Computerized devices such as computer systems, workstations, data communications devices (e.g., routers, switches, hubs, and the like) or other electronic devices often contain existing configurable state information within the device that controls some aspect of the operation of the computerized device. As an example, a computerized device such as a personal computer includes (e.g., stores) software modules that collectively form an operating system. In addition, conventional computerized devices may maintain a set of associated configuration parameter values that may determine how the operating system modules operate when executed. The software modules and configuration parameter values collectively form a configuration state for that computerized device. The configuration state of a device may further include a current or existing hardware profile of the device identifying current components (e.g., cards, memory, processors and the like) that currently are installed within the device.
An operator, manager or administrator of a computerized device may at some point in time determine a need to modify the existing configuration of the device, for example to upgrade software or change configuration parameter values or hardware within the device in order to cause that device to operate differently or to fix problems in the current device operation and configuration. In many instances, computerized devices that contain changeable configuration state information (e.g., replaceable software modules or modifiable configuration parameters) are equipped to communicate over a computer network such as the Internet or a local area network and may allow remote modifications to be made to the existing configuration information in those devices through a remote management software application programming interfaces (APIs) under control, for example, of a remote management software application.
Conventional mechanisms and techniques that support remote management and modification of existing configuration information within computerized devices usually include various security and access control mechanisms in an attempt to ensure that only authorized users (i.e., device administrators and systems managers) are allowed to modify the existing configuration information within the device. As an example, conventional device management techniques include such features as requiring a valid username and password combination in order to allow access to configuration management capabilities within the device. Once a user that desires to change a configuration of a conventional device supplies the proper username and password for full access to configuration management of the device (e.g., the user supplies the root or administrator password), then he or she can change any configuration parameter, software or hardware that they desire.
Some conventional configuration management systems provide for more robust security features including authentication mechanisms that can operate to validate the identity of a computer system requesting the change to the configuration of the device or that may provide separate usernames and passwords in order to change different configuration areas of the device. Designers of conventional protocols, management software and protection mechanisms that operate as noted above to allow changes to device configuration have equipped such mechanisms to control what happens to the configurations of devices before (e.g., access control), during (e.g., authentication) and after (e.g., logging mechanisms) changes are made.