FR3065555B1 - METHOD FOR MANAGING A COMPUTER SYSTEM WITH DYNAMIC ALLOCATION OF RESOURCES - Google Patents

METHOD FOR MANAGING A COMPUTER SYSTEM WITH DYNAMIC ALLOCATION OF RESOURCES Download PDF

Info

Publication number
FR3065555B1
FR3065555B1 FR1753497A FR1753497A FR3065555B1 FR 3065555 B1 FR3065555 B1 FR 3065555B1 FR 1753497 A FR1753497 A FR 1753497A FR 1753497 A FR1753497 A FR 1753497A FR 3065555 B1 FR3065555 B1 FR 3065555B1
Authority
FR
France
Prior art keywords
client
access control
primary
access
policy
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
FR1753497A
Other languages
French (fr)
Other versions
FR3065555A1 (en
Inventor
Ruan He
Xiao Han
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Orange SA
Original Assignee
Orange SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Orange SA filed Critical Orange SA
Priority to FR1753497A priority Critical patent/FR3065555B1/en
Priority to PCT/FR2018/050941 priority patent/WO2018193190A1/en
Publication of FR3065555A1 publication Critical patent/FR3065555A1/en
Application granted granted Critical
Publication of FR3065555B1 publication Critical patent/FR3065555B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)

Abstract

L'invention concerne un procédé de gestion d'un système informatique en nuage (2), apte à allouer dynamiquement à une pluralité de clients (CL1,...,CLN) des ressources informatiques et réseaux (RESS), chaque client (CLn) étant associé à au moins un utilisateur susceptible d'accéder aux ressources informatiques et réseaux allouées au client par le système informatique. Ce procédé comprend, pour au moins un client du système informatique : • une étape de réception (E40), en provenance dudit client, d'un modèle primaire de contrôle d'accès et d'une politique primaire de contrôle d'accès basée sur ce modèle primaire de contrôle d'accès ; • une étape de réception (E45), en provenance dudit client, d'un modèle secondaire de contrôle d'accès et d'une politique secondaire de contrôle d'accès basée sur ce modèle secondaire de contrôle d'accès, ladite politique secondaire pouvant être mise en œuvre par ladite politique primaire de contrôle d'accès ; et • une étape d'application (E50) desdites politiques primaire et secondaire de contrôle d'accès à au moins une requête d'accès émise par ledit client pour contrôler un accès d'un utilisateur du client à au moins une ressource allouée au client par le système.The invention relates to a method for managing a cloud computing system (2), capable of dynamically allocating to a plurality of clients (CL1, ..., CLN) computer and network resources (RESS), each client (CLn ) being associated with at least one user capable of accessing the computer and network resources allocated to the client by the computer system. This method comprises, for at least one client of the computer system: • a reception step (E40), from said client, of a primary model of access control and of a primary policy of access control based on this primary model of access control; • a step of receiving (E45), from said client, a secondary model of access control and a secondary policy of access control based on this secondary model of access control, said secondary policy possibly be implemented by said primary access control policy; and • a step of applying (E50) said primary and secondary policies for controlling access to at least one access request sent by said client to control access by a user of the client to at least one resource allocated to the client. by the system.

FR1753497A 2017-04-21 2017-04-21 METHOD FOR MANAGING A COMPUTER SYSTEM WITH DYNAMIC ALLOCATION OF RESOURCES Active FR3065555B1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
FR1753497A FR3065555B1 (en) 2017-04-21 2017-04-21 METHOD FOR MANAGING A COMPUTER SYSTEM WITH DYNAMIC ALLOCATION OF RESOURCES
PCT/FR2018/050941 WO2018193190A1 (en) 2017-04-21 2018-04-13 Method for managing a computer system with dynamic allocation of resources

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR1753497A FR3065555B1 (en) 2017-04-21 2017-04-21 METHOD FOR MANAGING A COMPUTER SYSTEM WITH DYNAMIC ALLOCATION OF RESOURCES
FR1753497 2017-04-21

Publications (2)

Publication Number Publication Date
FR3065555A1 FR3065555A1 (en) 2018-10-26
FR3065555B1 true FR3065555B1 (en) 2019-12-06

Family

ID=59649819

Family Applications (1)

Application Number Title Priority Date Filing Date
FR1753497A Active FR3065555B1 (en) 2017-04-21 2017-04-21 METHOD FOR MANAGING A COMPUTER SYSTEM WITH DYNAMIC ALLOCATION OF RESOURCES

Country Status (2)

Country Link
FR (1) FR3065555B1 (en)
WO (1) WO2018193190A1 (en)

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9087189B1 (en) * 2011-05-03 2015-07-21 Symantec Corporation Network access control for cloud services
FR3007551A1 (en) * 2013-06-25 2014-12-26 France Telecom METHOD AND SERVER FOR PROCESSING AN ACCESS QUERY FROM A TERMINAL TO A COMPUTER RESOURCE

Also Published As

Publication number Publication date
WO2018193190A1 (en) 2018-10-25
FR3065555A1 (en) 2018-10-26

Similar Documents

Publication Publication Date Title
US9588789B2 (en) Management apparatus and workload distribution management method
US20200081742A1 (en) Multi-layer qos management in a distributed computing environment
CN102685904B (en) Bandwidth self-adaptive allocation method and bandwidth self-adaptive allocation system
US8782120B2 (en) Elastic management of compute resources between a web server and an on-demand compute environment
US8706798B1 (en) Systems, methods, and devices for dynamic resource monitoring and allocation in a cluster system
EA201501145A1 (en) METHOD AND SYSTEMS FOR THE CONTEXT OF DATA AND THEIR MANAGEMENT THROUGH A DYNAMIC SPECTRUM CONTROLLER AND A DYNAMIC SPECTRUM POLICY CONTROLLER
BR112015029652A8 (en) dynamic spectrum arbitration method and system, dynamic spectrum controller, and, computer readable non-transient storage media
EP2982086B1 (en) Methods, apparatus, and computer program products for allocating bandwidth for push and pull content requests in a content delivery network
US20130318522A1 (en) Management of Virtual Desktop Infrastructure (VDI) Sessions Using Real-Time Network Conditions
US10541901B2 (en) Methods, systems and computer readable media for optimizing placement of virtual network visibility components
WO2015061625A3 (en) System and method for learning management
FI20176152A1 (en) A method, a system and a computer program product for managing OPC UA server capacity
SG11201907736QA (en) Device, method, and recording medium
SA522432090B1 (en) Network system and method for access management authentication and authorization
US20110258320A1 (en) Elastic management of compute resources between a web server and an on-demand compute environment
EA201500812A1 (en) METHODS AND SYSTEMS FOR DYNAMIC ARBITRATION OF THE SPECTRUM
WO2006074064A3 (en) Method and apparatus for managing data object size in a multi-user environment
WO2016095535A1 (en) Resource allocation method and apparatus, and server
US9558039B2 (en) Managing resources of a shared pool of configurable computing resources
CN105577727A (en) Cloud-computing virtual machine management platform system
US20120233313A1 (en) Shared scaling server system
WO2016041446A1 (en) Resource allocation method, apparatus and device
WO2015192583A1 (en) Internet protocol (ip) address allocation method and apparatus, server and terminal
GB2556398A (en) Distributed bandwith allocation and throttling
FR3065555B1 (en) METHOD FOR MANAGING A COMPUTER SYSTEM WITH DYNAMIC ALLOCATION OF RESOURCES

Legal Events

Date Code Title Description
PLFP Fee payment

Year of fee payment: 2

PLSC Publication of the preliminary search report

Effective date: 20181026

PLFP Fee payment

Year of fee payment: 3

PLFP Fee payment

Year of fee payment: 4

PLFP Fee payment

Year of fee payment: 5

PLFP Fee payment

Year of fee payment: 6

PLFP Fee payment

Year of fee payment: 7

PLFP Fee payment

Year of fee payment: 8