Systems and methods for monitoring the presence of assets within a system and enforcing policies governing assets
First Claim
1. A method for enforcing policies that govern the behavior of assets within a system, comprising:
- detecting an attempted interaction involving multiple assets;
interrupting the attempted interaction;
determining whether the interaction is permitted in accordance with policies associated with the respective assets involved in the interaction; and
if the interaction is permitted, dynamically generating a license governing the interaction of the assets in accordance with the policies associated with the respective assets participating in the interaction.
0 Assignments
0 Petitions
Accused Products
Abstract
A system can be used to enforce policy driven interactions among any set of objects. The availability of objects within a system is monitored and policies applicable to the objects are enforced. Objects within the system such as users, devices, processes and information assets are assigned unique identifiers and their presence is periodically reported to a server by client agents running in the devices. The availability of an object for a specific interaction may be determined through analysis of the presence of the object in the system and the presence and attributes of objects required to facilitate the interaction. Policies are associated with each of the objects. When an attempted interaction of objects is detected by a client agent, a license governing the attempted interaction is dynamically generated in accordance with policies associated with each of the objects participating in the interaction. The interaction is thereafter regulated by the client agent in accordance with the dynamically generated license.
85 Citations
38 Claims
-
1. A method for enforcing policies that govern the behavior of assets within a system, comprising:
-
detecting an attempted interaction involving multiple assets;
interrupting the attempted interaction;
determining whether the interaction is permitted in accordance with policies associated with the respective assets involved in the interaction; and
if the interaction is permitted, dynamically generating a license governing the interaction of the assets in accordance with the policies associated with the respective assets participating in the interaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A device for providing user access to information assets, the device comprising an agent for enforcing policies that govern the behavior of system assets including the user, the device and information assets accessed by the device, the agent performing processing comprising:
-
detecting an attempt by the user to interact with an information asset using the device;
interrupting the attempted interaction;
obtaining a dynamically generated a license governing the attempted interaction in accordance with policies associated with the device, policies associated with the user and policies associated with the information asset; and
regulating the interaction in accordance with the dynamically generated license. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A device for enforcing policies that govern the behavior of assets within a system, the device comprising an agent performing processing comprising dynamically generating a license governing an attempted interaction of assets of the system in accordance with policies associated with the respective assets participating in the attempted interaction.
-
26. A programmable device comprising an agent for providing a context-specific determination of the availability of an asset within a system for an interaction with other assets of the system, the agent performing processing comprising:
-
identifying an interaction for which an asset'"'"'s availability is to be determined;
confirming the presence of the asset within the system;
confirming the presence of additional assets within the system that are required to facilitate the interaction; and
analyzing respective policies associated with each of the asset and the respective additional assets to determine whether the policies allow the asset to be available for interaction with the additional assets. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. A method for providing a context-specific determination of the availability of an asset within a system for an interaction with other system assets, comprising:
-
identifying an interaction for which an asset'"'"'s availability is to be determined;
confirming the presence of the asset within the system;
confirming the presence of additional assets within the system that are required to facilitate the interaction; and
analyzing policies associated with each of the asset and the respective additional assets to determine whether the policies allow the asset to be available for interaction with the additional assets. - View Dependent Claims (38)
-
Specification