-
公开(公告)号:US08015563B2
公开(公告)日:2011-09-06
申请号:US11404361
申请日:2006-04-14
申请人: Nelson Sampaio Araujo, Jr. , Abhishek Dhasmana , Lloyd Gene Giberson , Angel Monterrubio , John Chad Parry , Eugene Polonsky , Kendra Yourtee , Brian Wahlert
发明人: Nelson Sampaio Araujo, Jr. , Abhishek Dhasmana , Lloyd Gene Giberson , Angel Monterrubio , John Chad Parry , Eugene Polonsky , Kendra Yourtee , Brian Wahlert
IPC分类号: G06F9/455 , G06F15/177
CPC分类号: G06F21/6218 , G06F9/45558 , G06F2009/45562 , G06F2009/45587
摘要: An administrative authority for virtual machines can send one or more delegated policy settings to a virtual machine manager. The virtual machine manager can in turn send management instructions that include the one or more policy settings to one or more virtual machine hosts. As such, a user's request for a virtual machine at a virtual machine host can be granted or denied based on the delegated policy settings. The policy settings can be updated periodically, and can include additional information about starting, stopping, expiring, saving, or even deleting virtual machines by particular users, as well as users accessing from particular locations. In addition, an agent operating at the virtual machine host can monitor and report virtual machine activity, to ensure unauthorized virtual machines are quickly stopped and reviewed until authorized.
摘要翻译: 虚拟机的管理权限可以将一个或多个委派的策略设置发送到虚拟机管理器。 虚拟机管理器可以依次向一个或多个虚拟机主机发送包括一个或多个策略设置的管理指令。 因此,可以基于委派的策略设置来授予或拒绝用户对虚拟机主机上的虚拟机的请求。 策略设置可以定期更新,并且可以包括有关特定用户以及从特定位置访问的用户的启动,停止,到期,保存或甚至删除虚拟机的其他信息。 此外,在虚拟机主机上运行的代理可以监视和报告虚拟机活动,以确保未经授权的虚拟机能够快速停止并进行审核。
-
公开(公告)号:US07996834B2
公开(公告)日:2011-08-09
申请号:US11404334
申请日:2006-04-14
申请人: Nelson S. Araujo, Jr. , Abhishek Dhasmana , Lloyd Gene Giberson , Angel Monterrubio , John Chad Parry , Eugene Polonsky , Brian Michael Wahlert , Kendra Anne Yourtee
发明人: Nelson S. Araujo, Jr. , Abhishek Dhasmana , Lloyd Gene Giberson , Angel Monterrubio , John Chad Parry , Eugene Polonsky , Brian Michael Wahlert , Kendra Anne Yourtee
IPC分类号: G06F9/455
CPC分类号: G06F21/6218 , G06F21/53
摘要: The embodiments contemplate a system and method for a restriction of virtual machines for a group of one or more users. A predefined policy may include a restriction related to the group, as well as a measure of enforcement to initiate in the event of a violation of the restriction. The measure of enforcement may include a warning message or denial of resources. The restriction may be resource-based, time-based, machine-based, or a combination. The restriction may be a group-level restriction, in which the entire group actions are monitored, or a user-level restriction, in which the user's actions are monitored. In the event a user is assigned to more than one group, the policies of each group are assigned a priority level. The priority level dictates the restriction as well as the measure of enforcement.
摘要翻译: 实施例考虑了用于限制一个或多个用户的组的虚拟机的系统和方法。 预定义的策略可以包括与组相关的限制,以及在违反限制的情况下启动的强制措施。 执法措施可能包括警告信息或拒绝资源。 该限制可以是基于资源的,基于时间的,基于机器的或组合的。 该限制可以是其中监视整个组动作的组级别限制或用户级别限制,其中监视用户的动作。 在将用户分配给多个组的情况下,每个组的策略被分配优先级。 优先级决定了限制和执行措施。
-
公开(公告)号:US20070245348A1
公开(公告)日:2007-10-18
申请号:US11404334
申请日:2006-04-14
申请人: Nelson Araujo , Abhishek Dhasmana , Lloyd Giberson , Angel Monterrubio , John Parry , Eugene Polonsky , Brian Wahlert , Kendra Yourtee
发明人: Nelson Araujo , Abhishek Dhasmana , Lloyd Giberson , Angel Monterrubio , John Parry , Eugene Polonsky , Brian Wahlert , Kendra Yourtee
IPC分类号: G06F9/455
CPC分类号: G06F21/6218 , G06F21/53
摘要: The embodiments contemplate a system and method for a restriction of virtual machines for a group of one or more users. A predefined policy may include a restriction related to the group, as well as a measure of enforcement to initiate in the event of a violation of the restriction. The measure of enforcement may include a warning message or denial of resources. The restriction may be resource-based, time-based, machine-based, or a combination. The restriction may be a group-level restriction, in which the entire group actions are monitored, or a user-level restriction, in which the user's actions are monitored. In the event a user is assigned to more than one group, the policies of each group are assigned a priority level. The priority level dictates the restriction as well as the measure of enforcement.
摘要翻译: 实施例考虑了用于限制一个或多个用户的组的虚拟机的系统和方法。 预定义的策略可以包括与组相关的限制,以及在违反限制的情况下启动的强制措施。 执法措施可能包括警告信息或拒绝资源。 该限制可以是基于资源的,基于时间的,基于机器的或组合的。 该限制可以是其中监视整个组动作的组级别限制或用户级别限制,其中监视用户的动作。 在将用户分配给多个组的情况下,每个组的策略被分配优先级。 优先级决定了限制和执行措施。
-
公开(公告)号:US20070250833A1
公开(公告)日:2007-10-25
申请号:US11404361
申请日:2006-04-14
申请人: Nelson Araujo , Abhishek Dhasmana , Lloyd Giberson , Angel Monterrubio , John Parry , Eugene Polonsky , Kendra Yourtee , Brian Wahlert
发明人: Nelson Araujo , Abhishek Dhasmana , Lloyd Giberson , Angel Monterrubio , John Parry , Eugene Polonsky , Kendra Yourtee , Brian Wahlert
IPC分类号: G06F9/455
CPC分类号: G06F21/6218 , G06F9/45558 , G06F2009/45562 , G06F2009/45587
摘要: An administrative authority for virtual machines can send one or more delegated policy settings to a virtual machine manager. The virtual machine manager can in turn send management instructions that include the one or more policy settings to one or more virtual machine hosts. As such, a user's request for a virtual machine at a virtual machine host can be granted or denied based on the delegated policy settings. The policy settings can be updated periodically, and can include additional information about starting, stopping, expiring, saving, or even deleting virtual machines by particular users, as well as users accessing from particular locations. In addition, an agent operating at the virtual machine host can monitor and report virtual machine activity, to ensure unauthorized virtual machines are quickly stopped and reviewed until authorized.
摘要翻译: 虚拟机的管理权限可以将一个或多个委派的策略设置发送到虚拟机管理器。 虚拟机管理器可以依次向一个或多个虚拟机主机发送包括一个或多个策略设置的管理指令。 因此,可以基于委派的策略设置来授予或拒绝用户对虚拟机主机上的虚拟机的请求。 策略设置可以定期更新,并且可以包括有关特定用户以及从特定位置访问的用户的启动,停止,到期,保存或甚至删除虚拟机的其他信息。 此外,在虚拟机主机上运行的代理可以监视和报告虚拟机活动,以确保未经授权的虚拟机能够快速停止并进行审核。
-
-
-
搜索结果
4 条记录 (耗时 0.023 秒)
