Patents by Inventor William J. Rooney
William J. Rooney has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10031688Abstract: A computer-implemented method includes identifying a storage reallocation plan associated with a primary storage volume, a secondary storage volume, and one or more client computing devices; determining a systematic importance indicator associated with the primary storage volume; and determining a systematic connectivity indicator associated with the storage reallocation plan and the one or more client computing devices. The computer-implemented method further includes determining a storage reallocation conclusion based on the systematic importance indicator and the systematic connectivity indicator. A corresponding computer program product and computer system are also disclosed.Type: GrantFiled: August 31, 2016Date of Patent: July 24, 2018Assignee: International Business Machines CorporationInventors: Tariq Hanif, William J. Rooney
-
Patent number: 9998459Abstract: Technical solutions are described for securely deploying a shrouded virtual server. An example method includes sending, by a host manager, authentication information of a hosting system to a client device in response to a request from the client device. The \method also includes receiving a request to deploy a virtual server using a shrouded mode. The method also includes deploying a preconfigured hypervisor on the hosting system, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending, by the host manager, an identifier of the virtual server for receipt by the client device.Type: GrantFiled: November 17, 2017Date of Patent: June 12, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Khary J. Alexander, Utz Bacher, Reinhard T. Buendgen, Patrick J. Callaghan, John C. Dayka, Thomas B. Mathias, K. Paul Muller, James A. O'Connor, William J. Rooney, Kurt N. Schroeder, Peter G. Spera, Tiberiu Suto, Sean Swehla, Stefan Usenbinz, Craig R. Walters
-
Publication number: 20180102899Abstract: Technical solutions are described for authenticating a hosting system prior to securely deploying a shrouded virtual server. An example method includes receiving, by a hypervisor, a request for a public certificate, from a client device that requested the virtual server, and sending the public certificate of the hosting system that executes the hypervisor. The method also includes receiving, in response to the public certificate being successfully authenticated by the client device using a third-party verification system, a session key based on a public key included in the public certificate. The method also includes decrypting the session key using a private key, where the private key is pre-installed in the hosting system by a manufacturer of the hosting system, and sending an acknowledgement message encrypted using the session key. The method also includes establishing a secure communication between the client device and the hypervisor using the session key.Type: ApplicationFiled: December 27, 2017Publication date: April 12, 2018Inventors: Khary J. Alexander, Reinhard T. Buendgen, K. Paul Muller, James A. O'Connor, William J. Rooney, Tiberiu Suto, Craig R. Walters
-
Publication number: 20180088844Abstract: A method, computer program product, and/or system for performing a selection of a plurality of auxiliary storage sites in a multi-target environment in preparation for a hyper exchange are/is provided. To perform the selection, a failure is first detected with respect to a primary storage site in the multi-target environment. Then, aggregate weights are determined based on a management policy for the plurality of auxiliary storage sites. In turn, an auxiliary storage site with a first aggregate weight is selected from the plurality of auxiliary storage sites. With the auxiliary storage site selected, the hyper exchange of a plurality of systems in a multi-target environment in response to the failure is triggered from the primary storage site to the auxiliary storage site with the first aggregate weight.Type: ApplicationFiled: December 13, 2017Publication date: March 29, 2018Inventors: TARIQ HANIF, WILLIAM J. ROONEY
-
Publication number: 20180083948Abstract: Technical solutions are described for extending shrouding capability of a virtual server hosting system. An example method includes receiving a request to deploy a shrouded virtual server using a predetermined set of hardware components, and using a shrouded mode. The method also includes adding a guest server to the hosting system, the guest server including the predetermined set of hardware components. The method also includes deploying a preconfigured hypervisor on the guest server, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending an identifier of the virtual server for receipt by the client device.Type: ApplicationFiled: November 29, 2017Publication date: March 22, 2018Inventors: Reinhard T. Buendgen, Jeffrey A. Frey, Jeb R. Linton, James A. O'Connor, William J. Rooney, George C. Wilson
-
Publication number: 20180081846Abstract: A system and method of implementing a firm channel in a computer system are provided. The method including identifying at least one of a channel and a channel path ID (CHPID) as a first firm channel, automatically defining a logical path between a first device and a second device using the first firm channel, and storing the logical path in a configuration file of the computer system, wherein the logical path is accessible at system initialization.Type: ApplicationFiled: September 19, 2016Publication date: March 22, 2018Inventors: Scott B. Compton, Dale F. Riedy, William J. Rooney
-
Publication number: 20180069852Abstract: A computer program product and a computer system for generating and deploying a secure boot image and encrypted client data to a trusted computer system. Embodiments of the present invention disclose deploying a secure boot image and encrypted client data from a client to a trusted computer system. Embodiments of the present invention disclose booting a confidential image on a trusted computer system. Embodiments of the present invention also disclose a process of dumping a confidential image on the trusted computer system.Type: ApplicationFiled: November 8, 2017Publication date: March 8, 2018Inventors: Reinhard T. Buendgen, James A. O'Connor, William J. Rooney
-
Patent number: 9912478Abstract: Technical solutions are described for authenticating a hosting system prior to securely deploying a shrouded virtual server. An example method includes receiving, by a hypervisor, a request for a public certificate, from a client device that requested the virtual server, and sending the public certificate of the hosting system that executes the hypervisor. The method also includes receiving, in response to the public certificate being successfully authenticated by the client device using a third-party verification system, a session key based on a public key included in the public certificate. The method also includes decrypting the session key using a private key, where the private key is pre-installed in the hosting system by a manufacturer of the hosting system, and sending an acknowledgement message encrypted using the session key. The method also includes establishing a secure communication between the client device and the hypervisor using the session key.Type: GrantFiled: December 14, 2015Date of Patent: March 6, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Khary J. Alexander, Reinhard T. Buendgen, K. Paul Muller, James A. O'Connor, William J. Rooney, Tiberiu Suto, Craig R. Walters
-
Publication number: 20180063136Abstract: Technical solutions are described for securely deploying a shrouded virtual server. An example method includes sending, by a host manager, authentication information of a hosting system to a client device in response to a request from the client device. The \method also includes receiving a request to deploy a virtual server using a shrouded mode. The method also includes deploying a preconfigured hypervisor on the hosting system, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending, by the host manager, an identifier of the virtual server for receipt by the client device.Type: ApplicationFiled: November 17, 2017Publication date: March 1, 2018Inventors: Khary J. Alexander, Utz Bacher, Reinhard T. Buendgen, Patrick J. Callaghan, John C. Dayka, Thomas B. Mathias, K. Paul Muller, James A. O'Connor, William J. Rooney, Kurt N. Schroeder, Peter G. Spera, Tiberiu Suto, Sean Swehla, Stefan Usenbinz, Craig R. Walters
-
Publication number: 20180059979Abstract: A computer-implemented method includes identifying a storage reallocation plan associated with a primary storage volume, a secondary storage volume, and one or more client computing devices; determining a systematic importance indicator associated with the primary storage volume; and determining a systematic connectivity indicator associated with the storage reallocation plan and the one or more client computing devices. The computer-implemented method further includes determining a storage reallocation conclusion based on the systematic importance indicator and the systematic connectivity indicator. A corresponding computer program product and computer system are also disclosed.Type: ApplicationFiled: August 31, 2016Publication date: March 1, 2018Inventors: Tariq Hanif, William J. Rooney
-
Patent number: 9898214Abstract: A method, computer program product, and/or system for performing a selection of a plurality of auxiliary storage sites in a multi-target environment in preparation for a hyper exchange are/is provided. To perform the selection, a failure is first detected with respect to a primary storage site in the multi-target environment. Then, aggregate weights are determined based on a management policy for the plurality of auxiliary storage sites. In turn, an auxiliary storage site with a first aggregate weight is selected from the plurality of auxiliary storage sites. With the auxiliary storage site selected, the hyper exchange of a plurality of systems in a multi-target environment in response to the failure is triggered from the primary storage site to the auxiliary storage site with the first aggregate weight.Type: GrantFiled: September 29, 2015Date of Patent: February 20, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Tariq Hanif, William J. Rooney
-
Patent number: 9894061Abstract: A method for booting and dumping a confidential image on a trusted computer system. Embodiments of the present invention disclose deploying a secure boot image and encrypted client data from a client to a trusted computer system. Embodiments of the present invention disclose booting a confidential image on a trusted computer system. Embodiments of the present invention also disclose a process of dumping a confidential image on the trusted computer system.Type: GrantFiled: October 16, 2015Date of Patent: February 13, 2018Assignee: International Business Machines CorporationInventors: Reinhard T. Buendgen, James A. O'Connor, William J. Rooney
-
Patent number: 9894051Abstract: Technical solutions are described for extending shrouding capability of a virtual server hosting system. An example method includes receiving a request to deploy a shrouded virtual server using a predetermined set of hardware components, and using a shrouded mode. The method also includes adding a guest server to the hosting system, the guest server including the predetermined set of hardware components. The method also includes deploying a preconfigured hypervisor on the guest server, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending an identifier of the virtual server for receipt by the client device.Type: GrantFiled: December 14, 2015Date of Patent: February 13, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Reinhard T. Buendgen, Jeffrey A. Frey, Jeb R. Linton, James A. O'Connor, William J. Rooney, George C. Wilson
-
Patent number: 9882901Abstract: Technical solutions are described for securely deploying a shrouded virtual server. An example method includes sending, by a host manager, authentication information of a hosting system to a client device in response to a request from the client device. The \method also includes receiving a request to deploy a virtual server using a shrouded mode. The method also includes deploying a preconfigured hypervisor on the hosting system, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending, by the host manager, an identifier of the virtual server for receipt by the client device.Type: GrantFiled: December 14, 2015Date of Patent: January 30, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Khary J. Alexander, Utz Bacher, Reinhard T. Buendgen, Patrick J. Callaghan, John C. Dayka, Thomas B. Mathias, K. Paul Muller, James A. O'Connor, William J. Rooney, Kurt N. Schroeder, Peter G. Spera, Tiberiu Suto, Sean Swehla, Stefan Usenbinz, Craig R. Walters
-
Publication number: 20170364426Abstract: Provided are a computer program product, system, and method for managing health conditions to determine when to restart replication after a swap triggered by a storage health event. A determination is made of a health condition with respect to access to a first storage that triggers a swap operation. The swap operation redirects host Input/Output (I/O) requests to data from a first server to a second server in response to determining the health condition. After the swap operation the I/O requests are directed to the second server and a second storage. The second server is instructed to mirror data in the second storage to the first server to store in the first storage in response to determining that the health condition is resolved.Type: ApplicationFiled: June 20, 2016Publication date: December 21, 2017Inventors: David R. Blea, Gregory E. McBride, Carol S. Mellgren, Tabor R. Powelson, William J. Rooney
-
Publication number: 20170364427Abstract: Provided are a computer program product, system, and method for after swapping from a first storage to a second storage, mirroring data from the second storage to the first storage for data in the first storage that experienced data errors. A swap operation redirects host Input/Output (I/O) requests to data from the first server to the second server in response to a health condition at the first server. A determination is made of data errors with respect to data in the first storage that experienced data errors. The second server is instructed to mirror data in the second storage to the first server including data for the data in the first storage that experienced the data errors to store in the first storage in response to determining that the first server is available for the data mirroring operations.Type: ApplicationFiled: June 20, 2016Publication date: December 21, 2017Inventors: David R. Blea, Gregory E. McBride, Carol S. Mellgren, Tabor R. Powelson, William J. Rooney
-
Publication number: 20170171179Abstract: Technical solutions are described for extending shrouding capability of a virtual server hosting system. An example method includes receiving a request to deploy a shrouded virtual server using a predetermined set of hardware components, and using a shrouded mode. The method also includes adding a guest server to the hosting system, the guest server including the predetermined set of hardware components. The method also includes deploying a preconfigured hypervisor on the guest server, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending an identifier of the virtual server for receipt by the client device.Type: ApplicationFiled: December 14, 2015Publication date: June 15, 2017Inventors: Reinhard T. Buendgen, Jeffrey A. Frey, Jeb R. Linton, James A. O'Connor, William J. Rooney, George C. Wilson
-
Publication number: 20170170971Abstract: Technical solutions are described for extending shrouding capability of a virtual server hosting system. An example method includes receiving a request to deploy a shrouded virtual server using a predetermined set of hardware components, and using a shrouded mode. The method also includes adding a guest server to the hosting system, the guest server including the predetermined set of hardware components. The method also includes deploying a preconfigured hypervisor on the guest server, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending an identifier of the virtual server for receipt by the client device.Type: ApplicationFiled: June 7, 2016Publication date: June 15, 2017Inventors: Reinhard T. Buendgen, Jeffrey A. Frey, Jeb R. Linton, James A. O'Connor, William J. Rooney, George C. Wilson
-
Publication number: 20170171164Abstract: Technical solutions are described for authenticating a hosting system prior to securely deploying a shrouded virtual server. An example method includes receiving, by a hypervisor, a request for a public certificate, from a client device that requested the virtual server, and sending the public certificate of the hosting system that executes the hypervisor. The method also includes receiving, in response to the public certificate being successfully authenticated by the client device using a third-party verification system, a session key based on a public key included in the public certificate. The method also includes decrypting the session key using a private key, where the private key is pre-installed in the hosting system by a manufacturer of the hosting system, and sending an acknowledgement message encrypted using the session key. The method also includes establishing a secure communication between the client device and the hypervisor using the session key.Type: ApplicationFiled: December 14, 2015Publication date: June 15, 2017Inventors: Khary J. Alexander, Reinhard T. Buendgen, K. Paul Muller, James A. O'Connor, William J. Rooney, Tiberiu Suto, Craig R. Walters
-
Publication number: 20170171197Abstract: Technical solutions are described for securely deploying a shrouded virtual server. An example method includes sending, by a host manager, authentication information of a hosting system to a client device in response to a request from the client device. The \method also includes receiving a request to deploy a virtual server using a shrouded mode. The method also includes deploying a preconfigured hypervisor on the hosting system, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending, by the host manager, an identifier of the virtual server for receipt by the client device.Type: ApplicationFiled: December 14, 2015Publication date: June 15, 2017Inventors: Khary J. Alexander, Utz Bacher, Reinhard T. Buendgen, Patrick J. Callaghan, John C. Dayka, Thomas B. Mathias, K. Paul Muller, James A. O'Connor, William J. Rooney, Kurt N. Schroeder, Peter G. Spera, Tiberiu Suto, Sean Swehla, Stefan Usenbinz, Craig R. Walters