Policy analysis tool
First Claim
1. A method for searching a first set of policies, comprising:
- accessing the first set of policies wherein each policy in the first set of policies includes the following policy components;
a resource, a subject, and one of an action and a role name, and wherein the subject includes at least one of;
a user and a group;
specifying one or more search criteria wherein the one or more search criteria includes one or more values for policy components and wherein the one or more values can include one or more wild cards;
finding in the first set of policies a second set of policies that satisfy the one or more search criteria; and
wherein a policy can be used to control access to a resource.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for searching a first set of policies, comprising, accessing the first set of policies wherein each policy in the first set of policies includes the following policy components, a resource, a subject, and one of an action and a role name, and wherein the subject includes at least one of, a user and a group, specifying one or more search criteria wherein the one or more search criteria includes one or more values for policy components and wherein the one or more values can include one or more wild cards, finding in the first set of policies a second set of policies that satisfy the one or more search criteria, and wherein a policy can be used to control access to a resource.
-
Citations
25 Claims
-
1. A method for searching a first set of policies, comprising:
-
accessing the first set of policies wherein each policy in the first set of policies includes the following policy components;
a resource, a subject, and one of an action and a role name, and wherein the subject includes at least one of;
a user and a group;
specifying one or more search criteria wherein the one or more search criteria includes one or more values for policy components and wherein the one or more values can include one or more wild cards;
finding in the first set of policies a second set of policies that satisfy the one or more search criteria; and
wherein a policy can be used to control access to a resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for searching a first set of policies, comprising:
-
accessing the first set of policies wherein each policy in the first set of policies includes the following policy components;
a resource, a subject, and one of an action and a role name, and wherein the subject includes at least one of;
a user and a group;
specifying one or more search criteria wherein the one or more search criteria includes one or more values for policy components and wherein the one or more values can include one or more wild cards;
finding in the first set of policies a second set of policies that satisfy the one or more search criteria;
wherein a policy can be used to control access to a resource; and
wherein the resource is part of a resource hierarchy. - View Dependent Claims (13, 14, 15)
-
-
16. A machine readable medium having instructions stored thereon to cause a system to:
-
access the first set of policies wherein each policy in the first set of policies includes the following policy components;
a resource, a subject, and one of an action and a role name, and wherein the subject includes at least one of;
a user and a group;
specify one or more search criteria wherein the one or more search criteria includes one or more values for policy components and wherein the one or more values can include one or more wild cards;
find in the first set of policies a second set of policies that satisfy the one or more search criteria; and
wherein a policy can be used to control access to a resource. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A computer signal embodied in a transmission medium, comprising:
-
a code segment including instructions for accessing the first set of policies wherein each policy in the first set of policies includes the following policy components;
a resource, a subject, and one of an action and a role name, and wherein the subject includes at least one of;
a user, a group and a role;
a code segment including instructions for specifying one or more search criteria wherein the one or more search criteria includes one or more values for policy components and wherein the one or more values can include one or more wild cards;
a code segment including instructions for finding in the first set of policies a second set of policies that satisfy the one or more search criteria and the set of roles; and
wherein a policy can be used to control access to a resource.
-
Specification