-
公开(公告)号:USRE44686E1
公开(公告)日:2013-12-31
申请号:US13236527
申请日:2011-09-19
申请人: Srinivasan Keshav , Rosen Sharma , Shaw Chuang
发明人: Srinivasan Keshav , Rosen Sharma , Shaw Chuang
IPC分类号: G06F15/173 , G06F11/00 , G06F9/46
CPC分类号: G06F9/505 , G06F9/5077
摘要: A system and a method dynamically adjusts the quality of service guarantees for virtual servers based upon the resource demands experienced by the virtual servers. Virtual server resource denials are monitored to determine if a virtual server is overloaded based upon the resource denials. Virtual server resources are modified dynamically to respond to the changing resource requirements of each virtual server. Occasionally, a physical host housing a virtual server may not have additional resources to allocate to a virtual server requiring increased resources. In this instance, a virtual server hosted by the overloaded physical host is transferred to another physical host with sufficient resources.
摘要翻译: 系统和方法根据虚拟服务器所需的资源需求动态调整虚拟服务器的服务质量保证。 监视虚拟服务器资源拒绝,以确定虚拟服务器是否基于资源拒绝重载。 动态修改虚拟服务器资源,以响应每个虚拟服务器不断变化的资源需求。 偶尔,容纳虚拟服务器的物理主机可能没有额外的资源来分配给需要增加资源的虚拟服务器。 在这种情况下,由重载的物理主机托管的虚拟服务器将以足够的资源传输到另一个物理主机。
-
公开(公告)号:US20130247033A1
公开(公告)日:2013-09-19
申请号:US12636414
申请日:2009-12-11
IPC分类号: G06F9/455
摘要: A method in one example implementation includes receiving a plurality of command messages through a control channel and reconstructing the command messages to determine an intended command for one or more virtual machines on a server device. The command messages include one or more criteria and the intended command corresponds to an operation defined in a policy database. The method also includes determining whether the corresponding operation is permitted by comparing one or more policies associated with the operation to the one or more criteria. The method further includes sending the command messages to the server device if the operation is permitted. In more specific embodiments, the operation may include one of creating, cloning, deleting, starting, stopping, and modifying the one or more virtual machines.
摘要翻译: 一个示例实现中的方法包括通过控制信道接收多个命令消息,并且重建命令消息以确定针对服务器设备上的一个或多个虚拟机的预期命令。 命令消息包括一个或多个标准,并且预期命令对应于在策略数据库中定义的操作。 该方法还包括通过将与操作相关联的一个或多个策略与一个或多个标准进行比较来确定是否允许相应的操作。 该方法还包括如果允许操作则将命令消息发送到服务器设备。 在更具体的实施例中,操作可以包括创建,克隆,删除,启动,停止和修改一个或多个虚拟机之一。
-
公开(公告)号:US20110077948A1
公开(公告)日:2011-03-31
申请号:US12946081
申请日:2010-11-15
申请人: Rosen Sharma , Bakul Shah , E. John Sebes
发明人: Rosen Sharma , Bakul Shah , E. John Sebes
IPC分类号: G10L21/00
CPC分类号: G06F8/30 , G06F8/20 , G06F8/40 , G06F9/46 , G06F9/541 , G06F21/00 , G06F21/12 , G06F21/121 , G06F21/54 , G06F21/554 , G06F21/564 , G06F2209/542 , G06F2221/2105 , H04N21/8133
摘要: Client software is modified by a translator to use unique variant of linguistic interface of a service. An interceptor pre-processes subsequent client service requests from translated unique linguistic interface to standard linguistic interface implemented by service. Usage of linguistic interfaces of service is contained, rendering service incapable of executing arbitrary input, even if such input is crafted specifically for the service interface.
摘要翻译: 客户端软件被翻译者修改为使用服务的语言界面的独特变体。 拦截器预处理从翻译的独特语言界面到由服务实现的标准语言界面的后续客户端服务请求。 包含服务语言接口的使用,使服务不能执行任意输入,即使这样的输入是专门针对服务接口制定的。
-
公开(公告)号:USRE42214E1
公开(公告)日:2011-03-08
申请号:US11956246
申请日:2007-12-13
申请人: Pawan Goyal , Xun Wilson Huang , Srinivasan Keshav , Rosen Sharma
发明人: Pawan Goyal , Xun Wilson Huang , Srinivasan Keshav , Rosen Sharma
IPC分类号: G06F9/455 , G06F9/46 , G06F15/16 , G06F15/173
CPC分类号: G06F9/54 , G06F9/5055 , G06F2209/5011 , G06F2209/504 , G06F2209/542 , H04L29/12056 , H04L61/1505 , H04L67/322 , Y02D10/22
摘要: A method facilitates providing appropriate quality of service guarantees to a plurality of virtual hosts on a single physical host computer. A server application program and its child processes service communication requests made to the plurality of virtual hosts. Quality of service parameters associated with the virtual hosts are stored. Communication requests made to a specific one of the virtual hosts are detected. The quality of service parameters associated with the specific virtual host are obtained. Operating system resources are utilized to guarantee, to a child process of the server application program, a quality of service according to the obtained quality of service parameters associated with the virtual host. Communication between the virtual host and the client is allowed to proceed, the communication being managed by the child process.
摘要翻译: 一种方法有助于为单个物理主机上的多个虚拟主机提供合适的服务质量保证。 服务器应用程序及其子进程对多个虚拟主机进行服务通信请求。 存储与虚拟主机相关联的服务质量参数。 检测到对特定虚拟主机的通信请求。 获得与特定虚拟主机相关联的服务质量参数。 使用操作系统资源来根据获得的与虚拟主机相关联的服务质量参数来保证对服务器应用程序的子进程的服务质量。 允许虚拟主机和客户端之间的通信进行,该通信由子进程管理。
-
公开(公告)号:US20100293225A1
公开(公告)日:2010-11-18
申请号:US12839856
申请日:2010-07-20
申请人: E. John Sebes , Bakul Shah , Rosen Sharma
发明人: E. John Sebes , Bakul Shah , Rosen Sharma
IPC分类号: G06F15/16 , G06F15/177
CPC分类号: H04L63/10
摘要: Invention selectively enables usage of services and communication conduits in a computer network, wherein the enablement is contingent on usage conditions, resulting in containment of the spread of unauthorized activity within a networked computer system and limiting the scope of results when an element becomes part of a hostile execution environment. Instead of protecting individual networked elements from a potentially hostile execution environment, the elements' usage of the networked environment is restricted to the extent of selectively allowing usage of needed resources explicitly authorized for use by such elements.
摘要翻译: 发明选择性地使得能够在计算机网络中使用服务和通信管道,其中所述启用取决于使用条件,导致在联网的计算机系统内容纳未经授权的活动的扩展,并且当元素成为一部分时,限制结果的范围 敌对执行环境。 代替保护单个网络元素免受潜在的恶意执行环境的影响,元素对网络环境的使用被限制在选择性地允许使用显式授权使用这些元素的所需资源的范围。
-
公开(公告)号:US08549546B2
公开(公告)日:2013-10-01
申请号:US12946081
申请日:2010-11-15
申请人: Rosen Sharma , Bakul Shah , E. John Sebes
发明人: Rosen Sharma , Bakul Shah , E. John Sebes
IPC分类号: G06F21/00
CPC分类号: G06F8/30 , G06F8/20 , G06F8/40 , G06F9/46 , G06F9/541 , G06F21/00 , G06F21/12 , G06F21/121 , G06F21/54 , G06F21/554 , G06F21/564 , G06F2209/542 , G06F2221/2105 , H04N21/8133
摘要: Client software is modified by a translator to use unique variant of linguistic interface of a service. An interceptor pre-processes subsequent client service requests from translated unique linguistic interface to standard linguistic interface implemented by service. Usage of linguistic interfaces of service is contained, rendering service incapable of executing arbitrary input, even if such input is crafted specifically for the service interface.
摘要翻译: 客户端软件被翻译者修改为使用服务的语言界面的独特变体。 拦截器预处理从翻译的独特语言界面到由服务实现的标准语言界面的后续客户端服务请求。 包含服务语言接口的使用,使服务不能执行任意输入,即使这样的输入是专门针对服务接口制定的。
-
7.发明授权Method and system for containment of networked application client software by explicit human input 有权通过明确的人类输入来遏制网络应用客户端软件的方法和系统公开(公告)号:US08539063B1
公开(公告)日:2013-09-17
申请号:US10651591
申请日:2003-08-29
申请人: Rosen Sharma , Bakul Shah , E. John Sebes
发明人: Rosen Sharma , Bakul Shah , E. John Sebes
IPC分类号: G06F15/16
CPC分类号: H04L65/403 , H04L67/22 , H04L67/2833
摘要: Method and system for containing networked application client software in order to perform specified transactions only given explicit consent of a legitimate user. In one embodiment, a confirmation interceptor intercepts a service request message, queries the user of the request for a confirmation, and then either passes the service request message onto server application software or drops the request, depending on the user's confirmation response. In soliciting and processing the confirmation response, query is formulated so that the required response cannot be automatically generated by software that attempts to automate and simulate the user's actions.
摘要翻译: 包含联网应用程序客户端软件的方法和系统,只有在合法用户明确同意的情况下执行指定的事务。 在一个实施例中,确认拦截器拦截服务请求消息,向用户询问请求进行确认,然后根据用户的确认响应将服务请求消息传递到服务器应用软件或丢弃请求。 在请求和处理确认响应时,会制定查询,以便不能由尝试自动化和模拟用户操作的软件自动生成所需的响应。
-
公开(公告)号:US08195931B1
公开(公告)日:2012-06-05
申请号:US12290380
申请日:2008-10-29
申请人: Rosen Sharma , Rishi Bhargava , Chiradeep Vittal , Shyam Eranky
发明人: Rosen Sharma , Rishi Bhargava , Chiradeep Vittal , Shyam Eranky
IPC分类号: G06F9/00
CPC分类号: G06Q30/02
摘要: A change management system for and method of change management control, monitoring, and analysis is disclosed. A change management system comprises a means for generating configuration item change information, and a means for processing configuration item change information for logical system groups according to an information structure. The information structure for the logical groups is comprised at least one of change rule information for the configuration items, interrelationship information between the configuration items and the system components, interrelationship information between system components. The method can be used as a monitoring tool for determining the effect of configuration changes. The configuration item change information is analyzed according to an information structure which comprises at least one of information structure that defines one or more configuration item change rules, interrelationship information between the at least one configuration item and one or more system components, and interrelationship information between one or more system components.
摘要翻译: 披露了变更管理系统和变更管理控制,监控和分析方法。 变更管理系统包括用于生成配置项目更改信息的装置,以及用于根据信息结构处理逻辑系统组的配置项目改变信息的装置。 逻辑组的信息结构包括用于配置项的改变规则信息,配置项和系统组件之间的相互关系信息,系统组件之间的相互关系信息中的至少一个。 该方法可用作确定配置更改影响的监视工具。 根据包括定义一个或多个配置项目改变规则的信息结构,至少一个配置项目和一个或多个系统组件之间的相互关系信息以及一个或多个系统组件之间的相互关系信息中的至少一个的信息结构来分析配置项目更改信息,以及 一个或多个系统组件。
-
公开(公告)号:US07464408B1
公开(公告)日:2008-12-09
申请号:US10651588
申请日:2003-08-29
申请人: Bakul Shah , Rosen Sharma , Peter Haight
发明人: Bakul Shah , Rosen Sharma , Peter Haight
IPC分类号: G06F21/00
CPC分类号: G06F21/56 , G06F21/52 , G06F2221/2123
摘要: Interface elements of a logic module are translated by renaming, adding dummy elements, and/or associating traps with dummy elements. Trusted parties are made aware of renamed interface elements and thereby allowed to properly communicate with logic module. Untrusted parties are kept unaware of the interface translation, with attempts to guess correct interface elements likely to fail, instead resulting in communication attempts with dummy elements and subsequent trapping of the untrusted parties.
摘要翻译: 通过重命名,添加虚拟元素和/或将陷阱与虚拟元素相关联来翻译逻辑模块的接口元素。 信任方知道重命名的接口元素,从而允许与逻辑模块正确通信。 不信任方不会意识到接口转换,试图猜测正确的接口元素可能会失败,而是导致与虚拟元素的通信尝试以及随后陷入不信任方。
-
公开(公告)号:US06754716B1
公开(公告)日:2004-06-22
申请号:US09502155
申请日:2000-02-11
申请人: Rosen Sharma , Srinivasan Keshav
发明人: Rosen Sharma , Srinivasan Keshav
IPC分类号: G06F1300
CPC分类号: H04L63/101 , H04L29/12009 , H04L29/12018 , H04L61/10
摘要: Communications between network devices on a logical subnet are restricted between devices authorized to communicate with each other, even though other network devices may be present on the subnet. When a network device receives a request to provide it L2 address to a requesting network device, it responds with its L2 address only if the requesting device is authorized to request L2 address. Optionally, a network device only transmits requests for the L2 addresses of other devices if it authorized to do so. The information describing authorized devices maybe store as list of L2 and L3 addresses, which list may be loaded by each network device when starting up. Preferably, authorized devices include routers on the device's logical subnet, to allow the routers to communicate with, and route packets to, the network devices.
摘要翻译: 即使其他网络设备可能存在于子网上,逻辑子网上的网络设备之间的通信也被限制在被授权相互通信的设备之间。 当网络设备接收到向请求的网络设备提供L2地址的请求时,仅当请求设备被授权请求L2地址时,它才响应其L2地址。 可选地,如果网络设备授权这样做,则仅传送对其他设备的L2地址的请求。 描述授权设备的信息可以存储为L2和L3地址的列表,该列表可以由启动时的每个网络设备加载。 优选地,授权设备包括设备的逻辑子网上的路由器,以允许路由器与网络设备通信并路由分组。
-
-
-
-
-
-
-
-
-
搜索结果
29 条记录 (耗时 0.019 秒)
