agents 580 to manage the different modes of thelifecycle 500B for theservice distribution 500A. - For example, in one implementation, in response to the
lifecycle 500B changing from one mode to another (e.g., from the creation mode through a release mode, a production mode, a test mode, a maintenance mode, an optional re-release mode, and an eventual retirement mode), one or more of themanagement agents 580 may be identified based on a current mode in the lifecycle 5008 and dynamically inserted into theservice distribution 500A. In another example, authentication tokens generated using the techniques shown inFIGS. 3 and 4 and described above may be embedded within theservice distribution 500A, wherein therelevant management agents 580 may be identified based on the embedded authentication tokens (e.g., in response to a trouble ticket request from a user that describes a problem with aparticular service distribution 500A that the user interacts with, theparticular service distribution 500A may be located by searching for anservice distributions 500A having an embedded authentication token associated with the user, and anappropriate management agent 580 may then be deployed to theparticular service distribution 500A having the embedded authentication token to diagnose or otherwise provide assistance in resolving the problem with thedistribution 500A). - In one implementation, the identified
management agent 580 may then perform any management tasks associated with the current lifecycle mode, and in response to completing the management tasks, themanagement agent 580 may then be removed from theservice distribution 500A. In one implementation, removing themanagement agent 580 from theservice distribution 500A may generally include removing any runtime state associated with themanagement agent 580 and rolling back any changes that themanagement agent 580 applied to theservice distribution 500A in order to perform the management tasks. For example, atest management agent 580 that executes during the test mode may disable aYaST configuration tool 540 that otherwise controls installation and system management for the virtual distribution layer operating environment, whereby rolling back the changes applied to theservice distribution 500A may include re-enabling the YaST configuration tool in response to thetest management agent 580 completing the management tasks for the test mode. In another example, apatch management agent 580 may be inserted into theservice distribution 500A to patch or otherwise update any suitable component in theservice distribution 500A during the maintenance mode, wherein runtime states and temporary changes applied by thepatch management agent 580 may be removed from theservice distribution 500A with thepatch management agent 580 in response to the maintenance mode completing. - Thus, removing the runtime state associated with the
management agents 580 and any temporary changes that themanagement agents 580 applies to theservice distribution 500A during the various lifecycle modes may ensure that theservice distribution 500A has been restored to a “golden” or “pristine” state prior to entering a next lifecycle mode. In particular, the zeroresidue management agents 580 may be dynamically inserted into theservice distribution 500A to execute appropriate management tasks for a current lifecycle mode, and then appropriately removed in a manner that leaves theservice distribution 500A unmodified except for any persistent changes that the management tasks apply to theservice distribution 500A. For example, during the maintenance mode, aconfiguration management agent 580 may be inserted into theservice distribution 500A to modify thestorage pointer 510 to point to a new local or remote storage location in response to an original storage location allocated to theservice distribution 500A failing or running short on available storage resources, whereby theservice distribution 500A may be unchanged except for the modifiedstorage pointer 510. In another example, atuning management agent 580 may be similarly inserted into theservice distribution 500A during the maintenance mode to independently apply any upgrades or other modifications that can tune functionality for theservice distribution 500A (e.g., thetuning management agent 580 may upgrade thekernel 550 and device drivers in the physical distribution layer independently from security patches applied to theoperating system 520 orapplications 530 in the virtual distribution layer, and in response to completing the upgrades, theservice distribution 500A may optionally be re-released to ensure that subsequent versions of theservice distribution 500A automatically include the upgrades to thekernel 550 and device drivers and the patches applied to theoperating system 520 or applications 530). - In one implementation, one or more policies may define the
management agents 580 inserted into theservice distribution 500A during the various modes of thelifecycle 500B. For example, a required service level defined in theworkload profile 540 may define a recipe for one or more of themanagement agents 580 to inject into theservice distribution 500A to ensure that theservice distribution 500A meets or exceeds the required service level (e.g., aconfiguration management agent 580 may modify thestorage pointer 510 to ensure theservice distribution 500A has sufficient storage capacity, atuning management agent 580 may modify thehypervisor 560 to prepare theservice distribution 500A for migration to different physical host resources that provide greater availability or performance, etc.). In other examples, the recipe for themanagement agents 580 may be determined automatically (e.g., based on the current mode), based on theapplications 530 hosted in theservice distribution 500A and any management that may be needed forsuch applications 530, or other suitable criteria. Further, in one implementation, one or more of themanagement agents 580 may be persistently hosted in theservice distribution 500A to capture activity and events that may be relevant to ensuring and auditing compliance with policies, while one or more policies may control whether theservice distribution 500A can move from one lifecycle mode to another (e.g., the policies may restrict moving theservice distribution 500A from the creation mode to the release mode until the workload management system can ensure that theservice distribution 500A meets certain sanity, safety, or policy constraints). - Thus, as described in further detail above, the zero
residue management agents 580 may provide control for various different modes that occur during thelifecycle 500B of theservice distribution 500A, including a creation mode for initially creating theservice distribution 500A from one or more images stored in a suitable repository, a release mode for delivering theservice distribution 500A to suitable entities that will interact with or host theservice distribution 500A, a production mode for deploying theservice distribution 500A to such entities, a test mode for validating that theservice distribution 500A functions correctly, a maintenance mode for debugging, patching, or otherwise updating theservice distribution 500A, an optional re-release mode for delivering subsequent versions of theservice distribution 500A with any changes applied during the production, test, or maintenance modes, and an eventual retirement mode for de-provisioning any existing versions of theservice distribution 500A in response to theservice distribution 500A becoming outdated or obsolete. - According to one aspect of the invention,
FIG. 6 illustrates a flow diagram of anexemplary method 600 for managing different modes of a service distribution lifecycle with zero residue management agents. In particular, the zero residue management agents shown inFIG. 5A and described in further detail above may be used to manage the different modes of the service distribution lifecycle depending on a current mode of the service distribution. As such, managing the service distribution lifecycle may be initiated in anoperation 610, wherein a management workload may be launched to manage the service distribution lifecycle. In particular, anoperation 620 may include determining the current mode of the service distribution (e.g., creation, release, production, test, maintenance, etc.), wherein one or more management agents associated with the current mode may be executed in anoperation 630. The management agents associated with the current mode may then continually execute any management tasks associated with the current mode until the workload management system determines that the current mode of the service distribution lifecycle has completed in anoperation 640. For example, a monitoring management agent may be executed inoperation 630 during release, production, test, maintenance, or other appropriate modes to capture events that may be relevant to monitoring the health of the service distribution, compliance with one or more policies, or other suitable information. Thus, the monitoring agent may capture changes that occur to the service distribution during the various lifecycle modes, which may provide a record tracking or otherwise describing an evolution of the service distribution (e.g., for reference to diagnose, audit, or otherwise manage the service distribution). - As such, the management agents executed during
operation 630 may add, remove, or disable aspects of the service distribution, wherein the management tasks executed duringoperation 630 may be controlled based on the current lifecycle mode and any other information relevant to managing identities, policies, compliance, or other aspects of the infrastructure (e.g., certain maintenance tasks may be limiting during well managed modes and restored in other modes). In one implementation,operation 640 may determine that the current mode of the service distribution lifecycle has completed based on one or more policies that control whether the service distribution lifecycle can move from one mode to another (e.g., the policies may define approval or rule validation mechanisms). Alternatively (or additionally), the current mode of the lifecycle may complete in response to the management agent executed duringoperation 630 completing the relevant management tasks, in response to one or more changes to the service distribution that indicate a change in mode, or other suitable criteria. In any case, in response to determining that the current mode of the service distribution lifecycle has completed inoperation 640, the management agent executed duringoperation 630 may then be removed from the service distribution in anoperation 650, and a pristine or golden state for the service distribution may then be restored in anoperation 660. For example, in one implementation, restoring the state for the service distribution may include removing any runtime state associated with the management agent executed duringoperation 630 and rolling back any temporary changes that the management agent applied to the service distribution duringoperation 630. - Thus, in response to restoring the state for the service distribution in
operation 660, the service distribution may be in the golden or pristine state prior to entering a next mode of the lifecycle (including any persistent changes that the management agents applied to the service distribution during operation 630). In particular, anoperation 670 may include determining whether or not to retire the service distribution (e.g., in response to the service distribution including outdated or obsolete components), wherein the service distribution may then be retired in anoperation 680. For example, retiring the service distribution inoperation 680 may include de-provisioning any existing versions of the service distribution, de-allocating any resources associated with the existing versions of the service distribution, migrating information to persistent repositories to enable subsequent auditing of the lifecycles for the de-provisioned service distributions, or other suitable tasks for removing the service distribution from operation in the infrastructure. Alternatively, in response tooperation 670 determining that the service distribution will not be retiring, themethod 600 may return tooperation 620 to identify a next mode of the service distribution lifecycle and initiate execution of one or more management agents for the identified mode. As such, themethod 600 may iteratively insert management agents into the service distribution based on the current mode and then remove the management agents from the service distribution until the service distribution eventually retires inoperation 680. - According to one aspect of the invention,
FIG. 7 illustrates a block diagram of anexemplary system 700 for controlling cloud and virtualized data centers in the intelligent workload management system. In particular, as noted above, cloud and virtualized data centers generally include various dynamically allocated resources that can have unpredictable characteristics. Thus, thesystem 700 shown inFIG. 7 and described herein may coordinate such dynamically allocated resources in a closed-loop management infrastructure that can manage declarative policies, fine-grained access controls, and orchestrated management and monitoring tools. For example, thesystem 700 may operate in the workload management system described in further detail above, and may provide a mechanism to automatically create images that can be deployed to a public cloud (or cloud data center) 790 a that may be external to an information technology infrastructure, and which can further be deployed to a private cloud (or virtualized data center) 790 b that may be local to the infrastructure. In addition, thesystem 700 may be used to install software contained inlicensed software repositories 710 a,source code repositories 710 b, or other suitable software sources onto any images that have been deployed to thepublic cloud 790 a or theprivate cloud 790 b, control and audit activity that occurs in the images deployed to thepublic cloud 790 a or theprivate cloud 790 b, establish and retrieve network addresses (e.g., IP addresses, DHCP addresses, etc.) for cloned images across various operating platforms (e.g., Windows platforms, Linux platforms, etc.), and analyze any impact that the activity occurring in the images deployed to thepublic cloud 790 a or theprivate cloud 790 b may have on other machines or images. - As such, the
system 700 shown inFIG. 7 and described herein may generally include various features that can provide predictability in controlling images, virtual machines, or other resources that have been deployed to thepublic cloud 790 a and/or theprivate cloud 790 b. In particular, in one implementation, thesystem 700 may include alicensed software repository 710 a that contains licensed software, asource code repository 710 b that contains software source code, or any other suitable software repository. In one implementation, the licensed software in the licensedsoftware repository 710 a, the software source code in thesource code repository 710 b, or other software may then installed over suitable hardware resources to create one ormore hardware installations 720 a, installed on a virtual machine to create one or morevirtual machine installations 720 b, and/or built within a suitable build system to create one or moreauto build installations 720 c. In one implementation, in response to installing or otherwise creating thehardware installations 720 a, thevirtual machine installations 720 b, and theauto build installations 720 c, an appropriate management agent 725 may be inserted into the installation 720. In particular, the management agent 725 may provide functionality for performing various tasks to manage the licensed software, source code, or other software included in the installations 720. For example, in one implementation, the tasks performed by the management agents 725 may include retrieving DHCP addresses, establishing static IP addresses, providing remote debugging assistance, and inserting one or more personality tools 775 (e.g., privileged user management) for the installations 720. - In one implementation, the
hardware installations 720 a,virtual machine installations 720 b, andauto build installations 720 c may each further include a respective identity service 727 that provides a unique identity for the respective installations 720. For example, in one implementation, the identity services 727 may generally include authentication tokens that define one or more federated authorizations or permissions for the respective installations 720 (e.g., across a plurality of authentication domains), as described in further detail above. As such, the management agents 725 inserted into the various software installations 720 may interact with the identity services 727 that define the authorizations or permissions for the various software installations 720 to uniquely identify and manage the various installations 720. For example, in addition to defining the authorizations or permissions for the various installations 720, the identity services 727 may further identify versions, builds, or other information that can uniquely identify the licensed software, source code, or other software included in the installation, which may enable management for such licensed software, source code, or other software (e.g., in response to detecting updates to the licensed software, source code, or other software in the licensedsoftware repository 710 a or thesource code repository 710 b, the integrated identity services 727 may be referenced to identify and appropriately update any installations 720 that may have been created from the updated software). - In one implementation, in response to creating the various software installations 720 and embedding the suitable management agents 725 a and identity services 727, various operational images may be created from the software installations 720. In particular, the
virtual machine installations 720 b and theauto build installations 720 c may generally include one or more virtual machine images, as described in further detail above, while thehardware installations 720 a may generally include software that executes directly over underlying hardware resources. The operational images created from thevirtual machine installations 720 b and theauto build installations 720 c may therefore include the virtual machine images included therein, wherein the operational virtual machine images may be provided to animage management system 740 that stores the operational virtual machine images in a sharedrepository 750 a (e.g., an image repository). With respect to thehardware installations 720 a that include software executing directly over underlying hardware resources rather than virtual machine images, amigration system 730 may provide functionality that can create a suitable operational virtual machine image from thehardware installations 720 a. Themigration system 730 may evaluate any licensed software, source code, packages, or other software included in thehardware installations 720 a and create operational virtual machine images that can run in a virtualized environment. For example, in one implementation, themigration system 730 may include a Novell PlateSpin Migratesystem 730, a VMwarevCenter Converter system 730, or any othersuitable migration system 730 that provides conversion or migration services between physical and virtual platforms. The operational virtual machine image created from thehardware installation 720 a may then be provided to theimage management system 740, which may store the operational virtual machine image in the sharedrepository 750 a in a similar manner as thevirtual machine installations 720 b and theauto build installations 720 c. - In one implementation, in response to providing the operational images created from the
hardware installations 720 a, thevirtual machine installations 720 b, and theauto build installations 720 c to theimage management system 740, theimage management system 740 may automatically store the operational images in the sharedrepository 750 a in response to determining that the operational images do not need to be tested for operational integrity (e.g., because the operational images include an attestation token indicating that the operational images have already passed operational integrity tests). Alternatively, theimage management system 740 may optionally invoke atesting engine 745 a that performs one or more operational integrity tests for the operational images prior to storing the operational images in the sharedrepository 750 a. For example, the operational integrity tests performed by thetesting engine 745 a may test the operational images against various test scripts designed to verify integrity for the operational images (e.g., validating checksums, installer functionality, etc.). Thus, in response to thetesting engine 745 a determining that one or more of the operational images have passed the operational integrity tests, such operational images may be released to the sharedrepository 750 a. Alternatively, in response to thetesting engine 745 a determining that one or more of the operational images did not pass the operational integrity tests, theimage management system 740 may invoke avalidation engine 740 that supervises debugging and revalidation for such operational images (e.g., generating a validation workload to coordinate collaborative interaction among various entities that debug and revalidate the operational images until the operational images eventually pass the operational integrity tests). Thevalidation engine 745 b may then re-invoke thetesting engine 745 a to determine whether the operational images have been debugged or otherwise revalidated in a manner that results in the operational images passing the integrity tests, wherein the operational images may be released to the sharedrepository 750 a in response to passing the integrity tests or prevented from such release in response to not passing the integrity tests. - In one implementation, the
system 700 may further include adiscovery engine 760 that continually monitors the sharedrepository 750 a to detect whether one or more operational images have been newly added to the sharedrepository 750 a. Further, in one implementation, theimage management system 740, the sharedrepository 750 a, or another suitable component in thesystem 700 may generate an event in response to one or more operational images being added to the sharedrepository 750 a, wherein the event may notify or otherwise advertise the new operational images to thediscovery engine 760. In one implementation, in response to thediscovery engine 760 detecting the new operational images in the sharedrepository 750 a or receiving the event notifying or advertising the new operational images in the sharedrepository 750 a, thediscovery engine 760 may prepare the operational images for deployment to thepublic cloud 790 a or theprivate cloud 790 b. In particular, variouspublic clouds 790 a andprivate clouds 790 b may support different image formats, wherein thediscovery engine 760 may convert the operational images into the appropriate image format for thepublic cloud 790 a orprivate cloud 790 b where the operational images will be deployed (e.g., an Amazon Machine Image format for the Amazon Elastic Compute Cloud). Thus, thecloud image repository 750 b may contain various cloud images created from the operational images in the sharedrepository 750 a, wherein the various cloud images may be in various different formats depending on the image format for thepublic cloud 790 a orprivate cloud 790 b that will host the cloud images. - In one implementation, in response to storing the cloud images in the
cloud image repository 750 b, animage deployment system 770 may be invoked to deploy the cloud images to the appropriatepublic cloud 790 a orprivate cloud 790 b. In one implementation, prior to deploying the cloud images to the appropriatepublic cloud 790 a orprivate cloud 790 b, theimage deployment system 770 may invoke animpact analysis engine 780 that determines a potential impact of deploying the cloud images to thepublic cloud 790 a orprivate cloud 790 b. In particular, deploying the cloud images to thepublic cloud 790 a orprivate cloud 790 b may generally include various deployment processes (e.g., starting, stopping, cloning, or migrating the cloud images). Thus, theimpact analysis engine 770 may reference aconfiguration management database 785 to validate whether the cloud images can be suitably deployed to thepublic cloud 790 a or theprivate cloud 790 b. For example, theimpact analysis engine 770 may reference theconfiguration management database 785 to verify that other resources detailed in theconfiguration management database 785 will not be adversely affected by deploying the cloud images (e.g., because the deployment may require substantial bandwidth during a period of peak network traffic). Furthermore, theimpact analysis engine 770 may communicate with anaudit service 795, a privilegeduser management service 792, or other monitoring services provided in thepublic cloud 790 a or theprivate cloud 790 b to enhance the impact analysis (e.g., determining whether conditions in thepublic cloud 790 a orprivate cloud 790 b may have adverse impacts on the deployment, local infrastructure resources, etc.). - In one implementation, in response to the
impact analysis engine 770 determining that deploying the cloud images does not raise potential adverse impacts, or alternatively in response to resolving any such potential adverse impacts, theimage deployment system 770 may deploy the cloud images in thecloud image repository 750 b to the appropriatepublic cloud 790 a orprivate cloud 790 b. Further, in one implementation, the operational images in the sharedrepository 750 a may already be appropriate for deployment into thepublic cloud 790 a orprivate cloud 790 b without requiring conversion to a cloud image format, in which case theimage deployment system 770 may similarly deploy the operational images in the sharedrepository 750 a to thepublic cloud 790 a orprivate cloud 790 b. In one implementation, to deploy the cloud images or operational images to thepublic cloud 790 a orprivate cloud 790 b, theimage deployment system 770 may clone or modify the cloud images or operational images (e.g., to preserve an original version of the cloud images or operational images prior to the cloud deployment). As such, in response to cloning or modifying the images prior to the cloud deployment, theimage deployment system 770 may inject a new or aggregatedidentity service 777 into the cloned or modified images, wherein the new or aggregatedidentity service 777 may provide a record that identifies a lineage, pedigree, or other relationships for the cloned or modified images. Furthermore, theimage deployment system 770 may inject one ormore personality tools 775 into the cloned or modified images in response to determining that thepersonality tools 775 have not already been injected (e.g., during creation of the original software installations 720). For example, as noted above, thepersonality tools 775 may generally include tools for privileged user management, remote debugging, or customizing base images (e.g., certain scripts may be applied to a Linux base image in order to customize the base image for particular functions that the image provides). - In one implementation, the
image deployment system 770 may then deploy the cloud images or the operational images to the appropriatepublic cloud 790 a orprivate cloud 790 b, wherein the deployed images may be managed in thepublic cloud 790 a and theprivate cloud 790 b. For example, as noted above, the images may include embedded management agents 725 that can control and track any activity associated with the deployed images through interaction with the embedded identity services 727, including verifying that the images comply with any relevant policies or restricting any activity that may not comply with the relevant policies, as described in further detail above. Further, because the management agents 725, identity services 727 (and/or 777), andpersonality tools 775 embedded in the images can control, track, and monitor activities for the images that have been deployed to thepublic cloud 790 a and theprivate cloud 790 b, the monitored activity may be provided to anaudit service 795 that can remediate the activity in response to any problems with the images, provide compliance assurance for the activity associated with the images, or otherwise analyze activity that occurs in the images following deployment to thepublic cloud 790 a or theprivate cloud 790 b. Similarly, the embedded identity services 727 (and/or 777) may interact with a privilegeduser management service 792 in thepublic cloud 790 a or theprivate cloud 790 b, wherein the privilegeduser management service 792 and theaudit service 795 may cooperate in various ways to remediate, assure compliance, or otherwise analyze the activity that occurs in the images following deployment to thepublic cloud 790 a or theprivate cloud 790 b. - According to one aspect of the invention,
FIG. 8 illustrates a flow diagram of anexemplary method 800 for controlling cloud and virtualized data centers in the intelligent workload management system. In particular, themethod 800 may generally operate in thesystem 700 shown inFIG. 7 and described in further detail above, whereby themethod 800 may provide predictability in controlling images, virtual machines, or other resources that have been deployed to public clouds (or cloud data centers) and private clouds (or virtualized data centers). For example, as noted above in connection withFIG. 7 , control over the cloud data centers and the virtualized data centers may be provided through various features that can automatically create and deploy images to the public clouds and the private clouds, install software from repositories that contain licensed software, source code, or other software onto the images deployed to the public or private clouds, control and audit activity that occurs in the deployed images, establish and retrieve network addresses or other network configurations for cloned images across various operating platforms, and analyze impacts that activity occurring in the deployed images may have on other machines or images to generate appropriate decisions for managing and controlling the data centers provided in the public and private clouds. - In particular, in one implementation, the
method 800 may retrieve licensed software from a licensed software repository, software source code from a source code repository, or other software from another suitable repository, wherein anoperation 810 may include creating a software installation from the licensed software, the software source code, or the other software. In one implementation, the software installation created inoperation 810 may include a hardware installation installed over suitable hardware resources, a virtual machine installation installed on a virtual machine, and/or an auto build installation built using a suitable build system. In response to installing or otherwise creating the software installation inoperation 810, an appropriate management agent may then be embedded in the software installation in anoperation 820. For example, the management agent embedded in the software installation inoperation 820 may provide functionality for performing various tasks to manage the licensed software, source code, or other software included in the software installation (e.g., DHCP address retrieval, static IP address assignment, remote debugging, personality or privileged user management insertion, etc.). - In one implementation,
operation 820 may further include embedding an identity service within the software installation created inoperation 810. In particular, the identity service may generally provide a unique identity for the software installation, and may further include an authentication token that defines one or more federated authorizations or permissions for the software installation across a plurality of authentication domains. As such, the management agent and the identity service embedded in the software installation inoperation 820 may interact with one another, whereby the management agent may reference the identity service to determine a unique identity for the software installation, resolve the authorizations or permissions for the software installation from the unique identity, and otherwise manage the software installation. For example, in addition to defining authorizations or permissions that control resources that the software installation can access, the identity service may further identify a version, build, or other information that uniquely identifies the licensed software, source code, or other software included in the installation. As such, the interaction between the management agent and the identity service may be used to manage the licensed software, source code, or other software included in the installation. For example, in one implementation, the embedded management agent may reference the embedded identity service to determine whether the installation was created from licensed software, source code, or other software that has been updated in the licensed software repository or the source code repository and then appropriately update the installation in response to determining that the installation was created from the updated software. - In one implementation, in response to creating the software installation and embedding the management agent and the identity service, an operational image may be created from the software installation. In particular, an
operation 825 may include determining whether the software installation includes a hardware installation, a virtual machine installation, or an auto build installation, wherein virtual machine installations and auto build installations generally include one or more virtual machine images, as described in further detail above. Thus, in response to determining that the software installation includes a virtual machine installation or an auto build installation inoperation 825, creating the operational image may include providing the virtual machine images included therein to an image management system that stores the operational virtual machine images in a shared repository (e.g., an image repository). Alternatively, hardware installations may generally include software that executes directly over underlying hardware resources, whereby anoperation 830 may include creating a virtual machine from the hardware installation to prepare the hardware installation for migration to a virtualized environment. In particular,operation 830 may invoke a migration system providing functionality for creating operational virtual machine images from hardware installations, wherein the migration system may evaluate any licensed software, source code, packages, or other software included in the hardware installation and appropriately create the operational virtual machine image. For example, the migration system may include Novell PlateSpin Migrate, VMware vCenter Converter, or any other migration system that provides conversion or migration services between physical and virtual platforms. The operational virtual machine image created from the hardware installation may then be provided to the image management system, which may store the operational virtual machine image in the shared repository in a similar manner as for virtual machine installations or auto build installations. - In one implementation, in response to providing the operational image created from the software installation to the image management system, an
operation 835 may include determining whether or not to test the operational images for operational integrity. For example, anoperation 860 may include the image management system automatically storing the operational image in the shared repository in response to determining that the operational image does not need to be tested (e.g., because the operational image includes an attestation token indicating that the operational image has already passed operational integrity tests). Alternatively, anoperation 840 may include the image management system optionally invoking a testing engine that runs one or more operational integrity tests for the operational image prior to storing the operational image in the shared repository. For example, the operational integrity tests run inoperation 840, may test the operational image against various test scripts designed to verify integrity for the operational image (e.g., validating checksums, installer functionality, etc.). Thus, anoperation 845 may include determining whether the operational image passed the operational integrity tests, wherein the operational image may be released to the shared repository inoperation 860 in response to the operational image passing the integrity tests. Alternatively, in response determining that the operational image did not pass the operational integrity tests inoperation 845, a validation engine may be invoked in anoperation 850, wherein the validation engine may supervise debugging and revalidation for the operational image (e.g., generating a debugging workload to coordinate collaborative interaction among various entities associated with the failed operational image). The validation engine may thenre-invoke operation 840 to determine whether the operational image has been debugged or otherwise revalidated in a manner that results in the operational image passing the integrity tests, wherein the operational image may be released to the shared repository inoperation 860 in response to passing the integrity tests, whereas the operational image may be iteratively debugged and revalidated inoperations 840 through 850 until the operational image successfully passes the integrity tests. - In one implementation, a discovery engine may continually monitor the shared repository to detect whether the operational image has been newly added to the shared repository. Alternatively, the image management system, the shared repository, or another component may generate an event in response to adding the operational image to the shared repository, wherein the event may notify or otherwise advertise the new operational image to the discovery engine. Thus, in response to the discovery engine detecting that the new operational image has been added to the shared repository or receiving the event notifying or advertising the new operational image in the shared repository, an
operation 870 may include generating a cloud image to prepare the operational image for deployment to the public cloud or the private cloud. In particular, various public clouds and private clouds may support different image formats, whereinoperation 870 may include converting the operational image into the appropriate image format for the public cloud or private cloud where the operational image will be deployed (e.g., an Amazon Machine Image format for the Amazon Elastic Compute Cloud). Thus, the cloud image created inoperation 870 may be in a cloud image format that depends on an image format used in the public cloud or private cloud that will host the cloud image created inoperation 870. - In one implementation, in response to generating the cloud image in
operation 870, an image deployment system may be invoked to deploy the cloud image to the appropriate public cloud or private cloud. In one implementation, prior to deploying the cloud images to the appropriate public cloud or private cloud, anoperation 875 a may include determining whether to invoke an impact analysis engine that determines a potential impact of deploying the cloud images to the public cloud or private cloud. In particular, deploying the cloud images to the public cloud or private cloud may generally include various deployment processes (e.g., starting, stopping, cloning, or migrating the cloud images), wherein the impact analysis optionally performed inoperation 875 a may include referencing a configuration management database to validate whether the cloud images can be suitably deployed to the public cloud or the private cloud. For example, the impact analysis engine may reference the configuration management database to verify that other resources detailed in the configuration management database will not be adversely affected by deploying the cloud images (e.g., because the deployment may require substantial bandwidth during a period of peak network traffic). Furthermore, the impact analysis engine may communicate with an audit service, a privileged user management service, or other monitoring services provided in the public cloud or the private cloud to enhance the impact analysis (e.g., determining whether conditions in the public cloud or private cloud may have adverse impacts on the deployment, local infrastructure resources, etc.). As such, in response to determining that potential adverse impacts may result from deploying the image to the cloud in anoperation 875 b, the image may be revalidated inoperation 850, oroperation 850 may include other processes to resolve the adverse impacts. - In one implementation, in response to determining that deploying the cloud image does not raise potential adverse impacts in
operation 875 b, or alternatively in response to resolving any such potential adverse impacts, anoperation 880 may include deploying the cloud image to the appropriate public cloud or private cloud. Further, in one implementation, the operational image stored in the shared repository inoperation 860 may already be appropriate for deployment into the public cloud or private cloud without requiring conversion to a cloud image format inoperation 870, in whichcase operation 880 may include similarly deploying the operational image stored inoperation 860 to the public cloud or private cloud. In one implementation, to deploy the cloud images or operational images to the public cloud or private cloud,operation 880 ma include cloning or modifying the cloud image or the operational image (e.g., to preserve an original version of the cloud image or operational image prior to the deployment operation 880). As such, in response to cloning or modifying the image prior to the cloud deployment,operation 880 may further include injecting a new or aggregated identity service into the cloned or modified image, wherein the new or aggregated identity service may provide a record that identifies a lineage, pedigree, or other relationships for the cloned or modified image. Furthermore,operation 880 may include injecting one or more personality tools into the cloned or modified image in response to determining that the personality tools have not already been injected (e.g., during creation of the original software installation inoperations 810 and 820). For example, as noted above, the personality tools may generally include tools for privileged user management, remote debugging, or customizing base images (e.g., certain scripts may be applied to a Linux base image in order to customize the base image for particular functions that the image provides). - In one implementation,
operation 880 may then include deploying the cloud image or the operational image to the appropriate public cloud or private cloud, whereinoperation 880 may further include managing the image deployed to the public or private cloud. For example, as noted above, the image may include an embedded management agent that can control and track any activity associated with the deployed image through interaction with the embedded identity service, including verifying that the image complies with any relevant policies or restricting any activity that may not comply with the relevant policies, as described in further detail above. Further, because the management agent, identity service, and personality tools embedded in the image can control, track, and monitor activities for the image deployed to the public or private cloud,operation 880 may include providing the monitored activity to an audit service in the cloud that can remediate any problems with the image, provide compliance assurance for the activity associated with the image, or otherwise analyze the activity that occurs in the image following deployment to the cloud. Similarly, the embedded identity service may interact with a privileged user management service in the cloud, wherein the privileged user management service and the audit service in the cloud may cooperate in various ways to remediate, assure compliance, or otherwise analyze the activity that occurs in the image following deployment to the cloud. - Implementations of the invention may be made in hardware, firmware, software, or various combinations thereof. The invention may also be implemented as instructions stored on a machine-readable medium, which may be read and executed using one or more processing devices. In one implementation, the machine-readable medium may include various mechanisms for storing and/or transmitting information in a form that can be read by a machine (e.g., a computing device). For example, a machine-readable storage medium may include read only memory, random access memory, magnetic disk storage media, optical storage media, flash memory devices, and other media for storing information, and a machine-readable transmission media may include forms of propagated signals, including carrier waves, infrared signals, digital signals, and other media for transmitting information. While firmware, software, routines, or instructions may be described in the above disclosure in terms of specific exemplary aspects and implementations performing certain actions, it will be apparent that such descriptions are merely for the sake of convenience and that such actions in fact result from computing devices, processing devices, processors, controllers, or other devices or machines executing the firmware, software, routines, or instructions.
- Furthermore, aspects and implementations may be described in the above disclosure as including particular features, structures, or characteristics, but it will be apparent that every aspect or implementation may or may not necessarily include the particular features, structures, or characteristics. Further, where particular features, structures, or characteristics have been described in connection with a specific aspect or implementation, it will be understood that such features, structures, or characteristics may be included with other aspects or implementations, whether or not explicitly described. Thus, various changes and modifications may be made to the preceding disclosure without departing from the scope or spirit of the invention, and the specification and drawings should therefore be regarded as exemplary only, with the scope of the invention determined solely by the appended claims.
Claims (20)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/645,114 US20110126197A1 (en) | 2009-11-25 | 2009-12-22 | System and method for controlling cloud and virtualized data centers in an intelligent workload management system |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US26456209P | 2009-11-25 | 2009-11-25 | |
US12/645,114 US20110126197A1 (en) | 2009-11-25 | 2009-12-22 | System and method for controlling cloud and virtualized data centers in an intelligent workload management system |
Publications (1)
Publication Number | Publication Date |
---|---|
US20110126197A1 true US20110126197A1 (en) | 2011-05-26 |
Family
ID=44062913
Family Applications (9)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/645,114 Abandoned US20110126197A1 (en) | 2009-11-25 | 2009-12-22 | System and method for controlling cloud and virtualized data centers in an intelligent workload management system |
US12/725,263 Expired - Fee Related US8543916B2 (en) | 2009-11-25 | 2010-03-16 | System and method for recording collaborative information technology processes in an intelligent workload management system |
US12/725,241 Active 2031-05-29 US8745205B2 (en) | 2009-11-25 | 2010-03-16 | System and method for intelligent workload management |
US12/727,837 Expired - Fee Related US9191380B2 (en) | 2009-11-25 | 2010-03-19 | System and method for managing information technology models in an intelligent workload management system |
US12/757,674 Active 2033-09-02 US9210141B2 (en) | 2009-11-25 | 2010-04-09 | System and method for providing scorecards to visualize services in an intelligent workload management system |
US12/762,015 Expired - Fee Related US8695075B2 (en) | 2009-11-25 | 2010-04-16 | System and method for discovery enrichment in an intelligent workload management system |
US12/900,866 Expired - Fee Related US8448170B2 (en) | 2009-11-25 | 2010-10-08 | System and method for providing annotated service blueprints in an intelligent workload management system |
US13/892,987 Active 2032-09-11 US10104053B2 (en) | 2009-11-25 | 2013-05-13 | System and method for providing annotated service blueprints in an intelligent workload management system |
US14/263,394 Active 2030-04-14 US9432350B2 (en) | 2009-11-25 | 2014-04-28 | System and method for intelligent workload management |
Family Applications After (8)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/725,263 Expired - Fee Related US8543916B2 (en) | 2009-11-25 | 2010-03-16 | System and method for recording collaborative information technology processes in an intelligent workload management system |
US12/725,241 Active 2031-05-29 US8745205B2 (en) | 2009-11-25 | 2010-03-16 | System and method for intelligent workload management |
US12/727,837 Expired - Fee Related US9191380B2 (en) | 2009-11-25 | 2010-03-19 | System and method for managing information technology models in an intelligent workload management system |
US12/757,674 Active 2033-09-02 US9210141B2 (en) | 2009-11-25 | 2010-04-09 | System and method for providing scorecards to visualize services in an intelligent workload management system |
US12/762,015 Expired - Fee Related US8695075B2 (en) | 2009-11-25 | 2010-04-16 | System and method for discovery enrichment in an intelligent workload management system |
US12/900,866 Expired - Fee Related US8448170B2 (en) | 2009-11-25 | 2010-10-08 | System and method for providing annotated service blueprints in an intelligent workload management system |
US13/892,987 Active 2032-09-11 US10104053B2 (en) | 2009-11-25 | 2013-05-13 | System and method for providing annotated service blueprints in an intelligent workload management system |
US14/263,394 Active 2030-04-14 US9432350B2 (en) | 2009-11-25 | 2014-04-28 | System and method for intelligent workload management |
Country Status (1)
Country | Link |
---|---|
US (9) | US20110126197A1 (en) |
Cited By (278)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110126047A1 (en) * | 2009-11-25 | 2011-05-26 | Novell, Inc. | System and method for managing information technology models in an intelligent workload management system |
US20110131316A1 (en) * | 2009-11-30 | 2011-06-02 | James Michael Ferris | Methods and systems for detecting events in cloud computing environments and performing actions upon occurrence of the events |
US20110153684A1 (en) * | 2009-12-23 | 2011-06-23 | John Chi Yung | Systems and methods for automatic provisioning of a user designed virtual private data center in a multi-tenant system |
US20110185014A1 (en) * | 2010-01-28 | 2011-07-28 | Hewlett-Packard Development Company, L.P. | Modeling a cloud computing system |
US20110199389A1 (en) * | 2008-12-19 | 2011-08-18 | Microsoft Corporation | Interactive virtual display system for ubiquitous devices |
US20110209064A1 (en) * | 2010-02-24 | 2011-08-25 | Novell, Inc. | System and method for providing virtual desktop extensions on a client desktop |
US20110208841A1 (en) * | 2010-02-22 | 2011-08-25 | Microsoft Corporation | Incrementally managing distributed configuration data |
US20110213765A1 (en) * | 2010-02-26 | 2011-09-01 | Vmware, Inc. | Comprehensive, Relevant, and Dynamic Data Searching in a Virtualization Environment |
US20110225276A1 (en) * | 2010-03-11 | 2011-09-15 | International Business Machines Corporation | Environmentally sustainable computing in a distributed computer network |
US20110221657A1 (en) * | 2010-02-28 | 2011-09-15 | Osterhout Group, Inc. | Optical stabilization of displayed content with a variable lens |
US20110231822A1 (en) * | 2010-03-19 | 2011-09-22 | Jason Allen Sabin | Techniques for validating services for deployment in an intelligent workload management system |
US20110231846A1 (en) * | 2010-03-19 | 2011-09-22 | Jason Allen Sabin | Techniques for managing service definitions in an intelligent workload management system |
US20110238515A1 (en) * | 2010-03-26 | 2011-09-29 | Computer Associates Think, Inc. | System and method for selecting services from multiple cloud vendors |
US20110238458A1 (en) * | 2010-03-24 | 2011-09-29 | International Business Machines Corporation | Dynamically optimized distributed cloud computing-based business process management (bpm) system |
US20110252271A1 (en) * | 2010-04-13 | 2011-10-13 | Red Hat Israel, Ltd. | Monitoring of Highly Available Virtual Machines |
US20110271146A1 (en) * | 2010-04-30 | 2011-11-03 | Mitre Corporation | Anomaly Detecting for Database Systems |
US20110276951A1 (en) * | 2010-05-05 | 2011-11-10 | Microsoft Corporation | Managing runtime execution of applications on cloud computing systems |
US20110289134A1 (en) * | 2010-05-18 | 2011-11-24 | At&T Intellectual Property I, L.P. | End-To-End Secure Cloud Computing |
US20110302315A1 (en) * | 2010-06-03 | 2011-12-08 | Microsoft Corporation | Distributed services authorization management |
US20110302415A1 (en) * | 2010-06-02 | 2011-12-08 | Vmware, Inc. | Securing customer virtual machines in a multi-tenant cloud |
US20110314466A1 (en) * | 2010-06-17 | 2011-12-22 | International Business Machines Corporation | Creating instances of cloud computing environments |
US20110320598A1 (en) * | 2010-06-28 | 2011-12-29 | Bmc Software, Inc. | System and Method for Offering Virtual Private Clouds within a Public Cloud Environment |
US20110321117A1 (en) * | 2010-06-23 | 2011-12-29 | Itt Manufacturing Enterprises, Inc. | Policy Creation Using Dynamic Access Controls |
US20120005262A1 (en) * | 2010-07-01 | 2012-01-05 | Mcwhirter Robert Kelley | Architecture, system and method for providing a neutral application programming interface for accessing different cloud computing systems |
US20120005724A1 (en) * | 2009-02-09 | 2012-01-05 | Imera Systems, Inc. | Method and system for protecting private enterprise resources in a cloud computing environment |
WO2012023050A2 (en) | 2010-08-20 | 2012-02-23 | Overtis Group Limited | Secure cloud computing system and method |
US20120047492A1 (en) * | 2010-08-17 | 2012-02-23 | International Business Machines Corporation | Deployment of a tool for testing migrated applications |
US20120047265A1 (en) * | 2010-08-20 | 2012-02-23 | International Business Machines Corporation | Performance isolation for storage clouds |
US20120054763A1 (en) * | 2010-08-24 | 2012-03-01 | Novell, Inc. | System and method for structuring self-provisioning workloads deployed in virtualized data centers |
US20120110185A1 (en) * | 2010-10-29 | 2012-05-03 | Cisco Technology, Inc. | Distributed Hierarchical Rendering and Provisioning of Cloud Services |
US20120131176A1 (en) * | 2010-11-24 | 2012-05-24 | James Michael Ferris | Systems and methods for combinatorial optimization of multiple resources across a set of cloud-based networks |
US20120159482A1 (en) * | 2010-12-17 | 2012-06-21 | Bok Deuk Jeong | Seamless application integration apparatus and method |
US20120185913A1 (en) * | 2008-06-19 | 2012-07-19 | Servicemesh, Inc. | System and method for a cloud computing abstraction layer with security zone facilities |
US20120197624A1 (en) * | 2011-01-28 | 2012-08-02 | Vishwanath Hawargi | System and method for managing a storage array using simulation |
US20120221709A1 (en) * | 2011-02-24 | 2012-08-30 | Bowes James R | Mechanism to allow hosted and on-site implementations to manage product assets as specified by a third party |
US20120240108A1 (en) * | 2011-03-18 | 2012-09-20 | Airbus Operations (S.A.S.) | Method and device for installing/uninstalling software modules, with centralized resolution of constraints, in aircraft apparatuses |
US20120266158A1 (en) * | 2011-04-12 | 2012-10-18 | Vmware, Inc. | Release management system for a multi-node application |
WO2012170016A1 (en) * | 2011-06-07 | 2012-12-13 | Hewlett-Packard Development Company, L.P. | A scalable multi-tenant network architecture for virtualized datacenters |
US20120324082A1 (en) * | 2011-06-17 | 2012-12-20 | Futurewei Technologies, Inc. | Cloud Service Control and Management Architecture Expanded to Interface the Network Stratum |
US20130007741A1 (en) * | 2009-12-11 | 2013-01-03 | Deutsche Telekom Ag | Computer cluster and method for providing a disaster recovery functionality for a computer cluster |
CN102880832A (en) * | 2012-08-28 | 2013-01-16 | 曙光信息产业(北京)有限公司 | Method for implementing mass data management system under colony |
US20130031158A1 (en) * | 2010-08-20 | 2013-01-31 | Salsburg Michael A | Moving enterprise software applications to a cloud domain |
WO2013016584A1 (en) * | 2011-07-26 | 2013-01-31 | Nebula, Inc. | Systems and methods for implementing cloud computing |
US20130036328A1 (en) * | 2011-08-04 | 2013-02-07 | Microsoft Corporation | Managing continuous software deployment |
US20130067090A1 (en) * | 2011-09-12 | 2013-03-14 | Microsoft Corporation | Coordination engine for cloud selection |
US20130074068A1 (en) * | 2011-09-16 | 2013-03-21 | International Business Machines Corporation | Method, System, and Computer Program for Implementing a Customizable Virtual Appliance |
US20130073715A1 (en) * | 2011-09-16 | 2013-03-21 | Tripwire, Inc. | Methods and apparatus for remediating policy test failures, including correlating changes to remediation processes |
US20130074064A1 (en) * | 2011-09-15 | 2013-03-21 | Microsoft Corporation | Automated infrastructure provisioning |
US20130086585A1 (en) * | 2011-09-30 | 2013-04-04 | International Business Machines Corporation | Managing the Persistent Data of a Pre-Installed Application in an Elastic Virtual Machine Instance |
US20130091180A1 (en) * | 2010-04-16 | 2013-04-11 | Inria Institut National De Recherche En Informatiq Et En Automatique | Tool for managing computer resources and infrastructures and networks |
US8438654B1 (en) | 2012-09-14 | 2013-05-07 | Rightscale, Inc. | Systems and methods for associating a virtual machine with an access control right |
US20130142201A1 (en) * | 2011-12-02 | 2013-06-06 | Microsoft Corporation | Connecting on-premise networks with public clouds |
WO2013085281A1 (en) * | 2011-12-05 | 2013-06-13 | 인텔렉추얼디스커버리 주식회사 | Method and device for security in clouding computing service |
US20130191527A1 (en) * | 2012-01-23 | 2013-07-25 | International Business Machines Corporation | Dynamically building a set of compute nodes to host the user's workload |
US8505003B2 (en) | 2010-04-28 | 2013-08-06 | Novell, Inc. | System and method for upgrading kernels in cloud computing environments |
US20130212553A1 (en) * | 2012-01-19 | 2013-08-15 | Syntel, Inc. | System and method for modeling cloud rules for migration to the cloud |
US20130227710A1 (en) * | 2012-02-27 | 2013-08-29 | Computer Associates Think, Inc. | System and method for securing leased images in a cloud environment |
US8549066B1 (en) * | 2010-08-26 | 2013-10-01 | Adobe Systems Incorporated | Service provider interface for deploying and managing applications on a cloud |
US20130262382A1 (en) * | 2012-03-29 | 2013-10-03 | Empire Technology Development, Llc | Determining user key-value storage needs from example queries |
US20130282906A1 (en) * | 2012-04-18 | 2013-10-24 | International Business Machines Corporation | Multi-user analytical system and corresponding device and method |
US20130290511A1 (en) * | 2012-04-27 | 2013-10-31 | Susan Chuzhi Tu | Managing a sustainable cloud computing service |
US20130290477A1 (en) * | 2012-04-27 | 2013-10-31 | Philippe Lesage | Management service to manage a file |
US8601583B1 (en) * | 2011-04-14 | 2013-12-03 | Trend Micro Incorporated | Certification of virtual machine images in cloud computing environments |
US20130326496A1 (en) * | 2012-05-29 | 2013-12-05 | International Business Machines Corporation | Generating Super Templates to Obtain User-Requested Templates |
US8627426B2 (en) | 2010-04-26 | 2014-01-07 | Vmware, Inc. | Cloud platform architecture |
US20140020050A1 (en) * | 2011-03-25 | 2014-01-16 | Eads Deutschland Gmbh | Method for Determining Integrity in an Evolutionary Collaborative Information System |
US8639793B2 (en) | 2010-10-29 | 2014-01-28 | Cisco Technology, Inc. | Disaster recovery and automatic relocation of cloud services |
US8639746B2 (en) | 2010-07-01 | 2014-01-28 | Red Hat, Inc. | Architecture, system and method for mediating communications between a client computer system and a cloud computing system with a driver framework |
US8639747B2 (en) | 2010-07-01 | 2014-01-28 | Red Hat, Inc. | System and method for providing a cloud computing graphical user interface |
US8639745B2 (en) | 2010-07-01 | 2014-01-28 | Red Hat, Inc. | Providing a neutral interface to multiple cloud computing systems |
US20140032761A1 (en) * | 2012-07-25 | 2014-01-30 | Vmware, Inc. | Dynamic allocation of physical computing resources amongst virtual machines |
US20140047442A1 (en) * | 2010-06-30 | 2014-02-13 | International Business Machines Corporation | Hypervisor selection for hosting a virtual machine image |
US20140085167A1 (en) * | 2012-09-26 | 2014-03-27 | Tencent Technology (Shenzhen) Company Limited | Systems and methods for sharing image data |
US8725891B2 (en) | 2010-07-01 | 2014-05-13 | Red Hat, Inc. | Aggregation across cloud providers |
US20140149540A1 (en) * | 2012-11-23 | 2014-05-29 | Oracle International Corporation | Decentralized administration of access to target systems in identity management |
US8751620B2 (en) | 2012-03-30 | 2014-06-10 | International Business Machines Corporation | Validating deployment patterns in a networked computing environment |
WO2014093715A1 (en) | 2012-12-12 | 2014-06-19 | Microsoft Corporation | Workload deployment with infrastructure management agent provisioning |
US8769701B2 (en) * | 2012-09-05 | 2014-07-01 | International Business Machines Corporation | Single tenant audit view in a multi-tenant environment |
US20140189797A1 (en) * | 2012-12-27 | 2014-07-03 | Microsoft Corporation | Authorization messaging with integral delegation data |
US8782632B1 (en) * | 2012-06-18 | 2014-07-15 | Tellabs Operations, Inc. | Methods and apparatus for performing in-service software upgrade for a network device using system virtualization |
US20140229898A1 (en) * | 2013-02-08 | 2014-08-14 | cloudRIA, Inc. | Browser-based application management |
US8813065B2 (en) | 2010-04-26 | 2014-08-19 | Vmware, Inc. | Microcloud platform delivery system |
US8819491B2 (en) | 2011-09-16 | 2014-08-26 | Tripwire, Inc. | Methods and apparatus for remediation workflow |
US20140245261A1 (en) * | 2011-09-07 | 2014-08-28 | Digital Rapids Corporation | Systems and methods for computing applications |
US8832249B2 (en) | 2011-11-30 | 2014-09-09 | At&T Intellectual Property I, L.P. | Methods and apparatus to adjust resource allocation in a distributive computing network |
US8838968B2 (en) | 2012-05-14 | 2014-09-16 | Ca, Inc. | System and method for virtual machine data protection in a public cloud |
WO2014142782A1 (en) * | 2013-03-11 | 2014-09-18 | Intel Corporation | Device synchronization policy management |
US20140282491A1 (en) * | 2013-03-12 | 2014-09-18 | Airbus Operations (Sas) | Method, device and computer program for the automatic installation or uninstallation of software modules on equipment on board an aircraft |
US8850026B2 (en) | 2009-11-16 | 2014-09-30 | At&T Intellectual Property I, L.P. | Methods and apparatus to allocate resources associated with a distributive computing network |
US8856518B2 (en) | 2011-09-07 | 2014-10-07 | Microsoft Corporation | Secure and efficient offloading of network policies to network interface cards |
US8862941B2 (en) | 2011-09-16 | 2014-10-14 | Tripwire, Inc. | Methods and apparatus for remediation execution |
US8862728B2 (en) | 2012-05-14 | 2014-10-14 | International Business Machines Corporation | Problem determination and diagnosis in shared dynamic clouds |
WO2013112833A3 (en) * | 2012-01-26 | 2014-11-13 | Computenext Inc. | Federating computing resources across the web |
US8909734B2 (en) | 2012-02-07 | 2014-12-09 | International Business Machines Corporation | Migrating data between networked computing environments |
US8918501B2 (en) | 2011-11-10 | 2014-12-23 | Microsoft Corporation | Pattern-based computational health and configuration monitoring |
US8924723B2 (en) | 2011-11-04 | 2014-12-30 | International Business Machines Corporation | Managing security for computer services |
US20150012487A1 (en) * | 2013-07-03 | 2015-01-08 | International Business Machines Corporation | Method to optimize provisioning time with dynamically generated virtual disk contents |
US8935397B2 (en) | 2010-07-01 | 2015-01-13 | Red Hat, Inc. | Dividing cloud resources |
US8943220B2 (en) | 2011-08-04 | 2015-01-27 | Microsoft Corporation | Continuous deployment of applications |
US8954579B2 (en) | 2012-08-21 | 2015-02-10 | Microsoft Corporation | Transaction-level health monitoring of online services |
US8972941B2 (en) * | 2012-07-18 | 2015-03-03 | International Business Machines Corporation | Integrated development environment-based workload testing in a networked computing environment |
US8990899B2 (en) | 2011-12-01 | 2015-03-24 | International Business Machines Corporation | Using a local authorization extension to provide access authorization for a module to access a computing system |
US8996932B2 (en) | 2013-01-09 | 2015-03-31 | Microsoft Technology Licensing, Llc | Cloud management using a component health model |
US20150095482A1 (en) * | 2013-09-29 | 2015-04-02 | International Business Machines Corporation | Method and System for Deploying Service in a Cloud Computing System |
US9009705B2 (en) | 2012-10-01 | 2015-04-14 | International Business Machines Corporation | Authenticated distribution of virtual machine images |
US9021294B2 (en) | 2012-03-16 | 2015-04-28 | Sungard Availability Services Lp | Discovering boot order sequence of servers belonging to an application |
US20150134424A1 (en) * | 2013-11-14 | 2015-05-14 | Vmware, Inc. | Systems and methods for assessing hybridization of cloud computing services based on data mining of historical decisions |
US9038055B2 (en) | 2011-08-05 | 2015-05-19 | Microsoft Technology Licensing, Llc | Using virtual machines to manage software builds |
US20150149756A1 (en) * | 2013-11-28 | 2015-05-28 | Inventec (Pudong) Technology Corporation | System and method for setting up a bootable storage device using image |
US9047133B2 (en) | 2012-03-02 | 2015-06-02 | Vmware, Inc. | Single, logical, multi-tier application blueprint used for deployment and management of multiple physical applications in a cloud environment |
US20150154039A1 (en) * | 2013-12-03 | 2015-06-04 | Vmware, Inc. | Methods and apparatus to automatically configure monitoring of a virtual machine |
US9054917B2 (en) | 2012-03-08 | 2015-06-09 | Empire Technology Development Llc | Secure migration of virtual machines |
US9052963B2 (en) | 2012-05-21 | 2015-06-09 | International Business Machines Corporation | Cloud computing data center machine monitor and control |
US9052961B2 (en) | 2012-03-02 | 2015-06-09 | Vmware, Inc. | System to generate a deployment plan for a cloud infrastructure according to logical, multi-tier application blueprint |
US9059933B2 (en) | 2009-12-23 | 2015-06-16 | Centurylink Intellectual Property Llc | Provisioning virtual private data centers |
US20150172136A1 (en) * | 2012-09-07 | 2015-06-18 | Transoft (Shanghai), Inc. | Apparatus of mapping logical point-of-delivery to physical point-of-delivery based on telecommunication information networking |
US20150169876A1 (en) * | 2013-12-13 | 2015-06-18 | International Business Machines Corporation | Running local virtual disks containing applications with limited licenses |
US9071522B2 (en) | 2010-04-26 | 2015-06-30 | Pivotal Software, Inc. | Policy engine for cloud platform |
US20150186176A1 (en) * | 2010-11-01 | 2015-07-02 | Microsoft Corporation | Dynamic allocation and assignment of virtual environment |
US9087322B1 (en) * | 2011-12-22 | 2015-07-21 | Emc Corporation | Adapting service provider products for multi-tenancy using tenant-specific service composition functions |
US9091851B2 (en) | 2010-02-28 | 2015-07-28 | Microsoft Technology Licensing, Llc | Light control in head mounted displays |
US9097891B2 (en) | 2010-02-28 | 2015-08-04 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses including an auto-brightness control for the display brightness based on the brightness in the environment |
US9097890B2 (en) | 2010-02-28 | 2015-08-04 | Microsoft Technology Licensing, Llc | Grating in a light transmissive illumination system for see-through near-eye display glasses |
US9116753B2 (en) | 2012-07-08 | 2015-08-25 | Dell Products L.P. | System and method for dynamic scaling based on a reference architecture |
US9122510B2 (en) | 2013-01-02 | 2015-09-01 | International Business Machines Corporation | Querying and managing computing resources in a networked computing environment |
US9128281B2 (en) | 2010-09-14 | 2015-09-08 | Microsoft Technology Licensing, Llc | Eyepiece with uniformly illuminated reflective display |
US9130844B1 (en) | 2014-11-11 | 2015-09-08 | Citigroup Technology, Inc. | Systems and methods for harvesting excess compute capacity across domains |
US9129295B2 (en) | 2010-02-28 | 2015-09-08 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses with a fast response photochromic film system for quick transition from dark to clear |
US9134534B2 (en) | 2010-02-28 | 2015-09-15 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses including a modular image source |
US20150263902A1 (en) * | 2012-09-27 | 2015-09-17 | Orange | Device and a method for managing access to a pool of computer and network resources made available to an entity by a cloud computing system |
US20150261842A1 (en) * | 2014-03-15 | 2015-09-17 | International Business Machines Corporation | Conformance specification and checking for hosting services |
US9141887B2 (en) | 2011-10-31 | 2015-09-22 | Hewlett-Packard Development Company, L.P. | Rendering permissions for rendering content |
US20150286838A1 (en) * | 2011-06-27 | 2015-10-08 | Google Inc. | Persistent key access to a resources in a collection |
US20150304455A1 (en) * | 2013-03-06 | 2015-10-22 | Vmware, Inc. | Method and system for providing a roaming remote desktop |
US9171323B2 (en) | 2010-06-15 | 2015-10-27 | Oracle International Corporation | Organizing data in a virtual computing infrastructure |
US9170798B2 (en) | 2012-03-02 | 2015-10-27 | Vmware, Inc. | System and method for customizing a deployment plan for a multi-tier application in a cloud infrastructure |
US9182596B2 (en) | 2010-02-28 | 2015-11-10 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses with the optical assembly including absorptive polarizers or anti-reflective coatings to reduce stray light |
US20150326615A1 (en) * | 2011-03-18 | 2015-11-12 | Zscaler, Inc. | Cloud based mobile device security and policy enforcement |
US20150350103A1 (en) * | 2014-05-27 | 2015-12-03 | International Business Machines Corporation | Managing information technology resources using metadata tags |
US9208006B2 (en) | 2013-03-11 | 2015-12-08 | Sungard Availability Services, Lp | Recovery Maturity Model (RMM) for readiness-based control of disaster recovery testing |
US9218405B2 (en) * | 2012-10-10 | 2015-12-22 | Apple Inc. | Batch processing and data synchronization in cloud-based systems |
US9223134B2 (en) | 2010-02-28 | 2015-12-29 | Microsoft Technology Licensing, Llc | Optical imperfections in a light transmissive illumination system for see-through near-eye display glasses |
US9229227B2 (en) | 2010-02-28 | 2016-01-05 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses with a light transmissive wedge shaped illumination system |
US9235447B2 (en) | 2011-03-03 | 2016-01-12 | Cisco Technology, Inc. | Extensible attribute summarization |
US9251033B2 (en) | 2011-07-07 | 2016-02-02 | Vce Company, Llc | Automatic monitoring and just-in-time resource provisioning system |
US20160034294A1 (en) * | 2014-07-29 | 2016-02-04 | International Business Machines Corporation | Dynamically deployed virtual machine |
US9256648B2 (en) | 2012-05-22 | 2016-02-09 | International Business Machines Corporation | Data handling in a cloud computing environment |
US9286571B2 (en) | 2012-04-01 | 2016-03-15 | Empire Technology Development Llc | Machine learning for database migration source |
US9285589B2 (en) | 2010-02-28 | 2016-03-15 | Microsoft Technology Licensing, Llc | AR glasses with event and sensor triggered control of AR eyepiece applications |
US20160092813A1 (en) * | 2014-09-30 | 2016-03-31 | International Business Machines Corporation | Migration estimation with partial data |
US9341843B2 (en) | 2010-02-28 | 2016-05-17 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses with a small scale image source |
US9348652B2 (en) | 2012-07-02 | 2016-05-24 | Vmware, Inc. | Multi-tenant-cloud-aggregation and application-support system |
US20160147554A1 (en) * | 2014-11-25 | 2016-05-26 | Red Hat, Inc. | Hot-swapping storage pool backend functional modules |
US9366862B2 (en) | 2010-02-28 | 2016-06-14 | Microsoft Technology Licensing, Llc | System and method for delivering content to a group of see-through near eye display eyepieces |
US9389898B2 (en) | 2012-10-02 | 2016-07-12 | Ca, Inc. | System and method for enforcement of security controls on virtual machines throughout life cycle state changes |
US9426019B1 (en) * | 2011-09-29 | 2016-08-23 | Amazon Technologies, Inc. | Resource pooling and subletting from user to another user |
US9424439B2 (en) | 2011-09-12 | 2016-08-23 | Microsoft Technology Licensing, Llc | Secure data synchronization |
US9430295B1 (en) * | 2012-03-29 | 2016-08-30 | Infoblox Inc. | Internet protocol address management (IPAM) integration with a plurality of virtualization tiers in the virtual cloud |
US9444735B2 (en) | 2014-02-27 | 2016-09-13 | Cisco Technology, Inc. | Contextual summarization tag and type match using network subnetting |
US20160266892A1 (en) * | 2013-12-18 | 2016-09-15 | Hewlett Packard Enterprise Development Lp | Patching of virtual machines during data recovery |
US9448790B2 (en) | 2010-04-26 | 2016-09-20 | Pivotal Software, Inc. | Rapid updating of cloud applications |
US9465957B2 (en) | 2013-11-07 | 2016-10-11 | Lenovo Enterprise Solutions (Singapore) Pte. Ltd. | Preventing predetermined type of configuration changes to computing devices in a computing system servicing a critical job |
US9479396B2 (en) | 2013-05-31 | 2016-10-25 | Sungard Availability Services, Lp | XML based generic UNIX discovery framework |
US9485145B1 (en) * | 2013-11-25 | 2016-11-01 | Vce Company, Llc | System, method, apparatus, and computer program product for determining a configuration of a converged infrastructure |
US9489647B2 (en) | 2008-06-19 | 2016-11-08 | Csc Agility Platform, Inc. | System and method for a cloud computing abstraction with self-service portal for publishing resources |
US9513950B2 (en) | 2012-07-25 | 2016-12-06 | Vmware, Inc. | Dynamic resource configuration based on context |
US9524200B2 (en) | 2015-03-31 | 2016-12-20 | At&T Intellectual Property I, L.P. | Consultation among feedback instances |
US9553787B1 (en) | 2013-04-29 | 2017-01-24 | Amazon Technologies, Inc. | Monitoring hosted service usage |
US9619545B2 (en) | 2013-06-28 | 2017-04-11 | Oracle International Corporation | Naïve, client-side sharding with online addition of shards |
US9632802B2 (en) | 2013-06-14 | 2017-04-25 | Sap Se | Automatic configuration of mobile programs |
US20170134246A1 (en) * | 2013-08-21 | 2017-05-11 | International Business Machines Corporation | Using discovered virtual-infrastructure attributes to automatically generate a service-catalog entry |
US9658868B2 (en) | 2008-06-19 | 2017-05-23 | Csc Agility Platform, Inc. | Cloud computing gateway, cloud computing hypervisor, and methods for implementing same |
US9667515B1 (en) | 2011-09-29 | 2017-05-30 | Amazon Technologies, Inc. | Service image notifications |
US20170171029A1 (en) * | 2015-12-15 | 2017-06-15 | Microsoft Technology Licensing, Llc | End-to-end automated servicing model for cloud computing platforms |
US9710292B2 (en) | 2013-08-02 | 2017-07-18 | International Business Machines Corporation | Allowing management of a virtual machine by multiple cloud providers |
US9729623B2 (en) | 2014-03-15 | 2017-08-08 | International Business Machines Corporation | Specification-guided migration |
US9753784B2 (en) | 2013-11-27 | 2017-09-05 | At&T Intellectual Property I, L.P. | Cloud delivery platform |
US9759917B2 (en) | 2010-02-28 | 2017-09-12 | Microsoft Technology Licensing, Llc | AR glasses with event and sensor triggered AR eyepiece interface to external devices |
US9769206B2 (en) | 2015-03-31 | 2017-09-19 | At&T Intellectual Property I, L.P. | Modes of policy participation for feedback instances |
US9772831B2 (en) | 2010-04-26 | 2017-09-26 | Pivotal Software, Inc. | Droplet execution engine for dynamic server application deployment |
US9774489B1 (en) * | 2010-09-29 | 2017-09-26 | Amazon Technologies, Inc. | Allocating computing resources according to reserved capacity |
US9785461B2 (en) | 2015-05-14 | 2017-10-10 | International Business Machines Corporation | Performing server migration and dependent server discovery in parallel |
WO2017190058A1 (en) * | 2016-04-28 | 2017-11-02 | Snowflake Computing Inc. | Multi-cluster warehouse |
US20170323105A1 (en) * | 2016-04-25 | 2017-11-09 | Cloudminds (Shenzhen) Robotics Systems Co., Ltd. | Virtual machine creation method and apparatus |
US9838260B1 (en) | 2014-03-25 | 2017-12-05 | Amazon Technologies, Inc. | Event-based data path detection |
US9858060B2 (en) | 2014-05-09 | 2018-01-02 | International Business Machines Corporation | Automated deployment of a private modular cloud-computing environment |
US20180081728A1 (en) * | 2016-09-21 | 2018-03-22 | Samsung Sds Co., Ltd. | Apparatus and method managing computing resources |
US9992277B2 (en) | 2015-03-31 | 2018-06-05 | At&T Intellectual Property I, L.P. | Ephemeral feedback instances |
US10031783B2 (en) | 2012-03-02 | 2018-07-24 | Vmware, Inc. | Execution of a distributed deployment plan for a multi-tier application in a cloud infrastructure |
US10075304B2 (en) | 2015-10-30 | 2018-09-11 | Microsoft Technology Licensing, Llc | Multiple gateway operation on single operating system |
US10073906B2 (en) | 2016-04-27 | 2018-09-11 | Oracle International Corporation | Scalable tri-point arbitration and clustering |
US10127695B2 (en) | 2016-02-29 | 2018-11-13 | Oracle International Corporation | Method for creating period profile for time-series data with recurrent patterns |
US10129157B2 (en) | 2015-03-31 | 2018-11-13 | At&T Intellectual Property I, L.P. | Multiple feedback instance inter-coordination to determine optimal actions |
US10129156B2 (en) | 2015-03-31 | 2018-11-13 | At&T Intellectual Property I, L.P. | Dynamic creation and management of ephemeral coordinated feedback instances |
US10133602B2 (en) * | 2015-02-19 | 2018-11-20 | Oracle International Corporation | Adaptive contention-aware thread placement for parallel runtime systems |
US20180359192A1 (en) * | 2012-07-20 | 2018-12-13 | Hewlett Packard Enterprise Development Lp | Policy-based scaling of network resources |
US10165392B2 (en) | 2014-09-25 | 2018-12-25 | At&T Mobility Ii Llc | Access of virtual resources based on a contextual frame of reference |
US10180572B2 (en) | 2010-02-28 | 2019-01-15 | Microsoft Technology Licensing, Llc | AR glasses with event and user action control of external applications |
US10250452B2 (en) | 2015-12-14 | 2019-04-02 | Microsoft Technology Licensing, Llc | Packaging tool for first and third party component deployment |
US10277666B2 (en) | 2015-03-31 | 2019-04-30 | At&T Intellectual Property I, L.P. | Escalation of feedback instances |
US10305688B2 (en) * | 2015-04-22 | 2019-05-28 | Alibaba Group Holding Limited | Method, apparatus, and system for cloud-based encryption machine key injection |
CN109842660A (en) * | 2017-11-28 | 2019-06-04 | 上海驻云信息科技有限公司 | General cloud resource and Rights Management System for different application scene |
US10310824B2 (en) | 2011-09-07 | 2019-06-04 | Imagine Communications Corp. | Distributed ledger platform for computing applications |
RU2691187C1 (en) * | 2016-01-05 | 2019-06-11 | БИТДЕФЕНДЕР АйПиАр МЕНЕДЖМЕНТ ЛТД | System and methods for auditing a virtual machine |
US10326708B2 (en) | 2012-02-10 | 2019-06-18 | Oracle International Corporation | Cloud computing services framework |
US10331802B2 (en) | 2016-02-29 | 2019-06-25 | Oracle International Corporation | System for detecting and characterizing seasons |
US10332090B2 (en) | 2015-08-27 | 2019-06-25 | Acumera, Inc. | Providing secure remote access to a device at a merchant location |
EP3511823A1 (en) * | 2018-01-15 | 2019-07-17 | Siemens Aktiengesellschaft | Method and system of managing artifacts during its lifecycle on a cloud computing system |
US10379910B2 (en) | 2012-10-26 | 2019-08-13 | Syntel, Inc. | System and method for evaluation of migration of applications to the cloud |
US10380078B1 (en) * | 2011-12-15 | 2019-08-13 | Veritas Technologies Llc | Dynamic storage tiering in a virtual environment |
US10394793B1 (en) * | 2015-01-30 | 2019-08-27 | EMC IP Holding Company LLC | Method and system for governed replay for compliance applications |
US10395061B2 (en) | 2015-09-29 | 2019-08-27 | International Business Machines Corporation | Efficient auditing of data in object storage |
US10404551B2 (en) | 2012-04-30 | 2019-09-03 | Entit Software Llc | Automated event management |
US10411975B2 (en) | 2013-03-15 | 2019-09-10 | Csc Agility Platform, Inc. | System and method for a cloud computing abstraction with multi-tier deployment policy |
US10419425B2 (en) | 2015-09-01 | 2019-09-17 | Alibaba Group Holding Limited | Method, device, and system for access control of a cloud hosting service |
US10467423B1 (en) * | 2014-03-26 | 2019-11-05 | Amazon Technologies, Inc. | Static analysis-based tracking of data in access-controlled systems |
US10496396B2 (en) | 2017-09-29 | 2019-12-03 | Oracle International Corporation | Scalable artificial intelligence driven configuration management |
US10539787B2 (en) | 2010-02-28 | 2020-01-21 | Microsoft Technology Licensing, Llc | Head-worn adaptive display |
US10586612B2 (en) * | 2013-03-01 | 2020-03-10 | Actx, Inc. | Cloud-like medical-information service |
US10606578B2 (en) | 2015-10-23 | 2020-03-31 | Oracle International Corporation | Provisioning of pluggable databases using a central repository |
US10614047B1 (en) * | 2013-09-24 | 2020-04-07 | EMC IP Holding Company LLC | Proxy-based backup and restore of hyper-V cluster shared volumes (CSV) |
US10621176B2 (en) | 2015-10-23 | 2020-04-14 | Oracle International Corporation | Automatic reconfiguration of relocated pluggable databases |
US10630572B1 (en) * | 2018-01-05 | 2020-04-21 | iPayed, LLC | Open loop, closed loop, real and near real-time computer network system and method therefor |
US10635658B2 (en) | 2015-10-23 | 2020-04-28 | Oracle International Corporation | Asynchronous shared application upgrade |
US10635563B2 (en) | 2016-08-04 | 2020-04-28 | Oracle International Corporation | Unsupervised method for baselining and anomaly detection in time-series data for enterprise systems |
US10684837B2 (en) | 2015-02-25 | 2020-06-16 | Red Hat Israel, Ltd. | Repository manager |
US10699211B2 (en) | 2016-02-29 | 2020-06-30 | Oracle International Corporation | Supervised method for classifying seasonal patterns |
US10715457B2 (en) | 2010-06-15 | 2020-07-14 | Oracle International Corporation | Coordination of processes in cloud computing environments |
US10721256B2 (en) | 2018-05-21 | 2020-07-21 | Oracle International Corporation | Anomaly detection based on events composed through unsupervised clustering of log messages |
US10721144B2 (en) | 2017-12-22 | 2020-07-21 | At&T Intellectual Property I, L.P. | Virtualized intelligent and integrated network monitoring as a service |
US10728272B1 (en) | 2014-12-17 | 2020-07-28 | Amazon Technologies, Inc. | Risk scoring in a connected graph |
TWI700626B (en) * | 2018-04-06 | 2020-08-01 | 日商三菱電機股份有限公司 | System construction support apparatus, system construction support method and recording media |
DE102013108899B4 (en) | 2012-11-30 | 2020-08-06 | Lenovo (Singapore) Pte. Ltd. | Account management for cloud-based applications |
US10761895B2 (en) | 2013-09-26 | 2020-09-01 | Vmware, Inc. | Selective allocation of physical computing resources amongst virtual machines based on user attribute values contained in user profiles |
US10761870B2 (en) | 2014-06-30 | 2020-09-01 | Vmware, Inc. | Methods and apparatus to manage monitoring agents |
US10778597B1 (en) * | 2015-05-21 | 2020-09-15 | EMC IP Holding Company LLC | Orchestration management system and method for managing a resource pool across multiple computing clouds |
US10789131B2 (en) | 2015-10-23 | 2020-09-29 | Oracle International Corporation | Transportable backups for pluggable database relocation |
US10817803B2 (en) | 2017-06-02 | 2020-10-27 | Oracle International Corporation | Data driven methods and systems for what if analysis |
US10817278B1 (en) * | 2018-05-25 | 2020-10-27 | Amazon Technologies, Inc. | Controlling the approval of software updates for computing resources |
US10846070B2 (en) | 2018-07-05 | 2020-11-24 | At&T Intellectual Property I, L.P. | Facilitating cloud native edge computing via behavioral intelligence |
US10855548B2 (en) | 2019-02-15 | 2020-12-01 | Oracle International Corporation | Systems and methods for automatically detecting, summarizing, and responding to anomalies |
US10860605B2 (en) | 2012-09-28 | 2020-12-08 | Oracle International Corporation | Near-zero downtime relocation of a pluggable database across container databases |
US10860100B2 (en) | 2010-02-28 | 2020-12-08 | Microsoft Technology Licensing, Llc | AR glasses with predictive control of external device based on event input |
US10884815B2 (en) | 2018-10-29 | 2021-01-05 | Pivotal Software, Inc. | Independent services platform |
US10885461B2 (en) | 2016-02-29 | 2021-01-05 | Oracle International Corporation | Unsupervised method for classifying seasonal patterns |
US10915830B2 (en) | 2017-02-24 | 2021-02-09 | Oracle International Corporation | Multiscale method for predictive alerting |
US10929403B2 (en) | 2017-10-02 | 2021-02-23 | At&T Intellectual Property I, L.P. | Dynamic data threading system |
US10949436B2 (en) | 2017-02-24 | 2021-03-16 | Oracle International Corporation | Optimization for scalable analytics using time series models |
US10951473B1 (en) * | 2015-03-25 | 2021-03-16 | Amazon Technologies, Inc. | Asynchronous fleet configuration service |
US10963346B2 (en) | 2018-06-05 | 2021-03-30 | Oracle International Corporation | Scalable methods and systems for approximating statistical distributions |
US10970057B2 (en) | 2014-02-26 | 2021-04-06 | Vmware Inc. | Methods and apparatus to generate a customized application blueprint |
US10970186B2 (en) | 2016-05-16 | 2021-04-06 | Oracle International Corporation | Correlation-based analytic for time-series data |
US10997517B2 (en) | 2018-06-05 | 2021-05-04 | Oracle International Corporation | Methods and systems for aggregating distribution approximations |
CN113190351A (en) * | 2021-05-06 | 2021-07-30 | 天津大学 | Efficient resource distribution system for distributed deep learning training task |
US11082439B2 (en) | 2016-08-04 | 2021-08-03 | Oracle International Corporation | Unsupervised method for baselining and anomaly detection in time-series data for enterprise systems |
US11086757B1 (en) | 2019-06-12 | 2021-08-10 | Express Scripts Strategic Development, Inc. | Systems and methods for providing stable deployments to mainframe environments |
US11113186B1 (en) * | 2019-12-13 | 2021-09-07 | Amazon Technologies, Inc. | Testing and publishing of resource handlers in a cloud environment |
US11138090B2 (en) | 2018-10-23 | 2021-10-05 | Oracle International Corporation | Systems and methods for forecasting time series with variable seasonality |
US11151025B1 (en) * | 2020-05-15 | 2021-10-19 | Dell Products L.P. | Generating software test plans based at least in part on monitored traffic of a production application |
US11178161B2 (en) | 2019-04-18 | 2021-11-16 | Oracle International Corporation | Detecting anomalies during operation of a computer system based on multimodal data |
US11232495B2 (en) | 2010-12-15 | 2022-01-25 | Red Hat, Inc. | Data driven rules engine to dynamically change product business rules |
US11327932B2 (en) | 2017-09-30 | 2022-05-10 | Oracle International Corporation | Autonomous multitenant database cloud service framework |
US20220166684A1 (en) * | 2020-11-25 | 2022-05-26 | Cerner Innovation, Inc. | Dashboard interface |
US11347533B2 (en) | 2019-09-06 | 2022-05-31 | Microsoft Technology Licensing, Llc | Enhanced virtual machine image management system |
US11386058B2 (en) | 2017-09-29 | 2022-07-12 | Oracle International Corporation | Rule-based autonomous database cloud service framework |
US11442716B2 (en) * | 2014-06-02 | 2022-09-13 | Google Llc | Cloud orchestration engine |
US11533326B2 (en) | 2019-05-01 | 2022-12-20 | Oracle International Corporation | Systems and methods for multivariate anomaly detection in software monitoring |
US11537940B2 (en) | 2019-05-13 | 2022-12-27 | Oracle International Corporation | Systems and methods for unsupervised anomaly detection using non-parametric tolerance intervals over a sliding window of t-digests |
US20230006920A1 (en) * | 2021-07-02 | 2023-01-05 | Vmware, Inc. | Source-based routing for virtual datacenters |
US11582147B2 (en) | 2021-05-24 | 2023-02-14 | Vmware, Inc. | Allocating additional bandwidth to resources in a datacenter through deployment of dedicated gateways |
US20230136570A1 (en) * | 2021-11-04 | 2023-05-04 | Bell Textron Inc. | Managing access for a manufacturing system |
US11720347B1 (en) | 2019-06-12 | 2023-08-08 | Express Scripts Strategic Development, Inc. | Systems and methods for providing stable deployments to mainframe environments |
US20230388180A1 (en) * | 2022-05-31 | 2023-11-30 | Microsoft Technology Licensing, Llc | Techniques for provisioning workspaces in cloud-based computing platforms |
US11843547B2 (en) | 2020-09-21 | 2023-12-12 | Vmware, Inc. | Allocating additional bandwidth to resources in a datacenter through deployment of dedicated gateways |
US11887015B2 (en) | 2019-09-13 | 2024-01-30 | Oracle International Corporation | Automatically-generated labels for time series data and numerical lists to use in analytic and machine learning systems |
US11930017B1 (en) * | 2023-04-07 | 2024-03-12 | Sonrai Security Inc. | Cloud security platform with contextual hot-spot permissions analytics |
US11941155B2 (en) | 2021-03-15 | 2024-03-26 | EMC IP Holding Company LLC | Secure data management in a network computing environment |
US11962493B2 (en) | 2022-06-21 | 2024-04-16 | VMware LLC | Network address translation in active-active edge cluster |
Families Citing this family (870)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10181953B1 (en) | 2013-09-16 | 2019-01-15 | Amazon Technologies, Inc. | Trusted data verification |
US9400589B1 (en) | 2002-05-30 | 2016-07-26 | Consumerinfo.Com, Inc. | Circular rotational interface for display of consumer credit information |
US9710852B1 (en) | 2002-05-30 | 2017-07-18 | Consumerinfo.Com, Inc. | Credit report timeline user interface |
US6959325B2 (en) * | 2003-08-11 | 2005-10-25 | Teamon Systems, Inc. | System and method for generating configurations used for accessing electronic mailboxes |
US8732004B1 (en) | 2004-09-22 | 2014-05-20 | Experian Information Solutions, Inc. | Automated analysis of data to generate prospect notifications based on trigger events |
US11423486B2 (en) * | 2005-05-11 | 2022-08-23 | International Business Machines Corporation | Method for production refactoring of a producing entity |
US20140373144A9 (en) * | 2006-05-22 | 2014-12-18 | Alen Capalik | System and method for analyzing unauthorized intrusion into a computer network |
US8036979B1 (en) | 2006-10-05 | 2011-10-11 | Experian Information Solutions, Inc. | System and method for generating a finance attribute from tradeline data |
US20080104022A1 (en) | 2006-10-31 | 2008-05-01 | Bank Of America Corporation | Document indexing and delivery system |
US8606666B1 (en) | 2007-01-31 | 2013-12-10 | Experian Information Solutions, Inc. | System and method for providing an aggregation tool |
US8606626B1 (en) | 2007-01-31 | 2013-12-10 | Experian Information Solutions, Inc. | Systems and methods for providing a direct marketing campaign planning environment |
US8285656B1 (en) | 2007-03-30 | 2012-10-09 | Consumerinfo.Com, Inc. | Systems and methods for data verification |
WO2008147918A2 (en) | 2007-05-25 | 2008-12-04 | Experian Information Solutions, Inc. | System and method for automated detection of never-pay data sets |
US9495152B2 (en) | 2007-06-22 | 2016-11-15 | Red Hat, Inc. | Automatic baselining of business application service groups comprised of virtual machines |
US9727440B2 (en) * | 2007-06-22 | 2017-08-08 | Red Hat, Inc. | Automatic simulation of virtual machine performance |
US9569330B2 (en) | 2007-06-22 | 2017-02-14 | Red Hat, Inc. | Performing dependency analysis on nodes of a business application service group |
US9678803B2 (en) | 2007-06-22 | 2017-06-13 | Red Hat, Inc. | Migration of network entities to a cloud infrastructure |
US7991910B2 (en) | 2008-11-17 | 2011-08-02 | Amazon Technologies, Inc. | Updating routing information based on client location |
US8028090B2 (en) | 2008-11-17 | 2011-09-27 | Amazon Technologies, Inc. | Request routing utilizing client location information |
US8127986B1 (en) | 2007-12-14 | 2012-03-06 | Consumerinfo.Com, Inc. | Card registry systems and methods |
US9990674B1 (en) | 2007-12-14 | 2018-06-05 | Consumerinfo.Com, Inc. | Card registry systems and methods |
WO2009108344A1 (en) | 2008-02-29 | 2009-09-03 | Vkernel Corporation | Method, system and apparatus for managing, modeling, predicting, allocating and utilizing resources and bottlenecks in a computer network |
US8935701B2 (en) | 2008-03-07 | 2015-01-13 | Dell Software Inc. | Unified management platform in a computer network |
US8601090B1 (en) | 2008-03-31 | 2013-12-03 | Amazon Technologies, Inc. | Network resource identification |
US8447831B1 (en) | 2008-03-31 | 2013-05-21 | Amazon Technologies, Inc. | Incentive driven content delivery |
US8606996B2 (en) | 2008-03-31 | 2013-12-10 | Amazon Technologies, Inc. | Cache optimization |
US7962597B2 (en) | 2008-03-31 | 2011-06-14 | Amazon Technologies, Inc. | Request routing based on class |
US7970820B1 (en) | 2008-03-31 | 2011-06-28 | Amazon Technologies, Inc. | Locality based content distribution |
US8321568B2 (en) | 2008-03-31 | 2012-11-27 | Amazon Technologies, Inc. | Content management |
US8837465B2 (en) | 2008-04-02 | 2014-09-16 | Twilio, Inc. | System and method for processing telephony sessions |
EP2266269B1 (en) | 2008-04-02 | 2019-01-02 | Twilio Inc. | System and method for processing telephony sessions |
US8312033B1 (en) | 2008-06-26 | 2012-11-13 | Experian Marketing Solutions, Inc. | Systems and methods for providing an integrated identifier |
US9407681B1 (en) | 2010-09-28 | 2016-08-02 | Amazon Technologies, Inc. | Latency measurement in resource requests |
US9256904B1 (en) | 2008-08-14 | 2016-02-09 | Experian Information Solutions, Inc. | Multi-bureau credit file freeze and unfreeze |
US8060424B2 (en) | 2008-11-05 | 2011-11-15 | Consumerinfo.Com, Inc. | On-line method and system for monitoring and reporting unused available credit |
JP5671484B2 (en) | 2009-03-02 | 2015-02-18 | トゥイリオ インコーポレイテッドTwilio Inc. | Method and system for a multi-tenant telephone network |
US8639920B2 (en) | 2009-05-11 | 2014-01-28 | Experian Marketing Solutions, Inc. | Systems and methods for providing anonymized user profile data |
CN101667966B (en) * | 2009-06-11 | 2011-10-26 | 中兴通讯股份有限公司 | Method and system for realizing far-end mirror image of router |
US9357568B2 (en) * | 2009-06-16 | 2016-05-31 | Futurewei Technologies, Inc. | System and method for adapting an application source rate to a load condition |
US8782236B1 (en) | 2009-06-16 | 2014-07-15 | Amazon Technologies, Inc. | Managing resources using resource expiration data |
US8397073B1 (en) | 2009-09-04 | 2013-03-12 | Amazon Technologies, Inc. | Managing secure content in a content delivery network |
US8819183B2 (en) * | 2009-12-15 | 2014-08-26 | International Business Machines Corporation | Concurrent execution of request processing and analytics of requests |
US8892762B2 (en) * | 2009-12-15 | 2014-11-18 | International Business Machines Corporation | Multi-granular stream processing |
US8874638B2 (en) * | 2009-12-15 | 2014-10-28 | International Business Machines Corporation | Interactive analytics processing |
US9684785B2 (en) * | 2009-12-17 | 2017-06-20 | Red Hat, Inc. | Providing multiple isolated execution environments for securely accessing untrusted content |
US9389895B2 (en) * | 2009-12-17 | 2016-07-12 | Microsoft Technology Licensing, Llc | Virtual storage target offload techniques |
US8438573B2 (en) * | 2010-01-15 | 2013-05-07 | Oracle International Corporation | Dependency on a resource type |
US9069619B2 (en) * | 2010-01-15 | 2015-06-30 | Oracle International Corporation | Self-testable HA framework library infrastructure |
US9098334B2 (en) * | 2010-01-15 | 2015-08-04 | Oracle International Corporation | Special values in oracle clusterware resource profiles |
US20110179173A1 (en) * | 2010-01-15 | 2011-07-21 | Carol Colrain | Conditional dependency in a computing cluster |
US9207987B2 (en) * | 2010-01-15 | 2015-12-08 | Oracle International Corporation | Dispersion dependency in oracle clusterware |
US8583798B2 (en) * | 2010-01-15 | 2013-11-12 | Oracle International Corporation | Unidirectional resource and type dependencies in oracle clusterware |
US8949425B2 (en) | 2010-01-15 | 2015-02-03 | Oracle International Corporation | “Local resource” type as a way to automate management of infrastructure resources in oracle clusterware |
US9495338B1 (en) | 2010-01-28 | 2016-11-15 | Amazon Technologies, Inc. | Content distribution network |
US8352799B2 (en) * | 2010-02-12 | 2013-01-08 | Symantec Corporation | Data corruption prevention during application restart and recovery |
US8938782B2 (en) * | 2010-03-15 | 2015-01-20 | Symantec Corporation | Systems and methods for providing network access control in virtual environments |
US20110231912A1 (en) * | 2010-03-19 | 2011-09-22 | Salesforce.Com, Inc. | System, method and computer program product for authenticating a mobile device using an access token |
US9652802B1 (en) | 2010-03-24 | 2017-05-16 | Consumerinfo.Com, Inc. | Indirect monitoring and reporting of a user's credit data |
US8255508B2 (en) | 2010-03-24 | 2012-08-28 | International Business Machines Corporation | Administration of virtual machine affinity in a data center |
US20110238490A1 (en) * | 2010-03-25 | 2011-09-29 | Microsoft Corporation | Auction flighting |
US8922559B2 (en) | 2010-03-26 | 2014-12-30 | Microsoft Corporation | Graph clustering |
US20110246376A1 (en) * | 2010-03-31 | 2011-10-06 | International Business Machines Corporation | Cost benefit based analysis system for network environments |
EP2383652A1 (en) * | 2010-03-31 | 2011-11-02 | British Telecommunications public limited company | Performance monitoring for virtual machines |
US9367362B2 (en) | 2010-04-01 | 2016-06-14 | International Business Machines Corporation | Administration of virtual machine affinity in a cloud computing environment |
US8572612B2 (en) | 2010-04-14 | 2013-10-29 | International Business Machines Corporation | Autonomic scaling of virtual machines in a cloud computing environment |
US20110258481A1 (en) * | 2010-04-14 | 2011-10-20 | International Business Machines Corporation | Deploying A Virtual Machine For Disaster Recovery In A Cloud Computing Environment |
US9245246B2 (en) | 2010-04-22 | 2016-01-26 | International Business Machines Corporation | Capacity over-commit management in resource provisioning environments |
US8732310B2 (en) * | 2010-04-22 | 2014-05-20 | International Business Machines Corporation | Policy-driven capacity management in resource provisioning environments |
US8386423B2 (en) * | 2010-05-28 | 2013-02-26 | Microsoft Corporation | Scalable policy-based database synchronization of scopes |
US8544075B2 (en) * | 2010-06-15 | 2013-09-24 | Microsoft Corporation | Extending a customer relationship management eventing framework to a cloud computing environment in a secure manner |
US8775625B2 (en) * | 2010-06-16 | 2014-07-08 | Juniper Networks, Inc. | Virtual machine mobility in data centers |
US20110313803A1 (en) * | 2010-06-22 | 2011-12-22 | Microsoft Corporation | Social Task Lists |
US9106697B2 (en) * | 2010-06-24 | 2015-08-11 | NeurallQ, Inc. | System and method for identifying unauthorized activities on a computer system using a data structure model |
US9721215B2 (en) * | 2010-06-30 | 2017-08-01 | International Business Machines Corporation | Enhanced management of a web conferencing server |
US8539078B2 (en) * | 2010-07-08 | 2013-09-17 | International Business Machines Corporation | Isolating resources between tenants in a software-as-a-service system using the estimated costs of service requests |
US8478879B2 (en) * | 2010-07-13 | 2013-07-02 | International Business Machines Corporation | Optimizing it infrastructure configuration |
JP5507368B2 (en) * | 2010-07-13 | 2014-05-28 | 富士通テレコムネットワークス株式会社 | SNMP agent device and setting undo method |
US8694777B2 (en) | 2010-08-13 | 2014-04-08 | International Business Machines Corporation | Securely identifying host systems |
US9323561B2 (en) * | 2010-08-13 | 2016-04-26 | International Business Machines Corporation | Calibrating cloud computing environments |
US8478845B2 (en) * | 2010-08-16 | 2013-07-02 | International Business Machines Corporation | End-to-end provisioning of storage clouds |
US9250974B1 (en) * | 2010-09-08 | 2016-02-02 | Disney Enterprises, Inc. | Systems and methods for configuring and managing computing resources to provide highly-scalable services |
US8949410B2 (en) | 2010-09-10 | 2015-02-03 | Cisco Technology, Inc. | Server load balancer scaling for virtual servers |
US8468247B1 (en) | 2010-09-28 | 2013-06-18 | Amazon Technologies, Inc. | Point of presence management in request routing |
US9003035B1 (en) | 2010-09-28 | 2015-04-07 | Amazon Technologies, Inc. | Point of presence management in request routing |
US9712484B1 (en) | 2010-09-28 | 2017-07-18 | Amazon Technologies, Inc. | Managing request routing information utilizing client identifiers |
US10958501B1 (en) | 2010-09-28 | 2021-03-23 | Amazon Technologies, Inc. | Request routing information based on client IP groupings |
US20130254868A1 (en) * | 2010-10-13 | 2013-09-26 | Zte Usa Inc | System and method for multimedia multi-party peering (m2p2) |
US8832794B2 (en) * | 2010-10-20 | 2014-09-09 | Jeffry David Aronson | Single-point-of-access cyber system |
US9645839B2 (en) * | 2010-10-27 | 2017-05-09 | Microsoft Technology Licensing, Llc | Stateful applications operating in a stateless cloud computing environment |
US9032053B2 (en) * | 2010-10-29 | 2015-05-12 | Nokia Corporation | Method and apparatus for upgrading components of a cluster |
US20130173648A1 (en) * | 2010-10-29 | 2013-07-04 | Xiang Tan | Software Application Recognition |
US8930262B1 (en) | 2010-11-02 | 2015-01-06 | Experian Technology Ltd. | Systems and methods of assisted strategy design |
US8910155B1 (en) * | 2010-11-02 | 2014-12-09 | Symantec Corporation | Methods and systems for injecting endpoint management agents into virtual machines |
US9037720B2 (en) | 2010-11-19 | 2015-05-19 | International Business Machines Corporation | Template for optimizing IT infrastructure configuration |
US9147042B1 (en) | 2010-11-22 | 2015-09-29 | Experian Information Solutions, Inc. | Systems and methods for data verification |
US8452874B2 (en) | 2010-11-22 | 2013-05-28 | Amazon Technologies, Inc. | Request routing processing |
US8620851B2 (en) * | 2010-11-23 | 2013-12-31 | Novell, Inc. | System and method for determining fuzzy cause and effect relationships in an intelligent workload management system |
US9237155B1 (en) | 2010-12-06 | 2016-01-12 | Amazon Technologies, Inc. | Distributed policy enforcement with optimizing policy transformations |
US9258312B1 (en) | 2010-12-06 | 2016-02-09 | Amazon Technologies, Inc. | Distributed policy enforcement with verification mode |
US20120158806A1 (en) * | 2010-12-20 | 2012-06-21 | Verizon Patent And Licensing Inc. | Provisioning network-attached storage |
US8863138B2 (en) * | 2010-12-22 | 2014-10-14 | Intel Corporation | Application service performance in cloud computing |
US10977277B2 (en) | 2010-12-23 | 2021-04-13 | Mongodb, Inc. | Systems and methods for database zone sharding and API integration |
US10262050B2 (en) | 2015-09-25 | 2019-04-16 | Mongodb, Inc. | Distributed database systems and methods with pluggable storage engines |
US8996463B2 (en) | 2012-07-26 | 2015-03-31 | Mongodb, Inc. | Aggregation framework system architecture and method |
US11615115B2 (en) | 2010-12-23 | 2023-03-28 | Mongodb, Inc. | Systems and methods for managing distributed database deployments |
US9740762B2 (en) | 2011-04-01 | 2017-08-22 | Mongodb, Inc. | System and method for optimizing data migration in a partitioned database |
US9881034B2 (en) | 2015-12-15 | 2018-01-30 | Mongodb, Inc. | Systems and methods for automating management of distributed databases |
US10740353B2 (en) | 2010-12-23 | 2020-08-11 | Mongodb, Inc. | Systems and methods for managing distributed database deployments |
US9805108B2 (en) | 2010-12-23 | 2017-10-31 | Mongodb, Inc. | Large distributed database clustering systems and methods |
US11544288B2 (en) | 2010-12-23 | 2023-01-03 | Mongodb, Inc. | Systems and methods for managing distributed database deployments |
US10614098B2 (en) | 2010-12-23 | 2020-04-07 | Mongodb, Inc. | System and method for determining consensus within a distributed database |
US10713280B2 (en) * | 2010-12-23 | 2020-07-14 | Mongodb, Inc. | Systems and methods for managing distributed database deployments |
US10366100B2 (en) | 2012-07-26 | 2019-07-30 | Mongodb, Inc. | Aggregation framework system architecture and method |
US10346430B2 (en) | 2010-12-23 | 2019-07-09 | Mongodb, Inc. | System and method for determining consensus within a distributed database |
US9354852B2 (en) * | 2010-12-23 | 2016-05-31 | Microsoft Technology Licensing, Llc | Satisfying application dependencies |
US10997211B2 (en) | 2010-12-23 | 2021-05-04 | Mongodb, Inc. | Systems and methods for database zone sharding and API integration |
US8572031B2 (en) | 2010-12-23 | 2013-10-29 | Mongodb, Inc. | Method and apparatus for maintaining replica sets |
JP5623271B2 (en) * | 2010-12-27 | 2014-11-12 | インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation | Information processing apparatus, authority management method, program, and recording medium |
US8621081B2 (en) * | 2010-12-29 | 2013-12-31 | Verizon Patent And Licensing Inc. | Hypervisor controlled user device that enables available user device resources to be used for cloud computing |
US20120173717A1 (en) * | 2010-12-31 | 2012-07-05 | Vince Kohli | Cloud*Innovator |
US8788669B2 (en) * | 2011-01-03 | 2014-07-22 | Novell, Inc. | Policy and identity based workload provisioning |
WO2012102863A2 (en) * | 2011-01-27 | 2012-08-02 | Munirathnam Srikanth | Dynamically organizing cloud computing resources to facilitate discovery |
US9584949B2 (en) * | 2011-01-27 | 2017-02-28 | Microsoft Technology Licensing, Llc | Cloud based master data management architecture |
US9128768B2 (en) * | 2011-01-27 | 2015-09-08 | Microsoft Technology Licensing, LCC | Cloud based master data management |
US9009697B2 (en) | 2011-02-08 | 2015-04-14 | International Business Machines Corporation | Hybrid cloud integrator |
US20120204187A1 (en) * | 2011-02-08 | 2012-08-09 | International Business Machines Corporation | Hybrid Cloud Workload Management |
US9063789B2 (en) | 2011-02-08 | 2015-06-23 | International Business Machines Corporation | Hybrid cloud integrator plug-in components |
US20120210436A1 (en) * | 2011-02-14 | 2012-08-16 | Alan Rouse | System and method for fingerprinting in a cloud-computing environment |
US9027151B2 (en) | 2011-02-17 | 2015-05-05 | Red Hat, Inc. | Inhibiting denial-of-service attacks using group controls |
US9235728B2 (en) | 2011-02-18 | 2016-01-12 | Csidentity Corporation | System and methods for identifying compromised personally identifiable information on the internet |
US8903884B2 (en) * | 2011-02-21 | 2014-12-02 | Microsoft Corporation | Multi-tenant services gateway |
US9053580B2 (en) | 2011-02-25 | 2015-06-09 | International Business Machines Corporation | Data processing environment integration control interface |
US9104672B2 (en) | 2011-02-25 | 2015-08-11 | International Business Machines Corporation | Virtual security zones for data processing environments |
US8988998B2 (en) | 2011-02-25 | 2015-03-24 | International Business Machines Corporation | Data processing environment integration control |
US9128773B2 (en) | 2011-02-25 | 2015-09-08 | International Business Machines Corporation | Data processing environment event correlation |
US20120233236A1 (en) * | 2011-03-07 | 2012-09-13 | Min-Shu Chen | Cloud-based system for serving service request of embedded device by cloud computing and related cloud-based processing method thereof |
US9195510B2 (en) | 2011-04-04 | 2015-11-24 | Dell Products L.P. | Information handling system application decentralized workload management |
US20140223430A1 (en) * | 2011-04-07 | 2014-08-07 | Hewlett-Packard Development Company, L.P. | Method and apparatus for moving a software object |
US8627274B2 (en) * | 2011-04-11 | 2014-01-07 | International Business Machines Corporation | Software tool and method for generating a virtual appliance |
US8806483B2 (en) * | 2011-04-13 | 2014-08-12 | International Business Machines Corporation | Determining starting values for virtual machine attributes in a networked computing environment |
US9189419B2 (en) | 2011-04-14 | 2015-11-17 | Vmware, Inc. | Detecting and suppressing redundant input-output operations |
US20120266026A1 (en) * | 2011-04-18 | 2012-10-18 | Ramya Malanai Chikkalingaiah | Detecting and diagnosing misbehaving applications in virtualized computing systems |
US10467042B1 (en) | 2011-04-27 | 2019-11-05 | Amazon Technologies, Inc. | Optimized deployment based upon customer locality |
US9558519B1 (en) | 2011-04-29 | 2017-01-31 | Consumerinfo.Com, Inc. | Exposing reporting cycle information |
US9021475B2 (en) * | 2011-05-04 | 2015-04-28 | Citrix Systems, Inc. | Systems and methods for SR-IOV pass-thru via an intermediary device |
US8769531B2 (en) * | 2011-05-25 | 2014-07-01 | International Business Machines Corporation | Optimizing the configuration of virtual machine instances in a networked computing environment |
US8769642B1 (en) | 2011-05-31 | 2014-07-01 | Amazon Technologies, Inc. | Techniques for delegation of access privileges |
US8973108B1 (en) | 2011-05-31 | 2015-03-03 | Amazon Technologies, Inc. | Use of metadata for computing resource access |
US8984508B2 (en) * | 2011-06-02 | 2015-03-17 | Vmware, Inc. | System and method for restarting a workload based on global load balancing |
US9118642B2 (en) * | 2011-06-05 | 2015-08-25 | Apple Inc. | Asset streaming |
US20120317500A1 (en) * | 2011-06-07 | 2012-12-13 | At&T Intellectual Property I, L.P. | System and method for data visualization and user collaboration |
US9122817B2 (en) * | 2011-06-09 | 2015-09-01 | Brigham Young University | Collaborative CAx apparatus and method |
US20140181309A1 (en) * | 2011-06-14 | 2014-06-26 | Zte Usa Inc. | Method and system for cloud-based identity management (c-idm) implementation |
US9665854B1 (en) | 2011-06-16 | 2017-05-30 | Consumerinfo.Com, Inc. | Authentication alerts |
US20120324456A1 (en) | 2011-06-16 | 2012-12-20 | Microsoft Corporation | Managing nodes in a high-performance computing system using a node registrar |
US8832775B2 (en) * | 2011-06-17 | 2014-09-09 | Novell, Inc. | Techniques for workload spawning |
US9736065B2 (en) | 2011-06-24 | 2017-08-15 | Cisco Technology, Inc. | Level of hierarchy in MST for traffic localization and load balancing |
US9176773B2 (en) * | 2011-06-29 | 2015-11-03 | Microsoft Technology Licensing, Llc | Virtual machine migration tool |
US9483606B1 (en) | 2011-07-08 | 2016-11-01 | Consumerinfo.Com, Inc. | Lifescore |
US8732109B1 (en) | 2011-07-29 | 2014-05-20 | The Boeing Company | Structured requirement generation and assessment |
US10423509B2 (en) * | 2011-08-05 | 2019-09-24 | Entit Software Llc | System and method for managing environment configuration using snapshots |
US9158590B2 (en) * | 2011-08-08 | 2015-10-13 | International Business Machines Corporation | Dynamically acquiring computing resources in a networked computing environment |
US8789143B2 (en) | 2011-08-15 | 2014-07-22 | Bank Of America Corporation | Method and apparatus for token-based conditioning |
US8950002B2 (en) * | 2011-08-15 | 2015-02-03 | Bank Of America Corporation | Method and apparatus for token-based access of related resources |
US8752124B2 (en) | 2011-08-15 | 2014-06-10 | Bank Of America Corporation | Apparatus and method for performing real-time authentication using subject token combinations |
US8539558B2 (en) | 2011-08-15 | 2013-09-17 | Bank Of America Corporation | Method and apparatus for token-based token termination |
US8806602B2 (en) | 2011-08-15 | 2014-08-12 | Bank Of America Corporation | Apparatus and method for performing end-to-end encryption |
US9817807B1 (en) * | 2011-08-23 | 2017-11-14 | Amazon Technologies, Inc. | Selecting platform-supported services |
US9495222B1 (en) * | 2011-08-26 | 2016-11-15 | Dell Software Inc. | Systems and methods for performance indexing |
US8612599B2 (en) * | 2011-09-07 | 2013-12-17 | Accenture Global Services Limited | Cloud service monitoring system |
US9026837B2 (en) * | 2011-09-09 | 2015-05-05 | Microsoft Technology Licensing, Llc | Resource aware placement of applications in clusters |
US9038049B2 (en) | 2011-09-09 | 2015-05-19 | Microsoft Technology Licensing, Llc | Automated discovery of resource definitions and relationships in a scripting environment |
US9106691B1 (en) | 2011-09-16 | 2015-08-11 | Consumerinfo.Com, Inc. | Systems and methods of identity protection and management |
US9646054B2 (en) * | 2011-09-21 | 2017-05-09 | Hewlett Packard Enterprise Development Lp | Matching of cases based on attributes including an attribute relating to flow of activities |
US9275204B1 (en) * | 2011-09-28 | 2016-03-01 | Marvell International Ltd. | Enhanced network access-control credentials |
US9886312B2 (en) * | 2011-09-28 | 2018-02-06 | Microsoft Technology Licensing, Llc | Dynamic provisioning of virtual video memory based on virtual video controller configuration |
US9178701B2 (en) | 2011-09-29 | 2015-11-03 | Amazon Technologies, Inc. | Parameter based key derivation |
US9197409B2 (en) | 2011-09-29 | 2015-11-24 | Amazon Technologies, Inc. | Key derivation techniques |
US9203613B2 (en) | 2011-09-29 | 2015-12-01 | Amazon Technologies, Inc. | Techniques for client constructed sessions |
FR2980937A1 (en) * | 2011-09-30 | 2013-04-05 | France Telecom | METHOD OF SHARING A WEB APPLICATION BETWEEN SEVERAL COMPUTER TERMINALS CONNECTED WITH A COMMUNICATION NETWORK |
US9213686B2 (en) * | 2011-10-04 | 2015-12-15 | Wfh Properties Llc | System and method for managing a form completion process |
US9183528B2 (en) | 2011-10-07 | 2015-11-10 | Microsoft Technology Licensing, Llc | Generating a compliance data model for IT control |
US20140289418A1 (en) * | 2011-10-10 | 2014-09-25 | Ira Cohen | Methods and systems for planning execution of an application in a cloud computing system |
US20130091285A1 (en) * | 2011-10-11 | 2013-04-11 | International Business Machines Corporation | Discovery-based identification and migration of easily cloudifiable applications |
US10192176B2 (en) | 2011-10-11 | 2019-01-29 | Microsoft Technology Licensing, Llc | Motivation of task completion and personalization of tasks and lists |
US8738516B1 (en) | 2011-10-13 | 2014-05-27 | Consumerinfo.Com, Inc. | Debt services candidate locator |
US9154549B2 (en) * | 2011-10-27 | 2015-10-06 | Cisco Technology, Inc. | Dynamic server farms |
US11030562B1 (en) | 2011-10-31 | 2021-06-08 | Consumerinfo.Com, Inc. | Pre-data breach monitoring |
US9009318B2 (en) | 2011-11-03 | 2015-04-14 | Microsoft Corporation | Offline resource allocation algorithms |
US8881143B2 (en) * | 2011-11-04 | 2014-11-04 | Diwakar PRABHAKARAN | Optimization framework for remotely executing a maintenance operation on a virtual machine |
US9886369B2 (en) * | 2011-11-13 | 2018-02-06 | International Business Machines Corporation | Dynamic data fabrication for database applications |
US9519472B2 (en) * | 2011-11-23 | 2016-12-13 | Red Hat, Inc. | Automation of virtual machine installation by splitting an installation into a minimal installation and customization |
US9232020B2 (en) * | 2011-12-14 | 2016-01-05 | Siemens Aktiengesellschaft | Deploying services during fulfillment of a service request |
KR101696698B1 (en) * | 2011-12-23 | 2017-01-17 | 한국전자통신연구원 | Distribution and management method of components having reliance |
US8966085B2 (en) * | 2012-01-04 | 2015-02-24 | International Business Machines Corporation | Policy-based scaling of computing resources in a networked computing environment |
US8775507B2 (en) * | 2012-01-05 | 2014-07-08 | Microsoft Corporation | Rest interface for job submission |
US8908698B2 (en) | 2012-01-13 | 2014-12-09 | Cisco Technology, Inc. | System and method for managing site-to-site VPNs of a cloud managed network |
US9336061B2 (en) | 2012-01-14 | 2016-05-10 | International Business Machines Corporation | Integrated metering of service usage for hybrid clouds |
US8839350B1 (en) * | 2012-01-25 | 2014-09-16 | Symantec Corporation | Sending out-of-band notifications |
US9100306B2 (en) * | 2012-02-16 | 2015-08-04 | International Business Machines Corporation | Managing cloud services |
US20130219156A1 (en) * | 2012-02-22 | 2013-08-22 | Sungard Availability Services Lp | Compliance aware change control |
US10445121B2 (en) | 2012-02-23 | 2019-10-15 | Red Hat Inc. | Building virtual machine disk images for different cloud configurations from a single generic virtual machine disk image |
US9043456B2 (en) * | 2012-02-28 | 2015-05-26 | Arris Technology, Inc. | Identity data management system for high volume production of product-specific identity data |
US9400641B2 (en) * | 2012-02-29 | 2016-07-26 | Red Hat, Inc. | Adaptable middleware layer |
US20130238785A1 (en) * | 2012-03-06 | 2013-09-12 | Rackspace Us, Inc. | System and Method for Metadata Discovery and Metadata-Aware Scheduling |
US8335851B1 (en) * | 2012-03-12 | 2012-12-18 | Ringcentral, Inc. | Network resource deployment for cloud-based services |
JP5675679B2 (en) * | 2012-03-13 | 2015-02-25 | 株式会社東芝 | Virtual image file creation system and virtual image file creation method |
US8793766B2 (en) * | 2012-03-13 | 2014-07-29 | International Business Machines Corporation | Method and apparatus for security-aware elasticity of application and services |
US9401904B1 (en) * | 2012-03-15 | 2016-07-26 | Motio, Inc. | Security migration in a business intelligence environment |
US9069640B2 (en) * | 2012-03-23 | 2015-06-30 | Hitachi, Ltd. | Patch applying method for virtual machine, storage system adopting patch applying method, and computer system |
US8892865B1 (en) | 2012-03-27 | 2014-11-18 | Amazon Technologies, Inc. | Multiple authority key derivation |
US8739308B1 (en) | 2012-03-27 | 2014-05-27 | Amazon Technologies, Inc. | Source identification for unauthorized copies of content |
US9215076B1 (en) | 2012-03-27 | 2015-12-15 | Amazon Technologies, Inc. | Key generation for hierarchical data access |
US9455883B1 (en) * | 2012-03-30 | 2016-09-27 | Emc Corporation | Method and apparatus for provisioning shared NFS storage |
US10623408B1 (en) | 2012-04-02 | 2020-04-14 | Amazon Technologies, Inc. | Context sensitive object management |
US9071613B2 (en) | 2012-04-06 | 2015-06-30 | International Business Machines Corporation | Dynamic allocation of workload deployment units across a plurality of clouds |
US9086929B2 (en) | 2012-04-06 | 2015-07-21 | International Business Machines Corporation | Dynamic allocation of a workload across a plurality of clouds |
US20130290237A1 (en) * | 2012-04-27 | 2013-10-31 | International Business Machines Corporation | Discovery and grouping of related computing resources using machine learning |
US9626526B2 (en) * | 2012-04-30 | 2017-04-18 | Ca, Inc. | Trusted public infrastructure grid cloud |
US9853959B1 (en) | 2012-05-07 | 2017-12-26 | Consumerinfo.Com, Inc. | Storage and maintenance of personal data |
US9256846B2 (en) * | 2012-05-16 | 2016-02-09 | Honeywell International Inc. | System and method for performance monitoring of a population of equipment |
US8984583B2 (en) * | 2012-05-30 | 2015-03-17 | Accenture Global Services Limited | Healthcare privacy breach prevention through integrated audit and access control |
US9053302B2 (en) * | 2012-06-08 | 2015-06-09 | Oracle International Corporation | Obligation system for enterprise environments |
US9154551B1 (en) | 2012-06-11 | 2015-10-06 | Amazon Technologies, Inc. | Processing DNS queries to identify pre-processing information |
US9304801B2 (en) * | 2012-06-12 | 2016-04-05 | TELEFONAKTIEBOLAGET L M ERRICSSON (publ) | Elastic enforcement layer for cloud security using SDN |
US20130339424A1 (en) * | 2012-06-15 | 2013-12-19 | Infosys Limited | Deriving a service level agreement for an application hosted on a cloud platform |
US9742617B2 (en) * | 2012-06-18 | 2017-08-22 | Empire Technology Development Llc | Virtual machine migration in a cloud fabric |
US9247062B2 (en) * | 2012-06-19 | 2016-01-26 | Twilio, Inc. | System and method for queuing a communication session |
WO2013192341A1 (en) | 2012-06-20 | 2013-12-27 | Infotel Broadband Services, Ltd. | Method and system for providing a service over a private network |
US8521574B1 (en) * | 2012-06-20 | 2013-08-27 | International Business Machines Corporation | Prioritizing client accounts |
US9436921B2 (en) * | 2012-06-21 | 2016-09-06 | International Business Machines Corporation | Intelligent service management and process control using policy-based automation and predefined task templates |
US9660972B1 (en) | 2012-06-25 | 2017-05-23 | Amazon Technologies, Inc. | Protection from data security threats |
US9258118B1 (en) | 2012-06-25 | 2016-02-09 | Amazon Technologies, Inc. | Decentralized verification in a distributed system |
US9043786B1 (en) | 2012-06-29 | 2015-05-26 | Emc Corporation | Blueprint-driven environment template creation in a virtual infrastructure |
US20140007097A1 (en) * | 2012-06-29 | 2014-01-02 | Brocade Communications Systems, Inc. | Dynamic resource allocation for virtual machines |
US10025638B2 (en) * | 2012-07-02 | 2018-07-17 | Vmware, Inc. | Multiple-cloud-computing-facility aggregation |
US9027155B2 (en) * | 2012-07-02 | 2015-05-05 | International Business Machines Corporation | System for governing the disclosure of restricted data |
WO2014007813A1 (en) * | 2012-07-03 | 2014-01-09 | Hewlett-Packard Development Company, L.P. | Managing a multitenant cloud service |
EP2870580A4 (en) * | 2012-07-03 | 2016-05-18 | Hewlett Packard Development Co | Managing a hybrid cloud service |
US9825823B2 (en) | 2012-07-03 | 2017-11-21 | Hewlett Packard Enterprise Development Lp | Managing a cloud service |
US8843930B2 (en) * | 2012-07-10 | 2014-09-23 | Sap Ag | Thread scheduling and control framework |
US11544284B2 (en) | 2012-07-26 | 2023-01-03 | Mongodb, Inc. | Aggregation framework system architecture and method |
US10872095B2 (en) | 2012-07-26 | 2020-12-22 | Mongodb, Inc. | Aggregation framework system architecture and method |
US11403317B2 (en) | 2012-07-26 | 2022-08-02 | Mongodb, Inc. | Aggregation framework system architecture and method |
US8856382B2 (en) | 2012-07-30 | 2014-10-07 | International Business Machines Corporation | On-boarding services to a cloud environment |
US20140040299A1 (en) * | 2012-08-03 | 2014-02-06 | Cisco Technology, Inc. | Automated Method of Detecting Pattern Matches between Converged Infrastructure Models and an Operating Converged Infrastructure |
US9509553B2 (en) * | 2012-08-13 | 2016-11-29 | Intigua, Inc. | System and methods for management virtualization |
JP5966765B2 (en) * | 2012-08-22 | 2016-08-10 | 富士通株式会社 | Information processing system, relay device, information processing program, and information processing method |
US8825550B2 (en) * | 2012-08-23 | 2014-09-02 | Amazon Technologies, Inc. | Scaling a virtual machine instance |
US9069979B2 (en) | 2012-09-07 | 2015-06-30 | Oracle International Corporation | LDAP-based multi-tenant in-cloud identity management system |
US9542400B2 (en) | 2012-09-07 | 2017-01-10 | Oracle International Corporation | Service archive support |
US9397884B2 (en) | 2012-09-07 | 2016-07-19 | Oracle International Corporation | Workflows for processing cloud services |
US9253113B2 (en) | 2012-09-07 | 2016-02-02 | Oracle International Corporation | Customizable model for throttling and prioritizing orders in a cloud environment |
US9467355B2 (en) | 2012-09-07 | 2016-10-11 | Oracle International Corporation | Service association model |
US9667470B2 (en) | 2012-09-07 | 2017-05-30 | Oracle International Corporation | Failure handling in the execution flow of provisioning operations in a cloud environment |
US10148530B2 (en) | 2012-09-07 | 2018-12-04 | Oracle International Corporation | Rule based subscription cloning |
US9838370B2 (en) * | 2012-09-07 | 2017-12-05 | Oracle International Corporation | Business attribute driven sizing algorithms |
US9621435B2 (en) | 2012-09-07 | 2017-04-11 | Oracle International Corporation | Declarative and extensible model for provisioning of cloud based services |
US10521746B2 (en) | 2012-09-07 | 2019-12-31 | Oracle International Corporation | Recovery workflow for processing subscription orders in a computing infrastructure system |
CN104620278B (en) * | 2012-09-12 | 2017-12-22 | 英派尔科技开发有限公司 | For the compound certification ensured without appearing foundation structure |
US9323577B2 (en) | 2012-09-20 | 2016-04-26 | Amazon Technologies, Inc. | Automated profiling of resource usage |
US10581763B2 (en) | 2012-09-21 | 2020-03-03 | Avago Technologies International Sales Pte. Limited | High availability application messaging layer |
US9967106B2 (en) | 2012-09-24 | 2018-05-08 | Brocade Communications Systems LLC | Role based multicast messaging infrastructure |
US11521139B2 (en) * | 2012-09-24 | 2022-12-06 | Amazon Technologies, Inc. | Providing system resources with secure containment units |
US11055124B1 (en) * | 2012-09-30 | 2021-07-06 | EMC IP Holding Company LLC | Centralized storage provisioning and management across multiple service providers |
WO2014058411A1 (en) * | 2012-10-08 | 2014-04-17 | Hewlett-Packard Development Company, L.P. | Hybrid cloud environment |
US9400495B2 (en) * | 2012-10-16 | 2016-07-26 | Rockwell Automation Technologies, Inc. | Industrial automation equipment and machine procedure simulation |
US9239727B1 (en) | 2012-10-17 | 2016-01-19 | Amazon Technologies, Inc. | Configurable virtual machines |
US20140115661A1 (en) * | 2012-10-22 | 2014-04-24 | Electronics And Telecommunications Research Institute | User authentication method and system for using web multi contents |
US8914419B2 (en) | 2012-10-30 | 2014-12-16 | International Business Machines Corporation | Extracting semantic relationships from table structures in electronic documents |
US9654541B1 (en) | 2012-11-12 | 2017-05-16 | Consumerinfo.Com, Inc. | Aggregating user web browsing data |
US9003361B2 (en) * | 2012-11-30 | 2015-04-07 | Red Hat Israel, Ltd. | Generating a restful web service software development kit client |
US9916621B1 (en) | 2012-11-30 | 2018-03-13 | Consumerinfo.Com, Inc. | Presentation of credit score factors |
WO2014088537A1 (en) * | 2012-12-03 | 2014-06-12 | Hewlett-Packard Development Company, L.P. | Binding of application and infrastructure blueprints |
US9344465B2 (en) * | 2012-12-04 | 2016-05-17 | International Business Machines Corporation | Correlating computing network events |
CN104956338A (en) | 2012-12-04 | 2015-09-30 | 惠普发展公司,有限责任合伙企业 | Displaying information technology conditions with heat maps |
US10255598B1 (en) | 2012-12-06 | 2019-04-09 | Consumerinfo.Com, Inc. | Credit card account data extraction |
US9264486B2 (en) | 2012-12-07 | 2016-02-16 | Bank Of America Corporation | Work load management platform |
US20140310706A1 (en) * | 2012-12-17 | 2014-10-16 | Unisys Corporation | Method for managing commodity computing |
US10205698B1 (en) | 2012-12-19 | 2019-02-12 | Amazon Technologies, Inc. | Source-dependent address resolution |
CN103902265B (en) * | 2012-12-26 | 2018-01-09 | 腾讯科技(深圳)有限公司 | One kind applies implementation method and relevant apparatus |
US9250955B1 (en) * | 2012-12-31 | 2016-02-02 | Emc Corporation | Managing task approval |
US9769108B1 (en) * | 2012-12-31 | 2017-09-19 | Charles Schwab & Co., Inc. | System and method for securing information provided via a social network application |
US9146829B1 (en) | 2013-01-03 | 2015-09-29 | Amazon Technologies, Inc. | Analysis and verification of distributed applications |
US9448820B1 (en) * | 2013-01-03 | 2016-09-20 | Amazon Technologies, Inc. | Constraint verification for distributed applications |
US20140188815A1 (en) * | 2013-01-03 | 2014-07-03 | Amazon Technologies, Inc | Annotation of Resources in a Distributed Execution Environment |
US9804945B1 (en) | 2013-01-03 | 2017-10-31 | Amazon Technologies, Inc. | Determinism for distributed applications |
WO2014120218A1 (en) * | 2013-01-31 | 2014-08-07 | Hewlett-Packard Development Company, L.P. | Determining transferability of a computing resource to a cloud computing environment |
US9009722B2 (en) | 2013-02-05 | 2015-04-14 | International Business Machines Corporation | Collaborative negotiation of system resources among virtual servers running in a network computing environment |
US11165624B2 (en) * | 2013-02-05 | 2021-11-02 | International Business Machines Corporation | Sentry for information technology system blueprints |
US9286047B1 (en) | 2013-02-13 | 2016-03-15 | Cisco Technology, Inc. | Deployment and upgrade of network devices in a network environment |
US9384454B2 (en) * | 2013-02-20 | 2016-07-05 | Bank Of America Corporation | Enterprise componentized workflow application |
CN104021027B (en) | 2013-02-28 | 2017-04-12 | 国际商业机器公司 | Method and equipment for providing virtual device |
US9697263B1 (en) | 2013-03-04 | 2017-07-04 | Experian Information Solutions, Inc. | Consumer data request fulfillment system |
US9608958B2 (en) | 2013-03-12 | 2017-03-28 | Oracle International Corporation | Lightweight directory access protocol (LDAP) join search mechanism |
US9043439B2 (en) | 2013-03-14 | 2015-05-26 | Cisco Technology, Inc. | Method for streaming packet captures from network access devices to a cloud server over HTTP |
US9870589B1 (en) | 2013-03-14 | 2018-01-16 | Consumerinfo.Com, Inc. | Credit utilization tracking and reporting |
US9223570B2 (en) * | 2013-03-14 | 2015-12-29 | Red Hat, Inc. | Migration assistance using compiler metadata |
US9984206B2 (en) * | 2013-03-14 | 2018-05-29 | Volcano Corporation | System and method for medical resource scheduling in a distributed medical system |
US9406085B1 (en) | 2013-03-14 | 2016-08-02 | Consumerinfo.Com, Inc. | System and methods for credit dispute processing, resolution, and reporting |
US8812387B1 (en) | 2013-03-14 | 2014-08-19 | Csidentity Corporation | System and method for identifying related credit inquiries |
US10102570B1 (en) | 2013-03-14 | 2018-10-16 | Consumerinfo.Com, Inc. | Account vulnerability alerts |
US9378065B2 (en) | 2013-03-15 | 2016-06-28 | Advanced Elemental Technologies, Inc. | Purposeful computing |
US9633322B1 (en) | 2013-03-15 | 2017-04-25 | Consumerinfo.Com, Inc. | Adjustment of knowledge-based authentication |
US9721086B2 (en) | 2013-03-15 | 2017-08-01 | Advanced Elemental Technologies, Inc. | Methods and systems for secure and reliable identity-based computing |
US9306978B2 (en) * | 2013-03-15 | 2016-04-05 | Bracket Computing, Inc. | Automatic tuning of virtual data center resource utilization policies |
US9292331B2 (en) * | 2013-03-15 | 2016-03-22 | Bracket Computing, Inc. | Expansion of services for a virtual data center guest |
US10289653B2 (en) | 2013-03-15 | 2019-05-14 | International Business Machines Corporation | Adapting tabular data for narration |
US10664936B2 (en) | 2013-03-15 | 2020-05-26 | Csidentity Corporation | Authentication systems and methods for on-demand products |
US10075384B2 (en) | 2013-03-15 | 2018-09-11 | Advanced Elemental Technologies, Inc. | Purposeful computing |
US20140278826A1 (en) * | 2013-03-15 | 2014-09-18 | Adp, Inc. | Enhanced Human Capital Management System and Method |
US9904579B2 (en) | 2013-03-15 | 2018-02-27 | Advanced Elemental Technologies, Inc. | Methods and systems for purposeful computing |
EP2984553B1 (en) | 2013-03-15 | 2020-04-22 | VMware, Inc. | Multi-layered storage administration for flexible placement of data |
GB2512051A (en) * | 2013-03-18 | 2014-09-24 | Ibm | Robust service deployment |
US10685398B1 (en) | 2013-04-23 | 2020-06-16 | Consumerinfo.Com, Inc. | Presenting credit score information |
US20140324494A1 (en) * | 2013-04-25 | 2014-10-30 | International Business Machines Corporation | Risk-limited dispatch of knowledge work |
US9721147B1 (en) | 2013-05-23 | 2017-08-01 | Consumerinfo.Com, Inc. | Digital identity |
US20140359127A1 (en) * | 2013-06-03 | 2014-12-04 | Microsoft Corporation | Zero touch deployment of private cloud infrastructure |
US9124569B2 (en) * | 2013-06-14 | 2015-09-01 | Microsoft Technology Licensing, Llc | User authentication in a cloud environment |
US9407440B2 (en) | 2013-06-20 | 2016-08-02 | Amazon Technologies, Inc. | Multiple authority data security and access |
CN104239026B (en) * | 2013-06-21 | 2019-12-27 | 伊姆西公司 | Method and apparatus for measuring performance of storage system |
US9164977B2 (en) | 2013-06-24 | 2015-10-20 | International Business Machines Corporation | Error correction in tables using discovered functional dependencies |
US9268592B2 (en) * | 2013-06-25 | 2016-02-23 | Vmware, Inc. | Methods and apparatus to generate a customized application blueprint |
US9600461B2 (en) | 2013-07-01 | 2017-03-21 | International Business Machines Corporation | Discovering relationships in tabular data |
US9521000B1 (en) | 2013-07-17 | 2016-12-13 | Amazon Technologies, Inc. | Complete forward access sessions |
US9607039B2 (en) | 2013-07-18 | 2017-03-28 | International Business Machines Corporation | Subject-matter analysis of tabular data |
KR101547498B1 (en) * | 2013-08-08 | 2015-08-26 | 삼성전자주식회사 | The method and apparatus for distributing data in a hybrid cloud environment |
US9443268B1 (en) | 2013-08-16 | 2016-09-13 | Consumerinfo.Com, Inc. | Bill payment and reporting |
US10185584B2 (en) * | 2013-08-20 | 2019-01-22 | Teleputers, Llc | System and method for self-protecting data |
US9380019B2 (en) * | 2013-08-26 | 2016-06-28 | Verisign, Inc. | Command performance monitoring |
US9729592B2 (en) * | 2013-08-27 | 2017-08-08 | Persais, Llc | System and method for distributed virtual assistant platforms |
US20150067677A1 (en) * | 2013-08-27 | 2015-03-05 | Connectloud, Inc. | Method and apparatus for defining virtual machine placement logic that is configurable and restricts virtual machine provisioning within a software defined cloud |
WO2015031486A1 (en) * | 2013-08-27 | 2015-03-05 | Persais, Llc | System and method for virtual assistants with shared capabilities and agent store |
US20150067676A1 (en) * | 2013-08-27 | 2015-03-05 | Connectloud, Inc. | Method and apparatus for performing resource management for software defined clouds |
US9923837B2 (en) * | 2013-08-29 | 2018-03-20 | Ericsson Ab | Method and system to allocate bandwidth based on task deadline in cloud computing networks |
US20150067761A1 (en) * | 2013-08-29 | 2015-03-05 | International Business Machines Corporation | Managing security and compliance of volatile systems |
US10749772B1 (en) * | 2013-09-16 | 2020-08-18 | Amazon Technologies, Inc. | Data reconciliation in a distributed data storage network |
US10148523B1 (en) * | 2013-09-16 | 2018-12-04 | Amazon Technologies, Inc. | Resetting computing resources in a service provider network |
US9836377B1 (en) * | 2013-09-18 | 2017-12-05 | Ca, Inc. | Profiling application performance data |
US9311500B2 (en) | 2013-09-25 | 2016-04-12 | Amazon Technologies, Inc. | Data security using request-supplied keys |
US9237019B2 (en) | 2013-09-25 | 2016-01-12 | Amazon Technologies, Inc. | Resource locators with keys |
US9330108B2 (en) * | 2013-09-30 | 2016-05-03 | International Business Machines Corporation | Multi-site heat map management |
US9401953B2 (en) | 2013-10-09 | 2016-07-26 | At&T Intellectual Property I, L.P. | Intelligent high-volume cloud application programming interface request caching |
US9246920B2 (en) * | 2013-10-09 | 2016-01-26 | Globalfoundries Inc. | Cloud resource cloning based on collaborative content |
US9465834B2 (en) | 2013-10-11 | 2016-10-11 | Vmware, Inc. | Methods and apparatus to manage virtual machines |
US9542216B2 (en) | 2013-10-15 | 2017-01-10 | At&T Intellectual Property I, L.P. | Richer model of cloud app markets |
KR20130126569A (en) * | 2013-10-24 | 2013-11-20 | 삼성에스디에스 주식회사 | Multi-tenant saas platform and method for automated deployment of connector application, and tenant and service provider using virtual machine |
GB2519547A (en) * | 2013-10-24 | 2015-04-29 | Eaton Ind France Sas | Method of controlling a data centre architecture equipment |
US9912570B2 (en) | 2013-10-25 | 2018-03-06 | Brocade Communications Systems LLC | Dynamic cloning of application infrastructures |
US10243945B1 (en) | 2013-10-28 | 2019-03-26 | Amazon Technologies, Inc. | Managed identity federation |
US9065854B2 (en) * | 2013-10-28 | 2015-06-23 | Citrix Systems, Inc. | Systems and methods for managing a guest virtual machine executing within a virtualized environment |
US9619346B2 (en) | 2013-10-31 | 2017-04-11 | Assured Information Security, Inc. | Virtual machine introspection facilities |
US10325314B1 (en) | 2013-11-15 | 2019-06-18 | Consumerinfo.Com, Inc. | Payment reporting systems |
US10102536B1 (en) | 2013-11-15 | 2018-10-16 | Experian Information Solutions, Inc. | Micro-geographic aggregation system |
US9729615B2 (en) * | 2013-11-18 | 2017-08-08 | Nuwafin Holdings Ltd | System and method for collaborative designing, development, deployment, execution, monitoring and maintenance of enterprise applications |
US9830314B2 (en) | 2013-11-18 | 2017-11-28 | International Business Machines Corporation | Error correction in tables using a question and answer system |
US9477737B1 (en) | 2013-11-20 | 2016-10-25 | Consumerinfo.Com, Inc. | Systems and user interfaces for dynamic access of multiple remote databases and synchronization of data based on user rules |
US9529851B1 (en) | 2013-12-02 | 2016-12-27 | Experian Information Solutions, Inc. | Server architecture for electronic data quality processing |
US9329958B2 (en) * | 2013-12-03 | 2016-05-03 | Vmware, Inc. | Efficient incremental checkpointing of virtual devices |
US9420007B1 (en) | 2013-12-04 | 2016-08-16 | Amazon Technologies, Inc. | Access control using impersonization |
GB2520972A (en) | 2013-12-05 | 2015-06-10 | Ibm | Workload management |
US10333789B1 (en) | 2013-12-18 | 2019-06-25 | Amazon Technologies, Inc. | Client-directed placement of remotely-configured service instances |
US9594782B2 (en) * | 2013-12-23 | 2017-03-14 | Ic Manage, Inc. | Hierarchical file block variant store apparatus and method of operation |
KR101619922B1 (en) * | 2013-12-24 | 2016-05-12 | 전자부품연구원 | Apparatus and Method for Providing Collaborative Service based on Virtual Resources |
US9386007B2 (en) | 2013-12-27 | 2016-07-05 | Sap Se | Multi-domain applications with authorization and authentication in cloud environment |
US9374368B1 (en) | 2014-01-07 | 2016-06-21 | Amazon Technologies, Inc. | Distributed passcode verification system |
US9369461B1 (en) | 2014-01-07 | 2016-06-14 | Amazon Technologies, Inc. | Passcode verification using hardware secrets |
US9292711B1 (en) | 2014-01-07 | 2016-03-22 | Amazon Technologies, Inc. | Hardware secret usage limits |
US9882787B2 (en) | 2014-01-09 | 2018-01-30 | Lenovo Enterprise Solutions (Singapore) Pte. Ltd. | Service management in appliance-based solutions |
US9817683B2 (en) * | 2014-01-10 | 2017-11-14 | Dell Products, Lp | Optimized remediation policy in a virtualized environment |
US9270662B1 (en) | 2014-01-13 | 2016-02-23 | Amazon Technologies, Inc. | Adaptive client-aware session security |
US10298468B2 (en) * | 2014-01-18 | 2019-05-21 | Intel Corporation | Provisioning persistent, dynamic and secure cloud services |
WO2015108538A1 (en) * | 2014-01-20 | 2015-07-23 | Hewlett-Packard Development Company, L.P. | Controlling replication of identity informaton |
WO2015108536A1 (en) | 2014-01-20 | 2015-07-23 | Hewlett-Packard Development Company, L.P. | Mapping tenant groups to identity management classes |
WO2015108539A1 (en) | 2014-01-20 | 2015-07-23 | Hewlett-Packard Development Company, L.P. | Determining a permission of a first tenant with respect to a second tenant |
US10708253B2 (en) * | 2014-01-20 | 2020-07-07 | Hewlett-Packard Development Company, L.P. | Identity information including a schemaless portion |
US10225342B2 (en) | 2014-02-07 | 2019-03-05 | VCE IP Holding Company LLC | System and method for generating converged views of a virtual computing environment |
US20160380992A1 (en) * | 2014-02-11 | 2016-12-29 | Google Inc. | Authentication specific data |
US10262362B1 (en) | 2014-02-14 | 2019-04-16 | Experian Information Solutions, Inc. | Automatic generation of code for attributes |
US9432405B2 (en) | 2014-03-03 | 2016-08-30 | Microsoft Technology Licensing, Llc | Communicating status regarding application of compliance policy updates |
US20150256475A1 (en) * | 2014-03-05 | 2015-09-10 | Wipro Limited | Systems and methods for designing an optimized infrastructure for executing computing processes |
EP2916511B1 (en) * | 2014-03-07 | 2020-02-12 | Airbus Opérations SAS | High assurance security gateway interconnecting different domains |
US9632835B2 (en) * | 2014-03-17 | 2017-04-25 | Ca, Inc. | Deployment of virtual machines to physical host machines based on infrastructure utilization decisions |
US9817651B2 (en) * | 2014-03-17 | 2017-11-14 | Successfactors, Inc. | Recommending updates to an instance in a SaaS model |
US9313208B1 (en) * | 2014-03-19 | 2016-04-12 | Amazon Technologies, Inc. | Managing restricted access resources |
US20150269515A1 (en) * | 2014-03-21 | 2015-09-24 | Sony Computer Entertainment America Llc | Virtual objects with entitlements |
USD759689S1 (en) | 2014-03-25 | 2016-06-21 | Consumerinfo.Com, Inc. | Display screen or portion thereof with graphical user interface |
US10771255B1 (en) | 2014-03-25 | 2020-09-08 | Amazon Technologies, Inc. | Authenticated storage operations |
USD759690S1 (en) | 2014-03-25 | 2016-06-21 | Consumerinfo.Com, Inc. | Display screen or portion thereof with graphical user interface |
USD760256S1 (en) | 2014-03-25 | 2016-06-28 | Consumerinfo.Com, Inc. | Display screen or portion thereof with graphical user interface |
US9305036B2 (en) * | 2014-03-27 | 2016-04-05 | International Business Machines Corporation | Data set management using transient data structures |
US9934013B2 (en) * | 2014-03-31 | 2018-04-03 | International Business Machines Corporation | Extensions for deployment patterns |
US9201933B2 (en) | 2014-04-01 | 2015-12-01 | BizDox, LLC | Systems and methods for documenting, analyzing, and supporting information technology infrastructure |
US10223652B2 (en) * | 2014-04-08 | 2019-03-05 | Capital One Services, Llc | Systems and methods for an attribute generator tool workflow |
US9755858B2 (en) | 2014-04-15 | 2017-09-05 | Cisco Technology, Inc. | Programmable infrastructure gateway for enabling hybrid cloud services in a network environment |
US9892457B1 (en) | 2014-04-16 | 2018-02-13 | Consumerinfo.Com, Inc. | Providing credit data in search results |
US9226217B2 (en) | 2014-04-17 | 2015-12-29 | Twilio, Inc. | System and method for enabling multi-modal communication |
US9501211B2 (en) * | 2014-04-17 | 2016-11-22 | GoDaddy Operating Company, LLC | User input processing for allocation of hosting server resources |
US10459892B2 (en) | 2014-04-23 | 2019-10-29 | Qumulo, Inc. | Filesystem hierarchical aggregate metrics |
US9774600B1 (en) * | 2014-04-25 | 2017-09-26 | VCE IP Holding Company LLC | Methods, systems, and computer readable mediums for managing infrastructure elements in a network system |
US10373240B1 (en) | 2014-04-25 | 2019-08-06 | Csidentity Corporation | Systems, methods and computer-program products for eligibility verification |
US9286290B2 (en) | 2014-04-25 | 2016-03-15 | International Business Machines Corporation | Producing insight information from tables using natural language processing |
US9531719B1 (en) | 2014-04-29 | 2016-12-27 | Amazon Technologies, Inc. | Permissions for hybrid distributed network resources |
WO2015167541A2 (en) | 2014-04-30 | 2015-11-05 | Hewlett-Packard Development Company, L.P. | Service onboarding |
US9423957B2 (en) * | 2014-05-02 | 2016-08-23 | Ca, Inc. | Adaptive system provisioning |
US9584436B1 (en) * | 2014-05-07 | 2017-02-28 | Skyport Systems, Inc. | Method and system for managing class of service in a network |
US9473365B2 (en) | 2014-05-08 | 2016-10-18 | Cisco Technology, Inc. | Collaborative inter-service scheduling of logical resources in cloud platforms |
US10367694B2 (en) | 2014-05-12 | 2019-07-30 | International Business Machines Corporation | Infrastructure costs and benefits tracking |
US20150331043A1 (en) * | 2014-05-15 | 2015-11-19 | Manoj R. Sastry | System-on-chip secure debug |
US10171370B1 (en) * | 2014-05-30 | 2019-01-01 | Amazon Technologies, Inc. | Distribution operating system |
US10129168B2 (en) | 2014-06-17 | 2018-11-13 | Analitiqa Corporation | Methods and systems providing a scalable process for anomaly identification and information technology infrastructure resource optimization |
US9548907B2 (en) | 2014-06-25 | 2017-01-17 | International Business Machines Corporation | Managing change in an information technology environment |
US9645805B2 (en) | 2014-06-26 | 2017-05-09 | Vmware, Inc. | Application blueprints based on service templates to deploy applications in different cloud environments |
US9430284B2 (en) * | 2014-06-26 | 2016-08-30 | Vmware, Inc. | Processing virtual machine objects through multistep workflows |
US9258117B1 (en) | 2014-06-26 | 2016-02-09 | Amazon Technologies, Inc. | Mutual authentication with symmetric secrets and signatures |
US10326597B1 (en) | 2014-06-27 | 2019-06-18 | Amazon Technologies, Inc. | Dynamic response signing capability in a distributed system |
US10122605B2 (en) | 2014-07-09 | 2018-11-06 | Cisco Technology, Inc | Annotation of network activity through different phases of execution |
US9405578B2 (en) * | 2014-07-11 | 2016-08-02 | Accenture Global Services Limited | Intelligent application back stack management |
US9354937B2 (en) * | 2014-07-18 | 2016-05-31 | Thomson Reuters Global Resources | System and method for electronic work prediction and dynamically adjusting server resources |
US9900391B2 (en) * | 2014-08-05 | 2018-02-20 | Microsoft Technology Licensing, Llc | Automated orchestration of infrastructure service blocks in hosted services |
US10129112B2 (en) * | 2014-08-14 | 2018-11-13 | At&T Intellectual Property I, L.P. | Workflow-based resource management |
US10013491B2 (en) * | 2014-08-29 | 2018-07-03 | Aditya Vasudevan | Methods and systems of workload mobility across divergent platforms |
US9705923B2 (en) * | 2014-09-02 | 2017-07-11 | Symantec Corporation | Method and apparatus for automating security provisioning of workloads |
US9600664B1 (en) * | 2014-09-03 | 2017-03-21 | Amazon Technologies, Inc. | Monitoring execution environments for approved configurations |
US8984612B1 (en) * | 2014-09-04 | 2015-03-17 | Google Inc. | Method of identifying an electronic device by browser versions and cookie scheduling |
US20170243146A1 (en) * | 2014-09-05 | 2017-08-24 | Hewlett Packard Enterprise Development Lp | Enterprise service blueprint generator |
CA2958217A1 (en) * | 2014-09-13 | 2016-03-17 | Advanced Elemental Technologies, Inc. | Methods and systems for secure and reliable identity-based computing |
US20160080572A1 (en) * | 2014-09-15 | 2016-03-17 | Verizon Patent And Licensing, Inc. | Call drop intelligent engine |
US9769254B2 (en) * | 2014-09-15 | 2017-09-19 | Ca, Inc. | Productive spend metric based resource management for a portfolio of distributed computing systems |
US9444848B2 (en) * | 2014-09-19 | 2016-09-13 | Microsoft Technology Licensing, Llc | Conditional access to services based on device claims |
CN107077382B (en) * | 2014-09-26 | 2021-07-16 | 甲骨文国际公司 | System and method for transaction recovery in a multi-tenant application server environment |
US9825878B2 (en) | 2014-09-26 | 2017-11-21 | Cisco Technology, Inc. | Distributed application framework for prioritizing network traffic using application priority awareness |
US10049141B2 (en) | 2014-10-10 | 2018-08-14 | salesforce.com,inc. | Declarative specification of visualization queries, display formats and bindings |
US10101889B2 (en) | 2014-10-10 | 2018-10-16 | Salesforce.Com, Inc. | Dashboard builder with live data updating without exiting an edit mode |
US9449188B2 (en) | 2014-10-10 | 2016-09-20 | Salesforce.Com, Inc. | Integration user for analytical access to read only data stores generated from transactional systems |
US9600548B2 (en) | 2014-10-10 | 2017-03-21 | Salesforce.Com | Row level security integration of analytical data store with cloud architecture |
US9396018B2 (en) * | 2014-10-10 | 2016-07-19 | Salesforce.Com, Inc. | Low latency architecture with directory service for integration of transactional data system with analytical data structures |
US9594649B2 (en) | 2014-10-13 | 2017-03-14 | At&T Intellectual Property I, L.P. | Network virtualization policy management system |
US10320605B2 (en) * | 2014-10-15 | 2019-06-11 | Nimbus 9, Inc. | Rapid gateway swap |
US10567476B2 (en) | 2014-10-30 | 2020-02-18 | Amazon Technologies, Inc. | Rule-based action triggering in a provider network |
US10339527B1 (en) | 2014-10-31 | 2019-07-02 | Experian Information Solutions, Inc. | System and architecture for electronic fraud detection |
US20160125303A1 (en) * | 2014-10-31 | 2016-05-05 | Xiaomi Inc. | Method and apparatus for calculating smart indicator |
US9825813B2 (en) * | 2014-10-31 | 2017-11-21 | At&T Intellectual Property I, L.P. | Creating and using service control functions |
US9881159B1 (en) | 2014-11-14 | 2018-01-30 | Quest Software Inc. | Workload execution systems and methods |
CN105681371A (en) * | 2014-11-18 | 2016-06-15 | 中兴通讯股份有限公司 | Synchronization method and device for network device virtual machines |
US10459414B2 (en) * | 2014-11-28 | 2019-10-29 | Mitsubishi Electric Corporation | Communication device, communication adaptor, communication system, communication parameter response method, and program |
CN105700819B (en) * | 2014-11-28 | 2019-04-12 | 国际商业机器公司 | Method and system for network data storage |
US9495193B2 (en) * | 2014-12-05 | 2016-11-15 | International Business Machines Corporation | Monitoring hypervisor and provisioned instances of hosted virtual machines using monitoring templates |
US10228958B1 (en) * | 2014-12-05 | 2019-03-12 | Quest Software Inc. | Systems and methods for archiving time-series data during high-demand intervals |
US10460313B1 (en) * | 2014-12-15 | 2019-10-29 | United Services Automobile Association (Usaa) | Systems and methods of integrated identity verification |
US9942351B2 (en) * | 2014-12-16 | 2018-04-10 | International Business Machines Corporation | Enabling and disabling execution environments |
US10122757B1 (en) * | 2014-12-17 | 2018-11-06 | Amazon Technologies, Inc. | Self-learning access control policies |
US10986131B1 (en) * | 2014-12-17 | 2021-04-20 | Amazon Technologies, Inc. | Access control policy warnings and suggestions |
US10097448B1 (en) | 2014-12-18 | 2018-10-09 | Amazon Technologies, Inc. | Routing mode and point-of-presence selection service |
US10242019B1 (en) | 2014-12-19 | 2019-03-26 | Experian Information Solutions, Inc. | User behavior segmentation using latent topic detection |
US9577884B2 (en) * | 2015-01-01 | 2017-02-21 | Bank Of America Corporation | Enterprise quality assurance and lab management tool |
WO2016112219A1 (en) | 2015-01-07 | 2016-07-14 | CounterTack, Inc. | System and method for monitoring a computer system using machine interpretable code |
US10057186B2 (en) | 2015-01-09 | 2018-08-21 | International Business Machines Corporation | Service broker for computational offloading and improved resource utilization |
US11132336B2 (en) | 2015-01-12 | 2021-09-28 | Qumulo, Inc. | Filesystem hierarchical capacity quantity and aggregate metrics |
US9836480B2 (en) | 2015-01-12 | 2017-12-05 | Qumulo, Inc. | Filesystem capacity and performance metrics and visualizations |
US11182713B2 (en) | 2015-01-24 | 2021-11-23 | Vmware, Inc. | Methods and systems to optimize operating system license costs in a virtual data center |
US10043030B1 (en) | 2015-02-05 | 2018-08-07 | Amazon Technologies, Inc. | Large-scale authorization data collection and aggregation |
US10050862B2 (en) | 2015-02-09 | 2018-08-14 | Cisco Technology, Inc. | Distributed application framework that uses network and application awareness for placing data |
US10708342B2 (en) | 2015-02-27 | 2020-07-07 | Cisco Technology, Inc. | Dynamic troubleshooting workspaces for cloud and network management systems |
US10037617B2 (en) | 2015-02-27 | 2018-07-31 | Cisco Technology, Inc. | Enhanced user interface systems including dynamic context selection for cloud-based networks |
US20160253606A1 (en) * | 2015-02-27 | 2016-09-01 | Rulesware, LLC | Business Process Crowd Sourcing with Dynamic Group Discovery and Social Push Communications |
JP2016167138A (en) * | 2015-03-09 | 2016-09-15 | 富士通株式会社 | Information processing apparatus, workflow creation method, and workflow creation program |
US11337323B2 (en) | 2015-03-09 | 2022-05-17 | ZPE Systems, Inc. | Modular infrastructure management device |
US10418762B2 (en) | 2015-03-09 | 2019-09-17 | ZPE Systems, Inc. | High serial port count infrastructure management device |
US20160269349A1 (en) * | 2015-03-12 | 2016-09-15 | General Electric Company | System and method for orchestrating and correlating multiple software-controlled collaborative sessions through a unified conversational interface |
US10243879B2 (en) * | 2015-03-13 | 2019-03-26 | Microsoft Technology Licensing, Llc | Intelligent placement within a data center |
US9424097B1 (en) * | 2015-03-17 | 2016-08-23 | International Business Machines Corporation | Dynamically managing workload placements in virtualized environments based on current user globalization customization requests |
IN2015CH01317A (en) * | 2015-03-18 | 2015-04-10 | Wipro Ltd | |
US10452450B2 (en) * | 2015-03-20 | 2019-10-22 | International Business Machines Corporation | Optimizing allocation of multi-tasking servers |
US10225326B1 (en) | 2015-03-23 | 2019-03-05 | Amazon Technologies, Inc. | Point of presence based data uploading |
US9819567B1 (en) | 2015-03-30 | 2017-11-14 | Amazon Technologies, Inc. | Traffic surge management for points of presence |
US20160294922A1 (en) * | 2015-03-31 | 2016-10-06 | Hewlett-Packard Development Company, L.P. | Cloud models |
US10382534B1 (en) | 2015-04-04 | 2019-08-13 | Cisco Technology, Inc. | Selective load balancing of network traffic |
WO2016182557A1 (en) * | 2015-05-11 | 2016-11-17 | Ryan Watson | Surf software |
US9832141B1 (en) | 2015-05-13 | 2017-11-28 | Amazon Technologies, Inc. | Routing based request correlation |
WO2016187150A1 (en) * | 2015-05-15 | 2016-11-24 | Gorst John | Automated virtual desktop provisioning |
US10476982B2 (en) | 2015-05-15 | 2019-11-12 | Cisco Technology, Inc. | Multi-datacenter message queue |
US10374904B2 (en) | 2015-05-15 | 2019-08-06 | Cisco Technology, Inc. | Diagnostic network visualization |
US9800497B2 (en) | 2015-05-27 | 2017-10-24 | Cisco Technology, Inc. | Operations, administration and management (OAM) in overlay data center environments |
US9935823B1 (en) | 2015-05-28 | 2018-04-03 | Servicenow, Inc. | Change to availability mapping |
US10142353B2 (en) | 2015-06-05 | 2018-11-27 | Cisco Technology, Inc. | System for monitoring and managing datacenters |
US10033766B2 (en) | 2015-06-05 | 2018-07-24 | Cisco Technology, Inc. | Policy-driven compliance |
US9967158B2 (en) | 2015-06-05 | 2018-05-08 | Cisco Technology, Inc. | Interactive hierarchical network chord diagram for application dependency mapping |
US10536357B2 (en) * | 2015-06-05 | 2020-01-14 | Cisco Technology, Inc. | Late data detection in data center |
US10089099B2 (en) | 2015-06-05 | 2018-10-02 | Cisco Technology, Inc. | Automatic software upgrade |
US9996374B2 (en) | 2015-06-16 | 2018-06-12 | Assured Information Security, Inc. | Deployment and installation of updates in a virtual environment |
US10122689B2 (en) | 2015-06-16 | 2018-11-06 | Amazon Technologies, Inc. | Load balancing with handshake offload |
US10122692B2 (en) | 2015-06-16 | 2018-11-06 | Amazon Technologies, Inc. | Handshake offload |
US10171310B2 (en) | 2015-06-17 | 2019-01-01 | International Business Machines Corporation | Ensuring regulatory compliance during application migration to cloud-based containers |
US10496669B2 (en) | 2015-07-02 | 2019-12-03 | Mongodb, Inc. | System and method for augmenting consensus election in a distributed database |
US11151468B1 (en) | 2015-07-02 | 2021-10-19 | Experian Information Solutions, Inc. | Behavior analysis using distributed representations of event data |
US9519505B1 (en) | 2015-07-06 | 2016-12-13 | Bank Of America Corporation | Enhanced configuration and property management system |
US10034201B2 (en) | 2015-07-09 | 2018-07-24 | Cisco Technology, Inc. | Stateless load-balancing across multiple tunnels |
CN106326002B (en) * | 2015-07-10 | 2020-10-20 | 阿里巴巴集团控股有限公司 | Resource scheduling method, device and equipment |
US10148752B2 (en) | 2015-07-13 | 2018-12-04 | CYBRIC Inc. | Enterprise level security orchestration |
US10277622B2 (en) | 2015-07-13 | 2019-04-30 | CYBRIC Inc. | Enterprise level cybersecurity automatic remediation |
EP3269087B1 (en) * | 2015-07-22 | 2021-08-25 | Hewlett Packard Enterprise Development LP | Adding metadata associated with a composite network policy |
US10769212B2 (en) * | 2015-07-31 | 2020-09-08 | Netapp Inc. | Extensible and elastic data management services engine external to a storage domain |
US10432548B2 (en) | 2015-07-31 | 2019-10-01 | Hewlett Packard Enterprise Development Lp | Workload deployment in computing networks |
US9807198B2 (en) | 2015-08-20 | 2017-10-31 | Google Inc. | Methods and systems of identifying a device using strong component conflict detection |
US10447757B2 (en) * | 2015-08-20 | 2019-10-15 | International Business Machines Corporation | Self-service server change management |
US10114722B2 (en) | 2015-08-24 | 2018-10-30 | International Business Machines Corporation | Test of the execution of workloads in a computing system |
US10095740B2 (en) | 2015-08-25 | 2018-10-09 | International Business Machines Corporation | Selective fact generation from table data in a cognitive system |
US10115213B2 (en) | 2015-09-15 | 2018-10-30 | Salesforce, Inc. | Recursive cell-based hierarchy for data visualizations |
US10089368B2 (en) | 2015-09-18 | 2018-10-02 | Salesforce, Inc. | Systems and methods for making visual data representations actionable |
US10423626B2 (en) | 2015-09-25 | 2019-09-24 | Mongodb, Inc. | Systems and methods for data conversion and comparison |
US10846411B2 (en) | 2015-09-25 | 2020-11-24 | Mongodb, Inc. | Distributed database systems and methods with encrypted storage engines |
US10673623B2 (en) | 2015-09-25 | 2020-06-02 | Mongodb, Inc. | Systems and methods for hierarchical key management in encrypted distributed databases |
US10922418B2 (en) | 2015-10-01 | 2021-02-16 | Twistlock, Ltd. | Runtime detection and mitigation of vulnerabilities in application software containers |
US10943014B2 (en) | 2015-10-01 | 2021-03-09 | Twistlock, Ltd | Profiling of spawned processes in container images and enforcing security policies respective thereof |
US10664590B2 (en) * | 2015-10-01 | 2020-05-26 | Twistlock, Ltd. | Filesystem action profiling of containers and security enforcement |
US10599833B2 (en) | 2015-10-01 | 2020-03-24 | Twistlock, Ltd. | Networking-based profiling of containers and security enforcement |
US10693899B2 (en) * | 2015-10-01 | 2020-06-23 | Twistlock, Ltd. | Traffic enforcement in containerized environments |
US10706145B2 (en) | 2015-10-01 | 2020-07-07 | Twistlock, Ltd. | Runtime detection of vulnerabilities in software containers |
US10586042B2 (en) | 2015-10-01 | 2020-03-10 | Twistlock, Ltd. | Profiling of container images and enforcing security policies respective thereof |
US10223534B2 (en) | 2015-10-15 | 2019-03-05 | Twistlock, Ltd. | Static detection of vulnerabilities in base images of software containers |
US11005682B2 (en) | 2015-10-06 | 2021-05-11 | Cisco Technology, Inc. | Policy-driven switch overlay bypass in a hybrid cloud network environment |
US10067780B2 (en) | 2015-10-06 | 2018-09-04 | Cisco Technology, Inc. | Performance-based public cloud selection for a hybrid cloud environment |
US10462136B2 (en) | 2015-10-13 | 2019-10-29 | Cisco Technology, Inc. | Hybrid cloud security groups |
US9588745B1 (en) | 2015-10-13 | 2017-03-07 | Bank Of America Corporation | Customizable service delivery system with scalable workflow |
US10778446B2 (en) | 2015-10-15 | 2020-09-15 | Twistlock, Ltd. | Detection of vulnerable root certificates in software containers |
US10361919B2 (en) | 2015-11-09 | 2019-07-23 | At&T Intellectual Property I, L.P. | Self-healing and dynamic optimization of VM server cluster management in multi-cloud platform |
US10270878B1 (en) | 2015-11-10 | 2019-04-23 | Amazon Technologies, Inc. | Routing for origin-facing points of presence |
US10523657B2 (en) | 2015-11-16 | 2019-12-31 | Cisco Technology, Inc. | Endpoint privacy preservation with cloud conferencing |
US10757154B1 (en) | 2015-11-24 | 2020-08-25 | Experian Information Solutions, Inc. | Real-time event-based notification system |
US10205677B2 (en) | 2015-11-24 | 2019-02-12 | Cisco Technology, Inc. | Cloud resource placement optimization and migration execution in federated clouds |
US10084703B2 (en) | 2015-12-04 | 2018-09-25 | Cisco Technology, Inc. | Infrastructure-exclusive service forwarding |
US10095757B2 (en) | 2015-12-07 | 2018-10-09 | Sap Se | Multi-representation storage of time series data |
US10685306B2 (en) * | 2015-12-07 | 2020-06-16 | Sap Se | Advisor generating multi-representations of time series data |
US10813572B2 (en) * | 2015-12-11 | 2020-10-27 | Electronic Caregiver, Inc. | Intelligent system for multi-function electronic caregiving to facilitate advanced health diagnosis, health monitoring, fall and injury prediction, health maintenance and support, and emergency response |
US10395219B1 (en) * | 2015-12-18 | 2019-08-27 | Amazon Technologies, Inc. | Location policies for reserved virtual machine instances |
US9514180B1 (en) | 2015-12-18 | 2016-12-06 | International Business Machines Corporation | Workload discovery using real-time analysis of input streams |
US10387181B2 (en) * | 2016-01-12 | 2019-08-20 | International Business Machines Corporation | Pre-deployment of particular virtual machines based on performance and due to service popularity and resource cost scores in a cloud environment |
US10367914B2 (en) | 2016-01-12 | 2019-07-30 | Cisco Technology, Inc. | Attaching service level agreements to application containers and enabling service assurance |
CN105656927B (en) * | 2016-02-23 | 2019-03-08 | 浙江宇视科技有限公司 | A kind of safety access method and system |
US10044636B2 (en) * | 2016-03-11 | 2018-08-07 | Sap Se | Flow extension controller |
US9990222B2 (en) | 2016-03-18 | 2018-06-05 | Airwatch Llc | Enforcing compliance rules against hypervisor and virtual machine using host management component |
US10200461B2 (en) * | 2016-04-07 | 2019-02-05 | Virtustream Ip Holding Company Llc | Virtualized capacity management |
US20180284741A1 (en) | 2016-05-09 | 2018-10-04 | StrongForce IoT Portfolio 2016, LLC | Methods and systems for industrial internet of things data collection for a chemical production process |
US11774944B2 (en) | 2016-05-09 | 2023-10-03 | Strong Force Iot Portfolio 2016, Llc | Methods and systems for the industrial internet of things |
US11327475B2 (en) | 2016-05-09 | 2022-05-10 | Strong Force Iot Portfolio 2016, Llc | Methods and systems for intelligent collection and analysis of vehicle data |
US10129177B2 (en) | 2016-05-23 | 2018-11-13 | Cisco Technology, Inc. | Inter-cloud broker for hybrid cloud networks |
US10102033B2 (en) * | 2016-05-26 | 2018-10-16 | International Business Machines Corporation | Method and system for performance ticket reduction |
US10001981B2 (en) * | 2016-05-26 | 2018-06-19 | At&T Intellectual Property I, L.P. | Autonomous server installation |
US10931629B2 (en) | 2016-05-27 | 2021-02-23 | Cisco Technology, Inc. | Techniques for managing software defined networking controller in-band communications in a data center network |
US10171357B2 (en) | 2016-05-27 | 2019-01-01 | Cisco Technology, Inc. | Techniques for managing software defined networking controller in-band communications in a data center network |
US10671496B2 (en) | 2016-05-31 | 2020-06-02 | Mongodb, Inc. | Method and apparatus for reading and writing committed data |
US10075551B1 (en) | 2016-06-06 | 2018-09-11 | Amazon Technologies, Inc. | Request management for hierarchical cache |
US10289438B2 (en) | 2016-06-16 | 2019-05-14 | Cisco Technology, Inc. | Techniques for coordination of application components deployed on distributed virtual machines |
US10776220B2 (en) | 2016-06-27 | 2020-09-15 | Mongodb, Inc. | Systems and methods for monitoring distributed database deployments |
US10110694B1 (en) | 2016-06-29 | 2018-10-23 | Amazon Technologies, Inc. | Adaptive transfer rate for retrieving content from a server |
US10346289B2 (en) * | 2016-06-30 | 2019-07-09 | International Business Machines Corporation | Run time workload threshold alerts for customer profiling visualization |
US10380010B2 (en) * | 2016-06-30 | 2019-08-13 | International Business Machines Corporation | Run time and historical workload report scores for customer profiling visualization |
US10255165B2 (en) * | 2016-06-30 | 2019-04-09 | International Business Machines Corporation | Run time automatic workload tuning using customer profiling workload comparison |
US10229041B2 (en) | 2016-06-30 | 2019-03-12 | International Business Machines Corporation | Run time TPNS workload controls for test workload tuning in relation to customer profiling workload |
US11157641B2 (en) * | 2016-07-01 | 2021-10-26 | Microsoft Technology Licensing, Llc | Short-circuit data access |
US10873540B2 (en) * | 2016-07-06 | 2020-12-22 | Cisco Technology, Inc. | Crowd-sourced cloud computing resource validation |
US10659283B2 (en) | 2016-07-08 | 2020-05-19 | Cisco Technology, Inc. | Reducing ARP/ND flooding in cloud environment |
US10432532B2 (en) | 2016-07-12 | 2019-10-01 | Cisco Technology, Inc. | Dynamically pinning micro-service to uplink port |
US10489725B2 (en) * | 2016-07-18 | 2019-11-26 | Aetna Inc. | Systems and methods for controlling business processes through information technology operational controls |
US10382597B2 (en) | 2016-07-20 | 2019-08-13 | Cisco Technology, Inc. | System and method for transport-layer level identification and isolation of container traffic |
US10263898B2 (en) | 2016-07-20 | 2019-04-16 | Cisco Technology, Inc. | System and method for implementing universal cloud classification (UCC) as a service (UCCaaS) |
US10708183B2 (en) | 2016-07-21 | 2020-07-07 | Cisco Technology, Inc. | System and method of providing segment routing as a service |
US20180034703A1 (en) * | 2016-07-26 | 2018-02-01 | Cisco Technology, Inc. | System and method for providing transmission of compliance requirements for cloud-based applications |
US10142346B2 (en) | 2016-07-28 | 2018-11-27 | Cisco Technology, Inc. | Extension of a private cloud end-point group to a public cloud |
US10516672B2 (en) * | 2016-08-05 | 2019-12-24 | Oracle International Corporation | Service discovery for a multi-tenant identity and data security management cloud service |
US10735394B2 (en) | 2016-08-05 | 2020-08-04 | Oracle International Corporation | Caching framework for a multi-tenant identity and data security management cloud service |
US10116440B1 (en) | 2016-08-09 | 2018-10-30 | Amazon Technologies, Inc. | Cryptographic key management for imported cryptographic keys |
US10402187B2 (en) * | 2016-08-10 | 2019-09-03 | Trilio Data Inc. | Efficient workload deployment using containers and unikernels |
CN106131213B (en) * | 2016-08-17 | 2020-04-24 | 深圳市金证科技股份有限公司 | Service management method and system |
US10567344B2 (en) | 2016-08-23 | 2020-02-18 | Cisco Technology, Inc. | Automatic firewall configuration based on aggregated cloud managed information |
US10210024B2 (en) | 2016-08-23 | 2019-02-19 | Samsung Electronics Co., Ltd. | Intelligent controller for containerized applications |
US9992086B1 (en) | 2016-08-23 | 2018-06-05 | Amazon Technologies, Inc. | External health checking of virtual private cloud network environments |
US9578066B1 (en) * | 2016-09-14 | 2017-02-21 | Hytrust, Inc. | Systems and method for assuring security governance in managed computer systems |
US10491689B2 (en) * | 2016-09-16 | 2019-11-26 | Oracle International Corporation | Centralized monitoring of cloud operations |
US11675774B2 (en) * | 2016-09-23 | 2023-06-13 | Amazon Technologies, Inc. | Remote policy validation for managing distributed system resources |
US10489424B2 (en) | 2016-09-26 | 2019-11-26 | Amazon Technologies, Inc. | Different hierarchies of resource data objects for managing system resources |
US10616250B2 (en) | 2016-10-05 | 2020-04-07 | Amazon Technologies, Inc. | Network addresses with encoded DNS-level information |
US10523592B2 (en) | 2016-10-10 | 2019-12-31 | Cisco Technology, Inc. | Orchestration system for migrating user data and services based on user information |
US10311047B2 (en) | 2016-10-19 | 2019-06-04 | Salesforce.Com, Inc. | Streamlined creation and updating of OLAP analytic databases |
US10565177B2 (en) | 2016-11-14 | 2020-02-18 | At&T Intellectual Property I, L.P. | Software defined entities for digital service transactions |
US10972388B2 (en) | 2016-11-22 | 2021-04-06 | Cisco Technology, Inc. | Federated microburst detection |
US11044162B2 (en) | 2016-12-06 | 2021-06-22 | Cisco Technology, Inc. | Orchestration of cloud and fog interactions |
US10095729B2 (en) | 2016-12-09 | 2018-10-09 | Qumulo, Inc. | Managing storage quotas in a shared storage system |
US10326817B2 (en) | 2016-12-20 | 2019-06-18 | Cisco Technology, Inc. | System and method for quality-aware recording in large scale collaborate clouds |
US10831549B1 (en) * | 2016-12-27 | 2020-11-10 | Amazon Technologies, Inc. | Multi-region request-driven code execution system |
CN108255570B (en) * | 2016-12-28 | 2021-06-15 | 华为技术有限公司 | Virtual machine migration method, device and system between heterogeneous virtual machine monitor platforms |
US10334029B2 (en) | 2017-01-10 | 2019-06-25 | Cisco Technology, Inc. | Forming neighborhood groups from disperse cloud providers |
US10552191B2 (en) | 2017-01-26 | 2020-02-04 | Cisco Technology, Inc. | Distributed hybrid cloud orchestration model |
US10320683B2 (en) | 2017-01-30 | 2019-06-11 | Cisco Technology, Inc. | Reliable load-balancer using segment routing and real-time application monitoring |
US10938884B1 (en) | 2017-01-30 | 2021-03-02 | Amazon Technologies, Inc. | Origin server cloaking using virtual private cloud network environments |
US10671571B2 (en) | 2017-01-31 | 2020-06-02 | Cisco Technology, Inc. | Fast network performance in containerized environments for network function virtualization |
CN110383319B (en) | 2017-01-31 | 2023-05-26 | 益百利信息解决方案公司 | Large scale heterogeneous data ingestion and user resolution |
US10374970B2 (en) | 2017-02-01 | 2019-08-06 | Microsoft Technology Licensing, Llc | Deploying a cloud service with capacity reservation followed by activation |
US11310137B2 (en) | 2017-02-05 | 2022-04-19 | Veritas Technologies Llc | System and method to propagate information across a connected set of entities irrespective of the specific entity type |
US10909097B2 (en) | 2017-02-05 | 2021-02-02 | Veritas Technologies Llc | Method and system for dependency analysis of workloads for orchestration |
US10554495B2 (en) * | 2017-03-13 | 2020-02-04 | International Business Machines Corporation | Sending hardware specific soft metrics for each of a plurality of computing devices based on a plain language user policy |
US10678579B2 (en) * | 2017-03-17 | 2020-06-09 | Vmware, Inc. | Policy based cross-cloud migration |
US10476673B2 (en) | 2017-03-22 | 2019-11-12 | Extrahop Networks, Inc. | Managing session secrets for continuous packet capture systems |
US10708152B2 (en) | 2017-03-23 | 2020-07-07 | Cisco Technology, Inc. | Predicting application and network performance |
US10523512B2 (en) | 2017-03-24 | 2019-12-31 | Cisco Technology, Inc. | Network agent for generating platform specific network policies |
US10250446B2 (en) | 2017-03-27 | 2019-04-02 | Cisco Technology, Inc. | Distributed policy store |
US10764141B2 (en) | 2017-03-27 | 2020-09-01 | Cisco Technology, Inc. | Network agent for reporting to a network policy system |
US10594560B2 (en) | 2017-03-27 | 2020-03-17 | Cisco Technology, Inc. | Intent driven network policy platform |
US10873794B2 (en) | 2017-03-28 | 2020-12-22 | Cisco Technology, Inc. | Flowlet resolution for application performance monitoring and management |
US10902119B1 (en) * | 2017-03-30 | 2021-01-26 | Fireeye, Inc. | Data extraction system for malware analysis |
US10749762B2 (en) | 2017-03-31 | 2020-08-18 | Connectwise, Llc | Systems and methods for managing resource utilization in cloud infrastructure |
US11005731B2 (en) | 2017-04-05 | 2021-05-11 | Cisco Technology, Inc. | Estimating model parameters for automatic deployment of scalable micro services |
US10503613B1 (en) | 2017-04-21 | 2019-12-10 | Amazon Technologies, Inc. | Efficient serving of resources during server unavailability |
US10599611B1 (en) * | 2017-04-24 | 2020-03-24 | EMC IP Holding Company LLC | Base object selection and creation in data storage system management |
US10623410B2 (en) * | 2017-04-24 | 2020-04-14 | Microsoft Technology Licensing, Llc | Multi-level, distributed access control between services and applications |
US10318351B2 (en) | 2017-04-27 | 2019-06-11 | International Business Machines Corporation | Resource provisioning with automatic approval or denial of a request for allocation of a resource |
US11868629B1 (en) * | 2017-05-05 | 2024-01-09 | Pure Storage, Inc. | Storage system sizing service |
US10503493B2 (en) * | 2017-05-16 | 2019-12-10 | Oracle International Corporation | Distributed versioning of applications using cloud-based systems |
CN109002362B (en) * | 2017-06-06 | 2021-12-24 | 创新先进技术有限公司 | Service method, device and system and electronic equipment |
US11075987B1 (en) | 2017-06-12 | 2021-07-27 | Amazon Technologies, Inc. | Load estimating content delivery network |
US10447648B2 (en) | 2017-06-19 | 2019-10-15 | Amazon Technologies, Inc. | Assignment of a POP to a DNS resolver based on volume of communications over a link between client devices and the POP |
US10866868B2 (en) | 2017-06-20 | 2020-12-15 | Mongodb, Inc. | Systems and methods for optimization of database operations |
US11385930B2 (en) * | 2017-06-21 | 2022-07-12 | Citrix Systems, Inc. | Automatic workflow-based device switching |
US10382274B2 (en) | 2017-06-26 | 2019-08-13 | Cisco Technology, Inc. | System and method for wide area zero-configuration network auto configuration |
US10439877B2 (en) | 2017-06-26 | 2019-10-08 | Cisco Technology, Inc. | Systems and methods for enabling wide area multicast domain name system |
US20190007212A1 (en) | 2017-06-30 | 2019-01-03 | Intel Corporation | Secure unlock systems for locked devices |
US10735183B1 (en) | 2017-06-30 | 2020-08-04 | Experian Information Solutions, Inc. | Symmetric encryption for private smart contracts among multiple parties in a private peer-to-peer network |
US10474508B2 (en) * | 2017-07-04 | 2019-11-12 | Vmware, Inc. | Replication management for hyper-converged infrastructures |
WO2019018316A1 (en) * | 2017-07-21 | 2019-01-24 | CYBRIC Inc. | Enterprise level cybersecurity automatic remediation |
US10680887B2 (en) | 2017-07-21 | 2020-06-09 | Cisco Technology, Inc. | Remote device status audit and recovery |
US10892940B2 (en) | 2017-07-21 | 2021-01-12 | Cisco Technology, Inc. | Scalable statistics and analytics mechanisms in cloud networking |
US10425288B2 (en) | 2017-07-21 | 2019-09-24 | Cisco Technology, Inc. | Container telemetry in data center environments with blade servers and switches |
US10601693B2 (en) | 2017-07-24 | 2020-03-24 | Cisco Technology, Inc. | System and method for providing scalable flow monitoring in a data center fabric |
US10541866B2 (en) | 2017-07-25 | 2020-01-21 | Cisco Technology, Inc. | Detecting and resolving multicast traffic performance issues |
US11442445B2 (en) | 2017-08-02 | 2022-09-13 | Strong Force Iot Portfolio 2016, Llc | Data collection systems and methods with alternate routing of input channels |
US10305752B2 (en) | 2017-08-18 | 2019-05-28 | International Business Machines Corporation | Automatically orchestrating the compliance of cloud services to selected standards and policies |
US11075799B2 (en) * | 2017-08-24 | 2021-07-27 | Oracle International Corporation | System and method for provisioning in a multi-tenant application server environment |
US10771314B2 (en) * | 2017-09-15 | 2020-09-08 | Accenture Global Solutions Limited | Learning based incident or defect resolution, and test generation |
HUE059370T2 (en) * | 2017-09-19 | 2022-11-28 | Huawei Tech Co Ltd | Application deployment method, apparatus and system |
CN107612675B (en) * | 2017-09-20 | 2020-09-25 | 电子科技大学 | Generalized linear regression method under privacy protection |
US10742593B1 (en) | 2017-09-25 | 2020-08-11 | Amazon Technologies, Inc. | Hybrid content request routing system |
US10699028B1 (en) | 2017-09-28 | 2020-06-30 | Csidentity Corporation | Identity security architecture systems and methods |
US10832213B2 (en) * | 2017-10-06 | 2020-11-10 | Citrix Systems, Inc. | System and method for managing a workspace environment of a computer processing system |
US10353800B2 (en) | 2017-10-18 | 2019-07-16 | Cisco Technology, Inc. | System and method for graph based monitoring and management of distributed systems |
US10554501B2 (en) | 2017-10-23 | 2020-02-04 | Cisco Technology, Inc. | Network migration assistant |
US9967292B1 (en) | 2017-10-25 | 2018-05-08 | Extrahop Networks, Inc. | Inline secret sharing |
US10523541B2 (en) | 2017-10-25 | 2019-12-31 | Cisco Technology, Inc. | Federated network and application data analytics platform |
US10594542B2 (en) | 2017-10-27 | 2020-03-17 | Cisco Technology, Inc. | System and method for network root cause analysis |
CN109728924A (en) * | 2017-10-30 | 2019-05-07 | 华为技术有限公司 | The method and apparatus for obtaining the configuration information of host |
US11481362B2 (en) | 2017-11-13 | 2022-10-25 | Cisco Technology, Inc. | Using persistent memory to enable restartability of bulk load transactions in cloud databases |
US10896472B1 (en) | 2017-11-14 | 2021-01-19 | Csidentity Corporation | Security and identity verification system and architecture |
US10778785B2 (en) * | 2017-11-28 | 2020-09-15 | International Business Machines Corporation | Cognitive method for detecting service availability in a cloud environment |
US10554525B2 (en) * | 2017-11-28 | 2020-02-04 | International Business Machines Corporation | Tracking usage of computing resources |
US10990432B1 (en) * | 2017-11-30 | 2021-04-27 | Ila Corporation | Method and system for interactive cyber simulation exercises |
US20210042145A1 (en) * | 2018-11-29 | 2021-02-11 | Bernardo Starosta | Method and System for Interactive Cyber Simulation Exercises |
US20190173959A1 (en) * | 2017-12-06 | 2019-06-06 | Cisco Technology, Inc. | Interactive automatic marking of peer messages and events in cloud-to-cloud or cloud-to-enterprise communications |
US10565083B2 (en) | 2017-12-08 | 2020-02-18 | Cisco Technology, Inc. | Simulating hosted application performance |
US10833962B2 (en) | 2017-12-14 | 2020-11-10 | International Business Machines Corporation | Orchestration engine blueprint aspects for hybrid cloud composition |
US11025511B2 (en) | 2017-12-14 | 2021-06-01 | International Business Machines Corporation | Orchestration engine blueprint aspects for hybrid cloud composition |
US10838747B2 (en) | 2017-12-14 | 2020-11-17 | Hewlett Packard Enterprise Development Lp | Virtual appliances |
US10972366B2 (en) | 2017-12-14 | 2021-04-06 | International Business Machines Corporation | Orchestration engine blueprint aspects for hybrid cloud composition |
US10585656B1 (en) | 2017-12-18 | 2020-03-10 | Cerner Innovation, Inc. | Event manager for software deployment |
US10705882B2 (en) | 2017-12-21 | 2020-07-07 | Cisco Technology, Inc. | System and method for resource placement across clouds for data intensive workloads |
US11349665B2 (en) * | 2017-12-22 | 2022-05-31 | Motorola Solutions, Inc. | Device attestation server and method for attesting to the integrity of a mobile device |
US11595474B2 (en) | 2017-12-28 | 2023-02-28 | Cisco Technology, Inc. | Accelerating data replication using multicast and non-volatile memory enabled nodes |
US11233821B2 (en) | 2018-01-04 | 2022-01-25 | Cisco Technology, Inc. | Network intrusion counter-intelligence |
US11765046B1 (en) | 2018-01-11 | 2023-09-19 | Cisco Technology, Inc. | Endpoint cluster assignment and query generation |
US11347871B2 (en) * | 2018-01-16 | 2022-05-31 | International Business Machines Corporation | Dynamic cybersecurity protection mechanism for data storage devices |
US11539748B2 (en) | 2018-01-23 | 2022-12-27 | Zeronorth, Inc. | Monitoring and reporting enterprise level cybersecurity remediation |
US11121872B2 (en) | 2018-01-23 | 2021-09-14 | Zeronorth, Inc. | Trusted verification of cybersecurity remediation |
US10574575B2 (en) | 2018-01-25 | 2020-02-25 | Cisco Technology, Inc. | Network flow stitching using middle box flow stitching |
US10873593B2 (en) | 2018-01-25 | 2020-12-22 | Cisco Technology, Inc. | Mechanism for identifying differences between network snapshots |
US11288079B2 (en) * | 2018-01-25 | 2022-03-29 | Red Hat, Inc. | Reducing classloading of hierarchically configured applications via provisioning |
US10917438B2 (en) | 2018-01-25 | 2021-02-09 | Cisco Technology, Inc. | Secure publishing for policy updates |
US10798015B2 (en) | 2018-01-25 | 2020-10-06 | Cisco Technology, Inc. | Discovery of middleboxes using traffic flow stitching |
US10826803B2 (en) | 2018-01-25 | 2020-11-03 | Cisco Technology, Inc. | Mechanism for facilitating efficient policy updates |
US10999149B2 (en) | 2018-01-25 | 2021-05-04 | Cisco Technology, Inc. | Automatic configuration discovery based on traffic flow data |
US11128700B2 (en) | 2018-01-26 | 2021-09-21 | Cisco Technology, Inc. | Load balancing configuration based on traffic flow telemetry |
US10797940B2 (en) * | 2018-02-02 | 2020-10-06 | Storage Engine, Inc. | Methods, apparatuses and systems for cloud-based disaster recovery |
US10389574B1 (en) | 2018-02-07 | 2019-08-20 | Extrahop Networks, Inc. | Ranking alerts based on network monitoring |
US10270794B1 (en) | 2018-02-09 | 2019-04-23 | Extrahop Networks, Inc. | Detection of denial of service attacks |
US10592578B1 (en) | 2018-03-07 | 2020-03-17 | Amazon Technologies, Inc. | Predictive content push-enabled content delivery network |
US10896069B2 (en) | 2018-03-16 | 2021-01-19 | Citrix Systems, Inc. | Dynamically provisioning virtual machines from remote, multi-tier pool |
US11213224B2 (en) | 2018-03-19 | 2022-01-04 | Electronic Caregiver, Inc. | Consumer application for mobile assessment of functional capacity and falls risk |
CN112042154B (en) * | 2018-03-23 | 2024-03-29 | 施耐德电气美国股份有限公司 | System and method for progressive cloud-based architecture |
US11121942B2 (en) | 2018-04-04 | 2021-09-14 | International Business Machines Corporation | Orchestration engine facilitating management of dynamic connection components |
US10778797B2 (en) | 2018-04-05 | 2020-09-15 | International Business Machines Corporation | Orchestration engine facilitating management of operation of resource components |
US10511534B2 (en) | 2018-04-06 | 2019-12-17 | Cisco Technology, Inc. | Stateless distributed load-balancing |
US11923058B2 (en) | 2018-04-10 | 2024-03-05 | Electronic Caregiver, Inc. | Mobile system for the assessment of consumer medication compliance and provision of mobile caregiving |
US10073856B1 (en) | 2018-04-30 | 2018-09-11 | Qumulo, Inc. | Continuous replication for secure distributed filesystems |
US10931528B2 (en) * | 2018-05-04 | 2021-02-23 | VCE IP Holding Company LLC | Layer-based method and system for defining and enforcing policies in an information technology environment |
US10592225B2 (en) * | 2018-05-11 | 2020-03-17 | Slack Technologies, Inc. | Method, apparatus, and computer program product for installing third party applications requiring variable host address identification in a group-based communication system |
US10728361B2 (en) | 2018-05-29 | 2020-07-28 | Cisco Technology, Inc. | System for association of customer information across subscribers |
US10768980B2 (en) * | 2018-05-29 | 2020-09-08 | American Express Travel Related Services Company, Inc. | Automated execution of a batch job workflows |
US11360936B2 (en) | 2018-06-08 | 2022-06-14 | Qumulo, Inc. | Managing per object snapshot coverage in filesystems |
US10904322B2 (en) | 2018-06-15 | 2021-01-26 | Cisco Technology, Inc. | Systems and methods for scaling down cloud-based servers handling secure connections |
US11488724B2 (en) | 2018-06-18 | 2022-11-01 | Electronic Caregiver, Inc. | Systems and methods for a virtual, intelligent and customizable personal medical assistant |
US10764266B2 (en) | 2018-06-19 | 2020-09-01 | Cisco Technology, Inc. | Distributed authentication and authorization for rapid scaling of containerized services |
US11019083B2 (en) | 2018-06-20 | 2021-05-25 | Cisco Technology, Inc. | System for coordinating distributed website analysis |
US10911234B2 (en) | 2018-06-22 | 2021-02-02 | Experian Information Solutions, Inc. | System and method for a token gateway environment |
US10956517B2 (en) | 2018-06-22 | 2021-03-23 | International Business Machines Corporation | Holistic mapping and relocation of social media assets |
US10819571B2 (en) | 2018-06-29 | 2020-10-27 | Cisco Technology, Inc. | Network traffic optimization using in-situ notification system |
US10635825B2 (en) | 2018-07-11 | 2020-04-28 | International Business Machines Corporation | Data privacy awareness in workload provisioning |
US10949416B2 (en) | 2018-07-13 | 2021-03-16 | International Business Machines Corporation | Workload management across multiple data sites capable of providing active services |
US20200034766A1 (en) * | 2018-07-27 | 2020-01-30 | Gabriel Borges | System and method to increase productivity |
US10904342B2 (en) | 2018-07-30 | 2021-01-26 | Cisco Technology, Inc. | Container networking using communication tunnels |
US10411978B1 (en) | 2018-08-09 | 2019-09-10 | Extrahop Networks, Inc. | Correlating causes and effects associated with network activity |
US10880313B2 (en) | 2018-09-05 | 2020-12-29 | Consumerinfo.Com, Inc. | Database platform for realtime updating of user data from third party sources |
US10963434B1 (en) | 2018-09-07 | 2021-03-30 | Experian Information Solutions, Inc. | Data architecture for supporting multiple search models |
US11070590B2 (en) * | 2018-09-14 | 2021-07-20 | Northrop Grumman Systems Corporation | System and method for secure multitenant operations of a distributed computing cluster |
US10713097B2 (en) * | 2018-10-03 | 2020-07-14 | International Business Machines Corporation | Automatic generation of blueprints for orchestration engines from discovered workload representations |
US11249796B2 (en) | 2018-10-03 | 2022-02-15 | Samsung Electronics Co., Ltd. | Method and apparatus for enhanced assertion management in cloud media processing |
US11487590B2 (en) * | 2018-10-09 | 2022-11-01 | Kyndryl, Inc. | Orchestration engine resources and blueprint definitions for hybrid cloud composition |
US11144309B2 (en) * | 2018-10-12 | 2021-10-12 | Bentley Systems, Incorporated | Changeset conflict rebasing |
US11315179B1 (en) | 2018-11-16 | 2022-04-26 | Consumerinfo.Com, Inc. | Methods and apparatuses for customized card recommendations |
US10862852B1 (en) | 2018-11-16 | 2020-12-08 | Amazon Technologies, Inc. | Resolution of domain name requests in heterogeneous network environments |
US11429762B2 (en) | 2018-11-27 | 2022-08-30 | Amazon Technologies, Inc. | Simulation orchestration for training reinforcement learning models |
US11836577B2 (en) | 2018-11-27 | 2023-12-05 | Amazon Technologies, Inc. | Reinforcement learning model training through simulation |
US11455234B2 (en) | 2018-11-21 | 2022-09-27 | Amazon Technologies, Inc. | Robotics application development architecture |
US11025747B1 (en) | 2018-12-12 | 2021-06-01 | Amazon Technologies, Inc. | Content request pattern-based routing system |
US10911332B2 (en) * | 2018-12-17 | 2021-02-02 | Cisco Technology, Inc. | Time sensitive networking in a microservice environment |
US10621147B1 (en) | 2018-12-19 | 2020-04-14 | Qumulo, Inc. | Replicating file system objects in distributed file systems |
US10534758B1 (en) | 2018-12-20 | 2020-01-14 | Qumulo, Inc. | File system cache tiers |
US10817157B2 (en) | 2018-12-20 | 2020-10-27 | Nutanix, Inc. | User interface for database management services |
US10908895B2 (en) * | 2018-12-21 | 2021-02-02 | Pensando Systems Inc. | State-preserving upgrade of an intelligent server adapter |
US10474635B1 (en) | 2018-12-21 | 2019-11-12 | Qumulo, Inc. | Dynamic evaluation and selection of file system pre-fetch policy |
US11816066B2 (en) | 2018-12-27 | 2023-11-14 | Nutanix, Inc. | System and method for protecting databases in a hyperconverged infrastructure system |
US11010336B2 (en) | 2018-12-27 | 2021-05-18 | Nutanix, Inc. | System and method for provisioning databases in a hyperconverged infrastructure system |
US11799952B2 (en) * | 2019-01-07 | 2023-10-24 | Intel Corporation | Computing resource discovery and allocation |
US10860362B2 (en) * | 2019-01-09 | 2020-12-08 | Vmware, Inc. | Methods and apparatus to deploy a hybrid workload domain |
US10680912B1 (en) * | 2019-01-09 | 2020-06-09 | International Business Machines Corporation | Infrastructure resource provisioning using trace-based workload temporal analysis for high performance computing |
WO2020146667A1 (en) | 2019-01-11 | 2020-07-16 | Experian Information Solutions, Inc. | Systems and methods for secure data aggregation and computation |
US11113270B2 (en) | 2019-01-24 | 2021-09-07 | EMC IP Holding Company LLC | Storing a non-ordered associative array of pairs using an append-only storage medium |
US11151092B2 (en) | 2019-01-30 | 2021-10-19 | Qumulo, Inc. | Data replication in distributed file systems |
CN109783694B (en) * | 2019-01-30 | 2021-02-12 | 清华大学 | Cross-platform large instrument shared information integration method and system based on XML |
US10614033B1 (en) | 2019-01-30 | 2020-04-07 | Qumulo, Inc. | Client aware pre-fetch policy scoring system |
CA3126844A1 (en) | 2019-02-05 | 2020-08-13 | Electronic Caregiver, Inc. | 3d environment risks identification utilizing reinforced learning |
CN109902104A (en) * | 2019-02-11 | 2019-06-18 | 北京百度网讯科技有限公司 | Method, apparatus, equipment and medium for managerial knowledge library |
US11238656B1 (en) | 2019-02-22 | 2022-02-01 | Consumerinfo.Com, Inc. | System and method for an augmented reality experience via an artificial intelligence bot |
EP3935502A1 (en) * | 2019-03-03 | 2022-01-12 | British Telecommunications public limited company | Virtual machines scheduling |
US10430179B1 (en) * | 2019-03-07 | 2019-10-01 | Capital One Services, Llc | Methods and systems for managing application configurations |
US11341000B2 (en) * | 2019-04-03 | 2022-05-24 | Vmware, Inc. | Capturing and restoring persistent state of complex applications |
US11061739B2 (en) | 2019-04-11 | 2021-07-13 | International Business Machines Corporation | Dynamic infrastructure management and processing |
US11776176B2 (en) | 2019-04-19 | 2023-10-03 | Microsoft Technology Licensing, Llc | Visual representation of directional correlation of service health |
US11113943B2 (en) | 2019-05-07 | 2021-09-07 | Electronic Caregiver, Inc. | Systems and methods for predictive environmental fall risk identification |
US10965702B2 (en) | 2019-05-28 | 2021-03-30 | Extrahop Networks, Inc. | Detecting injection attacks using passive network monitoring |
US11853575B1 (en) | 2019-06-08 | 2023-12-26 | Veritas Technologies Llc | Method and system for data consistency across failure and recovery of infrastructure |
US11620389B2 (en) | 2019-06-24 | 2023-04-04 | University Of Maryland Baltimore County | Method and system for reducing false positives in static source code analysis reports using machine learning and classification techniques |
US11652631B2 (en) * | 2019-06-27 | 2023-05-16 | International Business Machines Corporation | Distribution of security credentials |
US11258800B2 (en) | 2019-06-28 | 2022-02-22 | Slack Technologies, Llc | Managing admin controlled access of external resources to group-based communication interfaces via a group-based communication system |
US10979110B2 (en) * | 2019-07-04 | 2021-04-13 | Realtek Semiconductor Corp. | Cooperative precoding method and communication system |
US11595266B2 (en) * | 2019-07-23 | 2023-02-28 | Vmware, Inc. | Methods and apparatus to detect drift in a hybrid cloud environment |
US10742530B1 (en) | 2019-08-05 | 2020-08-11 | Extrahop Networks, Inc. | Correlating network traffic that crosses opaque endpoints |
US11388072B2 (en) | 2019-08-05 | 2022-07-12 | Extrahop Networks, Inc. | Correlating network traffic that crosses opaque endpoints |
US11645344B2 (en) | 2019-08-26 | 2023-05-09 | Experian Health, Inc. | Entity mapping based on incongruent entity data |
US10742677B1 (en) | 2019-09-04 | 2020-08-11 | Extrahop Networks, Inc. | Automatic determination of user roles and asset types based on network monitoring |
US11941065B1 (en) | 2019-09-13 | 2024-03-26 | Experian Information Solutions, Inc. | Single identifier platform for storing entity data |
US20210089288A1 (en) * | 2019-09-23 | 2021-03-25 | Fidelity Information Services, Llc | Systems and methods for environment instantiation |
US11669368B2 (en) * | 2019-09-28 | 2023-06-06 | Intel Corporation | Multi-tenant data protection in edge computing environments |
WO2021068115A1 (en) | 2019-10-08 | 2021-04-15 | Citrix Systems, Inc. | Application and device recommendation engine |
US11467775B2 (en) | 2019-10-15 | 2022-10-11 | Hewlett Packard Enterprise Development Lp | Virtual persistent volumes for containerized applications |
US10725977B1 (en) | 2019-10-21 | 2020-07-28 | Qumulo, Inc. | Managing file system state during replication jobs |
JP7037533B2 (en) * | 2019-10-25 | 2022-03-16 | 株式会社日立製作所 | Systems and methods to support manufacturing control |
US11403315B2 (en) | 2019-11-21 | 2022-08-02 | Bank Of America Corporation | Reporting and knowledge discovery for databases |
US11677637B2 (en) | 2019-12-03 | 2023-06-13 | Dell Products L.P. | Contextual update compliance management |
WO2021130769A1 (en) * | 2019-12-24 | 2021-07-01 | G. Shivnani | Unified mechanism for cloud infrastructure provisioning |
US11416874B1 (en) * | 2019-12-26 | 2022-08-16 | StratoKey Pty Ltd. | Compliance management system |
CN111200658A (en) * | 2020-01-06 | 2020-05-26 | 紫光云技术有限公司 | Direct connection distribution method for PCI (peripheral component interconnect) equipment of cloud host |
US11379442B2 (en) | 2020-01-07 | 2022-07-05 | Bank Of America Corporation | Self-learning database issue remediation tool |
US11429423B2 (en) | 2020-01-07 | 2022-08-30 | Kyndryl, Inc. | Workload scheduling with localized virtual network resources |
US11182150B2 (en) | 2020-01-14 | 2021-11-23 | Pensando Systems Inc. | Zero packet loss upgrade of an IO device |
US11200139B2 (en) * | 2020-01-16 | 2021-12-14 | Cisco Technology, Inc. | Automatic configuration of software systems for optimal management and performance using machine learning |
US11637861B2 (en) * | 2020-01-23 | 2023-04-25 | Bmc Software, Inc. | Reachability graph-based safe remediations for security of on-premise and cloud computing environments |
US10860372B1 (en) | 2020-01-24 | 2020-12-08 | Qumulo, Inc. | Managing throughput fairness and quality of service in file systems |
US10795796B1 (en) | 2020-01-24 | 2020-10-06 | Qumulo, Inc. | Predictive performance analysis for file systems |
US11151001B2 (en) | 2020-01-28 | 2021-10-19 | Qumulo, Inc. | Recovery checkpoints for distributed file systems |
US10860414B1 (en) | 2020-01-31 | 2020-12-08 | Qumulo, Inc. | Change notification in distributed file systems |
US20210250219A1 (en) | 2020-02-07 | 2021-08-12 | Bank Of America Corporation | System for integration and interoperability between disparate distributed server technologies |
US11531604B2 (en) | 2020-02-28 | 2022-12-20 | Veritas Technologies Llc | Methods and systems for data resynchronization in a replication environment |
US11429640B2 (en) | 2020-02-28 | 2022-08-30 | Veritas Technologies Llc | Methods and systems for data resynchronization in a replication environment |
US11496565B2 (en) * | 2020-03-13 | 2022-11-08 | Amazon Technologies, Inc. | Multi-service storage layer for storing application-critical data |
US11099907B1 (en) | 2020-03-13 | 2021-08-24 | International Business Machines Corporation | Prerequisite driven dynamic infrastructure orchestration |
EP4121856A4 (en) | 2020-03-20 | 2023-09-20 | Section.IO Incorporated | Systems, methods, computing platforms, and storage media for administering a distributed edge computing system utilizing an adaptive edge engine |
US11349728B2 (en) * | 2020-03-27 | 2022-05-31 | EMC IP Holding Company LLC | Dynamic resource allocation based on fingerprint extraction of workload telemetry data |
US10936538B1 (en) | 2020-03-30 | 2021-03-02 | Qumulo, Inc. | Fair sampling of alternate data stream metrics for file systems |
US10936551B1 (en) | 2020-03-30 | 2021-03-02 | Qumulo, Inc. | Aggregating alternate data stream metrics for file systems |
US11928030B2 (en) | 2020-03-31 | 2024-03-12 | Veritas Technologies Llc | Optimize backup from universal share |
US11520903B2 (en) * | 2020-04-10 | 2022-12-06 | Jpmorgan Chase Bank, N.A. | Method and apparatus for implementing a release automation dashboard module |
US11562137B2 (en) | 2020-04-14 | 2023-01-24 | Bank Of America Corporation | System to correct model drift for natural language understanding |
US11687267B2 (en) | 2020-04-14 | 2023-06-27 | Hewlett Packard Enterprise Development Lp | Containerized application manifests and virtual persistent volumes |
US11580456B2 (en) | 2020-04-27 | 2023-02-14 | Bank Of America Corporation | System to correct model drift in machine learning application |
US11599546B2 (en) | 2020-05-01 | 2023-03-07 | EMC IP Holding Company LLC | Stream browser for data streams |
US11604759B2 (en) | 2020-05-01 | 2023-03-14 | EMC IP Holding Company LLC | Retention management for data streams |
US11340834B2 (en) | 2020-05-22 | 2022-05-24 | EMC IP Holding Company LLC | Scaling of an ordered event stream |
US11055196B1 (en) | 2020-06-12 | 2021-07-06 | Bank Of America Corporation | System and method for optimizing technology stack architecture |
US11693573B2 (en) | 2020-06-18 | 2023-07-04 | Hewlett Packard Enterprise Development Lp | Relaying storage operation requests to storage systems using underlying volume identifiers |
US11360992B2 (en) | 2020-06-29 | 2022-06-14 | EMC IP Holding Company LLC | Watermarking of events of an ordered event stream |
US11314500B2 (en) | 2020-07-09 | 2022-04-26 | Nutanix, Inc. | System and method for modularizing update environment in life cycle manager |
US11340792B2 (en) | 2020-07-30 | 2022-05-24 | EMC IP Holding Company LLC | Ordered event stream merging |
US11599420B2 (en) | 2020-07-30 | 2023-03-07 | EMC IP Holding Company LLC | Ordered event stream event retention |
US11960773B2 (en) | 2020-07-31 | 2024-04-16 | Hewlett Packard Enterprise Development Lp | Modifying virtual persistent volumes based on analysis of performance metrics |
US11604705B2 (en) | 2020-08-14 | 2023-03-14 | Nutanix, Inc. | System and method for cloning as SQL server AG databases in a hyperconverged system |
US11340916B2 (en) * | 2020-08-20 | 2022-05-24 | Vmware, Inc. | Dynamic plugin management for system health |
US11907167B2 (en) | 2020-08-28 | 2024-02-20 | Nutanix, Inc. | Multi-cluster database management services |
US11620182B2 (en) | 2020-08-31 | 2023-04-04 | Bank Of America Corporation | System for resolution of technical issues using computing system-specific contextual data |
US11463466B2 (en) | 2020-09-23 | 2022-10-04 | Extrahop Networks, Inc. | Monitoring encrypted network traffic |
EP4218212A1 (en) | 2020-09-23 | 2023-08-02 | ExtraHop Networks, Inc. | Monitoring encrypted network traffic |
US11354444B2 (en) * | 2020-09-30 | 2022-06-07 | EMC IP Holding Company LLC | Access control for an ordered event stream storage system |
US11513871B2 (en) | 2020-09-30 | 2022-11-29 | EMC IP Holding Company LLC | Employing triggered retention in an ordered event stream storage system |
US11360776B2 (en) * | 2020-09-30 | 2022-06-14 | Lenovo Enterprise Solutions (Singapore) Pte. Ltd. | Machine learning for workloads for instruction set architecture optimization |
US11775481B2 (en) | 2020-09-30 | 2023-10-03 | Qumulo, Inc. | User interfaces for managing distributed file systems |
US11755555B2 (en) | 2020-10-06 | 2023-09-12 | EMC IP Holding Company LLC | Storing an ordered associative array of pairs using an append-only storage medium |
US11323497B2 (en) | 2020-10-07 | 2022-05-03 | EMC IP Holding Company LLC | Expiration of data streams for application programs in a streaming data storage platform |
US11599293B2 (en) | 2020-10-14 | 2023-03-07 | EMC IP Holding Company LLC | Consistent data stream replication and reconstruction in a streaming data storage platform |
US11640340B2 (en) | 2020-10-20 | 2023-05-02 | Nutanix, Inc. | System and method for backing up highly available source databases in a hyperconverged system |
US11570178B2 (en) * | 2020-10-26 | 2023-01-31 | International Business Machines Corporation | Method and system for checking permissions compatibility between a configuration management system and an orchestration system of a computing cluster |
US11354054B2 (en) | 2020-10-28 | 2022-06-07 | EMC IP Holding Company LLC | Compaction via an event reference in an ordered event stream storage system |
US20220136722A1 (en) * | 2020-11-05 | 2022-05-05 | Schneider Electric Buildings, Llc | Software-defined master system for smart buildings |
US11290325B1 (en) * | 2020-12-08 | 2022-03-29 | E.S.I. Software Ltd | System and method for change reconciliation in information technology systems |
US20220191215A1 (en) * | 2020-12-11 | 2022-06-16 | International Business Machines Corporation | Control of usage of computing services based on dynamic grouping |
US11347568B1 (en) | 2020-12-18 | 2022-05-31 | EMC IP Holding Company LLC | Conditional appends in an ordered event stream storage system |
US11604806B2 (en) | 2020-12-28 | 2023-03-14 | Nutanix, Inc. | System and method for highly available database service |
US11281453B1 (en) | 2021-01-06 | 2022-03-22 | Pensando Systems, Inc. | Methods and systems for a hitless rollback mechanism during software upgrade of a network appliance |
CN112668925B (en) * | 2021-01-06 | 2024-03-08 | 许继集团有限公司 | Homologous multi-strategy modeling method under definable rule |
US11757860B1 (en) | 2021-01-08 | 2023-09-12 | Morgan Stanley Services Group, Inc. | Systems and methods for querying user configurations of computer systems to aid self-service troubleshooting and system operation diagnostics |
US11816065B2 (en) | 2021-01-11 | 2023-11-14 | EMC IP Holding Company LLC | Event level retention management for data streams |
US11526297B2 (en) | 2021-01-19 | 2022-12-13 | EMC IP Holding Company LLC | Framed event access in an ordered event stream storage system |
US11157458B1 (en) | 2021-01-28 | 2021-10-26 | Qumulo, Inc. | Replicating files in distributed file systems using object-based data storage |
US11755306B2 (en) * | 2021-01-29 | 2023-09-12 | Bank Of America Corporation | Integrated entity resource distribution device set-up and delivery platform |
US11729167B2 (en) | 2021-02-12 | 2023-08-15 | Target Brands, Inc. | Authorization proxy |
US11461241B2 (en) | 2021-03-03 | 2022-10-04 | Qumulo, Inc. | Storage tier management for file systems |
US11567660B2 (en) | 2021-03-16 | 2023-01-31 | Qumulo, Inc. | Managing cloud storage for distributed file systems |
US11132126B1 (en) | 2021-03-16 | 2021-09-28 | Qumulo, Inc. | Backup services for distributed file systems in cloud computing environments |
US11892918B2 (en) | 2021-03-22 | 2024-02-06 | Nutanix, Inc. | System and method for availability group database patching |
US11550925B2 (en) | 2021-03-24 | 2023-01-10 | Bank Of America Corporation | Information security system for identifying potential security threats in software package deployment |
US11409709B1 (en) * | 2021-03-26 | 2022-08-09 | Nasuni Corporation | Cloud-native global file system with file accelerator |
US11880377B1 (en) | 2021-03-26 | 2024-01-23 | Experian Information Solutions, Inc. | Systems and methods for entity resolution |
CN113515354B (en) * | 2021-03-30 | 2023-09-12 | 南京大学 | Unified processing system and method based on environment context consistency |
US20220317898A1 (en) * | 2021-04-03 | 2022-10-06 | EMC IP Holding Company LLC | Managing Application Storage Resource Allocations Based on Application Specific Storage Policies |
US11740828B2 (en) | 2021-04-06 | 2023-08-29 | EMC IP Holding Company LLC | Data expiration for stream storages |
US20220337569A1 (en) * | 2021-04-15 | 2022-10-20 | Salesforce.Com, Inc. | Systems, methods, and devices for automation and integration of credentialing and authentication in workflows associated with computing platforms |
US11513714B2 (en) | 2021-04-22 | 2022-11-29 | EMC IP Holding Company LLC | Migration of legacy data into an ordered event stream |
US11954537B2 (en) | 2021-04-22 | 2024-04-09 | EMC IP Holding Company LLC | Information-unit based scaling of an ordered event stream |
US20220350911A1 (en) * | 2021-04-30 | 2022-11-03 | Accenture Global Solutions Limited | Policy-based application architecture generation |
US11681460B2 (en) | 2021-06-03 | 2023-06-20 | EMC IP Holding Company LLC | Scaling of an ordered event stream based on a writer group characteristic |
US11349861B1 (en) | 2021-06-18 | 2022-05-31 | Extrahop Networks, Inc. | Identifying network entities based on beaconing activity |
US11669255B2 (en) | 2021-06-30 | 2023-06-06 | Qumulo, Inc. | Distributed resource caching by reallocation of storage caching using tokens and agents with non-depleted cache allocations |
US20230015789A1 (en) * | 2021-07-08 | 2023-01-19 | Vmware, Inc. | Aggregation of user authorizations from different providers in a hybrid cloud environment |
US11966779B2 (en) | 2021-07-12 | 2024-04-23 | Bank Of America Corporation | System and method for transfer of digital resources using an integrated resource platform |
US11735282B2 (en) | 2021-07-22 | 2023-08-22 | EMC IP Holding Company LLC | Test data verification for an ordered event stream storage system |
US11627044B2 (en) * | 2021-08-04 | 2023-04-11 | Centurylink Intellectual Property Llc | Service action guidance engine (SAGE) |
US11296967B1 (en) | 2021-09-23 | 2022-04-05 | Extrahop Networks, Inc. | Combining passive network analysis and active probing |
US11947410B2 (en) * | 2021-09-24 | 2024-04-02 | The Boston Consulting Group, Inc. | Broadband error remediation engine in a data analytics system |
US11803368B2 (en) | 2021-10-01 | 2023-10-31 | Nutanix, Inc. | Network learning to control delivery of updates |
US11900078B2 (en) * | 2021-10-15 | 2024-02-13 | International Business Machines Corporation | Tuning a container orchestrator |
US11294604B1 (en) | 2021-10-22 | 2022-04-05 | Qumulo, Inc. | Serverless disk drives based on cloud storage |
US11354273B1 (en) | 2021-11-18 | 2022-06-07 | Qumulo, Inc. | Managing usable storage space in distributed file systems |
US11729082B2 (en) | 2021-11-18 | 2023-08-15 | Cisco Technology, Inc. | Techniques for providing inter-cluster dependencies |
US20230205653A1 (en) * | 2021-12-24 | 2023-06-29 | Nutanix, Inc. | Metering framework for improving resource utilization for a disaster recovery environment |
US20230222045A1 (en) * | 2022-01-13 | 2023-07-13 | Dell Products L.P. | System and method for enhanced container deployment |
US11656926B1 (en) | 2022-01-26 | 2023-05-23 | Bank Of America Corporation | Systems and methods for automatically applying configuration changes to computing clusters |
US11599508B1 (en) | 2022-01-31 | 2023-03-07 | Qumulo, Inc. | Integrating distributed file systems with object stores |
US20230297918A1 (en) * | 2022-02-25 | 2023-09-21 | Dell Products L.P. | Drift remediation of outcome-based configurations for information technology environments |
US11843606B2 (en) | 2022-03-30 | 2023-12-12 | Extrahop Networks, Inc. | Detecting abnormal data access based on data similarity |
CN115185543B (en) * | 2022-09-09 | 2022-11-25 | 腾讯科技(深圳)有限公司 | Model deployment method, packing method, device, equipment and storage medium |
US11722150B1 (en) | 2022-09-28 | 2023-08-08 | Qumulo, Inc. | Error resistant write-ahead log |
US11729269B1 (en) | 2022-10-26 | 2023-08-15 | Qumulo, Inc. | Bandwidth management in distributed file systems |
US11921677B1 (en) | 2023-11-07 | 2024-03-05 | Qumulo, Inc. | Sharing namespaces across file system clusters |
US11934660B1 (en) | 2023-11-07 | 2024-03-19 | Qumulo, Inc. | Tiered data storage with ephemeral and persistent tiers |
Citations (41)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020077986A1 (en) * | 2000-07-14 | 2002-06-20 | Hiroshi Kobata | Controlling and managing digital assets |
US20040260628A1 (en) * | 2003-06-17 | 2004-12-23 | Oracle International Corporation | Hosted audit service |
US20060265702A1 (en) * | 2005-05-19 | 2006-11-23 | Isaacson Scott A | System for creating a customized software distribution based on user requirements |
US20060265706A1 (en) * | 2005-05-19 | 2006-11-23 | Isaacson Scott A | System for creating a customized software installation on demand |
US20070073689A1 (en) * | 2005-09-29 | 2007-03-29 | Arunesh Chandra | Automated intelligent discovery engine for classifying computer data files |
US20080098392A1 (en) * | 2006-10-19 | 2008-04-24 | Wipfel Robert A | Verifiable virtualized storage port assignments for virtual machines |
US20080098457A1 (en) * | 2006-10-19 | 2008-04-24 | Novell, Inc. | Identity controlled data center |
US20080234919A1 (en) * | 2007-03-16 | 2008-09-25 | Curtis Paul Ritter | Performing application review validation testing for an engine as installed in an application |
US20080256535A1 (en) * | 2007-04-10 | 2008-10-16 | Novell, Inc. | Tessellated virtual machines for common computing goals |
US20080281654A1 (en) * | 2007-05-09 | 2008-11-13 | Novell, Inc. | Data center life cycle management |
US20090249284A1 (en) * | 2008-02-29 | 2009-10-01 | Doyenz Incorporated | Automation for virtualized it environments |
US7614050B2 (en) * | 2004-03-31 | 2009-11-03 | Hitachi, Ltd. | Machine and method for deployment of OS image |
US20090288082A1 (en) * | 2008-05-19 | 2009-11-19 | Novell, Inc. | System and method for performing designated service image processing functions in a service image warehouse |
US20090300607A1 (en) * | 2008-05-29 | 2009-12-03 | James Michael Ferris | Systems and methods for identification and management of cloud-based virtual machines |
US20090300601A1 (en) * | 2008-05-30 | 2009-12-03 | Faus Norman L | Methods and systems for providing a hosted appliance and migrating the appliance to an on-premise environment |
US20090300151A1 (en) * | 2008-05-30 | 2009-12-03 | Novell, Inc. | System and method for managing a virtual appliance lifecycle |
US7664712B1 (en) * | 2005-08-05 | 2010-02-16 | Troux Technologies | Method and system for impact analysis using a data model |
US20100115098A1 (en) * | 2008-11-04 | 2010-05-06 | Novell, Inc. | Dynamic and automatic colocation and combining of service providers and service clients in a grid of resources |
US20100228996A1 (en) * | 1995-02-13 | 2010-09-09 | Intertrust Technologies Corp. | Systems and Methods for Secure Transaction Management and Electronic Rights Protection |
US20100262794A1 (en) * | 2009-04-14 | 2010-10-14 | Novell, Inc. | Data backup for virtual machines |
US20100283637A1 (en) * | 2006-12-06 | 2010-11-11 | The Boeing Company | Cloud Image Replacement for Terrain Display |
US20100306772A1 (en) * | 2009-06-01 | 2010-12-02 | International Business Machines Corporation | Virtual solution composition and deployment system and method |
US20110041126A1 (en) * | 2009-08-13 | 2011-02-17 | Levy Roger P | Managing workloads in a virtual computing environment |
US20110047040A1 (en) * | 2009-08-24 | 2011-02-24 | Mark Carlson | Alias identity and reputation validation engine |
US20110083122A1 (en) * | 2009-10-05 | 2011-04-07 | Salesforce.Com, Inc. | Method and system for massive large scale test infrastructure |
US20110161952A1 (en) * | 2009-12-31 | 2011-06-30 | International Business Machines Corporation | Porting Virtual Images Between Platforms |
US20110173405A1 (en) * | 2010-01-13 | 2011-07-14 | International Business Machines Corporation | System and method for reducing latency time with cloud services |
US20110209064A1 (en) * | 2010-02-24 | 2011-08-25 | Novell, Inc. | System and method for providing virtual desktop extensions on a client desktop |
US20110213691A1 (en) * | 2010-02-26 | 2011-09-01 | James Michael Ferris | Systems and methods for cloud-based brokerage exchange of software entitlements |
US20110214124A1 (en) * | 2010-02-26 | 2011-09-01 | James Michael Ferris | Systems and methods for generating cross-cloud computing appliances |
US20110213687A1 (en) * | 2010-02-26 | 2011-09-01 | James Michael Ferris | Systems and methods for or a usage manager for cross-cloud appliances |
US20110271270A1 (en) * | 2010-04-28 | 2011-11-03 | Novell, Inc. | System and method for upgrading kernels in cloud computing environments |
US8069452B2 (en) * | 2005-12-01 | 2011-11-29 | Telefonaktiebolaget L M Ericsson (Publ) | Method and management agent for event notifications correlation |
US20110296001A1 (en) * | 2010-05-28 | 2011-12-01 | Ca, Inc. | Privileged Activity Monitoring through Privileged User Password Management and Log Management Systems |
US20120023222A1 (en) * | 2010-07-22 | 2012-01-26 | International Business Machines Corporation | Moving deployment of images between computers |
US20120054731A1 (en) * | 2010-08-24 | 2012-03-01 | International Business Machines Corporation | Method, System and Computer Programs to Assist Migration to a Cloud Computing Environment |
US20120066677A1 (en) * | 2010-09-10 | 2012-03-15 | International Business Machines Corporation | On demand virtual machine image streaming |
US20120072903A1 (en) * | 2010-09-20 | 2012-03-22 | International Business Machines Corporation | Multi-image migration system and method |
US20120084769A1 (en) * | 2010-09-30 | 2012-04-05 | International Business Machines Corporation | Semantically rich composable software image bundles |
US20120096149A1 (en) * | 2010-10-13 | 2012-04-19 | Sash Sunkara | Cloud federation in a cloud computing environment |
US8244037B2 (en) * | 2007-11-15 | 2012-08-14 | Master Wave International Company Ltd | Image-based data management method and system |
Family Cites Families (75)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5826239A (en) * | 1996-12-17 | 1998-10-20 | Hewlett-Packard Company | Distributed workflow resource management system and method |
US6658571B1 (en) * | 1999-02-09 | 2003-12-02 | Secure Computing Corporation | Security framework for dynamically wrapping software applications executing in a computing system |
US20030023686A1 (en) * | 1999-05-05 | 2003-01-30 | Beams Brian R. | Virtual consultant |
EP1185964A1 (en) * | 1999-05-05 | 2002-03-13 | Accenture Properties (2) B.V. | System, method and article of manufacture for creating collaborative simulations with multiple roles for a single student |
US7047279B1 (en) * | 2000-05-05 | 2006-05-16 | Accenture, Llp | Creating collaborative application sharing |
US7577722B1 (en) * | 2002-04-05 | 2009-08-18 | Vmware, Inc. | Provisioning of computer systems using virtual machines |
WO2004008284A2 (en) * | 2002-07-12 | 2004-01-22 | Checkspert, Inc. | System and method for remote supervision and authentication of user activities at communication network workstations |
US8417678B2 (en) * | 2002-07-30 | 2013-04-09 | Storediq, Inc. | System, method and apparatus for enterprise policy management |
US7725562B2 (en) * | 2002-12-31 | 2010-05-25 | International Business Machines Corporation | Method and system for user enrollment of user attribute storage in a federated environment |
US7318092B2 (en) * | 2003-01-23 | 2008-01-08 | Computer Associates Think, Inc. | Method and apparatus for remote discovery of software applications in a networked environment |
US10063523B2 (en) * | 2005-09-14 | 2018-08-28 | Oracle International Corporation | Crafted identities |
US8069435B1 (en) * | 2003-08-18 | 2011-11-29 | Oracle America, Inc. | System and method for integration of web services |
US20050144022A1 (en) * | 2003-12-29 | 2005-06-30 | Evans Lori M. | Web-based system, method, apparatus and software to manage performance securely across an extended enterprise and between entities |
US7467378B1 (en) * | 2004-02-09 | 2008-12-16 | Symantec Corporation | System state rollback after modification failure |
US20070233508A1 (en) * | 2004-05-05 | 2007-10-04 | David Gillespie | Corporate Control Management Software |
GB0414421D0 (en) * | 2004-06-28 | 2004-07-28 | Nokia Corp | Authenticating users |
US7996785B2 (en) | 2004-06-30 | 2011-08-09 | Microsoft Corporation | Systems and methods for integrating application windows in a virtual machine environment |
US8001587B2 (en) * | 2004-10-08 | 2011-08-16 | Sharp Laboratories Of America, Inc. | Methods and systems for imaging device credential management |
US20060085530A1 (en) * | 2004-10-15 | 2006-04-20 | Emc Corporation | Method and apparatus for configuring, monitoring and/or managing resource groups using web services |
US8510331B1 (en) * | 2004-10-28 | 2013-08-13 | Storediq, Inc. | System and method for a desktop agent for use in managing file systems |
US20060206370A1 (en) * | 2004-11-16 | 2006-09-14 | Netspace Technology Llc. | Smart work-force tool |
US20060122955A1 (en) | 2004-12-02 | 2006-06-08 | Alex Bethlehem | System and method for launching a resource in a network |
US8732182B2 (en) | 2004-12-02 | 2014-05-20 | Desktopsites Inc. | System and method for launching a resource in a network |
US9083748B2 (en) * | 2004-12-16 | 2015-07-14 | Hewlett-Packard Development Company, L.P. | Modelling network to assess security properties |
JP4733399B2 (en) * | 2005-01-28 | 2011-07-27 | 株式会社日立製作所 | Computer system, computer, storage device and management terminal |
EP1913534A4 (en) * | 2005-02-11 | 2010-07-07 | Volt Inf Sciences Inc | Project work change in plan/scope administrative and business information synergy system and method |
US20060235733A1 (en) * | 2005-04-13 | 2006-10-19 | Marks Eric A | System and method for providing integration of service-oriented architecture and Web services |
US8429630B2 (en) | 2005-09-15 | 2013-04-23 | Ca, Inc. | Globally distributed utility computing cloud |
US8239498B2 (en) * | 2005-10-28 | 2012-08-07 | Bank Of America Corporation | System and method for facilitating the implementation of changes to the configuration of resources in an enterprise |
US7519624B2 (en) * | 2005-11-16 | 2009-04-14 | International Business Machines Corporation | Method for proactive impact analysis of policy-based storage systems |
US7779091B2 (en) | 2005-12-19 | 2010-08-17 | Vmware, Inc. | Method and system for providing virtualized application workspaces |
US8196205B2 (en) | 2006-01-23 | 2012-06-05 | University Of Washington Through Its Center For Commercialization | Detection of spyware threats within virtual machine |
US20070174429A1 (en) | 2006-01-24 | 2007-07-26 | Citrix Systems, Inc. | Methods and servers for establishing a connection between a client system and a virtual machine hosting a requested computing environment |
US7818721B2 (en) * | 2006-02-01 | 2010-10-19 | Oracle America, Inc. | Dynamic application tracing in virtual machine environments |
US20070191979A1 (en) * | 2006-02-10 | 2007-08-16 | International Business Machines Corporation | Method, program and apparatus for supporting inter-disciplinary workflow with dynamic artifacts |
US7756828B2 (en) * | 2006-02-28 | 2010-07-13 | Microsoft Corporation | Configuration management database state model |
US8886929B2 (en) * | 2006-03-29 | 2014-11-11 | Intel Corporation | Generating a chain of trust for a virtual endpoint |
US8015563B2 (en) * | 2006-04-14 | 2011-09-06 | Microsoft Corporation | Managing virtual machines with system-wide policies |
US9392078B2 (en) * | 2006-06-23 | 2016-07-12 | Microsoft Technology Licensing, Llc | Remote network access via virtual machine |
US8365294B2 (en) * | 2006-06-30 | 2013-01-29 | Intel Corporation | Hardware platform authentication and multi-platform validation |
US7657639B2 (en) * | 2006-07-21 | 2010-02-02 | International Business Machines Corporation | Method and system for identity provider migration using federated single-sign-on operation |
US8949826B2 (en) * | 2006-10-17 | 2015-02-03 | Managelq, Inc. | Control and management of virtual systems |
US8281378B2 (en) * | 2006-10-20 | 2012-10-02 | Citrix Systems, Inc. | Methods and systems for completing, by a single-sign on component, an authentication process in a federated environment to a resource not supporting federation |
US20080120126A1 (en) * | 2006-11-21 | 2008-05-22 | George Bone | Intelligent parallel processing system and method |
US8181159B2 (en) * | 2007-03-29 | 2012-05-15 | Microsoft Corporation | Test automation using virtual machines |
US8146080B2 (en) * | 2007-03-30 | 2012-03-27 | Novell, Inc. | Tessellated virtual machines conditionally linked for common computing goals |
US20080256538A1 (en) * | 2007-04-10 | 2008-10-16 | Novell, Inc. | Storage configurations for tessellated virtual machines |
US20090006147A1 (en) * | 2007-06-27 | 2009-01-01 | Harirajan Padmanabhan | Method and system for defining and managing information technology projects based on conceptual models |
WO2009018584A1 (en) * | 2007-08-02 | 2009-02-05 | Fugen Solutions, Inc. | Method and apparatus for multi-domain identity interoperability and certification |
US7921686B2 (en) * | 2007-08-28 | 2011-04-12 | Cisco Technology, Inc. | Highly scalable architecture for application network appliances |
US20090077551A1 (en) * | 2007-09-18 | 2009-03-19 | Novell, Inc. | Virtual machine image builder for automated installation of fully-virtualized operating system |
US8276152B2 (en) * | 2007-12-05 | 2012-09-25 | Microsoft Corporation | Validation of the change orders to an I T environment |
US9727436B2 (en) * | 2008-01-02 | 2017-08-08 | International Business Machines Corporation | Adding a profiling agent to a virtual machine to permit performance and memory consumption analysis within unit tests |
US20090249219A1 (en) | 2008-03-31 | 2009-10-01 | Best Steven F | Providing a Shared Desktop Interface of Multiple Computer Terminals |
US8689292B2 (en) * | 2008-04-21 | 2014-04-01 | Api Technologies Corp. | Method and systems for dynamically providing communities of interest on an end user workstation |
US8239509B2 (en) * | 2008-05-28 | 2012-08-07 | Red Hat, Inc. | Systems and methods for management of virtual appliances in cloud-based network |
WO2009146979A1 (en) * | 2008-06-05 | 2009-12-10 | International Business Machines Corporation | Method system and computer program for identifying software problems |
US8121966B2 (en) * | 2008-06-05 | 2012-02-21 | International Business Machines Corporation | Method and system for automated integrated server-network-storage disaster recovery planning |
US20090323799A1 (en) | 2008-06-25 | 2009-12-31 | Stmicroelectronics, Inc. | System and method for rendering a high-performance virtual desktop using compression technology |
US9736153B2 (en) * | 2008-06-27 | 2017-08-15 | Microsoft Technology Licensing, Llc | Techniques to perform federated authentication |
US20090328030A1 (en) * | 2008-06-27 | 2009-12-31 | Microsoft Corporation | Installing a management agent with a virtual machine |
WO2010009909A1 (en) * | 2008-07-21 | 2010-01-28 | International Business Machines Corporation | A method and system for improvements in or relating to off-line virtual environments |
US9733959B2 (en) * | 2008-09-15 | 2017-08-15 | Vmware, Inc. | Policy-based hypervisor configuration management |
US20100131959A1 (en) * | 2008-11-26 | 2010-05-27 | Spiers Adam Z | Proactive application workload management |
US10157369B2 (en) * | 2009-02-05 | 2018-12-18 | International Business Machines Corporation | Role tailored dashboards and scorecards in a portal solution that integrates retrieved metrics across an enterprise |
US20100250298A1 (en) * | 2009-03-25 | 2010-09-30 | International Business Machines Corporation | Prioritization enablement for soa governance |
US8291416B2 (en) * | 2009-04-17 | 2012-10-16 | Citrix Systems, Inc. | Methods and systems for using a plurality of historical metrics to select a physical host for virtual machine execution |
US20100299738A1 (en) * | 2009-05-19 | 2010-11-25 | Microsoft Corporation | Claims-based authorization at an identity provider |
US8320549B2 (en) * | 2009-06-18 | 2012-11-27 | Microsoft Corporation | Advanced call routing using linked identities |
US8966017B2 (en) | 2009-07-09 | 2015-02-24 | Novell, Inc. | Techniques for cloud control and management |
US8244912B2 (en) | 2009-07-27 | 2012-08-14 | Coritsa LLC | System for networked digital pathology exchange |
US20110093847A1 (en) | 2009-10-15 | 2011-04-21 | Shah Dharmesh R | Application Hosting Service for Cloud Environments Using Dynamic Machine Images |
US20110126192A1 (en) | 2009-10-26 | 2011-05-26 | Simon Frost | Systems and methods for providing and updating a unified client |
US20110126197A1 (en) | 2009-11-25 | 2011-05-26 | Novell, Inc. | System and method for controlling cloud and virtualized data centers in an intelligent workload management system |
US8458688B2 (en) * | 2009-12-28 | 2013-06-04 | International Business Machines Corporation | Virtual machine maintenance with mapped snapshots |
-
2009
- 2009-12-22 US US12/645,114 patent/US20110126197A1/en not_active Abandoned
-
2010
- 2010-03-16 US US12/725,263 patent/US8543916B2/en not_active Expired - Fee Related
- 2010-03-16 US US12/725,241 patent/US8745205B2/en active Active
- 2010-03-19 US US12/727,837 patent/US9191380B2/en not_active Expired - Fee Related
- 2010-04-09 US US12/757,674 patent/US9210141B2/en active Active
- 2010-04-16 US US12/762,015 patent/US8695075B2/en not_active Expired - Fee Related
- 2010-10-08 US US12/900,866 patent/US8448170B2/en not_active Expired - Fee Related
-
2013
- 2013-05-13 US US13/892,987 patent/US10104053B2/en active Active
-
2014
- 2014-04-28 US US14/263,394 patent/US9432350B2/en active Active
Patent Citations (43)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100228996A1 (en) * | 1995-02-13 | 2010-09-09 | Intertrust Technologies Corp. | Systems and Methods for Secure Transaction Management and Electronic Rights Protection |
US20020077986A1 (en) * | 2000-07-14 | 2002-06-20 | Hiroshi Kobata | Controlling and managing digital assets |
US20040260628A1 (en) * | 2003-06-17 | 2004-12-23 | Oracle International Corporation | Hosted audit service |
US7614050B2 (en) * | 2004-03-31 | 2009-11-03 | Hitachi, Ltd. | Machine and method for deployment of OS image |
US20060265702A1 (en) * | 2005-05-19 | 2006-11-23 | Isaacson Scott A | System for creating a customized software distribution based on user requirements |
US20060265706A1 (en) * | 2005-05-19 | 2006-11-23 | Isaacson Scott A | System for creating a customized software installation on demand |
US20060277542A1 (en) * | 2005-05-19 | 2006-12-07 | Novell, Inc. | System and method for creating a customized installation on demand |
US7664712B1 (en) * | 2005-08-05 | 2010-02-16 | Troux Technologies | Method and system for impact analysis using a data model |
US20070073689A1 (en) * | 2005-09-29 | 2007-03-29 | Arunesh Chandra | Automated intelligent discovery engine for classifying computer data files |
US8069452B2 (en) * | 2005-12-01 | 2011-11-29 | Telefonaktiebolaget L M Ericsson (Publ) | Method and management agent for event notifications correlation |
US20080098392A1 (en) * | 2006-10-19 | 2008-04-24 | Wipfel Robert A | Verifiable virtualized storage port assignments for virtual machines |
US20080098457A1 (en) * | 2006-10-19 | 2008-04-24 | Novell, Inc. | Identity controlled data center |
US20100283637A1 (en) * | 2006-12-06 | 2010-11-11 | The Boeing Company | Cloud Image Replacement for Terrain Display |
US20080234919A1 (en) * | 2007-03-16 | 2008-09-25 | Curtis Paul Ritter | Performing application review validation testing for an engine as installed in an application |
US20080256535A1 (en) * | 2007-04-10 | 2008-10-16 | Novell, Inc. | Tessellated virtual machines for common computing goals |
US20080281654A1 (en) * | 2007-05-09 | 2008-11-13 | Novell, Inc. | Data center life cycle management |
US8244037B2 (en) * | 2007-11-15 | 2012-08-14 | Master Wave International Company Ltd | Image-based data management method and system |
US20090249284A1 (en) * | 2008-02-29 | 2009-10-01 | Doyenz Incorporated | Automation for virtualized it environments |
US20090288082A1 (en) * | 2008-05-19 | 2009-11-19 | Novell, Inc. | System and method for performing designated service image processing functions in a service image warehouse |
US20090300607A1 (en) * | 2008-05-29 | 2009-12-03 | James Michael Ferris | Systems and methods for identification and management of cloud-based virtual machines |
US20090300601A1 (en) * | 2008-05-30 | 2009-12-03 | Faus Norman L | Methods and systems for providing a hosted appliance and migrating the appliance to an on-premise environment |
US20090300151A1 (en) * | 2008-05-30 | 2009-12-03 | Novell, Inc. | System and method for managing a virtual appliance lifecycle |
US8176094B2 (en) * | 2008-05-30 | 2012-05-08 | Novell, Inc. | System and method for efficiently building virtual appliances in a hosted environment |
US20100115098A1 (en) * | 2008-11-04 | 2010-05-06 | Novell, Inc. | Dynamic and automatic colocation and combining of service providers and service clients in a grid of resources |
US20100262794A1 (en) * | 2009-04-14 | 2010-10-14 | Novell, Inc. | Data backup for virtual machines |
US20100306772A1 (en) * | 2009-06-01 | 2010-12-02 | International Business Machines Corporation | Virtual solution composition and deployment system and method |
US20110041126A1 (en) * | 2009-08-13 | 2011-02-17 | Levy Roger P | Managing workloads in a virtual computing environment |
US20110047040A1 (en) * | 2009-08-24 | 2011-02-24 | Mark Carlson | Alias identity and reputation validation engine |
US20110083122A1 (en) * | 2009-10-05 | 2011-04-07 | Salesforce.Com, Inc. | Method and system for massive large scale test infrastructure |
US20110161952A1 (en) * | 2009-12-31 | 2011-06-30 | International Business Machines Corporation | Porting Virtual Images Between Platforms |
US20110173405A1 (en) * | 2010-01-13 | 2011-07-14 | International Business Machines Corporation | System and method for reducing latency time with cloud services |
US20110209064A1 (en) * | 2010-02-24 | 2011-08-25 | Novell, Inc. | System and method for providing virtual desktop extensions on a client desktop |
US20110213691A1 (en) * | 2010-02-26 | 2011-09-01 | James Michael Ferris | Systems and methods for cloud-based brokerage exchange of software entitlements |
US20110213687A1 (en) * | 2010-02-26 | 2011-09-01 | James Michael Ferris | Systems and methods for or a usage manager for cross-cloud appliances |
US20110214124A1 (en) * | 2010-02-26 | 2011-09-01 | James Michael Ferris | Systems and methods for generating cross-cloud computing appliances |
US20110271270A1 (en) * | 2010-04-28 | 2011-11-03 | Novell, Inc. | System and method for upgrading kernels in cloud computing environments |
US20110296001A1 (en) * | 2010-05-28 | 2011-12-01 | Ca, Inc. | Privileged Activity Monitoring through Privileged User Password Management and Log Management Systems |
US20120023222A1 (en) * | 2010-07-22 | 2012-01-26 | International Business Machines Corporation | Moving deployment of images between computers |
US20120054731A1 (en) * | 2010-08-24 | 2012-03-01 | International Business Machines Corporation | Method, System and Computer Programs to Assist Migration to a Cloud Computing Environment |
US20120066677A1 (en) * | 2010-09-10 | 2012-03-15 | International Business Machines Corporation | On demand virtual machine image streaming |
US20120072903A1 (en) * | 2010-09-20 | 2012-03-22 | International Business Machines Corporation | Multi-image migration system and method |
US20120084769A1 (en) * | 2010-09-30 | 2012-04-05 | International Business Machines Corporation | Semantically rich composable software image bundles |
US20120096149A1 (en) * | 2010-10-13 | 2012-04-19 | Sash Sunkara | Cloud federation in a cloud computing environment |
Cited By (486)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9069599B2 (en) * | 2008-06-19 | 2015-06-30 | Servicemesh, Inc. | System and method for a cloud computing abstraction layer with security zone facilities |
US20210014275A1 (en) * | 2008-06-19 | 2021-01-14 | Csc Agility Platform, Inc. | System and method for a cloud computing abstraction layer with security zone facilities |
US20190245888A1 (en) * | 2008-06-19 | 2019-08-08 | Csc Agility Platform, Inc. | System and method for a cloud computing abstraction layer with security zone facilities |
US9489647B2 (en) | 2008-06-19 | 2016-11-08 | Csc Agility Platform, Inc. | System and method for a cloud computing abstraction with self-service portal for publishing resources |
US9658868B2 (en) | 2008-06-19 | 2017-05-23 | Csc Agility Platform, Inc. | Cloud computing gateway, cloud computing hypervisor, and methods for implementing same |
US10880189B2 (en) | 2008-06-19 | 2020-12-29 | Csc Agility Platform, Inc. | System and method for a cloud computing abstraction with self-service portal for publishing resources |
US20160112453A1 (en) * | 2008-06-19 | 2016-04-21 | Servicemesh, Inc. | System and method for a cloud computing abstraction layer with security zone facilities |
US9973474B2 (en) | 2008-06-19 | 2018-05-15 | Csc Agility Platform, Inc. | Cloud computing gateway, cloud computing hypervisor, and methods for implementing same |
US20120185913A1 (en) * | 2008-06-19 | 2012-07-19 | Servicemesh, Inc. | System and method for a cloud computing abstraction layer with security zone facilities |
US20110199389A1 (en) * | 2008-12-19 | 2011-08-18 | Microsoft Corporation | Interactive virtual display system for ubiquitous devices |
US8594467B2 (en) * | 2008-12-19 | 2013-11-26 | Microsoft Corporation | Interactive virtual display system for ubiquitous devices |
US20120005724A1 (en) * | 2009-02-09 | 2012-01-05 | Imera Systems, Inc. | Method and system for protecting private enterprise resources in a cloud computing environment |
US8850026B2 (en) | 2009-11-16 | 2014-09-30 | At&T Intellectual Property I, L.P. | Methods and apparatus to allocate resources associated with a distributive computing network |
US9191380B2 (en) | 2009-11-25 | 2015-11-17 | Novell, Inc. | System and method for managing information technology models in an intelligent workload management system |
US8543916B2 (en) | 2009-11-25 | 2013-09-24 | Novell, Inc. | System and method for recording collaborative information technology processes in an intelligent workload management system |
US20110126099A1 (en) * | 2009-11-25 | 2011-05-26 | Novell, Inc. | System and method for recording collaborative information technology processes in an intelligent workload management system |
US20110126047A1 (en) * | 2009-11-25 | 2011-05-26 | Novell, Inc. | System and method for managing information technology models in an intelligent workload management system |
US10097438B2 (en) | 2009-11-30 | 2018-10-09 | Red Hat, Inc. | Detecting events in cloud computing environments and performing actions upon occurrence of the events |
US9389980B2 (en) * | 2009-11-30 | 2016-07-12 | Red Hat, Inc. | Detecting events in cloud computing environments and performing actions upon occurrence of the events |
US20110131316A1 (en) * | 2009-11-30 | 2011-06-02 | James Michael Ferris | Methods and systems for detecting events in cloud computing environments and performing actions upon occurrence of the events |
US20130013766A1 (en) * | 2009-12-11 | 2013-01-10 | Deutsche Telekom Ag | Computer cluster and method for providing a disaster recovery functionality for a computer cluster |
US9135018B2 (en) * | 2009-12-11 | 2015-09-15 | Deutsche Telekom Ag | Computer cluster and method for providing a disaster recovery functionality for a computer cluster |
US20130007741A1 (en) * | 2009-12-11 | 2013-01-03 | Deutsche Telekom Ag | Computer cluster and method for providing a disaster recovery functionality for a computer cluster |
US8843624B2 (en) * | 2009-12-11 | 2014-09-23 | Deutsche Telekom Ag | Computer cluster and method for providing a disaster recovery functionality for a computer cluster |
US9059933B2 (en) | 2009-12-23 | 2015-06-16 | Centurylink Intellectual Property Llc | Provisioning virtual private data centers |
US9098320B2 (en) * | 2009-12-23 | 2015-08-04 | Savvis Inc. | Systems and methods for automatic provisioning of a user designed virtual private data center in a multi-tenant system |
US20110153684A1 (en) * | 2009-12-23 | 2011-06-23 | John Chi Yung | Systems and methods for automatic provisioning of a user designed virtual private data center in a multi-tenant system |
US8589475B2 (en) * | 2010-01-28 | 2013-11-19 | Hewlett-Packard Development Company, L.P. | Modeling a cloud computing system |
US20110185014A1 (en) * | 2010-01-28 | 2011-07-28 | Hewlett-Packard Development Company, L.P. | Modeling a cloud computing system |
US10587461B2 (en) | 2010-02-22 | 2020-03-10 | Microsoft Technology Licensing, Llc | Incrementally managing distributed configuration data |
US9755890B2 (en) | 2010-02-22 | 2017-09-05 | Microsoft Technology Licensing, Llc | Incrementally managing distributed configuration data |
US8595334B2 (en) * | 2010-02-22 | 2013-11-26 | Microsoft Corporation | Incrementally managing distributed configuration data |
US20110208841A1 (en) * | 2010-02-22 | 2011-08-25 | Microsoft Corporation | Incrementally managing distributed configuration data |
US9658866B2 (en) | 2010-02-24 | 2017-05-23 | Micro Focus Software Inc. | System and method for providing virtual desktop extensions on a client desktop |
US8468455B2 (en) | 2010-02-24 | 2013-06-18 | Novell, Inc. | System and method for providing virtual desktop extensions on a client desktop |
US20110209064A1 (en) * | 2010-02-24 | 2011-08-25 | Novell, Inc. | System and method for providing virtual desktop extensions on a client desktop |
US9135342B2 (en) * | 2010-02-26 | 2015-09-15 | Vmware, Inc. | Comprehensive, relevant, and dynamic data searching in a virtualization environment |
US20110213765A1 (en) * | 2010-02-26 | 2011-09-01 | Vmware, Inc. | Comprehensive, Relevant, and Dynamic Data Searching in a Virtualization Environment |
US10268888B2 (en) | 2010-02-28 | 2019-04-23 | Microsoft Technology Licensing, Llc | Method and apparatus for biometric data capture |
US9329689B2 (en) | 2010-02-28 | 2016-05-03 | Microsoft Technology Licensing, Llc | Method and apparatus for biometric data capture |
US9134534B2 (en) | 2010-02-28 | 2015-09-15 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses including a modular image source |
US9285589B2 (en) | 2010-02-28 | 2016-03-15 | Microsoft Technology Licensing, Llc | AR glasses with event and sensor triggered control of AR eyepiece applications |
US9129295B2 (en) | 2010-02-28 | 2015-09-08 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses with a fast response photochromic film system for quick transition from dark to clear |
US10180572B2 (en) | 2010-02-28 | 2019-01-15 | Microsoft Technology Licensing, Llc | AR glasses with event and user action control of external applications |
US10539787B2 (en) | 2010-02-28 | 2020-01-21 | Microsoft Technology Licensing, Llc | Head-worn adaptive display |
US9097890B2 (en) | 2010-02-28 | 2015-08-04 | Microsoft Technology Licensing, Llc | Grating in a light transmissive illumination system for see-through near-eye display glasses |
US9097891B2 (en) | 2010-02-28 | 2015-08-04 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses including an auto-brightness control for the display brightness based on the brightness in the environment |
US9759917B2 (en) | 2010-02-28 | 2017-09-12 | Microsoft Technology Licensing, Llc | AR glasses with event and sensor triggered AR eyepiece interface to external devices |
US10860100B2 (en) | 2010-02-28 | 2020-12-08 | Microsoft Technology Licensing, Llc | AR glasses with predictive control of external device based on event input |
US9875406B2 (en) | 2010-02-28 | 2018-01-23 | Microsoft Technology Licensing, Llc | Adjustable extension for temple arm |
US9091851B2 (en) | 2010-02-28 | 2015-07-28 | Microsoft Technology Licensing, Llc | Light control in head mounted displays |
US9223134B2 (en) | 2010-02-28 | 2015-12-29 | Microsoft Technology Licensing, Llc | Optical imperfections in a light transmissive illumination system for see-through near-eye display glasses |
US9229227B2 (en) | 2010-02-28 | 2016-01-05 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses with a light transmissive wedge shaped illumination system |
US9341843B2 (en) | 2010-02-28 | 2016-05-17 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses with a small scale image source |
US8814691B2 (en) | 2010-02-28 | 2014-08-26 | Microsoft Corporation | System and method for social networking gaming with an augmented reality |
US20110221657A1 (en) * | 2010-02-28 | 2011-09-15 | Osterhout Group, Inc. | Optical stabilization of displayed content with a variable lens |
US9366862B2 (en) | 2010-02-28 | 2016-06-14 | Microsoft Technology Licensing, Llc | System and method for delivering content to a group of see-through near eye display eyepieces |
US9182596B2 (en) | 2010-02-28 | 2015-11-10 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses with the optical assembly including absorptive polarizers or anti-reflective coatings to reduce stray light |
US8549125B2 (en) * | 2010-03-11 | 2013-10-01 | International Business Machines Corporation | Environmentally sustainable computing in a distributed computer network |
US20110225276A1 (en) * | 2010-03-11 | 2011-09-15 | International Business Machines Corporation | Environmentally sustainable computing in a distributed computer network |
US9317407B2 (en) * | 2010-03-19 | 2016-04-19 | Novell, Inc. | Techniques for validating services for deployment in an intelligent workload management system |
US20110231846A1 (en) * | 2010-03-19 | 2011-09-22 | Jason Allen Sabin | Techniques for managing service definitions in an intelligent workload management system |
US20110231822A1 (en) * | 2010-03-19 | 2011-09-22 | Jason Allen Sabin | Techniques for validating services for deployment in an intelligent workload management system |
US10114678B2 (en) * | 2010-03-19 | 2018-10-30 | Micro Focus Software Inc. | Techniques for managing service definitions in an intelligent workload management system |
US8504400B2 (en) * | 2010-03-24 | 2013-08-06 | International Business Machines Corporation | Dynamically optimized distributed cloud computing-based business process management (BPM) system |
US20110238458A1 (en) * | 2010-03-24 | 2011-09-29 | International Business Machines Corporation | Dynamically optimized distributed cloud computing-based business process management (bpm) system |
US11037077B2 (en) | 2010-03-24 | 2021-06-15 | International Business Machines Corporation | Dynamically optimized distributed cloud computing-based business process management (BPM) system |
US20110238515A1 (en) * | 2010-03-26 | 2011-09-29 | Computer Associates Think, Inc. | System and method for selecting services from multiple cloud vendors |
US8548863B2 (en) * | 2010-03-26 | 2013-10-01 | Ca, Inc. | System and method for selecting services from multiple cloud vendors |
US8751857B2 (en) * | 2010-04-13 | 2014-06-10 | Red Hat Israel, Ltd. | Monitoring of highly available virtual machines |
US20110252271A1 (en) * | 2010-04-13 | 2011-10-13 | Red Hat Israel, Ltd. | Monitoring of Highly Available Virtual Machines |
US20130091180A1 (en) * | 2010-04-16 | 2013-04-11 | Inria Institut National De Recherche En Informatiq Et En Automatique | Tool for managing computer resources and infrastructures and networks |
US9760587B2 (en) * | 2010-04-16 | 2017-09-12 | F5 Networks, Inc. | Tool for managing computer resources and infrastructures and networks |
US10817273B1 (en) | 2010-04-26 | 2020-10-27 | Pivotal Software, Inc. | Droplet execution engine for dynamic server application deployment |
US20140130038A1 (en) * | 2010-04-26 | 2014-05-08 | Vmware, Inc. | Cloud platform architecture |
US9250887B2 (en) * | 2010-04-26 | 2016-02-02 | Pivotal Software, Inc. | Cloud platform architecture |
US9772831B2 (en) | 2010-04-26 | 2017-09-26 | Pivotal Software, Inc. | Droplet execution engine for dynamic server application deployment |
US8813065B2 (en) | 2010-04-26 | 2014-08-19 | Vmware, Inc. | Microcloud platform delivery system |
US11604630B2 (en) | 2010-04-26 | 2023-03-14 | Pivotal Software, Inc. | Droplet execution engine for dynamic server application deployment |
US8627426B2 (en) | 2010-04-26 | 2014-01-07 | Vmware, Inc. | Cloud platform architecture |
US9942277B2 (en) | 2010-04-26 | 2018-04-10 | Pivotal Software, Inc. | Policy engine for cloud platform |
US9448790B2 (en) | 2010-04-26 | 2016-09-20 | Pivotal Software, Inc. | Rapid updating of cloud applications |
US10805351B2 (en) | 2010-04-26 | 2020-10-13 | Pivotal Software, Inc. | Policy engine for cloud platform |
US9071522B2 (en) | 2010-04-26 | 2015-06-30 | Pivotal Software, Inc. | Policy engine for cloud platform |
US9560079B1 (en) | 2010-04-26 | 2017-01-31 | Pivotal Software, Inc. | Policy engine for cloud platform |
US11496523B2 (en) | 2010-04-26 | 2022-11-08 | Pivotal Software, Inc. | Policy engine for cloud platform |
US8505003B2 (en) | 2010-04-28 | 2013-08-06 | Novell, Inc. | System and method for upgrading kernels in cloud computing environments |
US11698781B2 (en) | 2010-04-28 | 2023-07-11 | Suse Llc | System and method for upgrading kernels in cloud computing environments |
US9292275B2 (en) | 2010-04-28 | 2016-03-22 | Novell, Inc. | System and method for upgrading kernels in cloud computing environments |
US8504876B2 (en) * | 2010-04-30 | 2013-08-06 | The Mitre Corporation | Anomaly detection for database systems |
US20110271146A1 (en) * | 2010-04-30 | 2011-11-03 | Mitre Corporation | Anomaly Detecting for Database Systems |
US20110276951A1 (en) * | 2010-05-05 | 2011-11-10 | Microsoft Corporation | Managing runtime execution of applications on cloud computing systems |
US8719804B2 (en) * | 2010-05-05 | 2014-05-06 | Microsoft Corporation | Managing runtime execution of applications on cloud computing systems |
US10440060B2 (en) | 2010-05-18 | 2019-10-08 | At&T Intellectual Property I, L.P. | End-to-end secure cloud computing |
US8856300B2 (en) * | 2010-05-18 | 2014-10-07 | At&T Intellectual Property I, L.P. | End-to-end secure cloud computing |
US9774634B2 (en) | 2010-05-18 | 2017-09-26 | At&T Intellectual Property I, L.P. | End-to-end secure cloud computing |
US9392023B2 (en) | 2010-05-18 | 2016-07-12 | At&T Intellectual Property I, L.P. | End-to-end secure cloud computing |
US20110289134A1 (en) * | 2010-05-18 | 2011-11-24 | At&T Intellectual Property I, L.P. | End-To-End Secure Cloud Computing |
US20110302415A1 (en) * | 2010-06-02 | 2011-12-08 | Vmware, Inc. | Securing customer virtual machines in a multi-tenant cloud |
US8909928B2 (en) * | 2010-06-02 | 2014-12-09 | Vmware, Inc. | Securing customer virtual machines in a multi-tenant cloud |
US20110302315A1 (en) * | 2010-06-03 | 2011-12-08 | Microsoft Corporation | Distributed services authorization management |
US8898318B2 (en) * | 2010-06-03 | 2014-11-25 | Microsoft Corporation | Distributed services authorization management |
US10282764B2 (en) | 2010-06-15 | 2019-05-07 | Oracle International Corporation | Organizing data in a virtual computing infrastructure |
US10970757B2 (en) | 2010-06-15 | 2021-04-06 | Oracle International Corporation | Organizing data in a virtual computing infrastructure |
US11657436B2 (en) | 2010-06-15 | 2023-05-23 | Oracle International Corporation | Managing storage volume in a virtual computing infrastructure |
US10715457B2 (en) | 2010-06-15 | 2020-07-14 | Oracle International Corporation | Coordination of processes in cloud computing environments |
US9218616B2 (en) | 2010-06-15 | 2015-12-22 | Oracle International Corporation | Granting access to a cloud computing environment using names in a virtual computing infrastructure |
US9171323B2 (en) | 2010-06-15 | 2015-10-27 | Oracle International Corporation | Organizing data in a virtual computing infrastructure |
US9767494B2 (en) | 2010-06-15 | 2017-09-19 | Oracle International Corporation | Organizing data in a virtual computing infrastructure |
US9202239B2 (en) | 2010-06-15 | 2015-12-01 | Oracle International Corporation | Billing usage in a virtual computing infrastructure |
US20110314466A1 (en) * | 2010-06-17 | 2011-12-22 | International Business Machines Corporation | Creating instances of cloud computing environments |
US8904382B2 (en) * | 2010-06-17 | 2014-12-02 | International Business Machines Corporation | Creating instances of cloud computing environments |
US20110321117A1 (en) * | 2010-06-23 | 2011-12-29 | Itt Manufacturing Enterprises, Inc. | Policy Creation Using Dynamic Access Controls |
US8402127B2 (en) * | 2010-06-28 | 2013-03-19 | Bmc Software, Inc. | System and method for offering virtual private clouds within a public cloud environment |
US20110320598A1 (en) * | 2010-06-28 | 2011-12-29 | Bmc Software, Inc. | System and Method for Offering Virtual Private Clouds within a Public Cloud Environment |
US20140047442A1 (en) * | 2010-06-30 | 2014-02-13 | International Business Machines Corporation | Hypervisor selection for hosting a virtual machine image |
US8799477B2 (en) * | 2010-06-30 | 2014-08-05 | International Business Machines Corporation | Hypervisor selection for hosting a virtual machine image |
US8725891B2 (en) | 2010-07-01 | 2014-05-13 | Red Hat, Inc. | Aggregation across cloud providers |
US9270730B2 (en) | 2010-07-01 | 2016-02-23 | Red Hat, Inc. | Providing an interface to multiple cloud computing systems |
US8631067B2 (en) * | 2010-07-01 | 2014-01-14 | Red Hat, Inc. | Architecture, system and method for providing a neutral application programming interface for accessing different cloud computing systems |
US8639746B2 (en) | 2010-07-01 | 2014-01-28 | Red Hat, Inc. | Architecture, system and method for mediating communications between a client computer system and a cloud computing system with a driver framework |
US8639747B2 (en) | 2010-07-01 | 2014-01-28 | Red Hat, Inc. | System and method for providing a cloud computing graphical user interface |
US8639745B2 (en) | 2010-07-01 | 2014-01-28 | Red Hat, Inc. | Providing a neutral interface to multiple cloud computing systems |
US20120005262A1 (en) * | 2010-07-01 | 2012-01-05 | Mcwhirter Robert Kelley | Architecture, system and method for providing a neutral application programming interface for accessing different cloud computing systems |
US8935397B2 (en) | 2010-07-01 | 2015-01-13 | Red Hat, Inc. | Dividing cloud resources |
US9916147B2 (en) * | 2010-08-17 | 2018-03-13 | International Business Machines Corporation | Deployment of a tool for testing migrated applications |
US20120047492A1 (en) * | 2010-08-17 | 2012-02-23 | International Business Machines Corporation | Deployment of a tool for testing migrated applications |
US8554917B2 (en) * | 2010-08-20 | 2013-10-08 | International Business Machines Corporation | Performance isolation for storage clouds |
US9471258B2 (en) * | 2010-08-20 | 2016-10-18 | International Business Machines Corporation | Performance isolation for storage clouds |
US20140173015A1 (en) * | 2010-08-20 | 2014-06-19 | International Business Machines Corporation | Performance isolation for storage clouds |
WO2012023050A2 (en) | 2010-08-20 | 2012-02-23 | Overtis Group Limited | Secure cloud computing system and method |
US20120047265A1 (en) * | 2010-08-20 | 2012-02-23 | International Business Machines Corporation | Performance isolation for storage clouds |
US20130031158A1 (en) * | 2010-08-20 | 2013-01-31 | Salsburg Michael A | Moving enterprise software applications to a cloud domain |
US8886777B2 (en) * | 2010-08-20 | 2014-11-11 | Unisys Corporation | Moving enterprise software applications to a cloud domain |
US10915357B2 (en) * | 2010-08-24 | 2021-02-09 | Suse Llc | System and method for structuring self-provisioning workloads deployed in virtualized data centers |
US20120054763A1 (en) * | 2010-08-24 | 2012-03-01 | Novell, Inc. | System and method for structuring self-provisioning workloads deployed in virtualized data centers |
US8327373B2 (en) * | 2010-08-24 | 2012-12-04 | Novell, Inc. | System and method for structuring self-provisioning workloads deployed in virtualized data centers |
US10013287B2 (en) | 2010-08-24 | 2018-07-03 | Micro Focus Software Inc. | System and method for structuring self-provisioning workloads deployed in virtualized data centers |
US20190050257A1 (en) * | 2010-08-24 | 2019-02-14 | Micro Focus Software Inc. | System and method for structuring self-provisioning workloads deployed in virtualized data centers |
US8549066B1 (en) * | 2010-08-26 | 2013-10-01 | Adobe Systems Incorporated | Service provider interface for deploying and managing applications on a cloud |
US9128281B2 (en) | 2010-09-14 | 2015-09-08 | Microsoft Technology Licensing, Llc | Eyepiece with uniformly illuminated reflective display |
US9774489B1 (en) * | 2010-09-29 | 2017-09-26 | Amazon Technologies, Inc. | Allocating computing resources according to reserved capacity |
US20120110185A1 (en) * | 2010-10-29 | 2012-05-03 | Cisco Technology, Inc. | Distributed Hierarchical Rendering and Provisioning of Cloud Services |
US8667138B2 (en) * | 2010-10-29 | 2014-03-04 | Cisco Technology, Inc. | Distributed hierarchical rendering and provisioning of cloud services |
US8639793B2 (en) | 2010-10-29 | 2014-01-28 | Cisco Technology, Inc. | Disaster recovery and automatic relocation of cloud services |
US9710297B2 (en) * | 2010-11-01 | 2017-07-18 | Microsoft Technology Licensing, Llc | Dynamic allocation and assignment of virtual environment |
US20150186176A1 (en) * | 2010-11-01 | 2015-07-02 | Microsoft Corporation | Dynamic allocation and assignment of virtual environment |
US20120131176A1 (en) * | 2010-11-24 | 2012-05-24 | James Michael Ferris | Systems and methods for combinatorial optimization of multiple resources across a set of cloud-based networks |
US8924539B2 (en) * | 2010-11-24 | 2014-12-30 | Red Hat, Inc. | Combinatorial optimization of multiple resources across a set of cloud-based networks |
US11232495B2 (en) | 2010-12-15 | 2022-01-25 | Red Hat, Inc. | Data driven rules engine to dynamically change product business rules |
US20120159482A1 (en) * | 2010-12-17 | 2012-06-21 | Bok Deuk Jeong | Seamless application integration apparatus and method |
US9557980B2 (en) * | 2010-12-17 | 2017-01-31 | Samsung Electronics Co., Ltd. | Seamless application integration apparatus and method |
US20120197624A1 (en) * | 2011-01-28 | 2012-08-02 | Vishwanath Hawargi | System and method for managing a storage array using simulation |
US20120221709A1 (en) * | 2011-02-24 | 2012-08-30 | Bowes James R | Mechanism to allow hosted and on-site implementations to manage product assets as specified by a third party |
US9235447B2 (en) | 2011-03-03 | 2016-01-12 | Cisco Technology, Inc. | Extensible attribute summarization |
US8910145B2 (en) * | 2011-03-18 | 2014-12-09 | Airbus Operations Sas | Method and device for installing/uninstalling software modules, with centralized resolution of constraints, in aircraft equipment items |
US9609460B2 (en) * | 2011-03-18 | 2017-03-28 | Zscaler, Inc. | Cloud based mobile device security and policy enforcement |
US20150326615A1 (en) * | 2011-03-18 | 2015-11-12 | Zscaler, Inc. | Cloud based mobile device security and policy enforcement |
US20120240108A1 (en) * | 2011-03-18 | 2012-09-20 | Airbus Operations (S.A.S.) | Method and device for installing/uninstalling software modules, with centralized resolution of constraints, in aircraft apparatuses |
US20140020050A1 (en) * | 2011-03-25 | 2014-01-16 | Eads Deutschland Gmbh | Method for Determining Integrity in an Evolutionary Collaborative Information System |
US9015710B2 (en) | 2011-04-12 | 2015-04-21 | Pivotal Software, Inc. | Deployment system for multi-node applications |
US9569198B2 (en) | 2011-04-12 | 2017-02-14 | Pivotal Software, Inc. | Release lifecycle management system for multi-node application |
US9043767B2 (en) * | 2011-04-12 | 2015-05-26 | Pivotal Software, Inc. | Release management system for a multi-node application |
US10241774B2 (en) | 2011-04-12 | 2019-03-26 | Pivotal Software, Inc. | Release lifecycle management system for multi-node application |
US8997078B2 (en) | 2011-04-12 | 2015-03-31 | Pivotal Software, Inc. | Release lifecycle management system for a multi-node application |
US20120266158A1 (en) * | 2011-04-12 | 2012-10-18 | Vmware, Inc. | Release management system for a multi-node application |
US10942724B2 (en) | 2011-04-12 | 2021-03-09 | Pivotal Software, Inc. | Release lifecycle management system for multi-node application |
US8893279B1 (en) | 2011-04-14 | 2014-11-18 | Trend Micro Incorporated | Certification of virtual machine images in cloud computing environments |
US8601583B1 (en) * | 2011-04-14 | 2013-12-03 | Trend Micro Incorporated | Certification of virtual machine images in cloud computing environments |
US9304798B2 (en) | 2011-06-07 | 2016-04-05 | Hewlett Packard Enterprise Development Lp | Scalable multi-tenant network architecture for virtualized datacenters |
WO2012170016A1 (en) * | 2011-06-07 | 2012-12-13 | Hewlett-Packard Development Company, L.P. | A scalable multi-tenant network architecture for virtualized datacenters |
US9948696B2 (en) | 2011-06-17 | 2018-04-17 | Futurewei Technologies, Inc. | Cloud service control and management architecture expanded to interface the network stratum |
US8793380B2 (en) * | 2011-06-17 | 2014-07-29 | Futurewei Technologies, Inc. | Cloud service control and management architecture expanded to interface the network stratum |
US20120324082A1 (en) * | 2011-06-17 | 2012-12-20 | Futurewei Technologies, Inc. | Cloud Service Control and Management Architecture Expanded to Interface the Network Stratum |
US10542076B2 (en) | 2011-06-17 | 2020-01-21 | Futurewei Technologies, Inc. | Cloud service control and management architecture expanded to interface the network stratum |
US8645546B2 (en) | 2011-06-17 | 2014-02-04 | Futurewei Technologies, Inc. | Cloud service control and management architecture expanded to interface the network stratum |
US10043025B2 (en) * | 2011-06-27 | 2018-08-07 | Google Llc | Persistent key access to a resources in a collection |
US20150286838A1 (en) * | 2011-06-27 | 2015-10-08 | Google Inc. | Persistent key access to a resources in a collection |
US9251033B2 (en) | 2011-07-07 | 2016-02-02 | Vce Company, Llc | Automatic monitoring and just-in-time resource provisioning system |
US9710259B2 (en) | 2011-07-13 | 2017-07-18 | Vmware, Inc. | System and method for customizing a deployment plan for a multi-tier application in a cloud infrastructure |
WO2013016584A1 (en) * | 2011-07-26 | 2013-01-31 | Nebula, Inc. | Systems and methods for implementing cloud computing |
US20130036328A1 (en) * | 2011-08-04 | 2013-02-07 | Microsoft Corporation | Managing continuous software deployment |
US8943220B2 (en) | 2011-08-04 | 2015-01-27 | Microsoft Corporation | Continuous deployment of applications |
US8732693B2 (en) * | 2011-08-04 | 2014-05-20 | Microsoft Corporation | Managing continuous software deployment |
US9038055B2 (en) | 2011-08-05 | 2015-05-19 | Microsoft Technology Licensing, Llc | Using virtual machines to manage software builds |
US8856518B2 (en) | 2011-09-07 | 2014-10-07 | Microsoft Corporation | Secure and efficient offloading of network policies to network interface cards |
US20160048388A1 (en) * | 2011-09-07 | 2016-02-18 | Imagine Communications Corp. | Systems and methods for computing applications |
US9152470B2 (en) * | 2011-09-07 | 2015-10-06 | Imagine Communications Corp. | Systems and methods for computing applications |
US10216490B2 (en) | 2011-09-07 | 2019-02-26 | Imagine Communications Corp. | Systems and methods for computing applications |
US20140245261A1 (en) * | 2011-09-07 | 2014-08-28 | Digital Rapids Corporation | Systems and methods for computing applications |
US9535669B2 (en) * | 2011-09-07 | 2017-01-03 | Imagine Communications Corp. | Systems and methods for computing applications |
US10310824B2 (en) | 2011-09-07 | 2019-06-04 | Imagine Communications Corp. | Distributed ledger platform for computing applications |
US9781205B2 (en) * | 2011-09-12 | 2017-10-03 | Microsoft Technology Licensing, Llc | Coordination engine for cloud selection |
US9424439B2 (en) | 2011-09-12 | 2016-08-23 | Microsoft Technology Licensing, Llc | Secure data synchronization |
US10121018B2 (en) | 2011-09-12 | 2018-11-06 | Microsoft Technology Licensing, Llc | Secure data synchronization |
US20130067090A1 (en) * | 2011-09-12 | 2013-03-14 | Microsoft Corporation | Coordination engine for cloud selection |
US20130074064A1 (en) * | 2011-09-15 | 2013-03-21 | Microsoft Corporation | Automated infrastructure provisioning |
US9509554B1 (en) | 2011-09-16 | 2016-11-29 | Tripwire, Inc. | Methods and apparatus for remediation execution |
US8862941B2 (en) | 2011-09-16 | 2014-10-14 | Tripwire, Inc. | Methods and apparatus for remediation execution |
US10291471B1 (en) | 2011-09-16 | 2019-05-14 | Tripwire, Inc. | Methods and apparatus for remediation execution |
US9304850B1 (en) | 2011-09-16 | 2016-04-05 | Tripwire, Inc. | Methods and apparatus for remediation workflow |
US20130074068A1 (en) * | 2011-09-16 | 2013-03-21 | International Business Machines Corporation | Method, System, and Computer Program for Implementing a Customizable Virtual Appliance |
US10235236B1 (en) | 2011-09-16 | 2019-03-19 | Tripwire, Inc. | Methods and apparatus for remediation workflow |
US8819491B2 (en) | 2011-09-16 | 2014-08-26 | Tripwire, Inc. | Methods and apparatus for remediation workflow |
US20130073715A1 (en) * | 2011-09-16 | 2013-03-21 | Tripwire, Inc. | Methods and apparatus for remediating policy test failures, including correlating changes to remediation processes |
US9026646B2 (en) * | 2011-09-16 | 2015-05-05 | Tripwire, Inc. | Methods and apparatus for remediating policy test failures, including correlating changes to remediation processes |
US9426019B1 (en) * | 2011-09-29 | 2016-08-23 | Amazon Technologies, Inc. | Resource pooling and subletting from user to another user |
US9667515B1 (en) | 2011-09-29 | 2017-05-30 | Amazon Technologies, Inc. | Service image notifications |
US20130086585A1 (en) * | 2011-09-30 | 2013-04-04 | International Business Machines Corporation | Managing the Persistent Data of a Pre-Installed Application in an Elastic Virtual Machine Instance |
US9946578B2 (en) * | 2011-09-30 | 2018-04-17 | International Business Machines Corporation | Managing the persistent data of a pre-installed application in an elastic virtual machine instance |
US9141887B2 (en) | 2011-10-31 | 2015-09-22 | Hewlett-Packard Development Company, L.P. | Rendering permissions for rendering content |
US8943319B2 (en) | 2011-11-04 | 2015-01-27 | International Business Machines Corporation | Managing security for computer services |
US8924723B2 (en) | 2011-11-04 | 2014-12-30 | International Business Machines Corporation | Managing security for computer services |
US8918501B2 (en) | 2011-11-10 | 2014-12-23 | Microsoft Corporation | Pattern-based computational health and configuration monitoring |
US8832249B2 (en) | 2011-11-30 | 2014-09-09 | At&T Intellectual Property I, L.P. | Methods and apparatus to adjust resource allocation in a distributive computing network |
US9785791B2 (en) | 2011-12-01 | 2017-10-10 | International Business Machines Corporation | Using a location authorization extension to provide access authorization for a module to access a computing system |
US9344435B2 (en) | 2011-12-01 | 2016-05-17 | International Business Machines Corporation | Using a local authorization extension to provide access authorization for a module to access a computing system |
US8990899B2 (en) | 2011-12-01 | 2015-03-24 | International Business Machines Corporation | Using a local authorization extension to provide access authorization for a module to access a computing system |
US20130142201A1 (en) * | 2011-12-02 | 2013-06-06 | Microsoft Corporation | Connecting on-premise networks with public clouds |
US20150012977A1 (en) * | 2011-12-05 | 2015-01-08 | Intellectual Discovery Co., Ltd. | Method and apparatus for security in cloud computing service |
WO2013085281A1 (en) * | 2011-12-05 | 2013-06-13 | 인텔렉추얼디스커버리 주식회사 | Method and device for security in clouding computing service |
US11334533B2 (en) * | 2011-12-15 | 2022-05-17 | Veritas Technologies Llc | Dynamic storage tiering in a virtual environment |
US10380078B1 (en) * | 2011-12-15 | 2019-08-13 | Veritas Technologies Llc | Dynamic storage tiering in a virtual environment |
US9087322B1 (en) * | 2011-12-22 | 2015-07-21 | Emc Corporation | Adapting service provider products for multi-tenancy using tenant-specific service composition functions |
US9772830B2 (en) * | 2012-01-19 | 2017-09-26 | Syntel, Inc. | System and method for modeling cloud rules for migration to the cloud |
US20130212553A1 (en) * | 2012-01-19 | 2013-08-15 | Syntel, Inc. | System and method for modeling cloud rules for migration to the cloud |
US8930543B2 (en) | 2012-01-23 | 2015-01-06 | International Business Machines Corporation | Dynamically building a set of compute nodes to host the user's workload |
US8930542B2 (en) * | 2012-01-23 | 2015-01-06 | International Business Machines Corporation | Dynamically building a set of compute nodes to host the user's workload |
US20130191527A1 (en) * | 2012-01-23 | 2013-07-25 | International Business Machines Corporation | Dynamically building a set of compute nodes to host the user's workload |
US9489243B2 (en) | 2012-01-26 | 2016-11-08 | Computenext Inc. | Federating computing resources across the web |
WO2013112833A3 (en) * | 2012-01-26 | 2014-11-13 | Computenext Inc. | Federating computing resources across the web |
US8909734B2 (en) | 2012-02-07 | 2014-12-09 | International Business Machines Corporation | Migrating data between networked computing environments |
US10326708B2 (en) | 2012-02-10 | 2019-06-18 | Oracle International Corporation | Cloud computing services framework |
US20130227710A1 (en) * | 2012-02-27 | 2013-08-29 | Computer Associates Think, Inc. | System and method for securing leased images in a cloud environment |
US11941452B2 (en) | 2012-03-02 | 2024-03-26 | Vmware, Inc. | System to generate a deployment plan for a cloud infrastructure according to logical, multi-tier application blueprint |
US9645858B2 (en) | 2012-03-02 | 2017-05-09 | Vmware, Inc. | Single, logical, multi-tier application blueprint used for deployment and management of multiple physical applications in a cloud infrastructure |
US9047133B2 (en) | 2012-03-02 | 2015-06-02 | Vmware, Inc. | Single, logical, multi-tier application blueprint used for deployment and management of multiple physical applications in a cloud environment |
US10095496B2 (en) | 2012-03-02 | 2018-10-09 | Vmware, Inc. | Single, logical, multi-tier application blueprint used for deployment and management of multiple physical applications in a cloud infrastructure |
US10031783B2 (en) | 2012-03-02 | 2018-07-24 | Vmware, Inc. | Execution of a distributed deployment plan for a multi-tier application in a cloud infrastructure |
US9052961B2 (en) | 2012-03-02 | 2015-06-09 | Vmware, Inc. | System to generate a deployment plan for a cloud infrastructure according to logical, multi-tier application blueprint |
US9170798B2 (en) | 2012-03-02 | 2015-10-27 | Vmware, Inc. | System and method for customizing a deployment plan for a multi-tier application in a cloud infrastructure |
US9054917B2 (en) | 2012-03-08 | 2015-06-09 | Empire Technology Development Llc | Secure migration of virtual machines |
US9678774B2 (en) | 2012-03-08 | 2017-06-13 | Empire Technology Development Llc | Secure migration of virtual machines |
US9021294B2 (en) | 2012-03-16 | 2015-04-28 | Sungard Availability Services Lp | Discovering boot order sequence of servers belonging to an application |
US9336217B2 (en) | 2012-03-29 | 2016-05-10 | Empire Technology Development Llc | Determining user key-value storage needs from example queries |
US20130262382A1 (en) * | 2012-03-29 | 2013-10-03 | Empire Technology Development, Llc | Determining user key-value storage needs from example queries |
US9430295B1 (en) * | 2012-03-29 | 2016-08-30 | Infoblox Inc. | Internet protocol address management (IPAM) integration with a plurality of virtualization tiers in the virtual cloud |
US8849757B2 (en) * | 2012-03-29 | 2014-09-30 | Empire Technology Development Llc | Determining user key-value storage needs from example queries |
US8751620B2 (en) | 2012-03-30 | 2014-06-10 | International Business Machines Corporation | Validating deployment patterns in a networked computing environment |
US9286571B2 (en) | 2012-04-01 | 2016-03-15 | Empire Technology Development Llc | Machine learning for database migration source |
US20130282906A1 (en) * | 2012-04-18 | 2013-10-24 | International Business Machines Corporation | Multi-user analytical system and corresponding device and method |
US10171287B2 (en) * | 2012-04-18 | 2019-01-01 | International Business Machines Corporation | Multi-user analytical system and corresponding device and method |
US9462080B2 (en) * | 2012-04-27 | 2016-10-04 | Hewlett-Packard Development Company, L.P. | Management service to manage a file |
US20130290477A1 (en) * | 2012-04-27 | 2013-10-31 | Philippe Lesage | Management service to manage a file |
US20130290511A1 (en) * | 2012-04-27 | 2013-10-31 | Susan Chuzhi Tu | Managing a sustainable cloud computing service |
US10404551B2 (en) | 2012-04-30 | 2019-09-03 | Entit Software Llc | Automated event management |
US8862728B2 (en) | 2012-05-14 | 2014-10-14 | International Business Machines Corporation | Problem determination and diagnosis in shared dynamic clouds |
US8838968B2 (en) | 2012-05-14 | 2014-09-16 | Ca, Inc. | System and method for virtual machine data protection in a public cloud |
US8862727B2 (en) | 2012-05-14 | 2014-10-14 | International Business Machines Corporation | Problem determination and diagnosis in shared dynamic clouds |
US9052963B2 (en) | 2012-05-21 | 2015-06-09 | International Business Machines Corporation | Cloud computing data center machine monitor and control |
US9256648B2 (en) | 2012-05-22 | 2016-02-09 | International Business Machines Corporation | Data handling in a cloud computing environment |
US9135045B2 (en) * | 2012-05-29 | 2015-09-15 | International Business Machines Corporation | Generating user-requested virtual machine templates from super virtual machine templates and cacheable patches |
US20130326503A1 (en) * | 2012-05-29 | 2013-12-05 | International Business Machines Corporation | Generating Super Templates to Obtain User-Requested Templates |
US20130326496A1 (en) * | 2012-05-29 | 2013-12-05 | International Business Machines Corporation | Generating Super Templates to Obtain User-Requested Templates |
US9128744B2 (en) * | 2012-05-29 | 2015-09-08 | International Business Machines Corporation | Generating user-requested virtual machine templates from super virtual machine templates and cacheable patches |
US8782632B1 (en) * | 2012-06-18 | 2014-07-15 | Tellabs Operations, Inc. | Methods and apparatus for performing in-service software upgrade for a network device using system virtualization |
US10257261B2 (en) | 2012-07-02 | 2019-04-09 | Vmware, Inc. | Multi-tenant-cloud-aggregation and application-support system |
US9348652B2 (en) | 2012-07-02 | 2016-05-24 | Vmware, Inc. | Multi-tenant-cloud-aggregation and application-support system |
US11856050B2 (en) | 2012-07-02 | 2023-12-26 | Vmware, Inc. | Multi-tenant-cloud-aggregation and application-support system |
US10911524B2 (en) | 2012-07-02 | 2021-02-02 | Vmware, Inc. | Multi-tenant-cloud-aggregation and application-support system |
US11516283B2 (en) | 2012-07-02 | 2022-11-29 | Vmware, Inc. | Multi-tenant-cloud-aggregation and application-support system |
US9116753B2 (en) | 2012-07-08 | 2015-08-25 | Dell Products L.P. | System and method for dynamic scaling based on a reference architecture |
US8972941B2 (en) * | 2012-07-18 | 2015-03-03 | International Business Machines Corporation | Integrated development environment-based workload testing in a networked computing environment |
US10798016B2 (en) * | 2012-07-20 | 2020-10-06 | Hewlett Packard Enterprise Development Lp | Policy-based scaling of network resources |
US20180359192A1 (en) * | 2012-07-20 | 2018-12-13 | Hewlett Packard Enterprise Development Lp | Policy-based scaling of network resources |
US9513950B2 (en) | 2012-07-25 | 2016-12-06 | Vmware, Inc. | Dynamic resource configuration based on context |
US9003037B2 (en) * | 2012-07-25 | 2015-04-07 | Vmware, Inc. | Dynamic allocation of physical computing resources amongst virtual machines |
US10191772B2 (en) | 2012-07-25 | 2019-01-29 | Vmware, Inc. | Dynamic resource configuration based on context |
US20140032761A1 (en) * | 2012-07-25 | 2014-01-30 | Vmware, Inc. | Dynamic allocation of physical computing resources amongst virtual machines |
US11010197B2 (en) | 2012-07-25 | 2021-05-18 | Vmware, Inc. | Dynamic allocation of physical computing resources amongst virtual machines |
US9891953B2 (en) | 2012-07-25 | 2018-02-13 | Vmware, Inc. | Dynamic resource configuration based on context |
US8954579B2 (en) | 2012-08-21 | 2015-02-10 | Microsoft Corporation | Transaction-level health monitoring of online services |
CN102880832A (en) * | 2012-08-28 | 2013-01-16 | 曙光信息产业(北京)有限公司 | Method for implementing mass data management system under colony |
US8769701B2 (en) * | 2012-09-05 | 2014-07-01 | International Business Machines Corporation | Single tenant audit view in a multi-tenant environment |
US20150172136A1 (en) * | 2012-09-07 | 2015-06-18 | Transoft (Shanghai), Inc. | Apparatus of mapping logical point-of-delivery to physical point-of-delivery based on telecommunication information networking |
US10148529B2 (en) * | 2012-09-07 | 2018-12-04 | Transoft (Shanghai), Inc. | Apparatus of mapping logical point-of-delivery to physical point-of-delivery based on telecommunication information networking |
US8438654B1 (en) | 2012-09-14 | 2013-05-07 | Rightscale, Inc. | Systems and methods for associating a virtual machine with an access control right |
US8943606B2 (en) | 2012-09-14 | 2015-01-27 | Rightscale, Inc. | Systems and methods for associating a virtual machine with an access control right |
US20140085167A1 (en) * | 2012-09-26 | 2014-03-27 | Tencent Technology (Shenzhen) Company Limited | Systems and methods for sharing image data |
US9639318B2 (en) * | 2012-09-26 | 2017-05-02 | Tencent Technology (Shenzhen) Company Limited | Systems and methods for sharing image data |
US20150263902A1 (en) * | 2012-09-27 | 2015-09-17 | Orange | Device and a method for managing access to a pool of computer and network resources made available to an entity by a cloud computing system |
US9736029B2 (en) * | 2012-09-27 | 2017-08-15 | Orange | Device and a method for managing access to a pool of computer and network resources made available to an entity by a cloud computing system |
US10922331B2 (en) | 2012-09-28 | 2021-02-16 | Oracle International Corporation | Cloning a pluggable database in read-write mode |
US10860605B2 (en) | 2012-09-28 | 2020-12-08 | Oracle International Corporation | Near-zero downtime relocation of a pluggable database across container databases |
US9396006B2 (en) | 2012-10-01 | 2016-07-19 | International Business Machines Corporation | Distributing and verifying authenticity of virtual macahine images and virtual machine image reposiroty using digital signature based on signing policy |
US9009705B2 (en) | 2012-10-01 | 2015-04-14 | International Business Machines Corporation | Authenticated distribution of virtual machine images |
US9389898B2 (en) | 2012-10-02 | 2016-07-12 | Ca, Inc. | System and method for enforcement of security controls on virtual machines throughout life cycle state changes |
US9218405B2 (en) * | 2012-10-10 | 2015-12-22 | Apple Inc. | Batch processing and data synchronization in cloud-based systems |
US10379910B2 (en) | 2012-10-26 | 2019-08-13 | Syntel, Inc. | System and method for evaluation of migration of applications to the cloud |
US20140149540A1 (en) * | 2012-11-23 | 2014-05-29 | Oracle International Corporation | Decentralized administration of access to target systems in identity management |
DE102013108899B4 (en) | 2012-11-30 | 2020-08-06 | Lenovo (Singapore) Pte. Ltd. | Account management for cloud-based applications |
WO2014093715A1 (en) | 2012-12-12 | 2014-06-19 | Microsoft Corporation | Workload deployment with infrastructure management agent provisioning |
US9712375B2 (en) | 2012-12-12 | 2017-07-18 | Microsoft Technology Licensing, Llc | Workload deployment with infrastructure management agent provisioning |
US10284416B2 (en) | 2012-12-12 | 2019-05-07 | Microsoft Technology Licensing, Llc | Workload deployment with infrastructure management agent provisioning |
US9130926B2 (en) * | 2012-12-27 | 2015-09-08 | Microsoft Technology Licensing, Llc | Authorization messaging with integral delegation data |
US20140189797A1 (en) * | 2012-12-27 | 2014-07-03 | Microsoft Corporation | Authorization messaging with integral delegation data |
US9122510B2 (en) | 2013-01-02 | 2015-09-01 | International Business Machines Corporation | Querying and managing computing resources in a networked computing environment |
US8996932B2 (en) | 2013-01-09 | 2015-03-31 | Microsoft Technology Licensing, Llc | Cloud management using a component health model |
US11907496B2 (en) * | 2013-02-08 | 2024-02-20 | cloudRIA, Inc. | Browser-based application management |
US20140229898A1 (en) * | 2013-02-08 | 2014-08-14 | cloudRIA, Inc. | Browser-based application management |
US10586612B2 (en) * | 2013-03-01 | 2020-03-10 | Actx, Inc. | Cloud-like medical-information service |
US20150304455A1 (en) * | 2013-03-06 | 2015-10-22 | Vmware, Inc. | Method and system for providing a roaming remote desktop |
US10389852B2 (en) * | 2013-03-06 | 2019-08-20 | Vmware, Inc. | Method and system for providing a roaming remote desktop |
WO2014142782A1 (en) * | 2013-03-11 | 2014-09-18 | Intel Corporation | Device synchronization policy management |
US9208006B2 (en) | 2013-03-11 | 2015-12-08 | Sungard Availability Services, Lp | Recovery Maturity Model (RMM) for readiness-based control of disaster recovery testing |
US9471295B2 (en) * | 2013-03-12 | 2016-10-18 | Airbus Operations Sas | Method, device and computer program for the automatic installation or uninstallation of software modules on equipment on board an aircraft |
US20140282491A1 (en) * | 2013-03-12 | 2014-09-18 | Airbus Operations (Sas) | Method, device and computer program for the automatic installation or uninstallation of software modules on equipment on board an aircraft |
US10411975B2 (en) | 2013-03-15 | 2019-09-10 | Csc Agility Platform, Inc. | System and method for a cloud computing abstraction with multi-tier deployment policy |
US9553787B1 (en) | 2013-04-29 | 2017-01-24 | Amazon Technologies, Inc. | Monitoring hosted service usage |
US9479396B2 (en) | 2013-05-31 | 2016-10-25 | Sungard Availability Services, Lp | XML based generic UNIX discovery framework |
US9632802B2 (en) | 2013-06-14 | 2017-04-25 | Sap Se | Automatic configuration of mobile programs |
US9619545B2 (en) | 2013-06-28 | 2017-04-11 | Oracle International Corporation | Naïve, client-side sharding with online addition of shards |
US9990189B2 (en) * | 2013-07-03 | 2018-06-05 | International Business Machines Corporation | Method to optimize provisioning time with dynamically generated virtual disk contents |
US9983863B2 (en) | 2013-07-03 | 2018-05-29 | International Business Machines Corporation | Method to optimize provisioning time with dynamically generated virtual disk contents |
US20150012487A1 (en) * | 2013-07-03 | 2015-01-08 | International Business Machines Corporation | Method to optimize provisioning time with dynamically generated virtual disk contents |
US9710292B2 (en) | 2013-08-02 | 2017-07-18 | International Business Machines Corporation | Allowing management of a virtual machine by multiple cloud providers |
US9992080B2 (en) * | 2013-08-21 | 2018-06-05 | International Business Machines Corporation | Using discovered virtual-infrastructure attributes to automatically generate a service-catalog entry |
US20170134246A1 (en) * | 2013-08-21 | 2017-05-11 | International Business Machines Corporation | Using discovered virtual-infrastructure attributes to automatically generate a service-catalog entry |
US10250461B2 (en) | 2013-08-21 | 2019-04-02 | International Business Machines Corporation | Migrating legacy non-cloud applications into a cloud-computing environment |
US11675749B2 (en) | 2013-09-24 | 2023-06-13 | EMC IP Holding Company LLC | Proxy based backup and restore of hyper-v cluster shared volumes (CSV) |
US11599511B2 (en) | 2013-09-24 | 2023-03-07 | EMC IP Holding Company LLC | Proxy based backup and restore of Hyper-V cluster shared volumes (CSV) |
US10614047B1 (en) * | 2013-09-24 | 2020-04-07 | EMC IP Holding Company LLC | Proxy-based backup and restore of hyper-V cluster shared volumes (CSV) |
US10761895B2 (en) | 2013-09-26 | 2020-09-01 | Vmware, Inc. | Selective allocation of physical computing resources amongst virtual machines based on user attribute values contained in user profiles |
US20150095482A1 (en) * | 2013-09-29 | 2015-04-02 | International Business Machines Corporation | Method and System for Deploying Service in a Cloud Computing System |
US9465957B2 (en) | 2013-11-07 | 2016-10-11 | Lenovo Enterprise Solutions (Singapore) Pte. Ltd. | Preventing predetermined type of configuration changes to computing devices in a computing system servicing a critical job |
US20150134424A1 (en) * | 2013-11-14 | 2015-05-14 | Vmware, Inc. | Systems and methods for assessing hybridization of cloud computing services based on data mining of historical decisions |
US9485145B1 (en) * | 2013-11-25 | 2016-11-01 | Vce Company, Llc | System, method, apparatus, and computer program product for determining a configuration of a converged infrastructure |
US9753784B2 (en) | 2013-11-27 | 2017-09-05 | At&T Intellectual Property I, L.P. | Cloud delivery platform |
US20150149756A1 (en) * | 2013-11-28 | 2015-05-28 | Inventec (Pudong) Technology Corporation | System and method for setting up a bootable storage device using image |
US9519513B2 (en) * | 2013-12-03 | 2016-12-13 | Vmware, Inc. | Methods and apparatus to automatically configure monitoring of a virtual machine |
US10127069B2 (en) * | 2013-12-03 | 2018-11-13 | Vmware, Inc. | Methods and apparatus to automatically configure monitoring of a virtual machine |
US20150154039A1 (en) * | 2013-12-03 | 2015-06-04 | Vmware, Inc. | Methods and apparatus to automatically configure monitoring of a virtual machine |
US10678585B2 (en) | 2013-12-03 | 2020-06-09 | Vmware, Inc. | Methods and apparatus to automatically configure monitoring of a virtual machine |
US20150170302A1 (en) * | 2013-12-13 | 2015-06-18 | International Business Machines Corporation | Running local virtual disks containing applications with limited licenses |
US10831896B2 (en) * | 2013-12-13 | 2020-11-10 | International Business Machines Corporation | Running local virtual disks containing applications with limited licenses |
US10831895B2 (en) * | 2013-12-13 | 2020-11-10 | International Business Machines Corporation | Running local virtual disks containing applications with limited licenses |
US20150169876A1 (en) * | 2013-12-13 | 2015-06-18 | International Business Machines Corporation | Running local virtual disks containing applications with limited licenses |
US20160266892A1 (en) * | 2013-12-18 | 2016-09-15 | Hewlett Packard Enterprise Development Lp | Patching of virtual machines during data recovery |
US10970057B2 (en) | 2014-02-26 | 2021-04-06 | Vmware Inc. | Methods and apparatus to generate a customized application blueprint |
US9444735B2 (en) | 2014-02-27 | 2016-09-13 | Cisco Technology, Inc. | Contextual summarization tag and type match using network subnetting |
US20150261842A1 (en) * | 2014-03-15 | 2015-09-17 | International Business Machines Corporation | Conformance specification and checking for hosting services |
US9729623B2 (en) | 2014-03-15 | 2017-08-08 | International Business Machines Corporation | Specification-guided migration |
US10560338B2 (en) | 2014-03-25 | 2020-02-11 | Amazon Technologies, Inc. | Event-based data path detection |
US9838260B1 (en) | 2014-03-25 | 2017-12-05 | Amazon Technologies, Inc. | Event-based data path detection |
US10467423B1 (en) * | 2014-03-26 | 2019-11-05 | Amazon Technologies, Inc. | Static analysis-based tracking of data in access-controlled systems |
US9858060B2 (en) | 2014-05-09 | 2018-01-02 | International Business Machines Corporation | Automated deployment of a private modular cloud-computing environment |
US9787598B2 (en) * | 2014-05-27 | 2017-10-10 | International Business Machines Corporation | Managing information technology resources using metadata tags |
US20150350035A1 (en) * | 2014-05-27 | 2015-12-03 | International Business Machines Corporation | Managing information technology resources using metadata tags |
US9781051B2 (en) * | 2014-05-27 | 2017-10-03 | International Business Machines Corporation | Managing information technology resources using metadata tags |
US20150350103A1 (en) * | 2014-05-27 | 2015-12-03 | International Business Machines Corporation | Managing information technology resources using metadata tags |
US11442716B2 (en) * | 2014-06-02 | 2022-09-13 | Google Llc | Cloud orchestration engine |
US11934818B2 (en) | 2014-06-02 | 2024-03-19 | Google Llc | Cloud orchestration engine |
US10761870B2 (en) | 2014-06-30 | 2020-09-01 | Vmware, Inc. | Methods and apparatus to manage monitoring agents |
US10545781B2 (en) | 2014-07-29 | 2020-01-28 | International Business Machines Corporation | Dynamically deployed virtual machine |
US9851994B2 (en) * | 2014-07-29 | 2017-12-26 | International Business Machines Corporation | Dynamically deployed virtual machine |
US9311130B2 (en) * | 2014-07-29 | 2016-04-12 | International Business Machines Corporation | Dynamically deployed virtual machine |
US20160034294A1 (en) * | 2014-07-29 | 2016-02-04 | International Business Machines Corporation | Dynamically deployed virtual machine |
US10165392B2 (en) | 2014-09-25 | 2018-12-25 | At&T Mobility Ii Llc | Access of virtual resources based on a contextual frame of reference |
US10762456B2 (en) * | 2014-09-30 | 2020-09-01 | International Business Machines Corporation | Migration estimation with partial data |
US20160092813A1 (en) * | 2014-09-30 | 2016-03-31 | International Business Machines Corporation | Migration estimation with partial data |
US9130844B1 (en) | 2014-11-11 | 2015-09-08 | Citigroup Technology, Inc. | Systems and methods for harvesting excess compute capacity across domains |
US10310880B2 (en) * | 2014-11-25 | 2019-06-04 | Red Hat, Inc. | Hot-swapping storage pool backend functional modules |
US20160147554A1 (en) * | 2014-11-25 | 2016-05-26 | Red Hat, Inc. | Hot-swapping storage pool backend functional modules |
US11347532B2 (en) | 2014-11-25 | 2022-05-31 | Red Hat, Inc. | Hot-swapping storage pool backend functional modules |
US10728272B1 (en) | 2014-12-17 | 2020-07-28 | Amazon Technologies, Inc. | Risk scoring in a connected graph |
US10394793B1 (en) * | 2015-01-30 | 2019-08-27 | EMC IP Holding Company LLC | Method and system for governed replay for compliance applications |
US10133602B2 (en) * | 2015-02-19 | 2018-11-20 | Oracle International Corporation | Adaptive contention-aware thread placement for parallel runtime systems |
US10684837B2 (en) | 2015-02-25 | 2020-06-16 | Red Hat Israel, Ltd. | Repository manager |
US10951473B1 (en) * | 2015-03-25 | 2021-03-16 | Amazon Technologies, Inc. | Asynchronous fleet configuration service |
US10341388B2 (en) | 2015-03-31 | 2019-07-02 | At&T Intellectual Property I, L.P. | Modes of policy participation for feedback instances |
US10277666B2 (en) | 2015-03-31 | 2019-04-30 | At&T Intellectual Property I, L.P. | Escalation of feedback instances |
US9524200B2 (en) | 2015-03-31 | 2016-12-20 | At&T Intellectual Property I, L.P. | Consultation among feedback instances |
US10129157B2 (en) | 2015-03-31 | 2018-11-13 | At&T Intellectual Property I, L.P. | Multiple feedback instance inter-coordination to determine optimal actions |
US9769206B2 (en) | 2015-03-31 | 2017-09-19 | At&T Intellectual Property I, L.P. | Modes of policy participation for feedback instances |
US9992277B2 (en) | 2015-03-31 | 2018-06-05 | At&T Intellectual Property I, L.P. | Ephemeral feedback instances |
US10523569B2 (en) | 2015-03-31 | 2019-12-31 | At&T Intellectual Property I, L.P. | Dynamic creation and management of ephemeral coordinated feedback instances |
US10129156B2 (en) | 2015-03-31 | 2018-11-13 | At&T Intellectual Property I, L.P. | Dynamic creation and management of ephemeral coordinated feedback instances |
US10848550B2 (en) | 2015-03-31 | 2020-11-24 | At&T Intellectual Property I, L.P. | Escalation of feedback instances |
US10305688B2 (en) * | 2015-04-22 | 2019-05-28 | Alibaba Group Holding Limited | Method, apparatus, and system for cloud-based encryption machine key injection |
US9804879B2 (en) | 2015-05-14 | 2017-10-31 | International Business Machines Corporation | Performing server migration and dependent server discovery in parallel |
US9785461B2 (en) | 2015-05-14 | 2017-10-10 | International Business Machines Corporation | Performing server migration and dependent server discovery in parallel |
US10778597B1 (en) * | 2015-05-21 | 2020-09-15 | EMC IP Holding Company LLC | Orchestration management system and method for managing a resource pool across multiple computing clouds |
US10332090B2 (en) | 2015-08-27 | 2019-06-25 | Acumera, Inc. | Providing secure remote access to a device at a merchant location |
US10419425B2 (en) | 2015-09-01 | 2019-09-17 | Alibaba Group Holding Limited | Method, device, and system for access control of a cloud hosting service |
US11036889B2 (en) | 2015-09-29 | 2021-06-15 | International Business Machines Corporation | Efficient auditing of data in object storage |
US10395061B2 (en) | 2015-09-29 | 2019-08-27 | International Business Machines Corporation | Efficient auditing of data in object storage |
US10635658B2 (en) | 2015-10-23 | 2020-04-28 | Oracle International Corporation | Asynchronous shared application upgrade |
US10789131B2 (en) | 2015-10-23 | 2020-09-29 | Oracle International Corporation | Transportable backups for pluggable database relocation |
US10621176B2 (en) | 2015-10-23 | 2020-04-14 | Oracle International Corporation | Automatic reconfiguration of relocated pluggable databases |
US10606578B2 (en) | 2015-10-23 | 2020-03-31 | Oracle International Corporation | Provisioning of pluggable databases using a central repository |
US10075304B2 (en) | 2015-10-30 | 2018-09-11 | Microsoft Technology Licensing, Llc | Multiple gateway operation on single operating system |
US10250452B2 (en) | 2015-12-14 | 2019-04-02 | Microsoft Technology Licensing, Llc | Packaging tool for first and third party component deployment |
US20170171029A1 (en) * | 2015-12-15 | 2017-06-15 | Microsoft Technology Licensing, Llc | End-to-end automated servicing model for cloud computing platforms |
US10666517B2 (en) * | 2015-12-15 | 2020-05-26 | Microsoft Technology Licensing, Llc | End-to-end automated servicing model for cloud computing platforms |
RU2691187C1 (en) * | 2016-01-05 | 2019-06-11 | БИТДЕФЕНДЕР АйПиАр МЕНЕДЖМЕНТ ЛТД | System and methods for auditing a virtual machine |
US10885461B2 (en) | 2016-02-29 | 2021-01-05 | Oracle International Corporation | Unsupervised method for classifying seasonal patterns |
US11113852B2 (en) | 2016-02-29 | 2021-09-07 | Oracle International Corporation | Systems and methods for trending patterns within time-series data |
US11836162B2 (en) | 2016-02-29 | 2023-12-05 | Oracle International Corporation | Unsupervised method for classifying seasonal patterns |
US11232133B2 (en) | 2016-02-29 | 2022-01-25 | Oracle International Corporation | System for detecting and characterizing seasons |
US11670020B2 (en) | 2016-02-29 | 2023-06-06 | Oracle International Corporation | Seasonal aware method for forecasting and capacity planning |
US10699211B2 (en) | 2016-02-29 | 2020-06-30 | Oracle International Corporation | Supervised method for classifying seasonal patterns |
US10692255B2 (en) | 2016-02-29 | 2020-06-23 | Oracle International Corporation | Method for creating period profile for time-series data with recurrent patterns |
US11080906B2 (en) | 2016-02-29 | 2021-08-03 | Oracle International Corporation | Method for creating period profile for time-series data with recurrent patterns |
US10867421B2 (en) | 2016-02-29 | 2020-12-15 | Oracle International Corporation | Seasonal aware method for forecasting and capacity planning |
US11928760B2 (en) | 2016-02-29 | 2024-03-12 | Oracle International Corporation | Systems and methods for detecting and accommodating state changes in modelling |
US10127695B2 (en) | 2016-02-29 | 2018-11-13 | Oracle International Corporation | Method for creating period profile for time-series data with recurrent patterns |
US10970891B2 (en) | 2016-02-29 | 2021-04-06 | Oracle International Corporation | Systems and methods for detecting and accommodating state changes in modelling |
US10331802B2 (en) | 2016-02-29 | 2019-06-25 | Oracle International Corporation | System for detecting and characterizing seasons |
TWI715762B (en) * | 2016-04-25 | 2021-01-11 | 大陸商深圳前海達闥雲端智能科技有限公司 | Method and apparatus for creating virtual machine |
US10095870B2 (en) * | 2016-04-25 | 2018-10-09 | Cloudminds (Shenzhen) Robotics Systems Co., Ltd. | Virtual machine creation method and apparatus |
US20170323105A1 (en) * | 2016-04-25 | 2017-11-09 | Cloudminds (Shenzhen) Robotics Systems Co., Ltd. | Virtual machine creation method and apparatus |
US10073906B2 (en) | 2016-04-27 | 2018-09-11 | Oracle International Corporation | Scalable tri-point arbitration and clustering |
US11675815B1 (en) | 2016-04-28 | 2023-06-13 | Snowflake Inc. | Multi-cluster warehouse |
US11593404B2 (en) | 2016-04-28 | 2023-02-28 | Snowflake Inc. | Multi-cluster warehouse |
WO2017190058A1 (en) * | 2016-04-28 | 2017-11-02 | Snowflake Computing Inc. | Multi-cluster warehouse |
US11615118B2 (en) | 2016-04-28 | 2023-03-28 | Snowflake Inc. | Multi-cluster warehouse |
US11615117B2 (en) | 2016-04-28 | 2023-03-28 | Snowflake Inc. | Multi-cluster warehouse |
US11620313B2 (en) | 2016-04-28 | 2023-04-04 | Snowflake Inc. | Multi-cluster warehouse |
US11630850B2 (en) | 2016-04-28 | 2023-04-18 | Snowflake Inc. | Multi-cluster warehouse |
US11593403B2 (en) | 2016-04-28 | 2023-02-28 | Snowflake Inc. | Multi-cluster warehouse |
US10970186B2 (en) | 2016-05-16 | 2021-04-06 | Oracle International Corporation | Correlation-based analytic for time-series data |
US10635563B2 (en) | 2016-08-04 | 2020-04-28 | Oracle International Corporation | Unsupervised method for baselining and anomaly detection in time-series data for enterprise systems |
US11082439B2 (en) | 2016-08-04 | 2021-08-03 | Oracle International Corporation | Unsupervised method for baselining and anomaly detection in time-series data for enterprise systems |
US10740153B2 (en) * | 2016-09-21 | 2020-08-11 | Samsung Sds Co., Ltd. | Generating duplicate apparatuses for managing computing resources based on number of processing tasks |
US20180081728A1 (en) * | 2016-09-21 | 2018-03-22 | Samsung Sds Co., Ltd. | Apparatus and method managing computing resources |
US10915830B2 (en) | 2017-02-24 | 2021-02-09 | Oracle International Corporation | Multiscale method for predictive alerting |
US10949436B2 (en) | 2017-02-24 | 2021-03-16 | Oracle International Corporation | Optimization for scalable analytics using time series models |
US10817803B2 (en) | 2017-06-02 | 2020-10-27 | Oracle International Corporation | Data driven methods and systems for what if analysis |
US11023221B2 (en) | 2017-09-29 | 2021-06-01 | Oracle International Corporation | Artificial intelligence driven configuration management |
US10592230B2 (en) | 2017-09-29 | 2020-03-17 | Oracle International Corporation | Scalable artificial intelligence driven configuration management |
US10664264B2 (en) | 2017-09-29 | 2020-05-26 | Oracle International Corporation | Artificial intelligence driven configuration management |
US11386058B2 (en) | 2017-09-29 | 2022-07-12 | Oracle International Corporation | Rule-based autonomous database cloud service framework |
US10496396B2 (en) | 2017-09-29 | 2019-12-03 | Oracle International Corporation | Scalable artificial intelligence driven configuration management |
US11327932B2 (en) | 2017-09-30 | 2022-05-10 | Oracle International Corporation | Autonomous multitenant database cloud service framework |
US10929403B2 (en) | 2017-10-02 | 2021-02-23 | At&T Intellectual Property I, L.P. | Dynamic data threading system |
CN109842660A (en) * | 2017-11-28 | 2019-06-04 | 上海驻云信息科技有限公司 | General cloud resource and Rights Management System for different application scene |
US10721144B2 (en) | 2017-12-22 | 2020-07-21 | At&T Intellectual Property I, L.P. | Virtualized intelligent and integrated network monitoring as a service |
US10630572B1 (en) * | 2018-01-05 | 2020-04-21 | iPayed, LLC | Open loop, closed loop, real and near real-time computer network system and method therefor |
WO2019138129A1 (en) * | 2018-01-15 | 2019-07-18 | Siemens Aktiengesellschaft | Method and system for managing access to artifacts in a cloud computing environment |
EP3511823A1 (en) * | 2018-01-15 | 2019-07-17 | Siemens Aktiengesellschaft | Method and system of managing artifacts during its lifecycle on a cloud computing system |
WO2019138138A1 (en) * | 2018-01-15 | 2019-07-18 | Siemens Aktiengesellschaft | Method and system of managing artifacts during its lifecycle on a cloud computing system |
TWI700626B (en) * | 2018-04-06 | 2020-08-01 | 日商三菱電機股份有限公司 | System construction support apparatus, system construction support method and recording media |
US10721256B2 (en) | 2018-05-21 | 2020-07-21 | Oracle International Corporation | Anomaly detection based on events composed through unsupervised clustering of log messages |
US10817278B1 (en) * | 2018-05-25 | 2020-10-27 | Amazon Technologies, Inc. | Controlling the approval of software updates for computing resources |
US11620121B1 (en) | 2018-05-25 | 2023-04-04 | Amazon Technologies, Inc. | Controlling the approval of software updates for computing resources |
US10997517B2 (en) | 2018-06-05 | 2021-05-04 | Oracle International Corporation | Methods and systems for aggregating distribution approximations |
US10963346B2 (en) | 2018-06-05 | 2021-03-30 | Oracle International Corporation | Scalable methods and systems for approximating statistical distributions |
US11334332B2 (en) | 2018-07-05 | 2022-05-17 | At&T Intellectual Property I, L.P. | Facilitating cloud native edge computing via behavioral intelligence |
US10846070B2 (en) | 2018-07-05 | 2020-11-24 | At&T Intellectual Property I, L.P. | Facilitating cloud native edge computing via behavioral intelligence |
US11138090B2 (en) | 2018-10-23 | 2021-10-05 | Oracle International Corporation | Systems and methods for forecasting time series with variable seasonality |
US10884815B2 (en) | 2018-10-29 | 2021-01-05 | Pivotal Software, Inc. | Independent services platform |
US10855548B2 (en) | 2019-02-15 | 2020-12-01 | Oracle International Corporation | Systems and methods for automatically detecting, summarizing, and responding to anomalies |
US11178161B2 (en) | 2019-04-18 | 2021-11-16 | Oracle International Corporation | Detecting anomalies during operation of a computer system based on multimodal data |
US11533326B2 (en) | 2019-05-01 | 2022-12-20 | Oracle International Corporation | Systems and methods for multivariate anomaly detection in software monitoring |
US11949703B2 (en) | 2019-05-01 | 2024-04-02 | Oracle International Corporation | Systems and methods for multivariate anomaly detection in software monitoring |
US11537940B2 (en) | 2019-05-13 | 2022-12-27 | Oracle International Corporation | Systems and methods for unsupervised anomaly detection using non-parametric tolerance intervals over a sliding window of t-digests |
US11086757B1 (en) | 2019-06-12 | 2021-08-10 | Express Scripts Strategic Development, Inc. | Systems and methods for providing stable deployments to mainframe environments |
US11720347B1 (en) | 2019-06-12 | 2023-08-08 | Express Scripts Strategic Development, Inc. | Systems and methods for providing stable deployments to mainframe environments |
US11347533B2 (en) | 2019-09-06 | 2022-05-31 | Microsoft Technology Licensing, Llc | Enhanced virtual machine image management system |
US11887015B2 (en) | 2019-09-13 | 2024-01-30 | Oracle International Corporation | Automatically-generated labels for time series data and numerical lists to use in analytic and machine learning systems |
US11113186B1 (en) * | 2019-12-13 | 2021-09-07 | Amazon Technologies, Inc. | Testing and publishing of resource handlers in a cloud environment |
US11151025B1 (en) * | 2020-05-15 | 2021-10-19 | Dell Products L.P. | Generating software test plans based at least in part on monitored traffic of a production application |
US11843547B2 (en) | 2020-09-21 | 2023-12-12 | Vmware, Inc. | Allocating additional bandwidth to resources in a datacenter through deployment of dedicated gateways |
US11831518B2 (en) * | 2020-11-25 | 2023-11-28 | Cerner Innovation, Inc. | Dashboard interface |
US20220166684A1 (en) * | 2020-11-25 | 2022-05-26 | Cerner Innovation, Inc. | Dashboard interface |
US11941155B2 (en) | 2021-03-15 | 2024-03-26 | EMC IP Holding Company LLC | Secure data management in a network computing environment |
CN113190351A (en) * | 2021-05-06 | 2021-07-30 | 天津大学 | Efficient resource distribution system for distributed deep learning training task |
US11729095B2 (en) | 2021-05-24 | 2023-08-15 | Vmware, Inc. | Allocating additional bandwidth to resources in a datacenter through deployment of dedicated gateways |
US11805051B2 (en) | 2021-05-24 | 2023-10-31 | Vmware, Inc. | Allocating additional bandwidth to resources in a datacenter through deployment of dedicated gateways |
US11582147B2 (en) | 2021-05-24 | 2023-02-14 | Vmware, Inc. | Allocating additional bandwidth to resources in a datacenter through deployment of dedicated gateways |
US20230006920A1 (en) * | 2021-07-02 | 2023-01-05 | Vmware, Inc. | Source-based routing for virtual datacenters |
US11729094B2 (en) * | 2021-07-02 | 2023-08-15 | Vmware, Inc. | Source-based routing for virtual datacenters |
US20230136570A1 (en) * | 2021-11-04 | 2023-05-04 | Bell Textron Inc. | Managing access for a manufacturing system |
US20230388180A1 (en) * | 2022-05-31 | 2023-11-30 | Microsoft Technology Licensing, Llc | Techniques for provisioning workspaces in cloud-based computing platforms |
US11962493B2 (en) | 2022-06-21 | 2024-04-16 | VMware LLC | Network address translation in active-active edge cluster |
US11930017B1 (en) * | 2023-04-07 | 2024-03-12 | Sonrai Security Inc. | Cloud security platform with contextual hot-spot permissions analytics |
Also Published As
Publication number | Publication date |
---|---|
US8543916B2 (en) | 2013-09-24 |
US20140237550A1 (en) | 2014-08-21 |
US8448170B2 (en) | 2013-05-21 |
US9432350B2 (en) | 2016-08-30 |
US8745205B2 (en) | 2014-06-03 |
US20110126099A1 (en) | 2011-05-26 |
US9210141B2 (en) | 2015-12-08 |
US20110126047A1 (en) | 2011-05-26 |
US20110125894A1 (en) | 2011-05-26 |
US10104053B2 (en) | 2018-10-16 |
US20110125895A1 (en) | 2011-05-26 |
US8695075B2 (en) | 2014-04-08 |
US20130254768A1 (en) | 2013-09-26 |
US20110126207A1 (en) | 2011-05-26 |
US20110126275A1 (en) | 2011-05-26 |
US9191380B2 (en) | 2015-11-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9432350B2 (en) | System and method for intelligent workload management | |
US11170316B2 (en) | System and method for determining fuzzy cause and effect relationships in an intelligent workload management system | |
US20120066487A1 (en) | System and method for providing load balancer visibility in an intelligent workload management system | |
Awaysheh et al. | Next-generation big data federation access control: A reference model | |
Badger et al. | Cloud computing synopsis and recommendations | |
US10152211B2 (en) | Application delivery agents on virtual desktop instances | |
Almorsy et al. | Adaptable, model-driven security engineering for SaaS cloud-based applications | |
US9270703B1 (en) | Enhanced control-plane security for network-accessible services | |
US10542047B2 (en) | Security compliance framework usage | |
US9843605B1 (en) | Security compliance framework deployment | |
Riad et al. | EAR-ABAC: An extended AR-ABAC access control model for SDN-Integrated cloud computing | |
Modi | Azure for Architects: Implementing cloud design, DevOps, containers, IoT, and serverless solutions on your public cloud | |
US20220353267A1 (en) | Framework for automated operator access to infrastructure in a cloud service | |
Alqahtani et al. | A Context-Based Security Framework for Cloud Services | |
Liu et al. | A collaborative management as a service framework for managing Internetware systems | |
Dimitrakos et al. | Security of Service Networks | |
Cada et al. | Redpaper | |
Interface | Open Cloud Computing Interface-Use cases and requirements for a Cloud API | |
Middleware | The Grid Architectural Pattern: Leveraging Distributed Processing Capabilities |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: NOVELL, INC., UTAH Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:LARSEN, KAL A.;CARTER, STEPHEN R.;JORGENSEN, MICHAEL;AND OTHERS;REEL/FRAME:023690/0290 Effective date: 20091218 |
|
AS | Assignment |
Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, NEW YORK Free format text: GRANT OF PATENT SECURITY INTEREST;ASSIGNOR:NOVELL, INC.;REEL/FRAME:026270/0001 Effective date: 20110427 |
|
AS | Assignment |
Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, NEW YORK Free format text: GRANT OF PATENT SECURITY INTEREST (SECOND LIEN);ASSIGNOR:NOVELL, INC.;REEL/FRAME:026275/0018 Effective date: 20110427 |
|
AS | Assignment |
Owner name: NOVELL, INC., UTAH Free format text: RELEASE OF SECURITY IN PATENTS SECOND LIEN (RELEASES RF 026275/0018 AND 027290/0983);ASSIGNOR:CREDIT SUISSE AG, AS COLLATERAL AGENT;REEL/FRAME:028252/0154 Effective date: 20120522 Owner name: NOVELL, INC., UTAH Free format text: RELEASE OF SECURITY INTEREST IN PATENTS FIRST LIEN (RELEASES RF 026270/0001 AND 027289/0727);ASSIGNOR:CREDIT SUISSE AG, AS COLLATERAL AGENT;REEL/FRAME:028252/0077 Effective date: 20120522 |
|
AS | Assignment |
Owner name: CREDIT SUISSE AG, AS COLLATERAL AGENT, NEW YORK Free format text: GRANT OF PATENT SECURITY INTEREST SECOND LIEN;ASSIGNOR:NOVELL, INC.;REEL/FRAME:028252/0316 Effective date: 20120522 Owner name: CREDIT SUISSE AG, AS COLLATERAL AGENT, NEW YORK Free format text: GRANT OF PATENT SECURITY INTEREST FIRST LIEN;ASSIGNOR:NOVELL, INC.;REEL/FRAME:028252/0216 Effective date: 20120522 |
|
AS | Assignment |
Owner name: NOVELL, INC., UTAH Free format text: RELEASE OF SECURITY INTEREST RECORDED AT REEL/FRAME 028252/0316;ASSIGNOR:CREDIT SUISSE AG;REEL/FRAME:034469/0057 Effective date: 20141120 Owner name: NOVELL, INC., UTAH Free format text: RELEASE OF SECURITY INTEREST RECORDED AT REEL/FRAME 028252/0216;ASSIGNOR:CREDIT SUISSE AG;REEL/FRAME:034470/0680 Effective date: 20141120 |
|
AS | Assignment |
Owner name: BANK OF AMERICA, N.A., CALIFORNIA Free format text: SECURITY INTEREST;ASSIGNORS:MICRO FOCUS (US), INC.;BORLAND SOFTWARE CORPORATION;ATTACHMATE CORPORATION;AND OTHERS;REEL/FRAME:035656/0251 Effective date: 20141120 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |
|
AS | Assignment |
Owner name: MICRO FOCUS SOFTWARE INC., DELAWARE Free format text: CHANGE OF NAME;ASSIGNOR:NOVELL, INC.;REEL/FRAME:040020/0703 Effective date: 20160718 |
|
AS | Assignment |
Owner name: JPMORGAN CHASE BANK, N.A., AS SUCCESSOR AGENT, NEW Free format text: NOTICE OF SUCCESSION OF AGENCY;ASSIGNOR:BANK OF AMERICA, N.A., AS PRIOR AGENT;REEL/FRAME:042388/0386 Effective date: 20170501 |
|
AS | Assignment |
Owner name: JPMORGAN CHASE BANK, N.A., AS SUCCESSOR AGENT, NEW Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE TO CORRECT TYPO IN APPLICATION NUMBER 10708121 WHICH SHOULD BE 10708021 PREVIOUSLY RECORDED ON REEL 042388 FRAME 0386. ASSIGNOR(S) HEREBY CONFIRMS THE NOTICE OF SUCCESSION OF AGENCY;ASSIGNOR:BANK OF AMERICA, N.A., AS PRIOR AGENT;REEL/FRAME:048793/0832 Effective date: 20170501 |
|
AS | Assignment |
Owner name: MICRO FOCUS SOFTWARE INC. (F/K/A NOVELL, INC.), WASHINGTON Free format text: RELEASE OF SECURITY INTEREST REEL/FRAME 035656/0251;ASSIGNOR:JPMORGAN CHASE BANK, N.A.;REEL/FRAME:062623/0009 Effective date: 20230131 Owner name: MICRO FOCUS (US), INC., MARYLAND Free format text: RELEASE OF SECURITY INTEREST REEL/FRAME 035656/0251;ASSIGNOR:JPMORGAN CHASE BANK, N.A.;REEL/FRAME:062623/0009 Effective date: 20230131 Owner name: NETIQ CORPORATION, WASHINGTON Free format text: RELEASE OF SECURITY INTEREST REEL/FRAME 035656/0251;ASSIGNOR:JPMORGAN CHASE BANK, N.A.;REEL/FRAME:062623/0009 Effective date: 20230131 Owner name: ATTACHMATE CORPORATION, WASHINGTON Free format text: RELEASE OF SECURITY INTEREST REEL/FRAME 035656/0251;ASSIGNOR:JPMORGAN CHASE BANK, N.A.;REEL/FRAME:062623/0009 Effective date: 20230131 Owner name: BORLAND SOFTWARE CORPORATION, MARYLAND Free format text: RELEASE OF SECURITY INTEREST REEL/FRAME 035656/0251;ASSIGNOR:JPMORGAN CHASE BANK, N.A.;REEL/FRAME:062623/0009 Effective date: 20230131 |