Applying Security Policies to Multiple Systems and Controlling Policy Propagation
First Claim
1. A computer-implemented method of attaching security policies to secured computing systems, the method comprising:
- attaching a security policy to a parent domain, wherein;
the parent domain includes a first secured computing system; and
the security policy is a natural language description for controlling access to the secured computing system; and
upon determining that the parent domain propagates the security policy;
identifying a first generation child domain, wherein;
the first generation child domain includes a second secured computing system; and
the first generation child domain is associated with the parent domain in a hierarchical relationship;
determining that the first generation child domain inherits the security policy based on an inheritance rule; and
attaching the security policy to the first generation child domain.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for attaching security policies to secured computing systems is provided. A security policy is attached to a parent domain. The parent domain includes a first secured computing system. The security policy is a natural language description for controlling access to the secured computing system. Upon determining that the parent domain propagates the security policy, a first generation child domain is identified. The first generation child domain includes a second secured computing system. The first generation child domain is associated with the parent domain in a hierarchical relationship. It is determined that the first generation child domain inherits the security policy based on an inheritance rule. The security policy is attached to the first generation child domain.
61 Citations
21 Claims
-
1. A computer-implemented method of attaching security policies to secured computing systems, the method comprising:
-
attaching a security policy to a parent domain, wherein; the parent domain includes a first secured computing system; and the security policy is a natural language description for controlling access to the secured computing system; and upon determining that the parent domain propagates the security policy; identifying a first generation child domain, wherein; the first generation child domain includes a second secured computing system; and the first generation child domain is associated with the parent domain in a hierarchical relationship; determining that the first generation child domain inherits the security policy based on an inheritance rule; and attaching the security policy to the first generation child domain. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer readable medium containing a program which, when executed, performs an operation, comprising:
-
attaching a security policy to a parent domain, wherein; the parent domain includes a first secured computing system; and the security policy is a natural language description for controlling access to the secured computing system; and upon determining that the parent domain propagates the security policy; identifying a first generation child domain, wherein; the first generation child domain includes a second secured computing system; and the first generation child domain is associated with the parent domain in a hierarchical relationship; determining that the first generation child domain inherits the security policy based on an inheritance rule; and attaching the security policy to the first generation child domain. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system, comprising:
-
a processor; and a memory, containing a program which, when executed by the processor; attaches a security policy to a parent domain, wherein; the parent domain includes a first secured computing system; and the security policy is a natural language description for controlling access to the secured computing system; and upon determining that the parent domain propagates the security policy; identifies a first generation child domain, wherein; the first generation child domain includes a second secured computing system; and the first generation child domain is associated with the parent domain in a hierarchical relationship; determines that the first generation child domain inherits the security policy based on an inheritance rule; and attaches the security policy to the first generation child domain. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification