Storage layer based orchestration method for virtual machine migration across disparate virtualization environments
US-2018173554-A1 · Jun 21, 2018 · US
System and method to securely execute datacenter management operations remotely
US10917409B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10917409-B2 |
| Application number | US-201815957470-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 19, 2018 |
| Priority date | Apr 19, 2018 |
| Publication date | Feb 9, 2021 |
| Grant date | Feb 9, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Disclosed in various examples are methods, systems, and machine-readable media for exposing a Representational State Transfer (RESTful) interface to users whereby management commands on a datacenter may be issued remotely from the users' workstations for secure, remote management of the datacenter. An application task automation command (e.g., a POWERSHELL® command) is executed remotely by creating a proxy command (e.g., based on a POWERSHELL® cmdlet code) to cause the application task automation command to be executed when the proxy command is remotely invoked and deploying the proxy command to a remote computer, such as the user's workstation. The remote computer issues a request including a user identifier and any parameters for the application task automation command when the corresponding proxy command has been invoked by the remote computer. The datacenter determines whether the user is authorized to execute the application task automation command invoked by the proxy command, and upon authorization of the user, the datacenter computer runs the application task automation command with any parameters provided in the request to control configuration of, or data stored on, at least one computer in the datacenter.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for executing an application task automation command of a datacenter computer on a remote computer, comprising: creating a proxy command of the application task automation command by forming a wrapper around a configuration command that identifies and exposes a parameter used by the configuration command, the exposed parameter being attached to the configuration command; deploying the proxy command and the exposed parameter to the remote computer; in response to the proxy command corresponding to the application task automation command being invoked by the remote computer, receiving from the remote computer a request including a user identifier and the exposed parameter for the application task automation command invoked by the proxy command; determining from the user identifier whether the user is authorized to execute the application task automation command corresponding to the invoked proxy command, and upon authorization of the user, the datacenter computer running the application task automation command with the exposed parameter provided in the request, the application task automation command being a command-line shell and scripting language command for controlling configuration of or data stored on the datacenter computer based on the exposed parameter. 2. A method as in claim 1 , wherein the datacenter computer and the remote computer communicate the request via a Representational State Transfer (RESTful) interface. 3. A method as in claim 1 , wherein the user identifier and the selected proxy command are encrypted before being communicated to the datacenter computer by the remote computer. 4. A method as in claim 1 , wherein the request is signed using a token authenticating a user having the user identifier and wherein the request is evaluated by the datacenter computer to authorize the user before the datacenter computer is permitted to run the application task automation command corresponding to the proxy command invoked by the remote computer. 5. A method as in claim 1 , wherein the proxy command is based on a cmdlet code of the command-line shell and scripting language. 6. A method as in claim 1 , wherein the proxy command is encrypted and deployed on the remote computer via a remote server. 7. A method as in claim 1 , herein deploying the proxy command and the exposed parameter to the remote computer further comprises: forming a proxy command package comprising the proxy command and the exposed parameter; encrypting the proxy command package; and uploading the encrypted proxy command package to a shared server that the remote computer has access to. 8. A method as in claim 1 ; wherein creating the proxy command comprises: accessing the cmdlet command line syntax corresponding to a cmdlet function. 9. A system for executing an application task automation command of a datacenter computer from a remote computer, comprising: a processor; and a memory including instructions that when executed by the processor cause the processor to: create a creating a proxy command of the application task automation command by forming a wrapper around a configuration command that identifies and exposes a parameter used by the configuration command, the exposed parameter being attached to the configuration command; deploy the proxy command and the exposed parameter to the remote computer; receive a request including a user identifier and the exposed parameter for the proxy command invoked by the remote computer, the proxy command corresponding to the application task automation command; determine from the user identifier whether the user is authorized to execute the application task automation command corresponding to the invoked proxy command; and upon authorization of the user, cause the database computer to run the application task automation command with the exposed parameter provided in the request, the application task automation command being a command-line shell and scripting language command for controlling configuration of or data stored on the datacenter computer based on the exposed parameter. 10. A system as in claim 9 , wherein the processor further executes instructions to implement a Representational State Transfer (RESTful) interface for use in receiving the request from the remote computer. 11. A system as in claim 9 , wherein the processor further executes instructions to decrypt the request before determining whether the user is authorized to execute the application task automation command invoked by the proxy command. 12. A system as in claim 9 , wherein the request is signed using a token authenticating a user having the user identifier and the processor further executes instructions to evaluate the request to authorize the user before the processor is permitted to run the application task automation command invoked by the remote computer. 13. A system as in claim 9 , wherein the proxy command is based on a cmdlet code of the command-line shell and scripting language. 14. A system as in claim 9 , wherein the processor further executes instructions to encrypt the proxy command and to deploy the encrypted proxy command on the remote computer via a remote server. 15. A non-transitory computer readable storage medium having instructions stored thereon that when executed by a user processor remote from a datacenter computer cause the user processor to implement a method for executing a datacenter application task automation command of the datacenter computer at the user processor, the method including: receiving at least one proxy command of the datacenter application task automation command at the user processor, the at least one proxy command of the datacenter application task automation command being received with a wrapper around a configuration command that identifies and exposes a parameter used by the configuration command, the exposed parameter being attached to the configuration command; selecting a proxy command from a command-line window presented by the user processor; upon invoking the selected proxy command, creating a request having a user identifier and the exposed parameter for the application task automation command corresponding to the selected proxy command; and sending the request to the datacenter computer for execution of the datacenter application task automation command corresponding to the selected proxy command upon authorization of the user using the user identifier provided in the request, the application task automation command being a command-line shell and scripting language command for controlling configuration of or data stored on the datacenter computer based on the exposed parameter. 16. A medium as in claim 15 , further comprising instructions that when executed by the user processor enable the user processor and datacenter computer to communicate the request via a Representational State Transfer (RESTful) interface. 17. A medium as in claim 15 , further comprising instructions that when executed by the user processor enable the user processor to encrypt the user identifier and the selected proxy, command before being communicated to the datacenter computer. 18. A medium as in claim 15 , further comprising instructions that when executed by the user processor create the request by signing the request using a token authenticating a user having the user identifier before sending the request to the datacenter for evaluation as to whether the user is authorized to run on the database computer the application task automation command corresponding to the proxy command i
Assignees
Inventors
Classifications
applying multi-factor authentication · CPC title
- H04L63/102Primary
Entity profiles · CPC title
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
Remote procedure calls [RPC]; Web services · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10917409B2 cover?
- Disclosed in various examples are methods, systems, and machine-readable media for exposing a Representational State Transfer (RESTful) interface to users whereby management commands on a datacenter may be issued remotely from the users' workstations for secure, remote management of the datacenter. An application task automation command (e.g., a POWERSHELL® command) is executed remotely by crea…
- Who is the assignee on this patent?
- Microsoft Technology Licensing Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/102. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 09 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 9 related publications on this page (citations in our corpus or others sharing the same primary CPC).