Method and system for managing security policies for databases in a distributed system
First Claim
1. A method for managing security policies for databases in a distributed system, comprising:
- creating a plurality of security policies, wherein each security policy is a label security policy;
storing the plurality of security policies in a directory;
propagating the plurality of security policies from the directory to each of a plurality of databases in the distributed system using Directory Integration Platform server; and
storing labels for one or more of the plurality of security policies in policy columns of one or more tables in each of the plurality of databases.
1 Assignment
0 Petitions
Accused Products
Abstract
One embodiment of the present invention provides a system that facilitates managing security policies for databases in a distributed system. During operation, the system creates multiple label security policies. The system stores these security policies in a directory and automatically propagates them from the directory to each database within the distributed system. In doing so, the system allows for applying policies to individual tables and schema in any database in the distributed system. The system facilitates centralized administration of security policies and removes the need for replicating policies, since the policy information is available in the directory.
-
Citations
21 Claims
-
1. A method for managing security policies for databases in a distributed system, comprising:
-
creating a plurality of security policies, wherein each security policy is a label security policy;
storing the plurality of security policies in a directory;
propagating the plurality of security policies from the directory to each of a plurality of databases in the distributed system using Directory Integration Platform server; and
storing labels for one or more of the plurality of security policies in policy columns of one or more tables in each of the plurality of databases. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for managing security policies for databases in a distributed system, the method comprising:
-
creating a plurality of security policies, wherein each security policy is a label security policy;
storing the plurality of security policies in a directory;
propagating the plurality of security policies from the directory to each of a plurality of databases in the distributed system using Directory Integration Platform server; and
storing labels for one or more of the plurality of security policies in policy columns of one or more tables in each of the plurality of databases. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An apparatus for managing security policies for databases in a distributed system, comprising:
-
a creating mechanism configured to create a plurality of security policies, wherein each security policy is a label security policy;
a storing mechanism configured to store the plurality of security policies in a directory;
a propagating mechanism configured to propagate the plurality of security policies from the directory to to each of a plurality of databases in the distributed system using Directory Integration Platform server; and
wherein the storing mechanism is further configured to store labels for one or more of the plurality of security policies in policy columns of a table in each of the plurality of databases. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification