公开(公告)号：US11070374B2

公开(公告)日：2021-07-20

申请号：US15908349

申请日：2018-02-28

Applicant: VMware, Inc.

Inventor： Asaf Kariv ,  Ittai Abraham ,  Yotam Harchol

IPC: H04L9/08 ,  H04L29/06 ,  H04L9/30

Abstract: The current document is directed to distributed-secure-storage systems, and processes carried out within the distributed-secure-storage systems, that provide for secure storage and retrieval of secrets within distributed computer systems, including private encryption keys used for client authentication during establishment of secure communications channels. The secret-storage systems partition an input secret into multiple secret shares and distribute the secret shares among multiple secret-share-storing node subsystems, without persistently storing the secret itself. An agent within a client device subsequently requests a secret share corresponding to a secret, or a share of data derived from the secret share, from each of the multiple secret-share-storing nodes. Each secret-share-storing node transmits the requested secret share or derived-data share to the agent, which reconstructs the secret from all or a portion of the secret shares or a data value from all or a portion of the derived-data shares transmitted to the agent.

公开(公告)号：US20170255454A1

公开(公告)日：2017-09-07

申请号：US15604415

申请日：2017-05-24

Applicant: VMware Inc.

Inventor： Lital Hassine ,  Asaf Kariv ,  Avshi Avital

IPC: G06F9/445

CPC classification number: G06F8/60 ,  G06F8/61 ,  G06F8/71 ,  H04L41/08 ,  H04L41/0843 ,  H04L41/5045 ,  H04L67/00 ,  H04L67/10

Abstract: Methods and apparatus to generate a customized application blueprint are disclosed. An example method includes generating an application definition for an unmanaged application associated with a first computing unit, selecting a first logical template associated with an unmodified version of a service provided by the first computing unit, generating an application blueprint including the first logical template, modifying the first logical template included in the application blueprint based on a first property of the first computing unit, inserting a dependency between a first logical template representative of the first computing unit and a second logical template representative of a second computing unit, and deploying a managed application according to the application blueprint to implement the unmanaged application.

公开(公告)号：US09678731B2

公开(公告)日：2017-06-13

申请号：US14191020

申请日：2014-02-26

Applicant: VMware, Inc.

Inventor： Lital Hassine ,  Asaf Kariv ,  Avshi Avital

IPC: G06F9/445 ,  G06F9/44 ,  H04L12/24

CPC classification number: G06F8/60 ,  G06F8/61 ,  G06F8/71 ,  H04L41/08 ,  H04L41/0843 ,  H04L41/5045 ,  H04L67/00 ,  H04L67/10

Abstract: Methods and apparatus to generate a customized application blueprint are disclosed. An example method includes determining a first computing unit within an application definition, identifying a property for the first computing unit, and generating an application blueprint based on the identified property of the computing unit.

公开(公告)号：US11003377B2

公开(公告)日：2021-05-11

申请号：US15282025

申请日：2016-09-30

Applicant: VMware, Inc.

Inventor： Georgios Chrysanthakopoulos ,  Pieter Noordhuis ,  Dahlia Malkhi ,  Nikos Vasilakis ,  Asaf Kariv

IPC: G06F3/06 ,  G06F9/54 ,  G06F16/23 ,  G06F16/245 ,  G06F16/22 ,  G06F9/50 ,  H04L29/08 ,  G06F8/30 ,  H04L12/24 ,  H04L29/06

Abstract: A method of managing a transaction in a control plane executing on a computing system that manages a plurality of services includes: receiving, at the control plane from a client, a plurality of first requests for at least one target service of the plurality of services, each of the plurality of first requests including a transaction indicator identifying the transaction; executing at least one handler of the at least one target service to process the plurality of first requests; receiving, at the control plane from the client, a commit request for the transaction coordinator service, the commit request including an instruction to commit the transaction; and executing a handler of the transaction coordinator service to process the commit request and notify the at least one target service of a status of the commit request.

公开(公告)号：US10970057B2

公开(公告)日：2021-04-06

申请号：US15604415

申请日：2017-05-24

Applicant: VMware Inc.

Inventor： Lital Hassine ,  Asaf Kariv ,  Avshi Avital

IPC: G06F8/60 ,  H04L12/24 ,  H04L29/08 ,  G06F8/71 ,  G06F8/61 ,  G06F9/455

Abstract: Methods and apparatus to generate a customized application blueprint are disclosed. An example method includes generating an application definition for an unmanaged application associated with a first computing unit, selecting a first logical template associated with an unmodified version of a service provided by the first computing unit, generating an application blueprint including the first logical template, modifying the first logical template included in the application blueprint based on a first property of the first computing unit, inserting a dependency between a first logical template representative of the first computing unit and a second logical template representative of a second computing unit, and deploying a managed application according to the application blueprint to implement the unmanaged application.

公开(公告)号：US11057209B2

公开(公告)日：2021-07-06

申请号：US15908435

申请日：2018-02-28

Applicant: VMware, Inc.

Inventor： Asaf Kariv ,  Ittai Abraham ,  Yotam Harchol

IPC: H04L29/06 ,  H04L9/08 ,  G06F21/62 ,  H04L29/08

Abstract: The current document is directed to distributed-secure-storage systems, and processes carried out within the distributed-secure-storage systems, that provide for secure storage and retrieval of confidential and critical data, referred to as “secrets,” within distributed computer systems. The secret-storage systems partition an input secret into multiple secret shares and distribute the secret shares among multiple secret-share-storing node subsystems, without persistently storing the secret itself. An agent within a client device subsequently requests a secret share corresponding to a secret, or a share of data derived from the secret share, from each of the multiple secret-share-storing nodes. The multiple secret-share-storing nodes additionally cooperate to periodically alter the stored secret shares corresponding to a secret in a way that allows agents to recover the original secret, or derived data, from all or a portion of the altered secret shares or derived-data shares.

公开(公告)号：US10678585B2

公开(公告)日：2020-06-09

申请号：US16177378

申请日：2018-10-31

Applicant: VMware, Inc.

Inventor： Dan Zada ,  Asaf Kariv ,  Mayan Weiss ,  Amir Wiener ,  Ella Rozanov

IPC: G06F9/44 ,  G06F17/00 ,  G06F9/445 ,  G06F15/16 ,  G06F9/455 ,  G06F9/50 ,  G06F11/36 ,  G06F8/61 ,  G06F11/30 ,  G06F8/60 ,  G06F9/451 ,  G06F21/57 ,  G06F16/10 ,  G06F11/34

Abstract: Methods and apparatus to automatically configure monitoring of a virtual machine are disclosed. An example apparatus includes a service analyzer to: identify a first virtual machine in a first application definition, the first application definition identifying virtual machines included in a first application, the first virtual machine currently running in the first application; and detect a second virtual machine currently running in the first application, the second virtual machine not included in the first application definition; and a virtual machine analyzer to: generate a second application definition, the second application definition created by adding the second virtual machine to the first application definition; and store the second application definition in an application configuration database.

公开(公告)号：US20190268149A1

公开(公告)日：2019-08-29

申请号：US15908349

申请日：2018-02-28

Applicant: VMware, Inc.

Inventor： Asaf Kariv ,  Ittai Abraham ,  Yotam Harchol

IPC: H04L9/08 ,  H04L9/30 ,  H04L29/06

Abstract: The current document is directed to distributed-secure-storage systems, and processes carried out within the distributed-secure-storage systems, that provide for secure storage and retrieval of secrets within distributed computer systems, including private encryption keys used for client authentication during establishment of secure communications channels. The secret-storage systems partition an input secret into multiple secret shares and distribute the secret shares among multiple secret-share-storing node subsystems, without persistently storing the secret itself. An agent within a client device subsequently requests a secret share corresponding to a secret, or a share of data derived from the secret share, from each of the multiple secret-share-storing nodes. Each secret-share-storing node transmits the requested secret share or derived-data share to the agent, which reconstructs the secret from all or a portion of the secret shares or a data value from all or a portion of the derived-data shares transmitted to the agent.

公开(公告)号：US20140380308A1

公开(公告)日：2014-12-25

申请号：US13926813

申请日：2013-06-25

Applicant: VMware, Inc.

Inventor： Lital Hassine ,  Asaf Kariv ,  Avshi Avital

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/45562 ,  G06F2009/45591

Abstract: Methods and apparatus to generate a customized application blueprint are disclosed. An example method includes determining a first virtual machine within an application definition, automatically identifying a property for the first virtual machine, and generating an application blueprint based on the identified property of the virtual machine.

Abstract translation: 公开了生成定制应用蓝图的方法和装置。 示例性方法包括确定应用定义内的第一虚拟机，自动识别第一虚拟机的属性，以及基于所识别的虚拟机的属性生成应用程序蓝图。

公开(公告)号：US20140365637A1

公开(公告)日：2014-12-11

申请号：US13914873

申请日：2013-06-11

Applicant: VMware, Inc.

Inventor： Asaf Kariv

IPC: G06F11/30

CPC classification number: G06F11/3003 ,  G06F11/3093 ,  G06F11/3096 ,  G06F11/3409

Abstract: Computational methods and systems for identifying a subset of a set of metrics that can be used to monitor a resource are described. The subset is representative of the information provided by the full set of metrics. Correlations are calculated for each pair of metrics and metrics with the highest correlations to other metrics in the set of metrics are deleted to obtain the representative subset of metrics. Deletion of metrics from the set of metrics may be optimized for accuracy or cost. The smaller representative subset of metrics can then be used to monitor the resource.

Abstract translation: 描述用于识别可用于监视资源的一组度量的子集的计算方法和系统。 该子集代表由完整的度量标准提供的信息。 针对每对度量和度量的相关性计算，与度量集合中其他指标的最高相关性被删除，以获得指标的代表子集。 可以针对精确度或成本优化从该组度量中删除度量值。 然后可以使用更小的代表性度量子集来监视资源。