CENTRALLY ACCESSIBLE POLICY REPOSITORY
First Claim
1. A repository within an organization, the repository for protecting the resources of the organization, the repository including:
- a central policy database for the organization, the central policy database storing the organization'"'"'s policies for protecting the organization'"'"'s resources, the central policy database including a plurality of centrally accessible policy items,some of the plurality of centrally accessible policy items containing;
a protection policy that can be applied to a resource to consistently protect the resource when the resource is transferred between and utilized at computer systems;
at least one of the plurality of centrally accessible policy items containing;
a policy selection policy indicating how to identify at least one protection policy that is to be applied to a resource to consistently protect the resource when the resource is transferred between and utilized at other computer systems.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention extends to methods, systems, and computer program products for a centrally accessible policy repository. Protection policies for protecting resources within an organization are stored at a central policy repository. Thus, an administrator can centrally create, maintain, and manage resource protection polices for all of the organizational units within an organization. Accordingly, resources consumed when performing these protection policy related operations is significantly reduced. Additionally, since protection policies are centrally located, there is increased likelihood of being able to consistently apply an organization'"'"'s protection policies within different organizational units, even when protection policies change.
47 Citations
20 Claims
-
1. A repository within an organization, the repository for protecting the resources of the organization, the repository including:
-
a central policy database for the organization, the central policy database storing the organization'"'"'s policies for protecting the organization'"'"'s resources, the central policy database including a plurality of centrally accessible policy items, some of the plurality of centrally accessible policy items containing; a protection policy that can be applied to a resource to consistently protect the resource when the resource is transferred between and utilized at computer systems; at least one of the plurality of centrally accessible policy items containing; a policy selection policy indicating how to identify at least one protection policy that is to be applied to a resource to consistently protect the resource when the resource is transferred between and utilized at other computer systems. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. At a computer system, a method for determining how to protect a resource of an organization, the method comprising:
-
an act of accessing an indication that a specified resource of the organization is to be protected for use at a computer system; an act of accessing policy context data for the specified resource, the policy context data indicating the context for protecting the specified resource; an act of accessing a policy selection policy from a central policy database for the organization, the policy selection policy indicating protection policies within the central policy database that can be applied to a resource based on the policy context data for the resource so that protection policies are consistently applied to resources of the organization when the resources of the organization are utilized; an act of identifying one or more appropriate protection policies to apply to the specified resource based on the indications in the policy selection policy and based on the accessed policy context data; and an act of receiving a selection of at least one of the one or more appropriate protection policies to apply to the specified resource. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A resource protection system, the resource protection system including:
-
a central repository, the central repository including a policy database, the policy database including a plurality of policy items, each policy item including; a protection policy that can be applied to a resource to consistently protect the resource when other computer systems request access to the resource; and policy context data that can be used to identify the protection policy of the policy item as the protection policy that is to be applied to a resource; and a policy identification module, the policy identification module configured to; receive resource context data from protection software, the policy context data corresponding to resources that the protection software is to protect; compare the policy context data to policy context data of policy items in the central repository; based on the comparisons, identify one or more protection policies that are potentially appropriate for protecting the resource; and return the one or more identified protection policies to the protection software; and a plurality of computer systems configured to protect resources, each computer system including; one or more processors; system memory; and one or more computer-readable media having stored thereon protection software, the protection software configured to; access resources that are to be protected; formulate content context data corresponding to accessed resources, the content context data indicating the context for protecting accessed resources send the policy context data to the central repository to request a protection policy for protecting an accessed resource; receive one or one more protection policies from the central repository, the one or one more received protection policies identified as potential protection policies for protecting the accessed resource; select a specified protection policy, from among the one or more received protection policies, to protect the accessed content; protect the accessed resource in accordance with the specified protection policy to provide consistent protection to the accessed resource across the plurality of computer systems; and attach at least a handle to the specific protection policy to the resource such that a receiving computer system can access the specified protection policy from the central repository to consistently protect the resource in accordance with the specified protection policy during subsequent access to the resource.
-
Specification