Search

US-12625693-B2 - Streamlined installation and management of remote computing applications

US12625693B2US 12625693 B2US12625693 B2US 12625693B2US-12625693-B2

Abstract

A system for conserving computing and operator resources by streamlining the installation and management of applications on a remote host system, such as a cloud-based system. The system may receive from an operator, a requested modification of an application installation image stored in a secure registry of the remote host system. In response, the system may authenticate the operator, and verify that the requested modification is a permitted modification. The system can also transmit a notification of the requested modification to other operators to allow the other operators an opportunity to object to the requested modification. In the absence of objections, the system may cause the requested modification to be executed.

Inventors

  • Murali Mohanan
  • Deepak JANKE

Assignees

  • TRUIST BANK

Dates

Publication Date
20260512
Application Date
20240620

Claims (20)

  1. 1 . A decentralized system for executing user action requests comprising: a remote cloud-based portion comprising: a host server; a secure registry on the host server; and a plurality of application installation images stored in the secure registry; a local portion comprising: a processor; a memory communicatively coupled to the processor, the memory including instructions that are executable by the processor to cause the processor to perform operations comprising: receiving, from a third-party user, a request to execute an action; in response to receiving the request to execute an action, receiving via a local user interface, from a first operator of a plurality of operators, a request to deploy an application installation image of the plurality of application installation images stored in the secure registry of the host server, the application installation image associated with an application usable to execute the requested action; authenticating, by an authentication module, an identity of the first operator; determining, by an authorization module, that defined constraints of an authorized access level of the first operator permit the first operator to request deployment of the application installation image; notifying, by a notification module, other operators of the plurality of operators, of the request to deploy the application installation image; receiving, via the local user interface, from a second operator of the plurality of operators, a request to modify the application installation image prior to deploying the application installation image; verifying that the requested modification is a permitted modification, by comparing the requested modification to a stored set of predetermined permitted modifications; transmitting a notification of the requested modification to at least some of the plurality of operators via the local user interface, the notification identifying the second operator and including or enabling a feedback interface for receiving and logging objections to the requested modification that are made by one or more of the at least some of the plurality of operators within a predefined length of time; and receiving an operator objection to the requested modification within the predefined length of time and resultantly postponing or prohibiting deployment of the application installation image; or receiving no operator objections to the requested modification within the predefined length of time and resultantly causing an execution engine of the host server to deploy the application installation image to create a container, to thereafter run the container to execute functions of an application installed by the application installation image within the container, and to execute the requested action using the application.
  2. 2 . The decentralized system of claim 1 , wherein authenticating the identity of the operator includes assigning a unique authentication token to the operator, the unique authentication token transmissible with communications between the operator and the host server of the remote cloud-based portion of the system, and usable to authenticate the operator to the remote cloud-based portion of the system and to identify the operator to other operators of the plurality of operators.
  3. 3 . The decentralized system of claim 1 , further comprising a perimeter network between the third-party user and the cloud-based portion and the local portion of the decentralized system.
  4. 4 . The decentralized system of claim 1 , wherein the host server is a physical server or a virtual server of a cloud service provider.
  5. 5 . The decentralized system of claim 1 , wherein the request to execute an action is a request to process an electronic transaction, and the application that is installable by deploying the application installation image is a transaction processing application.
  6. 6 . The decentralized system of claim 1 , wherein the local portion further comprises a backup server implemented as a witness node application server that is communicatively coupled to a database and configured to store system metadata for use in a case of a system failure.
  7. 7 . The decentralized system of claim 1 , further comprising an operator objections log communicatively coupled to the feedback interface to temporarily store objections raised by one or more of the plurality of operators to requested application installation image deployments or modifications.
  8. 8 . A computer-implemented method comprising: receiving, by a processor of a local portion of a system for processing user action requests, a third-party user request to execute an action; in response to receiving the request to execute an action, receiving, by the processor, via a local user interface, from a first operator of a plurality of operators, a request to deploy an application installation image of a plurality of application installation images stored in a secure registry of a host server of a remote cloud-based portion of the system, the application installation image associated with an application usable to execute the requested action; authenticating, by the processor, using an authentication module, an identity of the first operator; determining, by the processor, using an authorization module, that the first operator is permitted according to defined constraints of an authorized access level of the first operator, to request deployment of the application installation image; notifying, by the processor, using a notification module, other operators of the plurality of operators of the request to deploy the application installation image; receiving, via the local user interface, from a second operator of the plurality of operators, a request to modify the application installation image prior to deploying the application installation image; verifying that the requested modification is a permitted modification, by comparing the requested modification to a stored set of predetermined permitted modifications; transmitting a notification of the requested modification to at least some of the plurality of operators via the local user interface, the notification identifying the second operator and including or enabling a feedback interface for receiving and logging objections to the requested modification that are made by one or more of the at least some of the plurality of operators within a predefined length of time; and receiving an operator objection to the requested modification within the predefined length of time and resultantly postponing or prohibiting deployment of the application installation image; or receiving no operator objections to the requested modification within the predefined length of time and resultantly causing, by the processor, an execution engine of the host server to deploy the application installation image to create a container, to thereafter run the container to execute functions of an application installed by the application installation image within the container, and to execute the requested action using the application.
  9. 9 . The computer-implemented method of claim 8 , wherein authenticating the identity of the operator includes assigning a unique authentication token to the operator, the unique authentication token transmissible with communications between the operator and the host server of the remote cloud-based portion of the system, and usable to authenticate the operator to the remote cloud-based portion of the system and to identify the operator to other operators of the plurality of operators.
  10. 10 . The computer-implemented method of claim 8 , wherein the modification to the application installation image is replacement of the application installation image with a new application installation image.
  11. 11 . The computer-implemented method of claim 8 , wherein the host server is a physical server or a virtual server of a cloud service provider.
  12. 12 . The computer-implemented method of claim 8 , wherein the request to execute an action is a request to process an electronic transaction, and the application that is installed upon deploying the application installation image is a transaction processing application.
  13. 13 . The computer-implemented method of claim 8 , further comprising storing, by a backup server that is implemented as a witness node application server of the local portion, system metadata in database that is communicatively coupled to the backup server.
  14. 14 . The computer-implemented method of claim 8 , further comprising temporarily storing objections raised by one or more of the plurality of operators to requested application installation image deployments or modifications in an operator objections log that is communicatively coupled to the feedback interface.
  15. 15 . A non-transitory computer-readable medium comprising instructions that are executable by a processor for causing the processor to perform operations comprising: receiving at a local portion of a system for processing user action requests, a third-party user request to execute an action; in response to receiving the request to execute an action, receiving, via a local user interface, from a first operator of a plurality of operators, a request to deploy an application installation image of a plurality of application installation images stored in a secure registry of a host server of a remote cloud-based portion of the system, the application installation image associated with an application usable to execute the requested action; authenticating, by an authentication module, an identity of the first operator; determining, by an authorization module, that the first operator is permitted according to defined constraints of an authorized access level of the first operator, to request deployment of the application installation image; notifying, by a notification module, other operators of the plurality of operators of the request to deploy the application installation image; receiving, via the local user interface, from a second operator of the plurality of operators, a request to modify the application installation image prior to deploying the application installation image; verifying that the requested modification is a permitted modification, by comparing the requested modification to a stored set of predetermined permitted modifications; transmitting a notification of the requested modification to at least some of the plurality of operators via the local user interface, the notification identifying the second operator and including or enabling a feedback interface for receiving and logging objections to the requested modification that are made by one or more of the at least some of the plurality of operators within a predefined length of time; and receiving an operator objection to the requested modification within the predefined length of time and resultantly postponing or prohibiting deployment of the application installation image; or receiving no operator objections to the requested modification within the predefined length of time and resultantly causing an execution engine of the host server to deploy the application installation image to create a container, to thereafter run the container to execute functions of an application installed by the application installation image within the container, and to execute the requested action using the application.
  16. 16 . The non-transitory computer-readable medium of claim 15 , wherein authenticating the identity of the operator includes assigning a unique authentication token to the operator, the unique authentication token transmissible with communications between the operator and the host server of the remote cloud-based portion of the system, and usable to authenticate the operator to the remote cloud-based portion of the system and to identify the operator to other operators of the plurality of operators.
  17. 17 . The non-transitory computer-readable medium of claim 15 , wherein the modification to the application installation image is replacement of the application installation image with a new application installation image.
  18. 18 . The non-transitory computer-readable medium of claim 15 , wherein the request to execute an action is a request to process an electronic transaction, and the application that is installable by deploying the application installation image is a transaction processing application.
  19. 19 . The non-transitory computer-readable medium of claim 15 , wherein the operations further comprise causing a backup server that is implemented as a witness node application server of the local portion to store system metadata in database that is communicatively coupled to the backup server.
  20. 20 . The non-transitory computer-readable medium of claim 15 , wherein the operations further comprise causing objections raised by one or more of the plurality of operators to requested application installation image deployments or modifications to be temporarily stored in an operator objections log that is communicatively coupled to the feedback interface.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS This application is a continuation of U.S. patent application Ser. No. 18/746,550, filed Jun. 18, 2024, titled “STREAMLINED INSTALLATION AND MANAGEMENT OF REMOTE COMPUTING APPLICATIONS,” the entirety of which is incorporated herein by reference. TECHNICAL FIELD The present disclosure relates generally to computing infrastructure, and more particularly, although not exclusively, to conserving computing and user resources through decentralized but authorized installation and management of remote computing applications. BACKGROUND In computing system infrastructure, operators of a computing system are frequently located remotely from the various components of the computing system. Various operators may also be located remotely from each other. For example, a computing system of an entity may be hosted by a cloud service provider, where various applications associated with the computing system execute on physical or virtual servers of the cloud service provider rather than at a traditional data center where the system operators are located. Such computing systems involve complicated and resource consuming management activities to execute and maintain, particularly when multiple operators are responsible for various aspects and the operators represent different interests of the entity and are located remotely from each other. SUMMARY According to one example of the present disclosure, a system may include a processor, and a memory that is communicatively coupled to the processor and includes instructions that are executable by the processor to cause the processor to perform operations. The operations may include receiving, over a network via a user interface, from an operator of a plurality of operators, a requested modification of an application installation image stored in a secure registry of a remote host system. The operations may also include authenticating an identity of the operator, and verifying that the requested modification is a permitted modification by comparing the requested modification to a stored set of predetermined permitted modifications. The operations may additionally include transmitting a notification of the requested modification to at least some of the plurality of operators via the user interface, the notification identifying the operator and including or enabling a feedback interface for receiving and logging operator objections to the requested modification that are made within a predefined length of time. The operations may further include, in response to determining that the predefined length of time after transmitting the notification has ended, determining an absence of any logged objections to the requested modification during the predefined length of time. The operations may yet further include, based on determining the absence of any logged objections, causing the requested modification to be executed. According to another example of the present disclosure, a computer-implemented method may include receiving, by a processor, over a network via a user interface, from an operator of a plurality of operators, a requested modification of an application installation image stored in a secure registry of a remote host system. The method may also include authenticating, by the processor, an identity of the operator, and verifying, by the processor, that the requested modification is a permitted modification, by comparing the requested modification to a stored set of predetermined permitted modifications. The method may additionally include transmitting, by the processor, a notification of the requested modification to at least some of the plurality of operators via the user interface, the notification identifying the operator and including or enabling a feedback interface for receiving and logging operator objections to the requested modification that are made within a predefined length of time. The method may further include, in response to determining that the predefined length of time after transmitting the notification has ended, determining, by the processor, an absence of any logged objections to the requested modification during the predefined length of time. The method may yet further include, based on determining the absence of any logged objections, causing the requested modification to be executed. According to another example of the present disclosure, a non-transitory computer readable medium may contain instructions that are executable by a processor to cause the processor to perform operations. The operations may include receiving, over a network via a user interface, from an operator of a plurality of operators, a requested modification of an application installation image stored in a secure registry of a remote host system. The operations may also include authenticating an identity of the operator, and verifying that the requested modification is a permitted modification by comparing the requested modification to a stored set