System and methodology for security policy arbitration
First Claim
1. A method for a device to apply a security policy required for connection to a network, the method comprising:
- receiving a request from a device for a connection to a particular network, said device having a plurality of security policies available for governing connections;
based on said plurality of security policies available to said device, determining a current policy to apply to said device for governing said connection to said particular network; and
allowing said connection to said particular network to proceed with said current policy applied to said device.
4 Assignments
0 Petitions
Accused Products
Abstract
A system providing methods for a device to apply a security policy required for connection to a network is described. In response to receipt of a request from a device for connection to a particular network, a current policy to apply to said device for governing the connection to this particular network is determined from a plurality of available security policies available to the device. This current policy to apply to said device is generated by merging a plurality of security policies available for governing connections. After said current policy is applied to the device, the connection from the device to this particular network is allowed to proceed.
-
Citations
52 Claims
-
1. A method for a device to apply a security policy required for connection to a network, the method comprising:
-
receiving a request from a device for a connection to a particular network, said device having a plurality of security policies available for governing connections;
based on said plurality of security policies available to said device, determining a current policy to apply to said device for governing said connection to said particular network; and
allowing said connection to said particular network to proceed with said current policy applied to said device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for a device to automatically revise a security policy as required to allow connection to a network, the method comprising:
-
providing a security enforcement module at a device, said security enforcement module enforcing an initial security policy;
upon receipt of a request for connection of said device to a network, determining a particular security policy required to be enforced to allow connection of said device to said network;
generating a revised security policy for enforcement by said security enforcement module, said revised security policy based upon merging said particular security policy and said initial security policy;
applying said revised security policy to said security enforcement module to allow said device to connect to said network. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A system for regulating access at a computing system as required for connection to a network, the system comprising:
-
a connection manager for receiving a request for connection to a network at said computing system and determining an access policy which is required for connection to said network;
a rules engine for automatically generating a current access policy for regulating access at a computing system as required for connection to a network, said current access policy being generated by merging a plurality of access policies available at said computing system; and
a security enforcement module for applying said current access policy for regulating access at a computing system. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
-
43. A method for automatically adjusting enforcement rules of a security enforcement module at a device as required to enable access to a network, the method comprising:
-
providing an enforcement module at a device, said enforcement module applying an initial set of enforcement rules;
upon receiving a request for access to a network, determining particular enforcement rules required to be applied by said enforcement module to enable access to said network;
automatically adjusting said initial set of enforcement rules by merging said initial set of enforcement rules with said particular enforcement rules required to enable access to said network; and
applying said adjusted enforcement rules to said enforcement module to enable said device to access said network. - View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52)
-
Specification