EP3152660A1 - Procédé de répartition de tâches entre des systèmes informatiques, infrastructure de réseau d'ordinateurs ainsi que produit-programme d'ordinateur - Google Patents
Procédé de répartition de tâches entre des systèmes informatiques, infrastructure de réseau d'ordinateurs ainsi que produit-programme d'ordinateurInfo
- Publication number
- EP3152660A1 EP3152660A1 EP15727622.1A EP15727622A EP3152660A1 EP 3152660 A1 EP3152660 A1 EP 3152660A1 EP 15727622 A EP15727622 A EP 15727622A EP 3152660 A1 EP3152660 A1 EP 3152660A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- computer system
- primary
- processing
- computer systems
- task
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5027—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5027—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
- G06F9/505—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals considering the load
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
- H04L67/1004—Server selection for load balancing
- H04L67/1008—Server selection for load balancing based on parameters of servers, e.g. available memory or workload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/288—Distributed intermediate devices, i.e. intermediate devices for interaction with other intermediate devices on the same level
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0811—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/40—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass for recovering from a failure of a protocol instance or entity, e.g. service redundancy protocols, protocol state redundancy or protocol service redirection
Definitions
- the invention relates to a method for distributing tasks between secure computer systems in one
- Computer network infrastructure a corresponding computer network infrastructure and a computer program product for
- Computer network infrastructures which include server client topologies, become sensitive data, e.g. Customer data or user data, between the client and the server
- Data protection includes regulations (processes that
- Communication structures include a load distribution, ie one Distribution of certain actions or processes (tasks) between a plurality of participating computer systems or determining a computer system from a group of
- the object of the present invention is to improve the protection against attacks on computer systems within a computer network infrastructure, in particular the unauthorized access to confidential data, by technical measures and yet to propose a distribution of tasks within the computer network infrastructure, which provides a satisfactory forwarding of data within the computer network infrastructure.
- this object is achieved by a method for distributing tasks between secured
- Editing computer system based on the transmitted task information, wherein all of the group of the processing computer systems keep predetermined network ports used for this method so closed that no connection establishment to the processing computer systems is permitted from the outside and thus access via a network by means of these
- a respective edit computer system may connect to a respective switch computer system to retrieve corresponding task information (or other data) from the task file from the switch computer system.
- Such a method allows for load sharing such that from a group of switching computer systems, a primary computer system is selected for further processing of an incoming task file.
- multiple individual tasks may be shared between multiple switch computer systems so that the overall load of the group of switch computer systems is not limited to one
- the method has the advantage that a dedicated switching computer system is determined as a primary computer system, which automates the other
- Control process flow includes communication with a plurality of processing computer systems within the computer network infrastructure.
- predetermined network ports means that all or only selected security-critical network ports, such as the network ports used for this method, are permanently or temporarily closed in all the processing computer systems.
- the term "closed network ports” in this context means that they do not have “listening.” ports are ", ie no external connection is allowed, in which case a third party is not able to communicate from the outside
- SSH secure shell
- the method allows access to a switching computer system from the group of switching computer systems from the outside.
- Each of the switching computer system groups is thereby accessible as an "open" system with at least one addressable network “listening” port, which means that on a switching computer system, for example
- Run programs and / or applications are prepared so that a processing computer system can access a switching computer system and connect to the
- Conveyor computer system can build to appropriate
- Task information from the task file according to the presented method (via a then established connection,
- such an "open" brokerage computer system is similar to a traditional, specially secured computer system.
- each relay computer system in the
- task files are prepared for
- Such processes can, for. For example:
- a task file differs fundamentally from a pure command command to a respective processing computer system because a command command for its evaluation on the part of the editing computer system
- instructions may be given to a processing computer system on a mediation computer system
- the instructions may then be e.g. processed locally on the editing computer system.
- task information from the task file is to be understood as information that is present (eg embedded) in the task file, which may include information about instructions, descriptions, process data, signatures, passwords, etc.
- the task information may include parts from the task file or the entire task file as such
- task information can be used to transfer parts of the task file or even the entire task file to a processing computer system.
- a process can be triggered, which calls the selected task information in the primary switching computer system and automated from the primary
- the automated transmission of the task information from the primary switching computer system to the primary processing computer system is configured such that a third party from outside does not
- the task information may be encrypted.
- (different) encryption can also be applied multiple times to parts of the task information or to entire data packets (which contain task information). The validity of the task information can then be checked in the primary processing computer system and a
- the validity of the task information can be checked using signatures that have been used to sign data packets.
- the task information can be transferred to the primary switch computer.
- Interaction package for performing the at least one
- Action in the primary editing computer system Creating a second interaction packet, in which a response to the first interaction packet is included, by the primary processing computer system,
- a mediation computer system after performing the at least one action.
- Packing the task information into an interaction packet allows further information to be sent, e.g. Signatures of the primary mediation computer system, permissions, instructions, and so on.
- the task information of the original task file or the task information after performing the action in the primary processing computer system remain advantageous.
- Information on communication between the primary relay computer system and the primary processing computer system of task information from the task file to perform a task e.g. on another target computer system.
- the interaction package may be a kind of "sub-task file" in the particular interaction parameter between the primary
- Mediation computer system and the primary processing computer system are transferred from the primary processing computer system back to the primary mediation computer system and embedded in the original task file.
- Triggering a (criminal) action in a processing computer system by a manipulated switching computer system can thereby be prevented or at least made much more difficult because the "basic signature" offers a certain security against counterfeiting.
- the at least one action in the primary processing computer system comprises at least:
- the task information may be extracted or unpacked from the interaction package as discussed above. Decisive for all actions is that they are executed locally in a processing computer system involved, so that security-relevant passphrases or keys for processing and executing the actions must be present or used locally only on the respective computer systems and not within the computer network infrastructure, especially between the primary switch computer system and the primary
- the method of the type explained comprises the additional steps:
- a switching computer system wherein task information from the task file and / or information about the at least one action to be carried out by means of the group of processing computer systems are also summarized in the information packet,
- Such a transmission is analogous to an above-described transmission of task information from the task file or a first interaction packet in which the task information is included.
- Information package done in the process advantageous prior to the above-described transfer of task information to the primary processing computer system (by means of the first interaction package) and are used in particular first to determine a primary
- a processing computer system of the plurality of processing computer systems present in the computer network infrastructure.
- the task information (in the first interaction package) explained in the content may differ in content, overlap, or be identical.
- time outs Time points or time spans
- Edit computer systems a message about the task file and / or on the basis of the task file or task information to perform actions. In this way, each processing computer system can decide whether it should, should or should be allowed to perform the appropriate task information or perform the appropriate action based on the task information.
- the described measures thus permit a directed request to the group of processing computer systems by means of the information packet through the primary switching computer system and a subsequent selection and determination of a primary processing computer system which responds positively to the information packet.
- Link processing information of the corresponding processing computer system may include, for example, availability,
- the step of negotiating a primary switching computer system comprises the following substeps:
- Switching computer systems allow the automated (and with high probability
- Switching computer system after receiving the task file can be achieved that each switching computer system can decide whether it may, in the function as Primary task information forward in the communication process, may or should. After waiting for the first period of time, which may be individually predetermined for each switch computer system, a switch computer system notifies all other switch computer systems that it has the
- a switching computer system which has declared itself as a potential primary to the others, in turn connects to the other switching computer systems in order to
- the substeps of negotiating a primary switch computer system are performed again (possibly with random wait at start) if the validation by the communicating switch computer system is the only one willing to continue processing as the primary switch computer system , was not successful.
- validation can not be successful if multiple mediation computer systems, possibly concurrently or temporally overlapping, signal readiness, each as a primary system, to process continue. Due to parallelism in negotiation, two or more mediation computer systems may want to play the role of Primary.
- a load distribution in particular a distribution of task files between the involved
- Mediation computer systems it may and may preferably only a single primary
- a step of negotiating a primary mediation computer system after each concurrent receipt of a task file by the group of mediation computer systems is negotiated.
- the step of negotiating a primary switching computer system is after each change of the group
- Change can be, for example, adding or removing switching computer systems in the cluster
- Machining computer systems are connected via network paths in their communication.
- the computer network infrastructure may experience a so-called “split-brain problem.” This problem occurs when network paths are so
- Mediation computer systems or within the group of processing computer systems come to several primary computer systems. In this way, redundant data packets would be created, transmitted and possibly edited by several Primarys.
- Computer system to divergent behavior This can be done by monitoring an identification of task packets
- redundant network paths within the computer network infrastructure can be used to create a network
- the method of the type explained comprises the steps:
- Inaccessibility of a plurality of switching computer systems could be the indication of a split brain problem - as explained above. This could, for example, be communicated and logged via monitoring with regard to possible redundancy of forwarded data packets or task files.
- Processing computer systems for signaling that they should go into a wait mode In this way, non-primary processing computer systems are signaled that they should (initially) perform no further action with respect to corresponding task information.
- the method of the type explained additionally comprises the steps:
- a first advantage is that after performing the action in the primary processing computer system, all data on involved processing computer systems associated with the
- a second advantage is that all processing computer systems (both primary and non-primary) recognize that processing the task information or action is successful
- an edit-and-finish instruction may also be after a retransmission of the edited task information from the primary editing computer system to the primary one
- Switching computer system or other predetermined times are sent.
- transferring the task information and / or other data packets and / or instructions from a mediation computer system to a processing computer system includes the following steps:
- a switching computer system to the processing computer system wherein the predetermined network ports of the processing computer system are closed and wherein the sequence in a predetermined order addresses one or more network ports of the processing computer system,
- Processing computer system if the verification of the transmitted sequence is positive, the processing computer system in turn establishes a connection to the switching computer system and collects the task information and / or other data packets and / or instructions.
- Block editing computer system from the outside or a make manipulative access much more difficult.
- an automated process for transmitting the respective task information to the processing computer system for example, via the Unix-based Secure Copy ", scp
- the editing computer system in turn builds one
- the IP address of the sequence-transmitting computer system can be statically specified in the processing computer system or dynamically taken from the kernel of the processing computer system known source IP addresses possible sequence-sending computer systems. Such a method is known by the term "port knocking" (English: to knock-knock)
- the aforementioned steps can be carried out, for example, via a so-called knock daemon, that is to say a program which enables port knocking.
- the knock daemon listens on the network ports of the processing computer system, examines the transmitted sequence of packet data, and, if necessary, initiates controlled transmission of the data (e.g., by starting a script / program)
- the processing computer system involved inquires at regular intervals from the switching computer system (polling) whether
- Processing computer system to be initiated. It is also conceivable that the processing computer system polls if, for example, a certain amount of time is exceeded in which no port knocking has been performed. Problems with the port knocking could be recognized and the functionality is preserved. Through the measures described is a communication between secure computer systems within the
- a plurality of processing computer systems wherein the computer systems are arranged to transmit data packets and / or instructions from at least one of the group of switching computer systems to at least one of the group of processing computer systems for processing the data packets and / or instructions,
- the above object is achieved by a computer program product that is configured to run on one or more computer systems and that, when executed, performs a method of the type discussed above. Further advantageous embodiments are disclosed in the subclaims and in the following description of the figures.
- Figure 1 shows a schematic representation of at least part of a computer network infrastructure that is configured to perform load sharing between involved computer systems.
- the computer network infrastructure includes in the shown
- Embodiment a group of switching computer systems, namely a task server 1 and a task server 2.
- the computer network infrastructure comprises a group of processing computer systems, namely a
- Admin client 1 an Admin client 2 and an Admin client 3.
- a respective user group can locally access the Admin Client 1 or 2 or 3 to access it locally
- the admin client 1 to 3 the switching computer systems, ie the task servers 1 and 2, behave as "open" systems.
- the task servers 1 and 2 have thus opened at least one network port, wherein a service or a
- a network connection may be at these
- the task servers 1 and 2 serve as agents for communication and
- Admin client 1 to 3 For communication between the addressable switching computer systems, task servers 1 and 2, and the encapsulated editing computer systems, Admin client 1 to 3, with their respective closed network ports is a
- Data packets and / or instructions can be transmitted directly from an Admin Client 1 to 3 to one or more of the Task Servers 1 and 2 and stored there, since the Task Servers 1 and 2 can be addressed directly via the network.
- Sequence is sent to packet data from one of the task server 1 or 2 to one or more of the Admin clients 1 to 3, wherein the network ports of the corresponding processing computer system are closed and wherein the sequence in a predetermined order one or more network ports of the corresponding processing computer system
- the corresponding processing computer system starts a process that fetchs a data packet to be transmitted from the corresponding switching computer system (task server 1 or 2).
- a process can be any process that fetchs a data packet to be transmitted from the corresponding switching computer system (task server 1 or 2).
- Computer systems communicate with each other despite encapsulated processing computer systems within the computer network infrastructure, forward data packets and / or issue instructions.
- a task file is transmitted from an unspecified point in each case to the task server 1 and the task server 2 and stored there.
- the task file may include an instruction for a process (task) on one of the editing computer systems and / or on a computer unspecified target computer system included.
- a process can be, for example:
- respective task servers 1 and 2 carry out a negotiation in step 2, which of the two task servers 1 or 2 performs the further processing of the task file as the primary switching computer system.
- both task servers 1 or 2 can wait for predetermined periods of time (time outs), after which task server 1, for example, the task server 2
- Task server 1 the role of Primary for further processing of the received task file.
- Task server 2 can either discard the task file or keep the task file for a fallback position in the event of failure of the task server 1. Furthermore, task server 2 can go into a wait mode.
- task server 1 For further processing of the task file, in particular for forwarding task information from the task file or the task file itself within the computer network infrastructure, task server 1 generates an information packet, wherein task information is contained in the information packet from the task file and / or information about at least one action to be performed by means of the group of processing computer systems are summarized. In particular, such information may be based on specifications within the task file,
- Editing computer systems ie both at Admin-Client 1 as well as to the admin client 2 as well as to the admin client 3, according to a forwarding l: n.
- For this task server calls 1 predetermined routing information stored in the task file, the
- Routing information define a predetermined communication path structure between the task server 1 and the processing computer systems, Admin client 1 to 3. In step 3, this routing information is used for a 1: 1 forwarding to the processing computer systems
- step 4 Task Server 1 performs a port-knocking process - as explained above - to all the processing computer systems, Admin-Client 1 to 3. Then, all the Admin Clients 1 to 3 retrieve the created information package from the Task Server 1.
- step 5 which represents a significant process step, it is determined which of the processing computer systems admin client 1 to 3 carries out the further processing of further task information based on an evaluation of the transmitted information packet.
- Such a primary processing computer system can be determined, for example, on the basis of predetermined time-outs within the information packet and / or on the basis of the fact that the processing computer systems are the first to access the
- Constellation admin client 2 determines that he wants to carry out the further processing. In step 6, the admin client 2 calculates a routing to the task server 1 for this purpose and transports a step in step 7
- step 8 the positive response is registered in the task server 1 and the admin client 2 is set as the primary processing computer system.
- the admin client 2 is set as the primary processing computer system.
- task server 1 creates an interaction packet in step 8, in which task information of the
- the interaction package can have more than this task information
- Contain information (eg, signatures, permissions, instructions, etc.) between the task server 1 and the admin client 2 while preserving the information of the original task file.
- the interaction package may also contain the original task file itself as task information. It is also conceivable that the task information or the
- step 8a the task server 1 generates in step 8a
- step 9 in the task server 1, a routing to the
- step 10 a retrieval of the
- step 10a Interaction packet from the task server 1 by the admin client 2 after a corresponding port knocking process by task server 1.
- the on-hold instructions are retrieved by the admin clients 1 and 3 from the task Server 1 for analogous performing a port-knocking process by task server 1 against these computer systems.
- step 11 which is also an authoritative step within the method, the admin client 2 extracts as the primary editing computer system from the transmitted interaction package the task information and determines therefrom an action locally on the admin Client 2 has to be done.
- This action concerns e.g. the insertion of further data in the task information
- Admin Client 1 and Admin Client 3 process the fetched on-hold instruction in step IIa and switch to a wait mode ("on hold") for a request for further action on the part of the task server 1 ,
- step 12 the admin client 2 computes a routing of the processed task information back to the task server 1, which has been notified to it as a primary switching computer system, e.g. by means of the previously sent
- Admin Client 2 can do the
- Pack corresponding action in a second interaction package containing, for example, a return information for the task server 1.
- step 13 a return transport of the second interaction packet created in this way from
- Task Server 1 creates a Edit Complete statement for all Admin Clients 1 through 3 in step 14. Further, in step 14a, the supplemented and edited task information in task server 1 is updated, e.g. B. added information that a predetermined step has been processed. Subsequently, in the task server 1, for example, the task file can be supplemented or recreated, for example, from the task information transported back. Finally, in step 15, the task server 1 calculates a routing of the processing complete instruction to the Admin clients 1 to 3. In step 15a, a routing for a
- step 16 a port-knocking process is carried out by the task server 1 with respect to all the admin clients 1 to 3, each picking up the processing-ended instruction from the task server 1.
- step 16 all Admin Clients 1 through 3 receive information that the process of processing task information has ended.
- step 16a the further transport of the supplemented task file in the direction of the non-closer takes place in parallel thereto
- Step 17 in each Admin client 1 to 3, triggered by the processing-ended instruction, a data cleansing of the data incurred in connection with the performed procedure performed and possibly executed jobs and actions removed.
- Step 17 may be coupled to a timing. It means that
- Step 17 is performed automatically, if any
- a user of each can also Admin clients 1 to 3 when performing step 17 to be informed of the end of the action taken.
- step 18 could be provided, in which the information is passed from task server 1 to task server 2 that the action
- task server 2 may try to renegotiate the role of the primary (now by itself) and, if necessary, repeat the communication according to the method explained with the admin clients 1 to 3 a message from task server 1 to task server 2 is made when the specified time period for the action has been exceeded, but the action has not (successfully) been completed by the admin clients. As a result, the task server 2 receives the information that the action has ended "formally." Step 18 can be implemented as the last step after step 17 or alternatively even before step 17 in the method.
- each data packet which according to the method explained between them involved
- Computer systems is exchanged, provided in at least one participating computer system with an identifier.
- An addition of an identifier can be, for example, a mistake with a unique addition.
- the course of the data packets along the communication path structure can be monitored by monitoring using the identifier, if necessary in conjunction with existing signatures (forgery-proof). Further, a dwell time of the data packets may be monitored on a computer system involved along the communication path structure. In addition, all process steps through the monitoring
- Computer systems in routing can and can be achieved successfully.
- the identifier can be used to verify that task information is successful from the primary
- Mediation computer system task server 1
- Admin client 2 the primary processing computer system
- a residence time can z. B. defined within the task file. It can be determined that after
- alarm messages can be generated or other measures can be taken by means of monitoring.
- the monitoring which is not shown in detail in the exemplary embodiment, can either by the involved
- Computer systems themselves be implemented or be executed by other, unspecified computer systems. It is also conceivable and advantageous to carry out the monitoring via a separate network path structure.
- Task Server 1 Mediation Computer System
- Task Server 2 Mediation computer system
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102014107788 | 2014-06-03 | ||
DE102014112478.2A DE102014112478A1 (de) | 2014-06-03 | 2014-08-29 | Verfahren zur Verteilung von Tasks zwischen Computersystemen, Computernetz-Infrastruktur sowie Computerprogramm-Produkt |
PCT/EP2015/062152 WO2015185505A1 (fr) | 2014-06-03 | 2015-06-01 | Procédé de répartition de tâches entre des systèmes informatiques, infrastructure de réseau d'ordinateurs ainsi que produit-programme d'ordinateur |
Publications (1)
Publication Number | Publication Date |
---|---|
EP3152660A1 true EP3152660A1 (fr) | 2017-04-12 |
Family
ID=54481197
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP15727622.1A Withdrawn EP3152660A1 (fr) | 2014-06-03 | 2015-06-01 | Procédé de répartition de tâches entre des systèmes informatiques, infrastructure de réseau d'ordinateurs ainsi que produit-programme d'ordinateur |
Country Status (5)
Country | Link |
---|---|
US (1) | US20170220391A1 (fr) |
EP (1) | EP3152660A1 (fr) |
JP (1) | JP6419216B2 (fr) |
DE (1) | DE102014112478A1 (fr) |
WO (1) | WO2015185505A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11256539B2 (en) | 2016-02-29 | 2022-02-22 | Alibaba Group Holding Limited | Task processing method, apparatus, and system based on distributed system |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102014107793B9 (de) * | 2014-06-03 | 2018-05-09 | Fujitsu Technology Solutions Intellectual Property Gmbh | Verfahren zur Weiterleitung von Daten zwischen Computersystemen, Computernetz-Infrastruktur sowie Computerprogramm-Produkt |
DE102016115193A1 (de) | 2016-08-16 | 2018-02-22 | Fujitsu Technology Solutions Intellectual Property Gmbh | Verfahren zur sicheren Datenhaltung in einem Computernetzwerk |
EP3413204B1 (fr) * | 2017-06-09 | 2019-05-08 | dSPACE digital signal processing and control engineering GmbH | Procédé d'administration parallèle de données d'entrée continues et à synchronisation de tâches d'un système en temps réel |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040019890A1 (en) * | 2002-07-23 | 2004-01-29 | Sun Microsystems, Inc., A Delaware Corporation | Distributing and executing tasks in peer-to-peer distributed computing |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2281793A (en) * | 1993-09-11 | 1995-03-15 | Ibm | A data processing system for providing user load levelling in a network |
US6263368B1 (en) * | 1997-06-19 | 2001-07-17 | Sun Microsystems, Inc. | Network load balancing for multi-computer server by counting message packets to/from multi-computer server |
US20020083170A1 (en) * | 2000-10-26 | 2002-06-27 | Metilinx | System-wide optimization integration model |
US7111300B1 (en) * | 2001-01-12 | 2006-09-19 | Sun Microsystems, Inc. | Dynamic allocation of computing tasks by second distributed server set |
US7284067B2 (en) * | 2002-02-20 | 2007-10-16 | Hewlett-Packard Development Company, L.P. | Method for integrated load balancing among peer servers |
US20030204602A1 (en) * | 2002-04-26 | 2003-10-30 | Hudson Michael D. | Mediated multi-source peer content delivery network architecture |
JP2004054855A (ja) * | 2002-05-28 | 2004-02-19 | Dainippon Printing Co Ltd | 並列処理システム、サーバ、処理端末装置、並列処理方法、プログラム、及び、記録媒体 |
US8799918B2 (en) * | 2006-09-11 | 2014-08-05 | Microsoft Corporation | Dynamic network load balancing using roundtrip heuristic |
US8219684B1 (en) * | 2011-11-02 | 2012-07-10 | Google Inc. | Redundant data requests with cancellation |
US20150067019A1 (en) * | 2013-08-28 | 2015-03-05 | Soeren Balko | Method and system for using arbitrary computing devices for distributed data processing |
-
2014
- 2014-08-29 DE DE102014112478.2A patent/DE102014112478A1/de not_active Withdrawn
-
2015
- 2015-06-01 JP JP2016570998A patent/JP6419216B2/ja not_active Expired - Fee Related
- 2015-06-01 WO PCT/EP2015/062152 patent/WO2015185505A1/fr active Application Filing
- 2015-06-01 EP EP15727622.1A patent/EP3152660A1/fr not_active Withdrawn
- 2015-06-01 US US15/315,986 patent/US20170220391A1/en not_active Abandoned
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040019890A1 (en) * | 2002-07-23 | 2004-01-29 | Sun Microsystems, Inc., A Delaware Corporation | Distributing and executing tasks in peer-to-peer distributed computing |
Non-Patent Citations (2)
Title |
---|
KEN SLONNEGER: "XML-Rpc", INTERNET CITATION, 2006, pages 1 - 49, XP002723230, Retrieved from the Internet <URL:http://homepage.cs.uiowa.edu/~slonnegr/xml/10.XML-RPC.pdf> [retrieved on 20140410] * |
See also references of WO2015185505A1 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11256539B2 (en) | 2016-02-29 | 2022-02-22 | Alibaba Group Holding Limited | Task processing method, apparatus, and system based on distributed system |
Also Published As
Publication number | Publication date |
---|---|
JP6419216B2 (ja) | 2018-11-07 |
US20170220391A1 (en) | 2017-08-03 |
WO2015185505A1 (fr) | 2015-12-10 |
JP2017519298A (ja) | 2017-07-13 |
DE102014112478A1 (de) | 2015-12-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3669498B1 (fr) | Procédé et système de contrôle pour le contrôle et/ou la surveillance d'appareils | |
DE102018104637A1 (de) | Ausfallsicherungsantwort unter verwendung eines bekannten guten zustands eines dezentral geführten kontobuchs | |
EP2981926B1 (fr) | Dispositif de stockage de données permettant un échange de données protégé entre différentes zones de sécurité | |
EP3518492B1 (fr) | Procédé et système de divulgation d'au moins une clé cryptographique | |
EP3152884B1 (fr) | Procédé de transfert de données entre des systèmes informatiques, infrastructure de réseau d'ordinateurs et produit-programme d'ordinateur | |
EP3152660A1 (fr) | Procédé de répartition de tâches entre des systèmes informatiques, infrastructure de réseau d'ordinateurs ainsi que produit-programme d'ordinateur | |
DE102016115193A1 (de) | Verfahren zur sicheren Datenhaltung in einem Computernetzwerk | |
DE102014107783B4 (de) | Routing-Verfahren zur Weiterleitung von Task-Anweisungen zwischen Computersystemen, Computernetz-Infrastruktur sowie Computerprogramm-Produkt | |
EP3648430B1 (fr) | Module de sécurité de matériel | |
EP3718263B1 (fr) | Procédé et système de contrôle pour le contrôle et/ou la surveillance d'appareils | |
EP3105898B1 (fr) | Procédé de communication entre des systèmes informatiques sécurisés et infrastructure de réseau informatique | |
DE102016206739A1 (de) | Systeme und Verfahren zum Absichern einer Remotekonfiguration | |
EP3152880B1 (fr) | Procédé de communication entre des systèmes informatiques sécurisés, infrastructure de réseau d'ordinateurs ainsi que produit-programme d'ordinateur | |
DE112004000125T5 (de) | Gesichertes Client-Server-Datenübertragungssystem | |
EP4107640B1 (fr) | Procédés et systèmes de transmission des artefacts logiciels d'un réseau source vers un réseau cible | |
EP3105899B1 (fr) | Procédé de démarrage d'un système informatique de production | |
EP2378422A1 (fr) | Système et procédé pour la transmission des dates | |
DE102016206741A1 (de) | Systeme und Verfahren zum Absichern einer Remote-Konfiguration | |
EP2446599B1 (fr) | Transmission securisee contre la manipulation de donnees entre des appareils d'automatisation | |
DE102014109906A1 (de) | Verfahren zum Freischalten externer Computersysteme in einer Computernetz-Infrastruktur, verteiltes Rechnernetz mit einer solchen Computernetz-Infrastruktur sowie Computerprogramm-Produkt | |
EP2183902B1 (fr) | Procédé pour détecter une attaque de déni de service et terminal de communication | |
DE102009036178A1 (de) | Verfahren und Antwort-Mittel zum verkürzten Beantworten einer Anfrage bei Nicht-Verfügbarkeit einer angefragten Server-Vorrichtung | |
DE102015116601A1 (de) | Verfahren zum Freischalten externer Computersysteme in einer Computernetz-Infrastruktur, verteiltes Rechnernetz mit einer solchen Computernetz-Infrastruktur sowie Computerprogramm-Produkt |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE |
|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20161201 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAV | Request for validation of the european patent (deleted) | ||
DAX | Request for extension of the european patent (deleted) | ||
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
17Q | First examination report despatched |
Effective date: 20171026 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: GRANT OF PATENT IS INTENDED |
|
RIC1 | Information provided on ipc code assigned before grant |
Ipc: H04L 69/40 20220101ALI20220607BHEP Ipc: H04L 67/1001 20220101ALI20220607BHEP Ipc: H04L 9/40 20220101ALI20220607BHEP Ipc: H04L 43/0811 20220101ALI20220607BHEP Ipc: G06F 9/50 20060101AFI20220607BHEP |
|
INTG | Intention to grant announced |
Effective date: 20220712 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20221123 |