The present invention relates to a computer system in which a particular user logs in to a remote computer via network by using an unspecified terminal to access a particular external storage device, and more particularly to a technology for managing this system.
As the Internet becomes more widespread, there is a growing call for the user to be able to send or receive mail, access Web sites, create documents and perform other works using personal computers at places away from his or her office, at home or other places than those where such computer-related works are normally executed. To meet this demand, a system has been in service by which the user can access his or her computer at a remote location (workplace) from an electronic terminal at hand through the network and display a computer desktop screen on the electronic terminal (terminal service).
There are two types of the terminal service.
One type allows multiple users to share one computer at a remote location and the other is a P2P (Peer to Peer) type in which one user occupies one remote computer. The P2P is also called a remote desktop function.
In the P2P type, using an arbitrary client terminal (hereinafter simply referred to as a “terminal”), each user can freely set his or her own environment and applications in a remote computer through the network. As long as the remote computer is reachable in terms of the Internet protocol of the network (IP reachable), there are no limitations on the kind of client terminal, geographical positions of the user, and the kind of communication line used, e.g., whether it is wired or wireless.
As one example of the P2P type terminal service, WO2005/101205A1 may be cited. This patent document, however, describes simply identifying a client terminal connected to the remote computer according to an IP address and authenticating the user using the client terminal and does not fully consider the management between the user and the system.
In a conventional voice telephone system where the user uses a service through an arbitrary terminal, one method for identifying the user using the terminal in order to charge for each user involves acquiring information on the user and the terminal during the process of user authentication as shown in EP1054529A. Another conventional method involves managing a correspondence between the user and a server computer that the user accesses and linking an access to the storage device made by the server computer of interest to the user as shown in 2003-330622.
An example of system configuration for the P2P type terminal service centralizes all remote computers accessed by users at a center. The centrally located remote computers may use a computer unit comprised of one printed circuit board, called a blade, on which CPU, I/O and other electronic devices are mounted. There is another system configuration in which a plurality of blades with no storage area (hereinafter referred to as diskless blades) connect to an external storage through network. Each user makes an access from the client terminal through the network to one of the diskless blades, which loads an operating system (OS) and application software from the external storage and executes them.
In the latter system configuration, if a storage area in the external storage is allotted to users as storage areas unique to respective users, the user can build his or her own environment by simply accessing the user's unique storage area from any terminal through any blade. In this case, there is no need to specify the terminal or blade. The diskless blade can load individual users' personal environments by mounting the users' unique storage areas.
In such system configurations, however, since the blades are allotted to the users, an administrator of the blades needs to ensure that an authorized user uses an authorized blade and accesses an authorized storage area. For this purpose, it is necessary to acquire information on the users, client terminals, blades and storage areas and the correspondence among them. Conventional technologies have not given sufficient consideration to these problems.
If the system can acquire such correspondence information and build system component relations and if the blade administrator can centrally manage these system component relations, the blade administrator can not only maintain the blades and other hardware but also update and modify the operating system and application software, the user's personal environment.
In the terminal service, when the screen on the user's client terminal does not function normally, for example, the user cannot decide whether this has been caused by a communication failure or abnormal halt of OS, unlike in a situation where hardware resources are available near the user. So, the administrator of the remote computers must deal with troubles of the users. Communication failures need to be notified to the user. Therefore, the administrator is required to know the state of use, i.e., which user is using which blade, and perform necessary works for the user such as restoring failed OS, updating software and modifying programs. Conventional technologies do not take sufficient measures in these respects.
In a remote access system that uses blades for the centralized computers and assigns storage areas accessed by the blades to individual users, the user may use a different blade in each access. Further, the user may use a different client terminal in each access. Since the client terminal for the user is not fixed, the IP address may change from one session to another. Therefore, the user using a particular blade cannot be identified from only the IP address information on the client terminal connected to that blade.
For example, the technology disclosed in WO2005/101205A1 does not make clear how the system acquires the network information that the client terminal has. In the technology in JP-A-2001-044992, the server to which the user connects is fixed and the relation between the user and the terminal used is only acquired during connection. In the technology in JP-A-2003-330622, when setting an authority to access the storage area, user information as well as an identifier of the server computer and port identifier is managed. But the relation between the user and the blade is not preset.
In a remote access system that uses blades for the centralized computers, assigns IP addresses of the users' client terminals to blades and allocates the storage area to individual users, since the relation among the user, client terminal, blade and storage area accessed by the blade changes from one session to another, real-time information acquisition and management is difficult depending on the conventional technology.