-
公开(公告)号:US12034728B2
公开(公告)日:2024-07-09
申请号:US17383657
申请日:2021-07-23
发明人: Xuebin He , Victor Fong , Kenneth Durazzo , Edgardo Robles
CPC分类号: H04L63/101 , H04L63/083 , H04L63/105 , H04L67/02 , H04L67/51
摘要: One example method includes performing dynamic access control in a computing network. A computing environment is configured such that an application can access a service without specifying secrets. The secrets needed to access the service are obtained and stored in a credential store. The secrets can be obtained using the service mesh in a manner that isolates the application from the secrets.
-
公开(公告)号:US20220291973A1
公开(公告)日:2022-09-15
申请号:US17199690
申请日:2021-03-12
发明人: Aman Wangde , Victor Fong , Malini Bhattacharjee , Xuebin He , Kenneth Durazzo
IPC分类号: G06F9/54
摘要: One example method includes receiving, from a microservice, a service request that identifies a service needed by the microservice, and an API of an endpoint that provides the service, evaluating the service request to determine whether the service request conforms to a policy, when the service request has been determined to conform with the policy, evaluating the endpoint to determine if endpoint performance meets established guidelines, and when it is determined that the endpoint performance does not meet the established guidelines, identifying an alternative endpoint that meets the established guidelines and that provides the requested service. Next, the method includes transforming the API of the service identified in the service request to an alternative API of the service provided by the alternative endpoint, and sending the service request and the alternative API to the alternative endpoint.
-
公开(公告)号:US20220138325A1
公开(公告)日:2022-05-05
申请号:US17084325
申请日:2020-10-29
发明人: Stephen J. Todd , Kenneth Durazzo
摘要: One example method includes performing a secure boot of hardware at a node of a data confidence fabric, creating an artifact that includes information concerning the secure boot, storing the artifact, receiving a data stream at the node, annotating data of the data stream with trust metadata, and associating the artifact with the data. An immutable ledger entry may be created that includes a pointer to the data, and a pointer to the artifact, and the immutable ledger entry may be accessible by an application.
-
公开(公告)号:US11102308B1
公开(公告)日:2021-08-24
申请号:US16779013
申请日:2020-01-31
发明人: Victor Fong , Kenneth Durazzo , Robert A. Lincourt
摘要: A software and/or data mobility platform. The mobility of software and data in an edge network is achieved by loading software and/or data on an edge node. The software and data are replicated or migrated to neighbor nodes and prepared for the device when the device switches nodes. As the device switched nodes, clean up or mobility operations are performed by replicating or migrating the software/data to new neighbor nodes and deleting or removing the software/data from nodes that are no longer considered to be neighbor nodes. The software is typically deployed to the mobility platform rather than directly to the nodes to allow developers to focus on their application rather than on the mobility of the application.
-
公开(公告)号:US20210240542A1
公开(公告)日:2021-08-05
申请号:US16778611
申请日:2020-01-31
摘要: Techniques for dynamic application management are provided. For example, an apparatus comprises at least one processing platform configured to: execute a portion of an application program in a first virtual computing element, wherein the application program comprises at least one portion of marked code; receive a request for execution of the portion of marked code; determine, based at least in part on the portion of marked code, one or more cloud platforms on which to execute the portion of marked code; and cause the portion of marked code identified in the request to be executed on the one or more cloud platforms.
-
公开(公告)号:US20210232439A1
公开(公告)日:2021-07-29
申请号:US16750562
申请日:2020-01-23
发明人: Victor Fong , Kenneth Durazzo
摘要: One example method, which may be performed at an end device configured to communicate with an edge station, includes listening for a broadcast signal from the edge station, joining a broadcast channel, receiving edge station information, selecting an edge station, transmitting a manifest to the selected edge station, receiving route information from the selected edge station, accessing a container identified in the route information, and issuing a call to the selected edge station to execute an application workload on the container.
-
公开(公告)号:US10469585B2
公开(公告)日:2019-11-05
申请号:US16125228
申请日:2018-09-07
发明人: Junping Zhao , Ricky Sun , Yu Cao , Kenneth Durazzo , Xiaoyan Guo
摘要: A plurality of data sets to be moved from a source site to a target site in a cloud computing platform is received at a plurality of a containerized data ingest components located at the source site. The received plurality of data sets are provided from the plurality of data ingest components to a staging cluster comprising a plurality of containerized broker components located at the source site, wherein the plurality of containerized broker components queue the plurality of data sets. The queued plurality of data sets are provided from the plurality of containerized broker components to a processing cluster comprising a plurality of containerized data processing components, wherein the plurality of containerized data processing components process the plurality of data sets. The plurality of data sets is transmitted from the plurality of containerized data processing components to the target site.
-
公开(公告)号:US10448454B1
公开(公告)日:2019-10-15
申请号:US15076069
申请日:2016-03-21
发明人: Simon Tao , Yu Cao , Xiaoyan Guo , Zhe Dong , Kenneth Durazzo
摘要: Processing nodes in a distributed ad-hoc computing environment are discovered, wherein each processing node is configured to discover other processing nodes. A set of candidate processing nodes is selected from the discovered processing nodes. Selection is based on each discovered processing node advertising its own capabilities to other processing nodes, and processing nodes are selected as candidates based on their advertised capabilities. A subset of processing nodes is formed from the set of candidate processing nodes. The subset of processing nodes forms a self-organized task coordination ensemble wherein each processing node in the task coordination ensemble executes the same consensus protocol. By way of example, the distributed ad-hoc computing environment comprises an IoT network and the processing nodes are IoT devices.
-
公开(公告)号:US10320609B1
公开(公告)日:2019-06-11
申请号:US15690460
申请日:2017-08-30
发明人: Suresh Kumar , Kenneth Durazzo , Xiaohong Qin
摘要: A processing device such as a router or other network device implements a locator-identifier mapping system associating identifiers of respective endpoints with respective locators in accordance with a locator-identifier separation protocol. A first one of the endpoints comprises a storage server associated with a storage array. In conjunction with reconfiguration of the storage server, the locator-identifier mapping system updates a particular one of the locators corresponding to the endpoint identifier of the storage server. The reconfiguration of the storage server may comprise, for example, a migration of the storage server within a given data center, or from a first data center to a second data center. The locator of the storage server illustratively specifies a subnet of the storage server. The processing device may comprise a router operating as at least one of an ingress tunnel router and an egress tunnel router in accordance with the locator-identifier separation protocol.
-
公开(公告)号:US10291706B1
公开(公告)日:2019-05-14
申请号:US15079424
申请日:2016-03-24
发明人: Accela Zhao , Yu Cao , Layne Peng , Junping Zhao , Kenneth Durazzo
摘要: A container image registry is maintained at each host device in a set of host devices in a container hosting environment. A container image is composed of one or more container image layers such that each container image registry of each host device is configured to be able to store one or more different layers of one or more different container images. The method tracks which container image registry at which host device contains which container image layers. At each host device, one or more container images are obtained for launching one or more application programs. For a given host device, the one or more container images are obtained from one or more of: (i) one or more container image layers stored in its container image registry; and (ii) one or more container image layers stored in the container image registry of another host device.
-
-
-
-
-
-
-
-
-
搜索结果
52 条记录 (耗时 0.023 秒)
