Techniques for security artifacts management
First Claim
1. A method comprising:
- receiving a request to manage security of an application;
identifying, by a computer system of a security management system, a plurality of security artifacts related to security for accessing the application, wherein the computer system is in a secure zone protected by one or more security measures;
determining, by the computer system, security access for accessing the application;
generating, by the computer system, a security artifact archive for the application, the security artifact archive including security data and security artifact data, wherein the security data is based on the security access, wherein the security data includes an access policy that indicates the security access and the security data includes attribute data indicating one or more attributes of the application, and wherein the security artifact data identifies one or more of the plurality of security artifacts;
storing the security artifact archive in association with an application identifier that identifies the application and a version identifier corresponding to the application, wherein the version identifier indicates a version of the security artifact archive, and wherein different versions of the security artifact archive correspond to changes in security access based on a different version of the application; and
responsive to the request, transmitting, by the computer system, the security artifact archive to the application, wherein the application operates to manage security for accessing the application based on the security artifact data and the security access in the security data of the security artifact archive, and wherein the application is outside the secure zone.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques are provided to manage security artifacts. Specifically, a security management system is disclosed for implementing security artifact archives to manage security artifacts. A security artifact archive may include information for managing one or more security artifacts that can be referenced or included in the security artifact archive. The security management system can create, edit, read, send, and perform other management operations for security artifact archives. Objects can be bundled in an object-specific security artifact archive. Security artifact archives may be named, versioned, tagged and/or labeled for identification. Security artifact archives may be transmitted to a destination (e.g., a service provider or a client system) that provides access to an object whose access is dependent on security artifacts. The destination may can manage access to the object using a security artifact archive that includes relevant and current security artifacts for the object.
-
Citations
18 Claims
-
1. A method comprising:
-
receiving a request to manage security of an application; identifying, by a computer system of a security management system, a plurality of security artifacts related to security for accessing the application, wherein the computer system is in a secure zone protected by one or more security measures; determining, by the computer system, security access for accessing the application; generating, by the computer system, a security artifact archive for the application, the security artifact archive including security data and security artifact data, wherein the security data is based on the security access, wherein the security data includes an access policy that indicates the security access and the security data includes attribute data indicating one or more attributes of the application, and wherein the security artifact data identifies one or more of the plurality of security artifacts; storing the security artifact archive in association with an application identifier that identifies the application and a version identifier corresponding to the application, wherein the version identifier indicates a version of the security artifact archive, and wherein different versions of the security artifact archive correspond to changes in security access based on a different version of the application; and responsive to the request, transmitting, by the computer system, the security artifact archive to the application, wherein the application operates to manage security for accessing the application based on the security artifact data and the security access in the security data of the security artifact archive, and wherein the application is outside the secure zone. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A security management system comprising:
-
one or more processors; and a memory accessible to the one or more processors, the memory storing instructions which, upon execution by the one or more processors, cause the one or more processors to; receive a request to manage security of an application; identify a plurality of security artifacts related to security for accessing the application, wherein the security management system is in a secure zone protected by one or more security measures; determine security access for accessing the application; generate a security artifact archive for the application, the security artifact archive including security data and security artifact data, wherein the security data is based on the security access, wherein the security data includes an access policy that indicates the security access and the security data includes attribute data indicating one or more attributes of the application, and wherein the security artifact data identifies one or more of the plurality of security artifacts; store the security artifact archive in association with an application identifier that identifies the application and a version identifier corresponding to the application, wherein the version identifier indicates a first version of the security artifact archive, and wherein different versions of the security artifact archive correspond to changes in security access for the application; and responsive to the request, transmit the security artifact archive to the application, wherein the application operates to manage security for accessing the application based on the security artifact data and the security access in the security data of the security artifact archive, and wherein the application is outside the secure zone. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method comprising:
-
identifying, by a computer system of a security management system, a first security artifact archive stored in association with a first version identifier for a plurality of applications, wherein the first security artifact archive includes security data and security artifact data, wherein the security data identifies security access information about managing security access to the plurality of applications, wherein the security data includes an access policy that indicates the security access and the security data includes attribute data indicating one or more attributes of the application, wherein the security artifact data includes a security artifact shared by the plurality of applications, and wherein the computer system is in a secure zone protected by one or more security measures; detecting a change in the security access to the plurality of applications; generating a second security artifact archive associated with a second version for the plurality of applications, wherein the second security artifact archive is generated for the detected change based on the first security artifact archive; storing the second security artifact archive in association with a second version identifier for the plurality of applications; and transmitting the second security artifact archive to a computing system providing access to the plurality of applications, wherein the application is outsize the secure zone. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification