WO2010073259A2 - Mechanism for the delivery of computing as a utility for different domains over the internet - Google Patents

Mechanism for the delivery of computing as a utility for different domains over the internet Download PDF

Info

Publication number
WO2010073259A2
WO2010073259A2 PCT/IN2009/000706 IN2009000706W WO2010073259A2 WO 2010073259 A2 WO2010073259 A2 WO 2010073259A2 IN 2009000706 W IN2009000706 W IN 2009000706W WO 2010073259 A2 WO2010073259 A2 WO 2010073259A2
Authority
WO
WIPO (PCT)
Prior art keywords
user
computing
applications
environment
network
Prior art date
Application number
PCT/IN2009/000706
Other languages
French (fr)
Other versions
WO2010073259A3 (en
WO2010073259A4 (en
Inventor
Alok Singh
Vinodkumar Gopinath
Saugata Chakrabarti
Gauthaman Rangasami Anthoniammal
Suresh Kasamuthu
Moorthy Rajendran
Siva Rama Krishna Reddy
Yuri Sysoyev
Original Assignee
Novatium Solutions (P) Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Novatium Solutions (P) Limited filed Critical Novatium Solutions (P) Limited
Publication of WO2010073259A2 publication Critical patent/WO2010073259A2/en
Publication of WO2010073259A3 publication Critical patent/WO2010073259A3/en
Publication of WO2010073259A4 publication Critical patent/WO2010073259A4/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security

Definitions

  • the present invention relates to a system and method of providing service oriented computing as a utility to the users of different domains in a cloud computing environment. More particularly, the present invention is directed to architectures and components to ensure delivery, management and control of a computing environment adapted to providing the users with flexibility of accessing applications and services across operating systems at any time without the complexity of installation, maintenance and/or upgrade. Further the system enables that computing can be accessed by a novel client side computing device and/or environment.
  • the system and method of the invention also providing applications dynamically across different bandwidths and manage the entire network proactively with minimal human intervention.
  • the system and method of the invention favour achieving resource optimization and cost optimization for customers and the different players in a cloud computing network environment by providing option for choice of solutions according to their requirements, thus favouring wide scale application to users in different usage domains.
  • PC Personal Computer
  • TC Thin Client
  • the PC cannot cope up with the growing demand of the newer software. This implies that the resources like RAM and hard disk in the PC has to be increased. When the capacity of individual resource reaches a maximum limit, the PC itself has to be replaced. However, the PC offers the advantage that the user can install and use any software that requires only those resources, the PC already has.
  • the thin client (TC) on the other hand is almost entirely dependent on a server.
  • No user application or data resides on thin client device. It collects the user input and sends it to a server gets the response from server and outputs it to the user. The output is usually in the visual form.
  • the screen to be displayed is transferred from the server to the client, which makes such thin client devices completely dependent to operate on a bandwidth heavy network.
  • the TC does not have the disadvantages of running out of resources since it is entirely dependent on the server and the resources in the server can be increased to suit the software requirements.
  • the limitation in TC based environment is that the user cannot install his/her required software as this could affect the other users in the system. Thus the system does not provide enough flexibility.
  • PC or TC based systems are not adaptive, which are not capable of dynamically providing the requisite applications and desktop depending on the role/requirement of the user.
  • a user in his/her official and personal capacities has requirements for different applications and content, but they do not require different devices to access these.
  • the device itself should be able to take the request of the user and provide these applications and content dynamically.
  • the TC is a very limited device and can only provide the desktop that the server wants it to provide.
  • the PC is capable of providing different applications and content for the user but it is not dynamic and requires extensive maintenance effort from the user.
  • a user has to buy the software he requires and install it on his/her PC.
  • the purchase of the software is permanent in nature and regardless of the extent of usage; the software is purchased and installed more or less permanently on the PC.
  • the dynamism of the desktop is lost in case of the PC.
  • a PC is prone to a number of corruptions. From hard disk failure to attacks from spurious software and vims, there are a number of reasons for a PC to fail.
  • the PC is not capable of diagnosing the failure dynamically and is also not capable of fixing the failure dynamically even when determined. Both these activities require human intervention. Thus in case of data conniption, PC is unable to provide self-determination and self- healing facility.
  • the PC based environment has limitation about the desktop too. It does not allow customization to go beyond the applications that can be displayed and allow only a few feeds from the Internet. The user is not able to remove the mismatch between applications available locally and applications and contents available remotely. They are not able to customize the content and applications that are shown.
  • TC is unable to utilize the Internet for most of its need except for very minimal applications.
  • the users cannot configure a TC to provide user specific application and content as they are sharing a common resource and their activities could hinder and corrupt other users.
  • JP 2008123493 relates to a remote management system that involves a thin client, management server and other application servers.
  • the invention relates to the method of communication happening between the servers and clients. It focuses on how commands are passed between the servers and clients and how this data is maintained. It is much more like tracking and message passing and neither provides utility computing to users nor enhances management to include self healing, using a combination of monitoring parameters, decision making based on the parameters and taking actions as in the present invention.
  • US 5878142 disclosed a small device that sits between a computer and the network (and network device) that authenticates and encrypts the data that flows between the network and the computer. Thus it deals with only authentication of the system to the network and encryption of data that flows between the system and the network. Authentication and encryption are only a part of the present invention that provide service oriented computing as utility in different domains of a cloud computing environment. The present invention deals with authentication and encryption inside the client computing device and the servers and do not have a separate device to take care of it as revealed in this prior art invention.
  • US 6327594 states about a pervasive device (any kind of device capable of computing from pager to mobile or laptop to desktop) that can take part in a data management process - that is how pervasive devices can interact with centralized data management systems. It has nothing to do with the utility computing system of the present invention.
  • the utility computing environment described in this application can interact with the devices of the cited art but that is not the scope for patent of the present invention/application that covers the entire utility computing environment adapted to work seamlessly with simplicity, guarantee of service and diverse usage scenarios for the user.
  • US 6505245 deal with the control and management of computing devices in a network remotely and states about tracking the system status and reporting it to remote administrative users. Although a part of the utility computing environment as of the present invention deals with the management of the devices in the environment, it has self healing ability wherein the system itself is in a known and steady state and in the low probability event that requires action, it takes place automatically and only the information is logged.
  • US6986148 deal with system for providing and sharing software and software components. This is especially used in a mobile environment wherein the mobile device can access and execute software on and from remote servers thus saving processing power and storage.
  • the present invention relates to utility computing environment that states how software and components are run remotely and how computing can be provided from remote. Further the system enables that .computing can be accessed by a client side computing device which is not necessarily a mobile device.
  • US 7424543 states about delivery system of documents whose contents are protected and controlled by the sender.
  • the invention also talks about a system that can access document and some applications through a thin client environment.
  • the thin client environment has some kind of control on the data and applications that a user can access. The access is primarily done through hyperlinks on the thin client.
  • the client side device of the present invention is a thin device for the service oriented computing as utility in cloud computing environment but is not a thin client or an exclusive terminal emulation system as of the US invention.
  • US 20030115443 talks about how multiple operating systems can be run on a single hardware device.
  • the utility computing environment of the present invention is self-managed. It does provide the ability to run applications from multiple OS but not executing in the hardware itself but are done through rendering from a remote system. This is very different from the subject US patent application.
  • US 20050235045 disclosed a portable personal computing environment server. It is directed basically to a small device that is capable of carrying a user's computing environment (including storage and OS). This can run on any place using the concept of virtual machines. It is however not capable of providing the adaptive, self healing, multi functional utility computing environment that the present invention is able to provide.
  • US 20060212567 is limited to the definition of a tool that is used in an enterprise to monitor a distributed application. Though the present invention deals with monitoring of servers, applications and client devices, it is very different from monitoring and tracking an application in an enterprise as of the US invention.
  • the present invention provides complete utility computing environment which has a number of features along with the auto management feature.
  • US 20070101406 is a patent application on the mechanism of authenticating of a computing system in a network. It does not take care of the computing, security and maintenance need of a utility computing environment that is covered under the scope of the present invention.
  • the authentication mechanism used is also quite different in present invention wherein authentication is based on user name and device identifier and is not related to the cached states that the US invention is dealing with.
  • US 20080077943 states about a computing system that has two operating systems where one is monitoring the other for abnormalities and one takes over whenever abnormalities are detected in the other. This seems to be intended for use in a motor vehicle. This is in no way related to the utility computing environment as of the present invention.
  • US 20080152140 describe a method for authenticating a communication device attempting to access a network. It states about authentication and subscriber management system from the authentication point of view.
  • the utility computing of the present invention deals with the subscription management and authentication for user accessing a service/application through device identifier wherein user name gives information of the subscription. This happens from a device to a remote server using HTTPS protocol.
  • US 20080201342 describe about controlling a set of storage devices through a web browser. Management includes updating firmware of storage device, sanitizing storage, etc. The system does not provide the utility computing environment as of the present invention.
  • US 20080243993 deals only with management of services in a distributed computing environment. Every component in this environment can publish services that can be used by other components. This is not related to the utility computing environment that provides managed computing to any user, as of the present invention.
  • US 20080275992 states about a kind of communication device that connects a computing device to an available and appropriate communication service that connect to a network based on the application.
  • the present invention offers service based on the network characteristics and strength.
  • WO 2005022357 states about backing up a set of devices' configuration in one configuration and using the same to bring up another device if the existing device is unusable (due to say corruption). This is a scheme wherein a set of computing devices are available and they need to be backed up and restored.
  • computing is provided as utility from a utility computing device in a cloud computing environment.
  • the device used in this environment is specially designed, instead of necessarily using a generic device, wherein the user's configuration and profile are loaded (almost every time) after user authentication.
  • the user devices used in the system of the present invention do not deal with backups of configuration, but relates more with remote synchronization of all data as and when required.
  • WO 2005116888 states about a managed network wherein some of the applications are running on the server and others locally on the clients' devices. This invention talks about a managed network of servers and client but the present invention is directed to a self managed utility computing environment.
  • the clients run different applications spread across different OS across the network that need not be local. Further, the whole network is managed to the extent of identifying corruptions, keeping tab of user's network and client usage, etc., which is not available with the above prior art published patent application. Also the system of the present invention is able to providing applications from multiple applications simultaneously from the server and also keep tab of the billing. The user can also run independent and unmanaged applications and operating systems locally.
  • the present invention is an extension to the previous two numbers co-pending patent applications of the same applicants, viz., Patent Application No. 1672/CHE/2008 dated July 10, 2008 entitled “Adaptive, Flexible & Self Healing Architecture for a Utility Computing Environment” and also Patent Application No.2320/CHE/2008 dated September 24, 2008 entitled “Providing Guaranteed Service Oriented Computing as a Utility in a Cloud Computing Environment”.
  • the former patent describes about how to provide adaptive computing solution to users with dynamic and flexible desktop of a self healing nature.
  • the latter invention details and extends from the previous patent to the cloud computing space and adds in features to the user.
  • the present invention is concerned with the system and method for taking care of all users for providing means to comply with computing requirements any time dynamically across the different OS in the entire utility computing environment. It can provide a secured and maintenance free environment for any of customer's applications and contents requirements by providing a range of services. Alternatively, it has mechanism to let the user use some of applications privately.
  • the user's profiles and roles are managed by the system and the user can switch from role to role using the same or different device.
  • the patent also details the different components of the architecture that manages this entire environment.
  • the basic object of the present invention is thus directed to developing a system and method of providing a service oriented computing as a utility in a cloud computing environment to users of different domains.
  • Another object of the present invention is directed to provide a system and method for a service ⁇ oriented utility computing mechanism in a cloud computing environment to users of different domain through a combination of unique user end devices and a set of servers.
  • a further object of the present invention is directed to a system and method for providing a service oriented utility computing mechanism with the architectures and components required for the delivery, management and control of a computing environment that provides the user with flexibility of accessing applications and services across Operating systems at any time without the hassles of installation, maintenance and upgrade.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing mechanism which achieves resource optimization and cost optimization for customers and different players by providing a choice of solutions for their requirements.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment which uses internet for the delivery of utility computing for different domains of users.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented computing as utility in a cloud computing environment wherein said system comprising the main components e.g. computing access devices, a network component and a server component working in a manner to achieve desired functionalities.
  • main components e.g. computing access devices, a network component and a server component working in a manner to achieve desired functionalities.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the computing access device is placed at the user end which acts as an interface to access the users computing requirements.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the computing access device provides the user with the controlled/secure area which provides the user with the computing abilities where the user access data and applications that are resident locally on the device and also present remotely.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein said secured space is managed remotely and has self healing ability that ensures that it is never corrupted.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the computing access device provides the user with unsecure area which provides the user with freedom to install software/applications as desired by them.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the use of unsecure area does not affect the secure area since the secure area is controlled by the various control parameters.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein access by a user could be controlled by a number of factors like user paying the subscription, user's role, user's credentials, state of the unsecure area, etc.
  • a .still further object of the present invention is directed .to provide a system and method for providing a service oriented utility computing environment wherein the secure and unsecure areas reside on physical or logically separate regions such that the objects resident on the unsecure region does not affect the content of the secure region.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the computing device would have access to all browser based application through any kind of network.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein computing access device keeps track of the network characteristics it has to its servers and depending on the type of network available the user is informed of the applications and content that the user can access.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein a server component has number of servers to achieve the different functionalities in network of client devices.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the server component has the element that deploys, authenticates, customizes, controls, manages and bills the different aspects of the user's computing needs in this utility computing environment.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein device authentication component authenticates all access devices to ensure the security and defends any intrusion and provides access only to authorized devices.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the profile manager component manages and controls the profiles of the users of the utility computing system and . also able to lock down a computing access device with a set of users only or open connection to any number of users.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein utility environment manager wherein this component helps the setup, maintenance, change management and control of the entire environment.
  • a still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein Server component comprising of the following components for executing various functions in the network:
  • the basic aspect of the present invention is thus directed to a system for providing a service oriented computing in a cloud computing environment to users of different domains comprising: an user end computing access device to provide for two distinct areas of user computing (a) a first secured control area wherein the user accesses data and applications that are resident locally on the device and/or also present remotely and which is managed remotely and (b) a second control area which is under the complete control of the user and the user can install his/her required software; an operative network component; and an operative server component.
  • a further aspect of the present invention is directed to said system wherein the boot up process is controlled by the said secured area and based on a number of control parameters the said second control area is allowed or disallowed by said the secure area.
  • a still further aspect of the present invention is directed to said system wherein said secure area is a server controlled area that delivers all the applications and content required by the user as service with said area preferably controlled by different subscription parameters and adapted to provide different applications and desktop based on the user's role which for example can be selected by user from home role for accessing standard applications including browser, chat, games, and the like or an official role providing access to ERP and CRM applications.
  • said secure area is a server controlled area that delivers all the applications and content required by the user as service with said area preferably controlled by different subscription parameters and adapted to provide different applications and desktop based on the user's role which for example can be selected by user from home role for accessing standard applications including browser, chat, games, and the like or an official role providing access to ERP and CRM applications.
  • a still further aspect of the present invention is directed to a system wherein the said unsecure area is adapted such that the user can install any software and store any data that they require, said data resident in this area can be selectively accessed based on operative parameters optionally further adapted such that the said user could have complete control over this area and can access the network and the internet from this area.
  • a still further aspect of the present invention is directed to a system wherein said network component comprises variety of networks having different characteristics and depending on these characteristics the set of applications, content and features available to the user are varied.
  • the primary parameters that are tracked are the bandwidth, latency and packet loss in the network.
  • a still further aspect of the present invention is directed to a system wherein the computing access device can access all types of native applications when the bandwidth provided to the computing access device is high, the latency to the respective servers is low and the packet loss in the network is as close to zero as possible with said computing access device adapted to have access to all browser based applications through any kind of network
  • a still further aspect of the present invention is directed to a system wherein the said computing access device is adapted to keep track of the network characteristics it has to its servers and depending on the type of network available the user is informed of the applications and content that they can access.
  • a still further aspect of the present invention is directed to a system wherein said server component comprises number of servers preferably having element adapted to deploy, authenticate, customize, control manage and generate bills based on different aspects of the users needs under the utility computing environment.
  • server component comprises (i) a device authenticator, (ii) profile manager (iii) role manager (iv) profile to desktop translator and (v) utility environment manager.
  • a still further aspect of the present invention is directed to a system wherein said device Authenticator component is adapted to authenticate all the computing access devices in the utility computing network which ensures that the whole service is secure from intrusions and only authorized devices can access this environment and optionally also to control and manage access the utility network whereby the valid devices receive information on the users of the device and also of the servers that provide the services required by the respective devices.
  • a still further aspect of the present invention is directed to said system wherein said profile management component is adapted to manage and control the profiles of the users of the utility computing system, said profile providing to construct the different characteristics of the user's environment including desktop, applications, content, the entire user's environment is confirmed as the user can customize his/her entire environment at any time, the profile manager can also lock down a computing access device with a set of users only or as per the business requirements can also open the device to any user in the system.
  • a still further aspect of the present invention is directed to a system wherein said role management component is adapted to manage the different roles that a user can take.
  • the user can play different roles in the computing environment like official and personal, the desktop.
  • the applications and content provided to the user can vary based on the role and the same is adapted to work with the said profile management component mentioned above such that based on the role, a template profile is created for each user, said user can modify this template to make it specific for them.
  • a still further aspect of the present invention is directed to said system comprising profile to desktop translator wherein the desktop of .the computing access device is browser based and the desktop screen is usually, but not limited to, a web page wherein the component goes through the profile, retrieves the characteristics of each component from a central repository and creates the desktop as a webpage which is next sent over to the access device whenever the profile is changed.
  • the profile can be sent to the computing access device and the desktop can be created on the device itself.
  • a still further aspect of the present invention is directed to said system comprising utility environment management component adapted to support the setup, maintenance, change management and control of the entire environment and also providing interface, storage and mechanism to load profiles, applications, content and create and manage desktops and profiles for the customers, said component further adapted for the billing aspects of this environment.
  • According to yet another aspect of the present invention is directed to a method of providing a service oriented computing in a cloud computing environment to users of different domains using said system comprising: following steps for the delivery, management and control of a computing environment adapted to provide the user with flexibility of accessing applications and services across operating systems at any time without the hassles of installation, maintenance and upgrade; and involving steps for a service oriented utility computing for resource optimization and cost optimization for all the customers and the different players by providing a choice of solutions for their requirements.
  • Figure 1 is the schematic illustration of the various components that are used to manage the entire utility cloud computing environment, according to the present invention.
  • Figure 2 is the schematic illustration of the computing access device and the components of the system in the utility computing environment providing secure and unsecure area to a user, according to the present invention.
  • the present invention relates to a system and method of providing a service oriented computing as a utility in a cloud computing environment to users of different domains. Accordingly, the invention is directed to providing a system and method for providing a service oriented utility computing mechanism in a cloud computing environment to users of different domain through a combination of unique user end devices and a set of servers, wherein computing access device is placed at the user end which acts as an interface to access the users computing requirements.
  • the system and method for providing a service oriented utility computing mechanism involving the architectures and components required for the delivery, management and control of a computing environment that provides the user with flexibility of accessing applications and services across operating systems at any time, using internet for the delivery of utility computing to users in different domains of activities, free of any problems relating to installation, maintenance and upgrade.
  • said service oriented utility computing mechanism favor achieving resource, optimization and cost optimization for all the customers and the different players by providing a choice of solutions for their requirements.
  • the system of the invention for providing service oriented utility computing environment comprises the following three main components:
  • a Network Component 3. A Server Component
  • the computing access device provides the user with the controlled/secure area which provides the user with the computing abilities where the user access data and applications that are resident locally on the device and also present remotely. This space is managed remotely and has self healing ability that ensures that it is never corrupted.
  • the computing access device also provides the user with unsecure area to allow the user with freedom to install software/applications as desired by them. ' The use of unsecure area does not affect the secure area since the secure area is controlled by the various control parameters like user paying the subscription, user's role, user's credentials, state of the unsecure area, etc.
  • the BIOS of the computing access device boots up to the secure area.
  • This device is placed at the user end and acts as an interface to access the customer's computing requirements.
  • the device provides the user with two distinct areas of computing.
  • the first one is a controlled area, which provides guaranteed computing to the user.
  • This is the utility computing area where the user accesses data and applications that are resident locally on the device and also present remotely. This space is managed remotely and has self-healing ability that ensures that it is never corrupted.
  • the second area is the unsecured area which is under the complete control of the user. This is the area where user can install his/her required software. This area is under the complete control of the user. The user's activities in this area do not affect the secure area mentioned previously.
  • the boot up process (and hence the booting of the unsecure area operating system) is controlled by the secure area.
  • access to the unsecure user area is allowed or disallowed by the secure area.
  • the access could be controlled by a number of factors like user paying the subscription, user's role, user's credentials, state of the unsecure area, etc.
  • the BIOS of the device always boots up the secure area. A check is done on the defined parameters and if the check passes then the user is allowed to access the unsecure area. If the check fails then only the secure area can be accessed by the user.
  • the secure and unsecure areas reside on physical or logically separate regions such that the objects resident on the unsecure region does not affect the content of the secure region.
  • the secure area is a server controlled area that delivers all the . applications and content required by the user as service.
  • the area can be controlled by different subscription parameters, like monthly subscription.
  • the area also has the ability to provide different applications and desktop based on the user's role. For example, the user could choose the home role and access standard applications like browser, chat, games, etc. The user could also easily flip over to the official role on the same device and get the desktop and applications that are catered to his official role. For example, in this role, the user could have access to ERP and CRM applications and his/her desktop could look very different from his/her personal space.
  • Unsecure Area This is an area where the user can install any software and store any data that they require. The data that is resident in this area can be accessed from the secure area after it is checked for safety. The access to this area could depend on a number of parameters that are checked in the secure area. The user could have complete control this area and can access the network and the Internet from this area too.
  • the system of the invention also provides for the. network component through which the computing device is connected to outer networks.
  • the computing device is adapted to access to all browser based application through any kind of network wherein the computing access device keeps track of the network characteristics it has to its servers. Depending on the type of network available, the user is informed of the applications and content that the user can access.
  • the working of the network component is detailed below: B. Network Component
  • the computing access device is connected to the server components and the websites on the Internet through different types of network.
  • the networks have different characteristics and depending on these characteristics the set of applications, content and features available to the user are varied.
  • the primary parameters that are tracked are the bandwidth, latency and packet loss in the network. In order to achieve superior performance and improved efficiency of data/content communication, the bandwidth available to the computing access device should be high, the latency to the respective servers should be low and the packet loss in the network should be as close to zero as possible.
  • the computing access device has access to all browser based applications through any kind of network. The other applications could require network with good characteristics as mentioned above.
  • the computing access device keeps track of the network characteristics it has to its servers and depending on the type of network available the user is informed of the applications and content that they can access. This type of proactive network based desktop control is a unique feature of the present invention.
  • the system of the present invention comprising Server component having a number of servers to achieve desired functionalities wherein the server component has the element that deploys, authenticates, customizes, controls, manages and bills the different aspects of the user's computing needs in the utility computing environment.
  • a Server component comprises the following components:
  • the Device Authentication component authenticates all the computing access devices to ensure the security and defends any intrusion and provides access only authorized devices. This ensures that the whole service is secure from intrusions and only authorized devices can access this environment. Further, this can also be used to control and manage access to the utility network. As a result of the authentication, the validated device receives information on the users of the device and also of the servers that provide the services required by the respective devices.
  • the Profile Manager component manages and controls the profiles of the users of the utility computing system.
  • the profile manager can also lock down a computing access device to a set of users only. Alternatively, it can also open, as per the business requirements, the device to any user.
  • the profile is used to construct the different characteristics of the user's environment - desktop, applications, content, etc. The entire user's environment is confirmed as the user can customize his/her entire environment at any time.
  • the Role Manager component manages the different roles that a user can take like official, personal, etc.
  • the desktop, applications and content can vary based on the role. This component works with the Profile Management component mentioned above.
  • the Profile to Desktop translator component reads the profile of a user, retrieves the characteristics of each component from a central repository and creates the desktop as a webpage.
  • the desktop of the computing access device is browser based and so the desktop screen is usually a web page.
  • This component goes through the profile, retrieves the characteristics of each component from a central repository and creates the desktop as a webpage. This is sent over to the access device whenever the profile is changed.
  • the Utility Environment Manager helps the setup, maintenance, change management and control of the entire environment. It provides interface, storage and mechanism to load profiles, applications, content and create and manage desktops and profiles for the customers. This component also takes care of the billing aspects of this environment.
  • the system of the invention and method thereof directed to providing service oriented computing as utility in cloud computing environment ensure efficiency, security, flexibility, dynamic access to hardware resources, software or applications from multimedia content to productivity applications in a network bandwidth optimized mode of network communication across different OS, without loss or corruption of data, and wherein the resource optimization and cost optimization is extended for all the customers and the different players connected in the network.
  • the system and method of the invention is adapted to providing a choice of solutions for their requirements.
  • the components of the system comprising Computing Access Devices, Network Component and Server Component for desired utility computing facility over cloud computing environment providing authorization, security as well as customized access to applications by the individual user in the network through novel user end devices, preferably thin network clients and servers, that allows the users to interact with the server, desktop, applications and data.
  • novel user end devices preferably thin network clients and servers, that allows the users to interact with the server, desktop, applications and data.
  • the customers can also choose dynamically applications of their choice of a variety of configuration across different OS in said network, the access being logically separated into secured and unsecured area with separate set of control parameters.
  • the invention is capable of providing applications dynamically across different bandwidths and the proactive management of the entire network with minimal human intervention, free of complexity involved with installation, maintenance and upgrade.

Abstract

A system for providing a service oriented computing over the cloud to users in different domains of activities comprising an user end computing access device to provide for two distinct areas of user computing and two distinct control areas which are under different one's control.

Description

MECHANISM FOR THE DELIVERY OF COMPUTING AS A UTILITY FOR
DIFFERENT DOMAINS OVER THE INTERNET
FIELD OF THE INVENTION
The present invention relates to a system and method of providing service oriented computing as a utility to the users of different domains in a cloud computing environment. More particularly, the present invention is directed to architectures and components to ensure delivery, management and control of a computing environment adapted to providing the users with flexibility of accessing applications and services across operating systems at any time without the complexity of installation, maintenance and/or upgrade. Further the system enables that computing can be accessed by a novel client side computing device and/or environment. The system and method of the invention also providing applications dynamically across different bandwidths and manage the entire network proactively with minimal human intervention. Advantageously, the system and method of the invention favour achieving resource optimization and cost optimization for customers and the different players in a cloud computing network environment by providing option for choice of solutions according to their requirements, thus favouring wide scale application to users in different usage domains.
BACKGROUND ART The devices known in the art catering to the computing needs of users comprise two most common variants -the Personal Computer (PC) and Thin Client (TC) at the user end. A PC is known to store in itself most of the applications and devices that a user generally requires. It can also use applications and data placed across a network through basic set of resident applications and data. This increases the difficulty of maintainability and risk of attack on a PC. All operational requirements thus increase the complexity of a PC. Moreover, a PC is only capable of effectively running applications that run on a single operating system at any given time. These applications need to be installed, maintained and upgraded manually. One of the biggest issues with the PC is that they ages over time and does not keep up with the user's requirements for computing. It also slows down due to the different drivers and other required applications and spurious utilities. Secondly, the PC cannot cope up with the growing demand of the newer software. This implies that the resources like RAM and hard disk in the PC has to be increased. When the capacity of individual resource reaches a maximum limit, the PC itself has to be replaced. However, the PC offers the advantage that the user can install and use any software that requires only those resources, the PC already has.
The thin client (TC) on the other hand is almost entirely dependent on a server. No user application or data resides on thin client device. It collects the user input and sends it to a server gets the response from server and outputs it to the user. The output is usually in the visual form. Thus, most of the times, the screen to be displayed is transferred from the server to the client, which makes such thin client devices completely dependent to operate on a bandwidth heavy network. Unlike PC, the TC does not have the disadvantages of running out of resources since it is entirely dependent on the server and the resources in the server can be increased to suit the software requirements. However, the limitation in TC based environment is that the user cannot install his/her required software as this could affect the other users in the system. Thus the system does not provide enough flexibility.
It is also known in the prior art that existing PC or TC based systems are not adaptive, which are not capable of dynamically providing the requisite applications and desktop depending on the role/requirement of the user. For example, a user in his/her official and personal capacities has requirements for different applications and content, but they do not require different devices to access these. The device itself should be able to take the request of the user and provide these applications and content dynamically. The TC is a very limited device and can only provide the desktop that the server wants it to provide. The PC is capable of providing different applications and content for the user but it is not dynamic and requires extensive maintenance effort from the user.
Many of the utility computing and cloud computing in existence currently do not take care of
■ two important aspects. They usually do not deal with client side device. The solutions in existence require a PC or a TC and usually use a browser interface on these devices to provide the utility and cloud computing solutions. This leads to the problem that the devices themselves could easily run into problems and then the solution itself would be beyond the user's reach. The other aspect is that the solution itself does not cater to the different roles that users' play. These are not usually computing solutions but only offer certain set of applications or content. For example, there are utility and cloud computing solutions available for CRM, productivity tools, ERP, etc. but there are no solutions that can dynamically encompass all these and create a user environment for the user.
The problems and limitations of the PC or TC based known systems and methods existing in the art in cloud computing environment are identified to be the following which call for a more flexible and adaptive as well as dynamic system to provide remedial measures:
1. Personal Computers store all the . applications and data locally and these have to be manually managed. If a loss of data happens then the data can be retrieved only if a backup copy exists, the process of retrieval being manual. The other problem is that the loss of data or corruption is not detected at run time but is detected usually by user when they are not able to access the data. So guarantee of service is not present in the world of personal computers.
2. A user has to buy the software he requires and install it on his/her PC. The purchase of the software is permanent in nature and regardless of the extent of usage; the software is purchased and installed more or less permanently on the PC. There is provision for relinquishing the software after use or when requirement is over. Thus the dynamism of the desktop is lost in case of the PC.
3. Also newer versions of any software may not sometimes be available to the user and if a user is interested in the newer version of software, they have to purchase it even if the older version of the software is available.
4. A PC is prone to a number of corruptions. From hard disk failure to attacks from spurious software and vims, there are a number of reasons for a PC to fail. The PC is not capable of diagnosing the failure dynamically and is also not capable of fixing the failure dynamically even when determined. Both these activities require human intervention. Thus in case of data conniption, PC is unable to provide self-determination and self- healing facility. 5. The PC based environment has limitation about the desktop too. It does not allow customization to go beyond the applications that can be displayed and allow only a few feeds from the Internet. The user is not able to remove the mismatch between applications available locally and applications and contents available remotely. They are not able to customize the content and applications that are shown.
6. In the existing TC based environments, the delivery of applications and data is done by delivery of the whole desktop from the server through protocols like Remote Desktop Protocol, X Protocol and Remote Frame Buffer Protocol. These protocols deliver the entire desktop and the applications to the client from server through the network. Thej client is only capable of rendering the compressed stream coming from the server. So all applications from multimedia to productivity applications are executed on the server and streamed to the client. This would mean that the network requirements for streaming of applications are heavy. The network between the server and user's premises should be commissioned for the maximum network required considering bandwidth extensive connectivity. So regardless of the application's network requirements a higher requirement is placed to ensure that all applications are usable. For example, the usage of browser for multimedia content requires a high bandwidth network whereas the bandwidth requirement for productivity applications is much lower. But since both these applications run on a server they require to be connected to the TC on a high bandwidth network to ensure that both the applications run well. Even if the TC is in a place where the available bandwidth is low but still high enough for some low bandwidth remote applications, current models do not allow this. The current models permit TCs to be installed only if the available bandwidth is able to satisfy the need of all remote applications. Thus the reach of a utility computing environment based on Thin Clients is dependant heavily on the availability of high bandwidth and consistent networks. Hence
TC is unable to utilize the Internet for most of its need except for very minimal applications.
7. The other deployment of TC, would involve using of a higher capability processor that executes a few applications. These devices are still susceptible to corruptions and data loss which like a PC have no mechanism to be detected and rectified. Also, they have limited ability to provide all applications required by a user. There is very little possibility of offering all the applications required by the user dynamically based on user requirement and network availability.
8. There are no architectures available to provide features like dynamic desktops, time based applications, network characteristic adaptable features, device and user based security and usage control features like parental control to the mentioned devices like PC and TC.
9. The users cannot configure a TC to provide user specific application and content as they are sharing a common resource and their activities could hinder and corrupt other users.
10. Existing utility and cloud computing solution do not take care of providing a complete computing environment by managing the client access devices and also by giving users the ability to bundle all his/her computing requirements into different roles and accessing all from a set of devices at anytime.
There has thus been a need in the art to developing system and method for the delivery, management and control of a computing environment that provides the user with flexibility of accessing applications and services across Operating systems at any time without the complexity of installation, maintenance and upgrade. There has also been a need to achieve resource optimization and cost optimization for the customers and the different players by providing a choice of solutions for their requirements.
A number of attempts have been made in the past to provide dynamism and flexibility to the users' devices for efficient cost effective operation on Internet/Network environment.
JP 2008123493 relates to a remote management system that involves a thin client, management server and other application servers. The invention relates to the method of communication happening between the servers and clients. It focuses on how commands are passed between the servers and clients and how this data is maintained. It is much more like tracking and message passing and neither provides utility computing to users nor enhances management to include self healing, using a combination of monitoring parameters, decision making based on the parameters and taking actions as in the present invention.
US 5878142 disclosed a small device that sits between a computer and the network (and network device) that authenticates and encrypts the data that flows between the network and the computer. Thus it deals with only authentication of the system to the network and encryption of data that flows between the system and the network. Authentication and encryption are only a part of the present invention that provide service oriented computing as utility in different domains of a cloud computing environment. The present invention deals with authentication and encryption inside the client computing device and the servers and do not have a separate device to take care of it as revealed in this prior art invention.
US 6327594 states about a pervasive device (any kind of device capable of computing from pager to mobile or laptop to desktop) that can take part in a data management process - that is how pervasive devices can interact with centralized data management systems. It has nothing to do with the utility computing system of the present invention. The utility computing environment described in this application can interact with the devices of the cited art but that is not the scope for patent of the present invention/application that covers the entire utility computing environment adapted to work seamlessly with simplicity, guarantee of service and diverse usage scenarios for the user.
US 6505245 deal with the control and management of computing devices in a network remotely and states about tracking the system status and reporting it to remote administrative users. Although a part of the utility computing environment as of the present invention deals with the management of the devices in the environment, it has self healing ability wherein the system itself is in a known and steady state and in the low probability event that requires action, it takes place automatically and only the information is logged. US6986148 deal with system for providing and sharing software and software components. This is especially used in a mobile environment wherein the mobile device can access and execute software on and from remote servers thus saving processing power and storage. The present invention relates to utility computing environment that states how software and components are run remotely and how computing can be provided from remote. Further the system enables that .computing can be accessed by a client side computing device which is not necessarily a mobile device.
US 7328333 describe how a mobile computing device like PDA (personal digital assistant) can be extended to seem like a complete computer supporting multiple OS. The device of the invention attempts to use the computing capability of a PDA but otherwise it is similar to a normal PC. In the self managed utility computing environment of the present invention, a maintenance free environment is provided where computing of different kinds are available as a utility to the user.
US 7424543 states about delivery system of documents whose contents are protected and controlled by the sender. The invention also talks about a system that can access document and some applications through a thin client environment. The thin client environment has some kind of control on the data and applications that a user can access. The access is primarily done through hyperlinks on the thin client. The client side device of the present invention is a thin device for the service oriented computing as utility in cloud computing environment but is not a thin client or an exclusive terminal emulation system as of the US invention.
US 20030115443 talks about how multiple operating systems can be run on a single hardware device. The utility computing environment of the present invention is self-managed. It does provide the ability to run applications from multiple OS but not executing in the hardware itself but are done through rendering from a remote system. This is very different from the subject US patent application.
US 20050235045 disclosed a portable personal computing environment server. It is directed basically to a small device that is capable of carrying a user's computing environment (including storage and OS). This can run on any place using the concept of virtual machines. It is however not capable of providing the adaptive, self healing, multi functional utility computing environment that the present invention is able to provide.
US 20060212567 is limited to the definition of a tool that is used in an enterprise to monitor a distributed application. Though the present invention deals with monitoring of servers, applications and client devices, it is very different from monitoring and tracking an application in an enterprise as of the US invention. The present invention provides complete utility computing environment which has a number of features along with the auto management feature.
US 20070101406 is a patent application on the mechanism of authenticating of a computing system in a network. It does not take care of the computing, security and maintenance need of a utility computing environment that is covered under the scope of the present invention. The authentication mechanism used is also quite different in present invention wherein authentication is based on user name and device identifier and is not related to the cached states that the US invention is dealing with.
US 20080077943 states about a computing system that has two operating systems where one is monitoring the other for abnormalities and one takes over whenever abnormalities are detected in the other. This seems to be intended for use in a motor vehicle. This is in no way related to the utility computing environment as of the present invention.
US 20080152140 describe a method for authenticating a communication device attempting to access a network. It states about authentication and subscriber management system from the authentication point of view. The utility computing of the present invention deals with the subscription management and authentication for user accessing a service/application through device identifier wherein user name gives information of the subscription. This happens from a device to a remote server using HTTPS protocol. US 20080201342 describe about controlling a set of storage devices through a web browser. Management includes updating firmware of storage device, sanitizing storage, etc. The system does not provide the utility computing environment as of the present invention.
US 20080243993 deals only with management of services in a distributed computing environment. Every component in this environment can publish services that can be used by other components. This is not related to the utility computing environment that provides managed computing to any user, as of the present invention.
US 20080275992 states about a kind of communication device that connects a computing device to an available and appropriate communication service that connect to a network based on the application. The present invention offers service based on the network characteristics and strength.
WO 2005022357 states about backing up a set of devices' configuration in one configuration and using the same to bring up another device if the existing device is unusable (due to say corruption). This is a scheme wherein a set of computing devices are available and they need to be backed up and restored. In the present invention computing is provided as utility from a utility computing device in a cloud computing environment. The device used in this environment is specially designed, instead of necessarily using a generic device, wherein the user's configuration and profile are loaded (almost every time) after user authentication. The user devices used in the system of the present invention do not deal with backups of configuration, but relates more with remote synchronization of all data as and when required.
WO 2005116888 states about a managed network wherein some of the applications are running on the server and others locally on the clients' devices. This invention talks about a managed network of servers and client but the present invention is directed to a self managed utility computing environment.
Thus the network according to the present invention the clients run different applications spread across different OS across the network that need not be local. Further, the whole network is managed to the extent of identifying corruptions, keeping tab of user's network and client usage, etc., which is not available with the above prior art published patent application. Also the system of the present invention is able to providing applications from multiple applications simultaneously from the server and also keep tab of the billing. The user can also run independent and unmanaged applications and operating systems locally.
The present invention is an extension to the previous two numbers co-pending patent applications of the same applicants, viz., Patent Application No. 1672/CHE/2008 dated July 10, 2008 entitled "Adaptive, Flexible & Self Healing Architecture for a Utility Computing Environment" and also Patent Application No.2320/CHE/2008 dated September 24, 2008 entitled "Providing Guaranteed Service Oriented Computing as a Utility in a Cloud Computing Environment". The former patent describes about how to provide adaptive computing solution to users with dynamic and flexible desktop of a self healing nature. The latter invention details and extends from the previous patent to the cloud computing space and adds in features to the user.
As distinct over the said two co-pending patent applications filed by the applicants, the present invention is concerned with the system and method for taking care of all users for providing means to comply with computing requirements any time dynamically across the different OS in the entire utility computing environment. It can provide a secured and maintenance free environment for any of customer's applications and contents requirements by providing a range of services. Alternatively, it has mechanism to let the user use some of applications privately. The user's profiles and roles are managed by the system and the user can switch from role to role using the same or different device. The patent also details the different components of the architecture that manages this entire environment.
Thus in spite of the above described invention disclosures in the prior art, it is obvious that although a number of attempts had been made in the past to resolve problems and limitations in prior art systems directed to providing partial features of utility computing, there had been an unfulfilled need to integrate the devices and computing need as utility in cloud computing environment wherein there shall be means for achieving efficiency, security, flexibility, dynamic access to any hardware resource, software or applications from multimedia content to productivity applications in a network bandwidth optimized mode of network communication across different OS, without loss or corruption of data, and wherein the resource optimization and cost optimization is extended for the customers and the different players connected in the network. The system and method of the invention is adapted to providing a choice of solutions for their requirements. Importantly, there had been a need in the art to develop a system and method for utility computing environment providing authorization, security as well as customized access to applications by the individual user in the network through novel user end devices and servers, preferably a thin network client that allows the users to interact with the server, desktop, applications and data, and the customers can dynamically choose applications for use. The invention shall be capable of providing of applications dynamically across different bandwidths and the proactive management of the entire network with minimal human intervention, free of complexity involved with installation, maintenance and upgrade.
OBJECTS OF THE INVENTION The basic object of the present invention is thus directed to developing a system and method of providing a service oriented computing as a utility in a cloud computing environment to users of different domains.
Another object of the present invention is directed to provide a system and method for a service ■ oriented utility computing mechanism in a cloud computing environment to users of different domain through a combination of unique user end devices and a set of servers.
A further object of the present invention is directed to a system and method for providing a service oriented utility computing mechanism with the architectures and components required for the delivery, management and control of a computing environment that provides the user with flexibility of accessing applications and services across Operating systems at any time without the hassles of installation, maintenance and upgrade.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing mechanism which achieves resource optimization and cost optimization for customers and different players by providing a choice of solutions for their requirements. A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment which uses internet for the delivery of utility computing for different domains of users.
A still further object of the present invention is directed to provide a system and method for providing a service oriented computing as utility in a cloud computing environment wherein said system comprising the main components e.g. computing access devices, a network component and a server component working in a manner to achieve desired functionalities.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the computing access device is placed at the user end which acts as an interface to access the users computing requirements.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the computing access device provides the user with the controlled/secure area which provides the user with the computing abilities where the user access data and applications that are resident locally on the device and also present remotely.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein said secured space is managed remotely and has self healing ability that ensures that it is never corrupted.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the computing access device provides the user with unsecure area which provides the user with freedom to install software/applications as desired by them.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the use of unsecure area does not affect the secure area since the secure area is controlled by the various control parameters. A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein access by a user could be controlled by a number of factors like user paying the subscription, user's role, user's credentials, state of the unsecure area, etc.
A .still further object of the present invention is directed .to provide a system and method for providing a service oriented utility computing environment wherein the secure and unsecure areas reside on physical or logically separate regions such that the objects resident on the unsecure region does not affect the content of the secure region.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the computing device would have access to all browser based application through any kind of network.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein computing access device keeps track of the network characteristics it has to its servers and depending on the type of network available the user is informed of the applications and content that the user can access.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein a server component has number of servers to achieve the different functionalities in network of client devices.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the server component has the element that deploys, authenticates, customizes, controls, manages and bills the different aspects of the user's computing needs in this utility computing environment.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein device authentication component authenticates all access devices to ensure the security and defends any intrusion and provides access only to authorized devices.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein the profile manager component manages and controls the profiles of the users of the utility computing system and . also able to lock down a computing access device with a set of users only or open connection to any number of users.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein utility environment manager wherein this component helps the setup, maintenance, change management and control of the entire environment.
A still further object of the present invention is directed to provide a system and method for providing a service oriented utility computing environment wherein Server component comprising of the following components for executing various functions in the network:
A Device Authenticator, Profile Manager, Role Manager, Profile to Desktop Translator, Utility
Environment Manager.
SUMMARY OF THE INVENTION The basic aspect of the present invention is thus directed to a system for providing a service oriented computing in a cloud computing environment to users of different domains comprising: an user end computing access device to provide for two distinct areas of user computing (a) a first secured control area wherein the user accesses data and applications that are resident locally on the device and/or also present remotely and which is managed remotely and (b) a second control area which is under the complete control of the user and the user can install his/her required software; an operative network component; and an operative server component. A further aspect of the present invention is directed to said system wherein the boot up process is controlled by the said secured area and based on a number of control parameters the said second control area is allowed or disallowed by said the secure area.
A still further aspect of the present invention is directed to said system wherein said secure area is a server controlled area that delivers all the applications and content required by the user as service with said area preferably controlled by different subscription parameters and adapted to provide different applications and desktop based on the user's role which for example can be selected by user from home role for accessing standard applications including browser, chat, games, and the like or an official role providing access to ERP and CRM applications.
A still further aspect of the present invention is directed to a system wherein the said unsecure area is adapted such that the user can install any software and store any data that they require, said data resident in this area can be selectively accessed based on operative parameters optionally further adapted such that the said user could have complete control over this area and can access the network and the internet from this area.
A still further aspect of the present invention is directed to a system wherein said network component comprises variety of networks having different characteristics and depending on these characteristics the set of applications, content and features available to the user are varied.
Importantly, in said system, the primary parameters that are tracked are the bandwidth, latency and packet loss in the network.
A still further aspect of the present invention is directed to a system wherein the computing access device can access all types of native applications when the bandwidth provided to the computing access device is high, the latency to the respective servers is low and the packet loss in the network is as close to zero as possible with said computing access device adapted to have access to all browser based applications through any kind of network
A still further aspect of the present invention is directed to a system wherein the said computing access device is adapted to keep track of the network characteristics it has to its servers and depending on the type of network available the user is informed of the applications and content that they can access.
A still further aspect of the present invention is directed to a system wherein said server component comprises number of servers preferably having element adapted to deploy, authenticate, customize, control manage and generate bills based on different aspects of the users needs under the utility computing environment.
According to yet another aspect of the present invention is directed to said system wherein said server component comprises (i) a device authenticator, (ii) profile manager (iii) role manager (iv) profile to desktop translator and (v) utility environment manager.
A still further aspect of the present invention is directed to a system wherein said device Authenticator component is adapted to authenticate all the computing access devices in the utility computing network which ensures that the whole service is secure from intrusions and only authorized devices can access this environment and optionally also to control and manage access the utility network whereby the valid devices receive information on the users of the device and also of the servers that provide the services required by the respective devices.
A still further aspect of the present invention is directed to said system wherein said profile management component is adapted to manage and control the profiles of the users of the utility computing system, said profile providing to construct the different characteristics of the user's environment including desktop, applications, content, the entire user's environment is confirmed as the user can customize his/her entire environment at any time, the profile manager can also lock down a computing access device with a set of users only or as per the business requirements can also open the device to any user in the system.
A still further aspect of the present invention is directed to a system wherein said role management component is adapted to manage the different roles that a user can take. For example, the user can play different roles in the computing environment like official and personal, the desktop. In this case, the applications and content provided to the user can vary based on the role and the same is adapted to work with the said profile management component mentioned above such that based on the role, a template profile is created for each user, said user can modify this template to make it specific for them.
A still further aspect of the present invention is directed to said system comprising profile to desktop translator wherein the desktop of .the computing access device is browser based and the desktop screen is usually, but not limited to, a web page wherein the component goes through the profile, retrieves the characteristics of each component from a central repository and creates the desktop as a webpage which is next sent over to the access device whenever the profile is changed. Alternatively, the profile can be sent to the computing access device and the desktop can be created on the device itself.
A still further aspect of the present invention is directed to said system comprising utility environment management component adapted to support the setup, maintenance, change management and control of the entire environment and also providing interface, storage and mechanism to load profiles, applications, content and create and manage desktops and profiles for the customers, said component further adapted for the billing aspects of this environment.
According to yet another aspect of the present invention is directed to a method of providing a service oriented computing in a cloud computing environment to users of different domains using said system comprising: following steps for the delivery, management and control of a computing environment adapted to provide the user with flexibility of accessing applications and services across operating systems at any time without the hassles of installation, maintenance and upgrade; and involving steps for a service oriented utility computing for resource optimization and cost optimization for all the customers and the different players by providing a choice of solutions for their requirements.
The present invention and its objects and advantages are described in greater details with reference to following non limiting illustrative embodiments. BRIEF DESCRIPTION OF THE DRAWING
Figure 1 : is the schematic illustration of the various components that are used to manage the entire utility cloud computing environment, according to the present invention. Figure 2: is the schematic illustration of the computing access device and the components of the system in the utility computing environment providing secure and unsecure area to a user, according to the present invention.
DETAILED DESCRIPTION OF THE INVENTION WITH REFERENCE TO THE ACCOMPANYING DRAWING
The present invention relates to a system and method of providing a service oriented computing as a utility in a cloud computing environment to users of different domains. Accordingly, the invention is directed to providing a system and method for providing a service oriented utility computing mechanism in a cloud computing environment to users of different domain through a combination of unique user end devices and a set of servers, wherein computing access device is placed at the user end which acts as an interface to access the users computing requirements.
Advantageously, the system and method for providing a service oriented utility computing mechanism according to the present invention involving the architectures and components required for the delivery, management and control of a computing environment that provides the user with flexibility of accessing applications and services across operating systems at any time, using internet for the delivery of utility computing to users in different domains of activities, free of any problems relating to installation, maintenance and upgrade. Also, said service oriented utility computing mechanism favor achieving resource, optimization and cost optimization for all the customers and the different players by providing a choice of solutions for their requirements.
Reference is now invited to the accompanying Figure 1 that illustrates the various components that are used to manage the entire utility cloud computing environment, according to the present invention. The system of the invention for providing service oriented utility computing environment comprises the following three main components:
1. A Computing Access Device
2. A Network Component 3. A Server Component
Reference is now invited to the accompanying Figure 2 that illustrates schematically the computing access device and the components of the system in the utility computing environment providing secure and unsecure area to a user, according to the present invention. The computing access device provides the user with the controlled/secure area which provides the user with the computing abilities where the user access data and applications that are resident locally on the device and also present remotely. This space is managed remotely and has self healing ability that ensures that it is never corrupted. The computing access device also provides the user with unsecure area to allow the user with freedom to install software/applications as desired by them.' The use of unsecure area does not affect the secure area since the secure area is controlled by the various control parameters like user paying the subscription, user's role, user's credentials, state of the unsecure area, etc. In said system the BIOS of the computing access device boots up to the secure area.
The detailed working of said access device and the components of the system in the utility computing environment providing said secure and unsecure area to a user is as follows:
A. Computing Access Device
This device is placed at the user end and acts as an interface to access the customer's computing requirements. The device provides the user with two distinct areas of computing. The first one is a controlled area, which provides guaranteed computing to the user. This is the utility computing area where the user accesses data and applications that are resident locally on the device and also present remotely. This space is managed remotely and has self-healing ability that ensures that it is never corrupted. The second area is the unsecured area which is under the complete control of the user. This is the area where user can install his/her required software. This area is under the complete control of the user. The user's activities in this area do not affect the secure area mentioned previously. Since this device is part of a controlled environment, the boot up process (and hence the booting of the unsecure area operating system) is controlled by the secure area. Depending on a number of control parameters, access to the unsecure user area is allowed or disallowed by the secure area. The access could be controlled by a number of factors like user paying the subscription, user's role, user's credentials, state of the unsecure area, etc. The BIOS of the device always boots up the secure area. A check is done on the defined parameters and if the check passes then the user is allowed to access the unsecure area. If the check fails then only the secure area can be accessed by the user. The secure and unsecure areas reside on physical or logically separate regions such that the objects resident on the unsecure region does not affect the content of the secure region.
(i) Secure Area - The secure area is a server controlled area that delivers all the . applications and content required by the user as service. The area can be controlled by different subscription parameters, like monthly subscription. The area also has the ability to provide different applications and desktop based on the user's role. For example, the user could choose the home role and access standard applications like browser, chat, games, etc. The user could also easily flip over to the official role on the same device and get the desktop and applications that are catered to his official role. For example, in this role, the user could have access to ERP and CRM applications and his/her desktop could look very different from his/her personal space.
(ii) Unsecure Area - This is an area where the user can install any software and store any data that they require. The data that is resident in this area can be accessed from the secure area after it is checked for safety. The access to this area could depend on a number of parameters that are checked in the secure area. The user could have complete control this area and can access the network and the Internet from this area too.
The system of the invention also provides for the. network component through which the computing device is connected to outer networks. The computing device is adapted to access to all browser based application through any kind of network wherein the computing access device keeps track of the network characteristics it has to its servers. Depending on the type of network available, the user is informed of the applications and content that the user can access. The working of the network component is detailed below: B. Network Component
The computing access device is connected to the server components and the websites on the Internet through different types of network. The networks have different characteristics and depending on these characteristics the set of applications, content and features available to the user are varied. The primary parameters that are tracked are the bandwidth, latency and packet loss in the network. In order to achieve superior performance and improved efficiency of data/content communication, the bandwidth available to the computing access device should be high, the latency to the respective servers should be low and the packet loss in the network should be as close to zero as possible. The computing access device has access to all browser based applications through any kind of network. The other applications could require network with good characteristics as mentioned above. The computing access device keeps track of the network characteristics it has to its servers and depending on the type of network available the user is informed of the applications and content that they can access. This type of proactive network based desktop control is a unique feature of the present invention.
C. Server Component
The system of the present invention comprising Server component having a number of servers to achieve desired functionalities wherein the server component has the element that deploys, authenticates, customizes, controls, manages and bills the different aspects of the user's computing needs in the utility computing environment.
A Server component comprises the following components:
- A Device Authenticator
- Profile Manager - Role Manager
- Profile to Desktop Translator
- Utility Environment Manager
The working of the above mentioned different functional modules of server component are as described below: Device Authentication Component
The Device Authentication component authenticates all the computing access devices to ensure the security and defends any intrusion and provides access only authorized devices. This ensures that the whole service is secure from intrusions and only authorized devices can access this environment. Further, this can also be used to control and manage access to the utility network. As a result of the authentication, the validated device receives information on the users of the device and also of the servers that provide the services required by the respective devices.
Profile Manager Component
The Profile Manager component manages and controls the profiles of the users of the utility computing system. The profile manager can also lock down a computing access device to a set of users only. Alternatively, it can also open, as per the business requirements, the device to any user. The profile is used to construct the different characteristics of the user's environment - desktop, applications, content, etc. The entire user's environment is confirmed as the user can customize his/her entire environment at any time.
Role manager component The Role Manager component manages the different roles that a user can take like official, personal, etc. The desktop, applications and content can vary based on the role. This component works with the Profile Management component mentioned above. Based on the role, a template profile is created for each user. The user can modify this template to make it specific for them.
Profile to Desktop translator
The Profile to Desktop translator component reads the profile of a user, retrieves the characteristics of each component from a central repository and creates the desktop as a webpage. The desktop of the computing access device is browser based and so the desktop screen is usually a web page. This component goes through the profile, retrieves the characteristics of each component from a central repository and creates the desktop as a webpage. This is sent over to the access device whenever the profile is changed. Utility Environment Manager
The Utility Environment Manager helps the setup, maintenance, change management and control of the entire environment. It provides interface, storage and mechanism to load profiles, applications, content and create and manage desktops and profiles for the customers. This component also takes care of the billing aspects of this environment.
It is thus possible by way of the present invention to provide a system and method for providing a service oriented utility computing mechanism according to the present invention involving the architectures and components required for the delivery, management .and control of a computing environment that provides the user with flexibility of accessing applications and services across operating systems at any time, using internet for the delivery of utility computing to users in different domains of activities. The system of the invention and method thereof directed to providing service oriented computing as utility in cloud computing environment ensure efficiency, security, flexibility, dynamic access to hardware resources, software or applications from multimedia content to productivity applications in a network bandwidth optimized mode of network communication across different OS, without loss or corruption of data, and wherein the resource optimization and cost optimization is extended for all the customers and the different players connected in the network. The system and method of the invention is adapted to providing a choice of solutions for their requirements. Importantly, the components of the system comprising Computing Access Devices, Network Component and Server Component for desired utility computing facility over cloud computing environment providing authorization, security as well as customized access to applications by the individual user in the network through novel user end devices, preferably thin network clients and servers, that allows the users to interact with the server, desktop, applications and data. The customers can also choose dynamically applications of their choice of a variety of configuration across different OS in said network, the access being logically separated into secured and unsecured area with separate set of control parameters. The invention is capable of providing applications dynamically across different bandwidths and the proactive management of the entire network with minimal human intervention, free of complexity involved with installation, maintenance and upgrade.

Claims

We Claim:
1. A system for providing a service oriented computing over the cloud (Internet) to users in different domains of activities comprising: an user end computing access device to provide for two distinct areas of user computing (a) a first secured control area wherein the user accesses data and applications that are resident locally on the device and/or also present remotely and which is managed remotely and (b) a second control area which is under the complete control of the user and the user can install his/her required software; an operative network component; and an operative server component.
2. A system as claimed in claim 1 wherein the boot up process is controlled by the said secured area and based on the number of control parameters the said second control area is allowed or disallowed by said secure area.
3. A system as claimed in anyone of claims 1 or 2 wherein said secure area is a server controlled area that delivers all the applications and content required by the user as service with said area preferably controlled by different subscription parameters and adapted to provide different applications and desktop based on the user's role which can be selected from home role for accessing standard applications to any other role like official role.
4. A system as claimed in anyone of claims 1 to 3 wherein the said unsecure area is adapted such that the user can install any software and store any data that they require, said data resident in this area can be selectively accessed based on operative parameters optionally further adapted such that the said user could have complete control over this area and can access the network and the internet from this area.
5. A system as claimed in anyone of claims 1 to 4 wherein said network component comprises variety of networks having different characteristics and depending on these characteristics the set of applications, content and features available to the user are varied.
6. A system as claimed in claim 5 wherein the primary parameters that are tracked are the bandwidth, latency and packet loss in the network.
7. A system as claimed in claim anyone of claims 1 to 6 wherein the said computing access device is adapted to keep track of the network characteristics it has to its servers and depending on the type of network available the user is informed of the applications and content that they can access.
8. A system as claimed in claim anyone of claims 1 to 7 wherein said server component comprises number of servers . preferably having element adapted to deploy, authenticate, customize, control manage and generate bills based on different aspects of the users needs under the utility computing environment.
9. A system as claimed in claim anyone of claims 1 to 8 wherein said server component comprises (i) a device authenticator (ii) profile manager (iii) role manager (iv) profile to desktop translator and (v) utility environment manager..
10. A system as claimed in claim anyone of claims 1 to 9 wherein said device Authenticator component is adapted to authenticate all the computing access devices in the utility computing network which ensures that the whole service is secure from intrusions and only authorized devices can access this environment and optionally also to control and manage access the utility network whereby the valid devices receive information on the users of the device and also of the servers that provide the services required by the respective devices.
11. A system as claimed in claim anyone of claims 1 to 10 wherein said profile management component is adapted to manage and control the profiles of the users of the utility computing system, said profile providing to construct the different characteristics of the user's environment including desktop, applications, content, the entire user's environment is confirmed as the user can customize his/her entire environment at any time, the profile manager can also lock down a computing access device with a set of users only or as per the business requirements can also open the device to any user in the system.
12. A system as' claimed in claim anyone of claims 1 to 11 wherein said role management component is adapted to manage the different roles that a user can take preferably the user can have different roles including official and personal, the desktop, applications and content can vary based on the role and the same is adapted to work with the said profile management component mentioned above such that based on the role, a template profile is created for each user, said user can modify this template to majce it specific for them.
13. A system as claimed in claim anyone of claims 1 to 12 comprising profile to desktop translator wherein the desktop of the computing access device is browser based and the desktop screen is usually a web page wherein the component goes through, the profile, retrieves the characteristics of each component from a central repository and creates the desktop as a webpage which is next sent over to the access device whenever the profile is changed.
14. A system as claimed in claim anyone of claims 1 to 13 comprising utility environment management component adapted to support the setup, maintenance, change management and control of the entire environment and also providing interface, storage and mechanism to load profiles, applications, content and create and manage desktops and profiles for the customers, said component further adapted for the billing aspects of this environment.
15. A method of providing a service oriented computing in a cloud computing environment to users of different domains using the system as claimed in anyone of claims 1 to 14 comprising: following steps for the delivery, management and control of a computing environment adapted to provide the user with flexibility of accessing applications and services across operating systems at any time without the hassles of installation, maintenance and upgrade; and involving steps for a service oriented utility computing for resource optimization and cost optimization for the customers and the different players by providing a choice of solutions for their requirements.
16. A system for providing a service oriented computing in a cloud computing environment to users in different domains of activities and method involving the same substantially as herein described and illustrated.
PCT/IN2009/000706 2008-12-22 2009-12-07 Mechanism for the delivery of computing as a utility for different domains over the internet WO2010073259A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN3216CH2008 2008-12-22
IN3216/CHE/2008 2008-12-22

Publications (3)

Publication Number Publication Date
WO2010073259A2 true WO2010073259A2 (en) 2010-07-01
WO2010073259A3 WO2010073259A3 (en) 2010-12-02
WO2010073259A4 WO2010073259A4 (en) 2011-02-17

Family

ID=42288205

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IN2009/000706 WO2010073259A2 (en) 2008-12-22 2009-12-07 Mechanism for the delivery of computing as a utility for different domains over the internet

Country Status (1)

Country Link
WO (1) WO2010073259A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140032651A1 (en) * 2012-07-30 2014-01-30 Novatium Solutions Pvt. Ltd. System and method for delivering cloud based utility services
US10748070B2 (en) 2015-07-31 2020-08-18 Microsoft Technology Licensing, Llc Identification and presentation of changelogs relevant to a tenant of a multi-tenant cloud service
US11140045B2 (en) 2015-07-31 2021-10-05 Microsoft Technology Licensing, Llc Changelog transformation and correlation in a multi-tenant cloud service

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030115443A1 (en) * 2001-12-18 2003-06-19 Cepulis Darren J. Multi-O/S system and pre-O/S boot technique for partitioning resources and loading multiple operating systems thereon
US20050235045A1 (en) * 2004-03-05 2005-10-20 International Business Machines Corporation Portable personal computing environment server
WO2005116888A2 (en) * 2004-05-26 2005-12-08 Man Bytes Dog Limited Method of providing computing resources to computers operated by different companies

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030115443A1 (en) * 2001-12-18 2003-06-19 Cepulis Darren J. Multi-O/S system and pre-O/S boot technique for partitioning resources and loading multiple operating systems thereon
US20050235045A1 (en) * 2004-03-05 2005-10-20 International Business Machines Corporation Portable personal computing environment server
WO2005116888A2 (en) * 2004-05-26 2005-12-08 Man Bytes Dog Limited Method of providing computing resources to computers operated by different companies

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140032651A1 (en) * 2012-07-30 2014-01-30 Novatium Solutions Pvt. Ltd. System and method for delivering cloud based utility services
US10748070B2 (en) 2015-07-31 2020-08-18 Microsoft Technology Licensing, Llc Identification and presentation of changelogs relevant to a tenant of a multi-tenant cloud service
US11140045B2 (en) 2015-07-31 2021-10-05 Microsoft Technology Licensing, Llc Changelog transformation and correlation in a multi-tenant cloud service

Also Published As

Publication number Publication date
WO2010073259A3 (en) 2010-12-02
WO2010073259A4 (en) 2011-02-17

Similar Documents

Publication Publication Date Title
US11501057B2 (en) Enabling file attachments in calendar events
US10936078B2 (en) Account management services for load balancers
US7650390B2 (en) System and method for playing rich internet applications in remote computing devices
US10848397B1 (en) System and method for enforcing compliance with subscription requirements for cyber-attack detection service
CN106462467B (en) Integrated API and UI for consuming services over different distributed networks
US9614737B1 (en) Appliance backnets in dedicated resource environment
US7954160B2 (en) Computer security intrusion detection system for remote, on-demand users
US9009323B1 (en) Enforceable launch configurations
US8190740B2 (en) Systems and methods for dynamically provisioning cloud computing resources
JP5492200B2 (en) Automatically distributed network protection
US10768903B2 (en) Virtualization layer for mobile applications
US7634548B2 (en) Distributed service deliver model
US20090287831A1 (en) Application distribution control system, application distribution control method, information processing apparatus, and client terminal
US11683349B2 (en) Dynamic security policy management
BRPI0707220A2 (en) methods and systems for providing access to a computing environment
US8839375B2 (en) Managing distributed operating system physical resources
EP1805943A2 (en) Service processor gateway system and appliance
WO2010035281A1 (en) Providing utility computing in a cloud computing environment
KR20180135124A (en) Management of computing sessions
US20120102170A1 (en) Collaborative QoS for Service Oriented Architectures
EP2266049A1 (en) Scalable hosting of user solutions
US8291479B2 (en) Method, hardware product, and computer program product for optimizing security in the context of credential transformation services
WO2010073259A2 (en) Mechanism for the delivery of computing as a utility for different domains over the internet
Sajjad et al. A component-based architecture for an autonomic middleware enabling mobile access to grid infrastructure
Ots et al. Workload Protection–IaaS

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09834230

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase in:

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 29/09/2011)

122 Ep: pct application non-entry in european phase

Ref document number: 09834230

Country of ref document: EP

Kind code of ref document: A2