1. Field of the Invention
The present invention relates to a device and a method of selecting a patch to be applied to a system.
2. Description of the Related Art
In recent years, there has been demand for the function of automatically selecting a patch to be applied to a system for fixing failures or performing small scale version upgrades or the like in software. The demand for this is based on the reasons described below.
First, a large number of patches for operating systems (OSs) or application programs installed on systems are provided by venders, etc., and it takes a long time and special knowledge to select the desired patch from among such a great number of patches. Also, it is demanded that as small a number of patches as possible be applied to a system without applying unnecessary patches in order to stably operate the system. Further, some users have their own policies, and accordingly not all users want to use the latest patches or the like to fix fatal failures immediately after the release of such patches.
In the current state of the art, the function of selecting a patch to be applied to a system in accordance with the policy of a particular user is not achieved. Accordingly, users apply a plurality of patches in a lump mainly by using a cluster (a group of patches) provided by venders or by using patch management tools. Without clusters or patch management tools, users have to obtain the failure information etc. manually by themselves in order to select and apply necessary patch.
Some clusters include only patches that have been categorized on the basis of hardware or OS information, or include only patches that are recommended by the venders to be applied to fix fatal failures (patches having flags like security patches or recommended patches). Users usually use a group of patches in a lump in units of clusters, use all the latest patches that have not yet been applied (hereinafter, a patch that has not yet been applied is referred to as an “unapplied patch”) in a lump by extracting such patches using patch management tools or the like, or use patches having flags like security patches and recommended patches in a lump. Without them, users have to obtain released failure information or the operation status of the system, etc. by themselves in order to select and apply a necessary patch.
When a cluster or a patch management tool is used, the failures in a system are fixed at once because a plurality of patches are applied to the system in a lump. However, patches that are not desired to be applied are also applied. In order to avoid applying the undesired patches, users have to select and apply necessary patches one-by-one on the basis of the obtained failure information etc. by themselves, which is troublesome.
As an example of a technique related to applying patches to a system, Patent Document 1 discloses a method in which patches and an activation file including an execution program to which the patches have not been applied are transmitted from a front system to a back-end system when the system is activated, and in the back-end system, the patches are applied to the execution program included in the activation file; thereafter, when the system is terminated, the activation file including the execution file to which the patches have been applied is transmitted to the front-end system, and when the system is activated next time, the execution program to which the patches have been applied is transmitted from the front system to the back-end system.
In the current state of art as describe above, there are problems as described below regarding applying patches to systems.
First, there are a large number of patches for pieces of software installed on a system, and accordingly it takes an immense time if all of these patches are to be applied to the system. For example, some operating systems have several hundred patches released for them, and if all of them are to be applied, an immense time will be taken.
It is desirable to select only a necessary patch from among as many patches as possible, and to apply it only to necessary points. However, it takes a long time and special knowledge to select a patch from an immense volume of information.
Further, when a plurality of patches are used in a group such as a cluster, there is an advantage whereby fatal failures can be fixed in a manner recommended by the vendor. However, doing this takes a long time, and there are disadvantages whereby patches for functions with low use frequency can be applied, and whereby patches that have already been applied can be applied again. Also, there is a disadvantage whereby a cluster does not include patches for the products (functions) that are not targets of the cluster.
Also, some users desire to always have the latest patches applied to functions that are frequently used. By contrast, in order to prevent the operations of their systems from being affected, other users do not desire to apply the latest patches when the systems involve failures for some functions but are currently able to operate without any actual problems because the conditions for the failures that would result without the patches are currently unfulfilled. Also, still other users desire to apply only a patch for which a substantial time has elapsed since its release because patches that have been released for only a short time have not been proven to not have problems and can cause a performance decrease, thus being treated as bad patches (patches that cause a performance decrease and are therefore recalled after the release). However, in the current state of art, there is no function for selecting a patch to be applied to the system in accordance with users' policies.
In view of the above problems, it is an object of the present invention to provide an applicable patch selection device and a method of selecting an applicable patch by which only the patch the user desires to be applied is automatically selected in a simple manner from among a large number of patches that can be applied to a system.
Patent Document 1: Japanese Patent No. 2871433