Patent application number | Description | Published |
20080209016 | METHOD AND APPARATUS FOR POLICY-BASED PROVISIONING IN A VIRTUALIZED SERVICE DELIVERY ENVIRONMENT - In a distributed computing network having computers interconnected with each other, a method and apparatus of providing policy based provisioning of middleware components to provide a solution for a service. With this invention, the middleware components that are necessary to provide the solution are determined. Then, the configurations of the computers are determined so as to satisfy a selected configuration policy for a selected solution. Finally, the necessary middleware components are installed on the configured computers so that the solution can be provided. Some of the selected configuration policies are: maximization of server utilization policy, provisioning of software components requiring external access based on availability of external resources, and minimization of total time to install said determined components. The progress of installation of the middleware components can also be monitored to make any necessary adjustments in the configuration of the virtual machines so that the selected configuration policy can be satisfied. | 08-28-2008 |
20080209397 | METHOD AND APPARATUS FOR ON-DEMAND COMPOSITION AND TEARDOWN OF SERVICE INFRASTRUCTURE - A computer implemented method, apparatus, and computer usable program code for creating a composite service. Dependencies are identified utilizing a set of active objects used to manage services to form identified dependencies in response to receiving a request for the composite service. The identified dependencies specify requirements of the composite service. The composite service has multiple components. Components are identified for the composite service using the identified dependencies to form identified components. The composite service is created using the identified components. | 08-28-2008 |
20080239985 | METHOD AND APPARATUS FOR A SERVICES MODEL BASED PROVISIONING IN A MULTITENANT ENVIRONMENT - A method, system and computer usable program code is disclosed for mapping a logical topology to information technology (IT) resources. The method comprises the steps of generating a logical topology of resources for a solution to a given request for resources, extracting information about shared rules and constraints on IT resources specific to a plurality of customers, and generating multiple mappings from the logical topology to the IT resources that satisfy said shared rules and constraints. | 10-02-2008 |
20080263535 | METHOD AND APPARATUS FOR DYNAMIC APPLICATION UPGRADE IN CLUSTER AND GRID SYSTEMS FOR SUPPORTING SERVICE LEVEL AGREEMENTS - Methods and systems are provided for conducting maintenance such as software upgrades in components and nodes within a computer network while maintaining the functionality of the computer network in accordance with prescribed performance parameters. A balance is achieved between the rate of performing a desired system upgrade and the necessary performance parameters by empirically determining anticipated system loads and selecting the maximum number of components that can be upgraded simultaneously while meeting the anticipated loads. Provisions are made for the staggering of components through the upgrade process and for the return of components to active service in the computer network in response to unanticipated load spikes. Validation of successful upgrades is also provided. | 10-23-2008 |
20080275935 | METHOD AND APPARATUS FOR MIDDLEWARE ASSISTED SYSTEM INTEGRATION IN A FEDERATED ENVIRONMENT - A computer implemented method, data processing system, and computer usable program code are provided for instantiating a service on a network. A service infrastructure manager determines whether a service is available at a requested quality of service in response to receiving a request for the service that specifies the quality of service. The service infrastructure manager performs an analysis of components associated with the service to identify resources needed to create the service in response to the service being unavailable at the requested quality of service. Based on the analysis, the service infrastructure manager allocates resources to support the service and instantiates the service at the requested quality of service after the resources have been allocated. | 11-06-2008 |
20080294777 | METHOD AND APPARATUS FOR TEMPLATE-BASED PROVISIONING IN A SERVICE DELIVERY ENVIRONMENT - A method for automated provisioning of computing resources in a distributed computing network includes obtaining a data structure representing a resource dependency characterization of an application to be implemented over the distributed computing network, wherein the data structure indicates a set of resources to be deployed, obtaining a template that represents a predefined network topology for supporting deployment of the set of resources, mapping the set of resources represented in the data structure to the template so as to satisfy a set of component requirements to generate a deployment map, and provisioning the set of resources on a plurality of computers based on the deployment map to implement the application over the distributed computing network. | 11-27-2008 |
20090271607 | Method and Apparatus for Dynamic Provisioning in Data Processing Environment - Techniques are disclosed for the dynamic introduction of new components to be used during provisioning of solutions in data processing system environments such as service delivery environments. For example, in a provisioning system that manages provisioning of components in a data processing system, an automated method of dynamically provisioning one or more new components in the data processing system comprises the provisioning system performing the following steps. The provisioning system accepts a registration of a new component during a runtime period of the data processing system, wherein the new component has not been previously registered in the data processing system prior to the runtime period, and further wherein the registration comprises obtaining information relating to at least one of one or more prerequisites and a configuration associated with the new component. The provisioning system causes a modification to the data processing system by enabling use of the registered new component therein. | 10-29-2009 |
20090300184 | Method and Apparatus for Template-Based Provisioning in a Service Delivery Environment - A method for automated provisioning of computing resources in a distributed computing network includes obtaining a data structure representing a resource dependency characterization of an application to be implemented over the distributed computing network, wherein the data structure indicates a set of resources to be deployed, obtaining a template that represents a predefined network topology for supporting deployment of the set of resources, mapping the set of resources represented in the data structure to the template so as to satisfy a set of component requirements to generate a deployment map, and provisioning the set of resources on a plurality of computers based on the deployment map to implement the application over the distributed computing network. | 12-03-2009 |
20100011102 | METHOD FOR PLACING COMPOSITE APPLICATIONS IN A FEDERATED ENVIRONMENT - Techniques for placing at least one composite application in a federated environment are provided. The techniques include analyzing a composite application to be deployed in a federated environment, obtaining one or more application artifacts, analyzing feasibility of placing one or more application components at one or more clusters in the federated environment without knowledge of resource availability at each of the one or more clusters, and generating a mapping of the one or more application components to the one or more clusters such that an application requirement is met, wherein the one or more application artifacts are distributed across a federated environment. | 01-14-2010 |
20100050179 | LAYERED CAPACITY DRIVEN PROVISIONING IN DISTRIBUTED ENVIRONMENTS - Techniques are disclosed for providing mapping of application components to a set of resources in a distributed environment using capacity driven provisioning using a layered approach. By way of example, a method for allocating resources to an application comprises the following steps. A first data structure is obtained representing a post order traversal of a dependency graph for the application and associated containers with capacity requirements. A second data structure is obtained representing a set of resources, and associated with each resource is a tuple representing available capacity. A mapping of the dependency graph data structure to the resource set is generated based on the available capacity such that resources of the set of resources are allocated to the application. | 02-25-2010 |
20100058334 | METHOD AND SYSTEM FOR POLICY BASED LIFECYCLE MANAGEMENT OF VIRTUAL SOFTWARE APPLIANCES - A system and method for managing dynamically allocated resources assigned to a service includes providing a service to be used by a plurality of sites in a federation. Usage information associated with the service is communicated to each of the plurality of sites. A disposition of the service is determined based on local policies and the usage information received from other sites by a service owner. The disposition of the service is updated across a plurality of sites in accordance with messages sent by the service owner to reduce resource usage. | 03-04-2010 |
20100077449 | Calculating multi-tenancy resource requirements and automated tenant dynamic placement in a multi-tenant shared environment - A method for assigning tenants of users to offering instances of an application or middleware includes representing a set of offerings as respective offering instances of the application or middleware available from a server, determining server resource capacity of the server, representing constraints associated with the tenants and the offering instances, generating a mapping of the tenants to the offering instances based on the server resource capacity and constraints, and assigning a tenant to an offering instance according to the mapping, wherein the offering instance is made accessible to the users of the assigned tenant. | 03-25-2010 |
20110072255 | PROVISIONING OF OPERATING ENVIRONMENTS ON A SERVER IN A NETWORKED ENVIRONMENT - The illustrative embodiments disclose a computer implemented method, apparatus, and computer program product for provisioning a server on a network. In one embodiment, the process sends a server identifier to a management server in response to receiving a boot command. The management server uses the server identifier for identifying a designated operating environment for the server to form a designated operating environment identifier. The process then receives, from the management server, the designated operating environment identifier and a first bootstrap code. The process uses the first bootstrap code to extract information for identifying a local operating environment on the server. Thereafter, the process compares the local operating environment to the designated operating environment and initiates a final boot sequence of the server based on the comparison of the local operating environment and the designated operating environment. | 03-24-2011 |
20120215923 | METHOD AND SYSTEM FOR POLICY BASED LIFECYCLE MANAGEMENT OF VIRTUAL SOFTWARE APPLIANCES - A system and method for managing dynamically allocated resources assigned to a service includes providing a service to be used by a plurality of sites in a federation. Usage information associated with the service is communicated to each of the plurality of sites. A disposition of the service is determined based on local policies and the usage information received from other sites by a service owner. The disposition of the service is updated across a plurality of sites in accordance with messages sent by the service owner to reduce resource usage. | 08-23-2012 |
20120221842 | PROVISIONING OF OPERATING ENVIRONMENTS ON A SERVER IN A NETWORKED ENVIRONMENT - A computer deploys an operating environment onto a provisionable server. The computer assigns an operating environment from an operating environment configuration management database to the provisionable server in response to detecting a provisioning event. The computer stores a record of the assignment in a deployment configuration management database and updates a management server with a designated operating environment identifier of the assignment. | 08-30-2012 |
20130060606 | EFFICIENT CONTRACTING WITH ASYMMETRIC INFORMATION - Techniques include accessing predetermined utility of customers based on customer types and qualities. The qualities are based at least on previously identified non-functional characteristics of services that influence decisions of the customers in buying the services from a service provider. Based at least on the accessed predetermining utility, quality-price pairs are determined to create a predetermined amount of profit for the service provider assuming the service provider offers the services to a customer having the customer type at a level of quality corresponding to an associated one of the qualities in a pair and for the corresponding price in the pair. Each quality in the pairs corresponds to one of the customer types. Determining the price-quality pairs further includes mapping one or more of the service-related characteristics to one or more information technology resources in response to the service-related characteristic being dependent on one or more other service-related characteristics. | 03-07-2013 |
20130191186 | SYSTEM, METHOD AND COMPUTER PROGRAM FOR CAPTURING RELATIONSHIPS BETWEEN BUSINESS OUTCOMES, PERSONS AND TECHNICAL ASSETS - A method includes building a library of service value maps (SVMs) each including a multi-layered hierarchical arrangement of elements with causal links between at least some elements of a particular layer and at least some elements of next higher layer. Each SVM includes at a topmost layer at least one desired outcome for an entity associated with the SVM, at a next lower layer capabilities that support the at least one desired outcome and, for each identified capability, at a next lower layer organization solution assets that support the capabilities. The identified solution assets and components are mapped to infrastructure elements in a lower-most layer. The method further includes assigning weights to the links between elements of a particular layer and elements of a next higher layer, where each weight has a value to indicate a contribution of an associated element to a linked-to element in the next higher layer. | 07-25-2013 |
20130191187 | SYSTEM, METHOD AND COMPUTER PROGRAM FOR IDENTIFYING VALUE AGGREGATION POINTS FROM A SET OF SERVICE VALUE MAPS - A method provides a set of service value maps (SVMs) each having a plurality of nodes and linkages between nodes; forming a network model based on the set of SVMs and analyzing the network model to compute aggregate values for the nodes to enable an identification of a node that matches at least one criterion. Analyzing can include using a degree centrality process where a value for each node is defined as a number of outgoing edges from the node, or an eigenvalue centrality process where a value of a node is proportional to a value of those nodes that the node is connected to. Each SVM can be represented as a directed acyclic graph (DAG) where each edge between nodes is an edge in the DAG. The at least one criterion can include a highest valued node identifying a value aggregation point (VAP) of the set of SVMs. | 07-25-2013 |
20130232484 | POLICY-BASED APPROACH TO PROVISION AND TRANSFORM OF VIRTUAL APPLIANCES - A method for customizing virtual machines includes retrieving a virtual machine image file from a library of virtual machine image files. A target virtual machine image file is created by making a copy of the retrieved virtual machine image file. A file size of the target virtual machine image file is increased. A partition size of a primary partition of the target virtual machine image file is increases. The target virtual machine image file is booted after the partition size of the primary partition thereof has been increased. | 09-05-2013 |
20140082613 | PROVISIONING A VIRTUAL MACHINE FROM ONE OR MORE VM IMAGES - An embodiment of the invention directed to a method for provisioning a specified virtual machine from one or more selected images, sent over the network, includes the step of decomposing each of the selected VM images to provide a group of components, each component having specified information associated with it. The method further includes using a predetermined selection criterion to select components from the group for assembly into a specified VM image, and using the selected components of the specified VM image to provision the specified virtual machine at one or more locations. | 03-20-2014 |
20140082615 | PROVISIONING A VIRTUAL MACHINE FROM ONE OR MORE VM IMAGES - An embodiment of the invention directed to a method for provisioning a specified virtual machine from one or more selected images, sent over the network, includes the step of decomposing each of the selected VM images to provide a group of components, each component having specified information associated with it. The method further includes using a predetermined selection criterion to select components from the group for assembly into a specified VM image, and using the selected components of the specified VM image to provision the specified virtual machine at one or more locations. | 03-20-2014 |
20140096133 | METHOD AND APPARATUS FOR AUTHENTICATED DISTRIBUTION OF VIRTUAL MACHINE IMAGES - A computer implemented method, a computer program product, and a computer distribute a virtual machine image. A request for a virtual machine image is received. Responsive to receiving the request or the virtual machine image, the authenticity of a virtual machine image catalog associated with the virtual machine image is identified. Responsive to identifying that the virtual machine image catalog is authentic, a first digital signature to be sent with the virtual machine image is determined. Responsive to determining the signature, the virtual machine image and the signature is sent. | 04-03-2014 |
20140096135 | METHOD FOR AUTHENTICATED DISTRIBUTION OF VIRTUAL MACHINE IMAGES - A computer implemented method distributes a virtual machine image. A request for a virtual machine image is received. Responsive to receiving the request or the virtual machine image, the authenticity of a virtual machine image catalog associated with the virtual machine image is identified. Responsive to identifying that the virtual machine image catalog is authentic, a first digital signature to be sent with the virtual machine image is determined. Responsive to determining the signature, the virtual machine image and the signature is sent. | 04-03-2014 |
20140101714 | PRIVACY AWARE AUTHENTICATED MAP-REDUCE - A computer-implemented process for privacy aware authenticated map-reduce processing receives data for a MapReduce operation to form received data, identifies a control point in a set of control points of the MapReduce operation to form an identified control point and identifies an applicable set of policies for the identified control point to form a selected set of policies. The selected set of policies is applied at the identified control point and responsive to a determination that application of the selected set of policies at the identified control point returned a positive result, the computer-implemented process continues operation to a next stage in the MapReduce operation. | 04-10-2014 |
20140101715 | PRIVACY AWARE AUTHENTICATED MAP-REDUCE - A computer-implemented process for privacy aware authenticated map-reduce processing receives data for a MapReduce operation to form received data, identifies a control point in a set of control points of the MapReduce operation to form an identified control point and identifies an applicable set of policies for the identified control point to form a selected set of policies. The selected set of policies is applied at the identified control point and responsive to a determination that application of the selected set of policies at the identified control point returned a positive result, the computer-implemented process continues operation to a next stage in the MapReduce operation. | 04-10-2014 |
20140136689 | SECURE METERING AND ACCOUNTING FOR CLOUD SERVICES - A method, apparatus, and computer program product for managing a service is disclosed. A computer system collects information about the use of a set of resources by the service. Responsive to receiving a request to verify information about the use of the set of resources by the service, the computer system generates a description of the use of the set of resources by the service using the information collected. The computer system then creates a response to the request using the generated description of the use of the set of resources by the service as proof of the validity of the information. | 05-15-2014 |
20140136707 | SECURE METERING AND ACCOUNTING FOR CLOUD SERVICES - A method, apparatus, and computer program product for managing a service is disclosed. A computer system collects information about the use of a set of resources by the service. Responsive to receiving a request to verify information about the use of the set of resources by the service, the computer system generates a description of the use of the set of resources by the service using the information collected. The computer system then creates a response to the request using the generated description of the use of the set of resources by the service as proof of the validity of the information. | 05-15-2014 |
20140172491 | ON-DEMAND CLOUD SERVICE MANAGEMENT - A plurality of traditional software applications are packaged as custom composite solutions, and are stored as custom composite solution deployable images. Customer input is obtained from a customer. At least one of the custom composite solution deployable images is deployed into a management cloud in response to the customer input. | 06-19-2014 |
20140181058 | APPARATUS FOR AUTHENTICATION OF SOLUTION TOPOLOGY - A computer implemented method is provided to verify an integrity of a solution. The computer implemented method comprises hashing, by a computer, a set of virtual machine instances in a solution topology of the solution. The computer hashes a set of connections in the solution topology. The set of connections comprising a connection between ones of the set of virtual machine instances, a connection between a first component of a first one of the set of virtual machine instances and a second component of a second one of the set of virtual machine instances, and combinations thereof. The computer hashes a set of solution-specific information, and then signs the hashes to create a first signed topology. | 06-26-2014 |
20140181980 | SYSTEM AND METHOD FOR PROTECTION FROM BUFFER OVERFLOW VULNERABILITY DUE TO PLACEMENT NEW CONSTRUCTS IN C++ - Systems and methods for protection from buffer overflow vulnerability due to placement new constructs in C++ are provided. A system for protecting from buffer overflow vulnerability due to placement new constructs, comprises a compiler which is capable of receiving a program including a placement new instruction, and runtime which is capable of receiving binary code from the compiler and determining whether the program includes the placement new instruction and whether the placement new instruction would lead to buffer overflow, wherein the runtime is linked to a library including methods for preventing the buffer overflow, and selects a method for preventing the buffer overflow if the runtime determines that the placement new instruction would lead to the buffer overflow. | 06-26-2014 |
20140181981 | SYSTEM AND METHOD FOR PROTECTION FROM BUFFER OVERFLOW VULNERABILITY DUE TO PLACEMENT NEW CONSTRUCTS IN C++ - Systems and methods for protection from buffer overflow vulnerability due to placement new constructs in C++ are provided. A system for protecting from buffer overflow vulnerability due to placement new constructs, comprises a compiler which is capable of receiving a program including a placement new instruction, and runtime which is capable of receiving binary code from the compiler and determining whether the program includes the placement new instruction and whether the placement new instruction would lead to buffer overflow, wherein the runtime is linked to a library including methods for preventing the buffer overflow, and selects a method for preventing the buffer overflow if the runtime determines that the placement new instruction would lead to the buffer overflow. | 06-26-2014 |
20140181984 | METHOD AND APPARATUS FOR AUTHENTICATION OF SOLUTION TOPOLOGY - A computer implemented method is provided to verify an integrity of a solution. The computer implemented method comprises hashing, by a computer, a set of virtual machine instances in a solution topology of the solution. The computer hashes a set of connections in the solution topology. The set of connections comprising a connection between ones of the set of virtual machine instances, a connection between a first component of a first one of the set of virtual machine instances and a second component of a second one of the set of virtual machine instances, and combinations thereof. The computer hashes a set of solution-specific information, and then signs the hashes to create a first signed topology. | 06-26-2014 |
20140207528 | SYSTEM, METHOD AND COMPUTER PROGRAM FOR IDENTIFYING VALUE AGGREGATION POINTS FROM A SET OF SERVICE VALUE MAPS - A data processing system provides a set of service value maps (SVMs) each having a plurality of nodes and linkages between nodes, forms a network model based on the SVMs and analyses the network model to compute aggregate values for the nodes to enable an identification of a node that matches at least one criterion. Analyzing can include using a degree centrality process where a value for each node is defined as a number of outgoing edges from the node, or an eigenvalue centrality process where a value of a node is proportional to a value of those nodes that the node is connected to. Each SVM can be represented as a directed acyclic graph (DAG) where each edge between nodes is an edge in the DAG. The at least one criterion can include a highest valued node identifying a value aggregation point (VAP) of the set of SVMs. | 07-24-2014 |
20140259089 | Security-Aware Admission Control of Requests in a Distributed System - Techniques, systems and articles of manufacture for security-aware admission control of requests in a distributed system. A method includes identifying a request dropped by a first application component in a distributed system, determining one or more actions to take with respect to the dropped request, said determining comprises identifying one or more policies of the first application component responsible for the dropped request and identifying one or more additional application components in the distributed system to be affected based on the identified one or more policies, and executing said one or more actions to control admission of one or more requests associated with the dropped request at the one or more additional application components. | 09-11-2014 |
20140259091 | Security-Aware Admission Control of Requests in a Distributed System - Systems and articles of manufacture for security-aware admission control of requests in a distributed system include identifying a request dropped by a first application component in a distributed system, determining one or more actions to take with respect to the dropped request, said determining comprises identifying one or more policies of the first application component responsible for the dropped request and identifying one or more additional application components in the distributed system to be affected based on the identified one or more policies, and executing said one or more actions to control admission of one or more requests associated with the dropped request at the one or more additional application components. | 09-11-2014 |
20140331089 | ENABLING REMOTE DEBUGGING OF VIRTUAL MACHINES RUNNING IN A CLOUD ENVIRONMENT - Enabling remote debugging of virtual machines, in one aspect, may comprise attaching a debug virtual machine to a target virtual machine deployed in a virtualized environment. Interactions and/or access to the target virtual machine may be performed via the attached debug virtual machine. The debug virtual machine may be created and attached to the target virtual machine in response to receiving a request to debug the target machine, for example, from a remote user of the target virtual machine. | 11-06-2014 |
20140331090 | ENABLING REMOTE DEBUGGING OF VIRTUAL MACHINES RUNNING IN A CLOUD ENVIRONMENT - Enabling remote debugging of virtual machines, in one aspect, may comprise attaching a debug virtual machine to a target virtual machine deployed in a virtualized environment. Interactions and/or access to the target virtual machine may be performed via the attached debug virtual machine. The debug virtual machine may be created and attached to the target virtual machine in response to receiving a request to debug the target machine, for example, from a remote user of the target virtual machine. | 11-06-2014 |