Patent application number | Description | Published |
20090199288 | DISTRIBUTED AUTHENTICATION IN A PROTOCOL-BASED SPHERE OF TRUST IN WHICH A GIVEN EXTERNAL CONNECTION OUTSIDE THE SPHERE OF TRUST MAY CARRY COMMUNICATIONS FROM MULTIPLE SOURCES - A distributed authentication model that operates within a protocol-based sphere of trust. Rather than being able to communicate with any one of the computing systems internal to the sphere of trust, the amount of authentication is reduced by having the external computing systems initially communicate with a specific edge internal computing system. Many if not all of the internal computing systems then delegate the task of authentication to the edge computing system, and will rely on any authentication performed by the edge computing system. This allows the task of authentication to scale well for large protocol-based spheres of trust. | 08-06-2009 |
20090282149 | METHOD AND SYSTEM FOR DISTRIBUTING LOAD BY REDIRECTING TRAFFIC - Disclosed is a system for servers to redirect client requests to other servers in order to distribute client traffic among the servers. A client is assigned to a server although the client may be unaware of that assignment. When the client accesses a server, a server possibly identified to the client by a name service, the server checks the client's assignment. If the client is not assigned to this server, then in some scenarios this server redirects the client to its assigned server. The client responds by sending its request to the assigned server. In other scenarios, the first server accessed by the client proxies the client's traffic to the assigned server. A database is kept of client-to-server assignments. If the present load distribution is less than ideal (e.g., clients are assigned to an unavailable server), then the assignment database is updated to reflect how the load should be distributed. | 11-12-2009 |
20090300158 | METHOD AND SYSTEM FOR SUPPORTING THE COMMUNICATION OF PRESENCE INFORMATION AMONG COMPUTING DEVICES OF A NETWORK - A method and system for aggregating presence information generated by multiple devices associated with a single user is presented. A server acting as a presence agent on behalf of a first user and the first user's computing device receives and responds to a subscription request generated by a computing device operated by a second user that wishes to be permitted as a watcher of the first user. If the server is not capable of acting as a presence agent, then the first user's computing device assumes the role of a presence agent. | 12-03-2009 |
20100229218 | QUOTA MANAGEMENT FOR NETWORK SERVICES - A system and method for managing requests for system resources from a plurality of users. Usage data is maintained for each user with respect to a user quota and a system quota. Aggregate system usage data is also maintained. A user request is checked for compliance with a user quota. The request is checked for compliance with a system quota. If either quota is not complied with, a hint that indicates when to send a next request is determined and sent to the user. Compliance with the system quota may include use of a reservation system, in which the allowance of a request may be based on a user's system usage data, so that a user with lower usage is more likely to have a request accepted when the system is loaded. | 09-09-2010 |
20100281173 | DELEGATED ADMINISTRATION FOR REMOTE MANAGEMENT - A remote administration system is described herein that provides varying permissions to invoke administrative commands to multiple users. An application host provisions users of different organizations and defines one or more commands that the users can invoke remotely. The system associates the commands with users and/or groups to specify the users and/or groups that are authorized to execute the commands. When the remote administration system receives a remote request to perform a command, the system determines a user associated with the command and whether the user is authorized to execute the command. The system also creates an execution context for each connected user that defines the roles and access privileges associated with the user and that isolates the user from other users. Thus, the remote administration system provides remote administration of hosted applications in a way that is easy for administrators of the hosted service to manage. | 11-04-2010 |
20120084406 | Logical Networks - An invention is provided for creating logical network abstractions of physical networks, and deploying computer services to physical networks based on a specified logical network. In an embodiment, a physical network is divided into one or more logical networks. Upon receiving an indication to deploy a computer service to a logical network, a mapping from that logical network to a sub-network of the physical network is determined, the service is configured to execute on the sub-network of the physical network, and an indication of this configuration of the service is stored. | 04-05-2012 |
20120257820 | IMAGE ANALYSIS TOOLS - A master image can be generated based upon evaluation of virtual machine images. The master image includes single instances of data segments that are shared across virtual machine images within a virtual machine environment. The master image can be further be constructed as a function of a peer pressure technique that includes data segments common to a majority of the virtual machine images within the master image. The data segments included within the master image can further be defined by prioritizing data within virtual machine images as well as identifying influential data with a peer pressure technique. | 10-11-2012 |
20130103809 | Logical Networks - An invention is provided for creating logical network abstractions of physical networks, and deploying computer services to physical networks based on a specified logical network. In an embodiment, a physical network is divided into one or more logical networks. Upon receiving an indication to deploy a computer service to a logical network, a mapping from that logical network to a sub-network of the physical network is determined, the service is configured to execute on the sub-network of the physical network, and an indication of this configuration of the service is stored. | 04-25-2013 |