System and method for maintaining security in a distributed computer network
First Claim
1. A system for maintaining security in a distributed computing environment, comprising:
- a policy manager for managing a security policy; and
an application guard for managing access to securable components as specified by the security policy.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for maintaining security in a distributed computing environment comprises a policy manager located on a server for managing and distributing a security policy, and an application guard located on a client for managing access to securable components as specified by the security policy. In the preferred embodiment, a global policy specifies access privileges of the user to securable components. The policy manager may then preferably distribute a local client policy based on the global policy to the client. An application guard located on the client then manages access to the securable components as specified by the local policy.
-
Citations
56 Claims
-
1. A system for maintaining security in a distributed computing environment, comprising:
-
a policy manager for managing a security policy; and
an application guard for managing access to securable components as specified by the security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for controlling user access in a distributed computing environment, comprising:
-
a global policy specifying access privileges of the user to securable components;
a policy manager located on a server for managing and distributing a local client policy based on the global policy to a client, and an application guard located on the client for managing access to the securable components as specified by the local client policy. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A system for authorization that provides access to securable components for a user, comprising:
-
a policy specifying access privileges of the user to the securable components;
an application guard; and
a processor coupled to said system, said processor executing said application guard to manage access to the securable components. - View Dependent Claims (32, 33, 34, 35, 36, 37)
-
-
38. A system for managing security in a distributed computing environment, comprising:
-
a policy manager; and
a processor coupled to said system, said processor executing said policy manager to manage and distribute a customized local policy based on a global policy to a client. - View Dependent Claims (39, 40, 41, 42, 43, 44, 45, 46, 47)
-
-
48. A method for maintaining security in a distributed computing environment, comprising the steps of:
-
managing a policy using a policy manager by specifying access privileges of a user to securable components; and
distributing the policy to a client having an application guard, whereby the application guard manages access to the securable components as specified by the policy. - View Dependent Claims (49, 50)
-
-
51. A method for maintaining security on a client in a distributed computing environment, comprising the steps of:
-
constructing and issuing an authorization request for a user to access to securable components located on the client using an application guard;
evaluating the authorization request using the application guard to determine if the authorization request is valid or invalid; and
allowing access to the user via the application guard if the evaluated authorization request was valid, and denying access to the user via the application guard if the authorization request was invalid. - View Dependent Claims (52)
-
-
53. A computer-readable medium comprising program instructions for maintaining security in a distributed computing environment by performing the steps of:
-
managing a policy using a policy manager by specifying access privileges of a user to securable components;
distributing the policy using the policy manager to a client having an application guard, whereby the application guard manages access to the securable components as specified by the policy; and
executing said policy manager with a processor to manage and distribute the policy.
-
-
54. A computer-readable medium comprising program instructions for maintaining security on a client in a distributed computing environment by performing the steps of:
-
constructing and issuing an authorization request for a user to access to securable components located on the client using an application guard;
evaluating the authorization request using the application guard to determine if the authorization request is valid or invalid;
allowing access to the user via the application guard if the evaluated authorization request was valid, and denying access to the user via the application guard if the authorization request was invalid; and
executing said application guard with a processor to automatically maintain security on the client.
-
-
55. A system for maintaining security in a distributed computing environment, comprising:
-
means for managing a policy using a policy manager by specifying access privileges of a user to securable components;
means for distributing the policy using the policy manager to a client having an application guard, whereby the application guard manages access to the securable components as specified by the policy; and
means for executing the policy manager to manage and distribute the policy.
-
-
56. A system for maintaining security on a client in a distributed computing environment, comprising:
-
means for constructing and issuing an authorization request for a user to access to securable components located on the client using an application guard;
means for evaluating the authorization request using the application guard to determine if the authorization request is valid or invalid;
means for allowing access to the user via the application guard if the evaluated authorization request was valid, and denying access to the user via the application guard if the authorization request was invalid; and
means for executing said application guard to automatically maintain security on the client.
-
Specification