Policy management, enforcement, and audit for data security
First Claim
1. A method, comprising:
- receiving, by a policy enforcement point of a policy appliance, a data request from an application, the request including a user specification specifying the user and a data specification specifying a data item to be accessed, the policy enforcement point being connected to a first database having a first database format and a second database having a second database format;
submitting, by the policy enforcement point, the user specification and the data specification to a policy decision point of the policy appliance, the policy decision point being configured to decide whether the user is permitted to access at least a portion of the data item according to a policy that defines an access privilege of the user on data;
receiving, by the policy enforcement point and from the policy decision point, a data access decision that is made by the policy decision point according to the policy, the data access decision specifying that the user is permitted to access a portion of the data item;
customizing, by the policy enforcement point, the data request for each of the databases based on the data access decision and a respective database format, including changing the data request into a first customized query according to the first database format and changing the data request into a second customized query according to the second database format, the customized query preventing at least a first portion of the data item from being retrieved from the databases;
retrieving, by the policy enforcement point, a second portion of the data item from the databases as a response to the customized query, the second portion being different from the first portion; and
providing, by the policy enforcement point to the application, the second portion of the data item,wherein the policy appliance, including the policy decision point, and the policy enforcement point, executes in a container on a system that includes one or more computer processors.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatus, including computer programs encoded on computer storage media, for managing, and enforcing policies on data security. A policy appliance includes a policy administration point, a policy decision point, a policy enforcement point and, optionally, an auditing module. The policy appliance can execute in a self-contained environment, e.g., a single virtual machine, a single physical machine, or a cluster of virtual machines or physical machines identically configured. The self-contained policy appliance can receive, manage, enforce and audit multiple policies that specify access privileges of multiple users on multiple databases. The databases can include heterogeneous databases that are configured separately and differently from one another. A single configuration of the policy appliance centralizes and unifies policy management of the heterogeneous database in the self-contained environment.
-
Citations
19 Claims
-
1. A method, comprising:
-
receiving, by a policy enforcement point of a policy appliance, a data request from an application, the request including a user specification specifying the user and a data specification specifying a data item to be accessed, the policy enforcement point being connected to a first database having a first database format and a second database having a second database format; submitting, by the policy enforcement point, the user specification and the data specification to a policy decision point of the policy appliance, the policy decision point being configured to decide whether the user is permitted to access at least a portion of the data item according to a policy that defines an access privilege of the user on data; receiving, by the policy enforcement point and from the policy decision point, a data access decision that is made by the policy decision point according to the policy, the data access decision specifying that the user is permitted to access a portion of the data item; customizing, by the policy enforcement point, the data request for each of the databases based on the data access decision and a respective database format, including changing the data request into a first customized query according to the first database format and changing the data request into a second customized query according to the second database format, the customized query preventing at least a first portion of the data item from being retrieved from the databases; retrieving, by the policy enforcement point, a second portion of the data item from the databases as a response to the customized query, the second portion being different from the first portion; and providing, by the policy enforcement point to the application, the second portion of the data item, wherein the policy appliance, including the policy decision point, and the policy enforcement point, executes in a container on a system that includes one or more computer processors. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system comprising:
-
one or more processors; and a non-transitory storage device storing computer instructions operable to cause the one or more processors to perform operations comprising; receiving, by a policy enforcement point of a policy appliance, a data request from an application, the request including a user specification specifying the user and a data specification specifying a data item to be accessed, the policy enforcement point being connected to a first database having a first database format and a second database having a second database format; submitting, by the policy enforcement point, the user specification and the data specification to a policy decision point of the policy appliance, the policy decision point being configured to decide whether the user is permitted to access at least a portion of the data item according to a policy that defines an access privilege of the user on data; receiving, by the policy enforcement point and from the policy decision point, a data access decision that is made by the policy decision point according to the policy, the data access decision specifying that the user is permitted to access a portion of the data item; customizing, by the policy enforcement point, the data request for each of the databases based on the data access decision and a respective database format, including changing the data request into a first customized query according to the first database format and changing the data request into a second customized query according to the second database format, the customized query preventing at least a first portion of the data item from being retrieved from the databases; retrieving, by the policy enforcement point, a second portion of the data item from the databases as a response to the customized query, the second portion being different from the first portion; and providing, by the policy enforcement point to the application, the second portion of the data item, wherein the policy appliance, including the policy decision point, and the policy enforcement point, executes in a container on a system that includes one or more computer processors. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A non-transitory storage device storing computer instructions operable to cause one or more processors to perform operations comprising:
-
receiving, by a policy enforcement point of a policy appliance, a data request from an application, the request including a user specification specifying the user and a data specification specifying a data item to be accessed, the policy enforcement point being connected to a first database having a first database format and a second database having a second database format; submitting, by the policy enforcement point, the user specification and the data specification to a policy decision point of the policy appliance, the policy decision point being configured to decide whether the user is permitted to access at least a portion of the data item according to a policy that defines an access privilege of the user on data; receiving, by the policy enforcement point and from the policy decision point, a data access decision that is made by the policy decision point according to the policy, the data access decision specifying that the user is permitted to access a portion of the data item; customizing, by the policy enforcement point, the data request for each of the databases based on the data access decision and a respective database format, including changing the data request into a first customized query according to the first database format and changing the data request into a second customized query according to the second database format, the customized query preventing at least a first portion of the data item from being retrieved from the databases; retrieving, by the policy enforcement point, a second portion of the data item from the databases as a response to the customized query, the second portion being different from the first portion; and providing, by the policy enforcement point to the application, the second portion of the data item, wherein the policy appliance, including the policy decision point, and the policy enforcement point, executes in a container on a system that includes one or more computer processors. - View Dependent Claims (16, 17, 18, 19)
-
Specification