Distributed security system with security service providers
First Claim
1. A system for distributed enterprise security, comprising:
- a security control module (SCM) operable to accept information, wherein the information include one or more of;
a policy and configuration information;
at least one security service module (SSM) operable to accept the information from SCM;
at least one security service providers coupled to the at least one SSM, wherein the at least one security service providers is cable of at least one of;
authentication of a user, determining if access to a resource is permitted based on the information, auditing of a security decision, and mapping an authenticated identity to a set of credentials to be used to authenticate a target resource; and
wherein the information accepted by the SCM is relevant to one or more of the at least one SSMs.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method distributed enterprise security, comprising, a security control module (SCM) operable to accept information, wherein the information include one or more of: a policy and configuration information at least one security service module (SSM) operable to accept the information from SCM at least one security service providers coupled to the at least one SSM, wherein the at least one security service providers is cable of at least one of, authentication of a user, determining if access to a resource is permitted based on the information, auditing of a security decision, and mapping an authenticated identity to a set of credentials to be used to authenticate a target resource, and wherein the information accepted by the SCM is relevant to one or more of the at least one SSMs.
138 Citations
28 Claims
-
1. A system for distributed enterprise security, comprising:
-
a security control module (SCM) operable to accept information, wherein the information include one or more of;
a policy and configuration information;
at least one security service module (SSM) operable to accept the information from SCM;
at least one security service providers coupled to the at least one SSM, wherein the at least one security service providers is cable of at least one of;
authentication of a user, determining if access to a resource is permitted based on the information, auditing of a security decision, and mapping an authenticated identity to a set of credentials to be used to authenticate a target resource; and
wherein the information accepted by the SCM is relevant to one or more of the at least one SSMs. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for providing distributed enterprise security, comprising:
-
distributing changes to information to a first process, wherein the information can include one or more of;
a policy and configuration information;
distributing the information from the first process to at least one second process;
performing at least one of the following;
authenticating a user, determining if access to a resource is permitted based on the information, auditing of a security decision, and mapping an authenticated identity to a set of credentials to be used to authenticate a target resource; and
wherein the at least one second process can include a dynamically configurable services layer that is operable to provide services based on the distributed information. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A machine readable medium having instructions stored thereon to cause a system to:
-
distribute changes to information to a first process, wherein the information can include one or more of;
a policy and configuration information;
distribute the information from the first process to at least one second process;
perform at least one of the following;
authenticating a user, determining if access to a resource is permitted based on the information, auditing of a security decision, and mapping an authenticated identity to a set of credentials to be used to authenticate a target resource; and
wherein the at least one second process can include a modular and dynamically configurable services layer that is operable to provide services based on the distributed information. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
-
-
28. A computer signal embodied in a transmission medium, comprising:
-
a code segment including instructions for distributing changes to information to a first process, wherein the information can include one or more of;
a policy and configuration information;
a code segment including instructions for distributing the information from the first process to at least one second process;
a code segment including instructions for performing at least one of the following;
authenticating a user, determining if access to a resource is permitted based on the information, auditing of a security decision, and mapping an authenticated identity to a set of credentials to be used to authenticate a target resource; and
wherein the at least one second process can include a dynamically configurable services layer that is operable to provide services based on the distributed information.
-
Specification