SYSTEM AND METHOD FOR INFERRING ACCESS POLICIES FROM ACCESS EVENT RECORDS
First Claim
Patent Images
1. A method of establishing a policy for a secure transaction in a network system, the method comprising;
- selecting a log record from among a plurality of log records, the selected log record including log components indicating a transaction log of a transaction on the network system;
automatically translating at least one of the log components of the selected log record into a policy attribute;
creating a respective policy based on the translated policy attribute; and
presenting the policy for approval.
8 Assignments
0 Petitions
Accused Products
Abstract
A method of security gateway policy definition to quickly infer a new policy based on event data extracted and analyzed using business logic and workflow from a gateway event log or behavior log. The method includes reading the components of a log record, translating the components into acceptable policy attributes, creating a new policy based on those attributes, and presenting the new policy to a system administrator for editing and approval.
137 Citations
21 Claims
-
1. A method of establishing a policy for a secure transaction in a network system, the method comprising;
-
selecting a log record from among a plurality of log records, the selected log record including log components indicating a transaction log of a transaction on the network system; automatically translating at least one of the log components of the selected log record into a policy attribute; creating a respective policy based on the translated policy attribute; and presenting the policy for approval. - View Dependent Claims (2, 3, 4)
-
-
5. A method of establishing a policy for a secure transaction in a network system, the network system including network components and a table with a plurality of records, each record including a distinguished name and a corresponding descriptive name, each distinguished name being a network system identifier of a respective network component and each descriptive name being user definable to describe the respective network component to a user, the method comprising;
-
selecting a log record from among a plurality of log record, the selected log record including log components indicating a transaction log of a transaction on the network system; translating one or more distinguished names in at least one log component to one or more corresponding descriptive names, respectively, by cross referencing using the table each respective descriptive name from a corresponding distinguished name in the at least one log component; establishing a log policy attribute using the translated one or more descriptive names; creating a respective policy based on the established policy attribute; and presenting the policy which includes the translated one or more descriptive names for approval. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
-
-
13. An administration device for establishing a policy for a secure transaction using stored log records of a network system, comprising:
-
an audit module for retrieving at least one respective log record; a policy inference logic module for automatically creating a policy based on the retrieved log record and predetermined policy attributes; and a policy module for presenting the created policy for approval and for communicating the approved policy. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer readable storage medium for storing program code to execute the method comprising:
-
selecting a log record from among a plurality of log records, the selected log record including log components indicating a transaction log of a transaction on the network system; automatically translating at least one of the log components of the selected log record into a policy attribute; creating a respective policy based on the translated policy attribute; and presenting the policy for approval.
-
Specification