Mary E Robb

US Patent:

6886100, Apr 26, 2005

Filed:

May 15, 2001

Appl. No.:

09/855937

Inventors:

Richard D. Harrah - Seattle WA, US
Jeffrey R. Finz - Portland OR, US
Mary Thomas Robb - Fort Collins CO, US
Terence E. Lister - Fort Collins CO, US
Paula B. Curtis - Windsor CO, US
Douglas P. Drees - Fort Collins CO, US

Assignee:

Hewlett-Packard Development Company, L.P. - Houston TX

International Classification:

H04L009/00

US Classification:

713200, 713201

Abstract:

A method and apparatus for managing tool execution via roles on a computer system while maintaining computer system security, wherein the computer system comprises a plurality of roles, are disclosed. Such a method and apparatus may include delegating tools to a user based on a role, wherein a tool provides root access for performing a specific task in the computer system and the role is an authorized role that enables the user to run the delegated tools, identifying one of the plurality of roles to be disabled, wherein the identified role is the authorized role, accessing the identified role, and, disabling the identified role so that the user cannot run the delegated tool(s). Disabled roles may likewise be enabled according to a disclosed method and apparatus. Embodiments of the invention may comprise authorization objects that comprise attributes identifying the roles and machine for which a user is authorized.

US Patent:

7093125, Aug 15, 2006

Filed:

May 8, 2001

Appl. No.:

09/850793

Inventors:

Mary Thomas Robb - Fort Collins CO, US
Richard D. Harrah - Seattle WA, US
Jeffrey R. Finz - Portland OR, US
Douglas P. Drees - Fort Collins CO, US
Terence E. Lister - Fort Collins CO, US
Paula Curtis - Windsor CO, US

Assignee:

Hewlett-Packard Development Company, L.P. - Houston TX

International Classification:

H04L 9/00
H04L 9/32
H04K 1/00
G06F 7/04
G06F 17/30
G06K 9/00

US Classification:

713166, 713164, 713165, 726 26, 726 27, 726 28

Abstract:

A method and apparatus for delegating root access to non-root users of a computer system while maintaining computer system security are disclosed. Such a method may include authorizing a role for a user, wherein the authorized role includes one or more tools and the tools enable root access for certain tasks that the tools perform when run, whereby the one or more tools are delegated to the user and authorizing a machine of the computer system for the authorized role, wherein the computer system comprises a plurality of machines and the user is enabled to utilize the authorized role only on authorized machines, whereby utilizing the authorized role comprises running the one or more tools of the authorized role. Embodiments of the invention may comprise authorization objects that comprise attributes identifying a user and the roles and machine for which the user is authorized.

US Patent:

7188343, Mar 6, 2007

Filed:

May 18, 2001

Appl. No.:

09/859374

Inventors:

Douglas P. Drees - Fort Collins CO, US
Richard Dale Harrah - Seattle WA, US
Mary Thomas Robb - Fort Collins CO, US
Terence E. Lister - Fort Collins CO, US
Michael Scheetz - Fort Collins CO, US
Miha Wang - Cupertino CA, US
Warren I Otsuka - Campbell CA, US
Roger William Kumpf - Cupertino CA, US
Jenny Yu - Saratoga CA, US

Assignee:

Hewlett-Packard Development Company, L.P. - Houston TX

International Classification:

G06F 9/46

US Classification:

718100, 718106, 709205, 709223

Abstract:

A system and method for managing multiple server computer systems on a computer network. The functions of a central management server are distributed to multiple daemons executing independently of each other on one or more computer systems. Distributing the functions of the central management server to separate multiple daemons substantially improves the reliability of a multi-server management application.

US Patent:

20020165902, Nov 7, 2002

Filed:

May 3, 2001

Appl. No.:

09/848711

Inventors:

Mary Robb - Fort Collins CO, US
Humberto Sanchez - Ft Collins CO, US
Michael Scheetz - Fort Collins CO, US

International Classification:

G06F015/16

US Classification:

709/202000

Abstract:

A method and apparatus of logging events independently and separately from other processes in a computer system are disclosed. A method for logging events by cloning a log entry submitted by a consumer and releasing control of the log entry to the consumer so that execution of an event may continue is disclosed. A log manager that receives requests for writing event log entries to a log file while enabling the execution of the event to continue independently is disclosed.

US Patent:

20020174256, Nov 21, 2002

Filed:

Apr 5, 2001

Appl. No.:

09/827150

Inventors:

Carlos Bonilla - Fort Collins CO, US
Douglas Drees - Fort Collins CO, US
Mary Robb - Fort Collins CO, US
Jeffrey Finz - Portland OR, US
Terence Lister - Fort Collins CO, US
Humberto Sanchez - Ft Collins CO, US
Paula Curtis - Windsor CO, US
Richard Harrah - Seattle WA, US

International Classification:

G06F015/163
G06F009/54
G06F009/00
G06F015/16

US Classification:

709/310000, 709/205000

Abstract:

A service control manager (SCM) module may, through a light weight centraized authorization process, assign certain tools to a role so that a non-root user with such role may run the authorized commands specified in the tools as a root user. The usage of these commands is tracked and logged, typically by a log manager who observes each of the commands that are run within the role. If the non-root user tries to run a command that is not assigned to the role, the log manager may block that attempt. Therefore the lightweight authorization may be achieved without compromising security. The user may also be given a finer granularity of running specific commands and options. In addition, the non-root user with the role may only need to be authorized on one node (machine) to be able to perform the commands on multiple nodes.

US Patent:

20030033085, Feb 13, 2003

Filed:

May 10, 2001

Appl. No.:

09/852890

Inventors:

Humberto Sanchez - Ft. Collins CO, US
Richard Harrah - Seattle WA, US
Douglas Drees - Fort Collins CO, US
Michael Scheetz - Fort Collins CO, US
Miha Wang - Cupertino CA, US
Roger Kumpf - Cupertino CA, US
Jenny Yu - Saratoga CA, US
Bapugouda Patil - Milpitas CA, US
Mary Robb - Fort Collins CO, US
Donald Suit - Fort Collins CO, US
Warren Otsuka - Cambell CA, US
Nagaraja Boranna - Cupertino CA, US

International Classification:

G06F019/00

US Classification:

702/001000

Abstract:

An embodiment of an object class test involves constructing objects from classes, developing a unit class test for each object, passing data into each object using the unit class test, and retrieving data from each object using the unit class test to determine if the object is functional. Accordingly, the object class test ensures that each object is functional before the objects are installed in a software development system. In addition, the object class test documents and implements source code necessary to produce standard output messages from the unit class test for each class, thus formalizing the object class test output into an easily parseable and human readable format.