METHOD AND APPARATUS FOR SOFTWARE POLICY MANAGEMENT

US 20100218167A1
Filed: 10/22/2007
Published: 08/26/2010
Est. Priority Date: 10/20/2006
Status: Active Grant

First Claim

Patent Images

1. A method of software policy management, comprising:

defining a set of generic policies applicable to both a first policy-enabled software application and a second policy-enabled software application;

creating a first policy enforcement point in uncompiled software code for the first policy-enabled software application, the first policy enforcement point providing a first information element as an output from a compiled version of the first policy-enabled software application;

creating a second policy enforcement point in uncompiled software code for a second policy-enabled software application, the second policy enforcement point providing a second information element as an output from a compiled version of the second policy-enabled software application, the compiled version of the second policy-enabled software application having a different policy requirement than the first policy-enabled software application;

creating, based on the defined set of generic policies, first and second policy decision points as database fields in a policy manager external to the first and second policy-enabled software applications;

receiving the first and second information elements at the first and second policy decision points; and

performing policy decision making for the first and second software applications having different policy requirements based on the set of generic policies and in response to the received first and second information elements.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for software policy management are provided. A compiled policy-enabled software application includes a policy enforcement point to export an information element to a policy manager. The policy manager includes a policy interpreter having a policy decision point to perform policy decision making based on the received information element from the policy enforcement point. Through a plurality of policy decision points, the policy manager can execute a wide range of policies for different compiled software applications. Policies can be modified centrally in the policy interpreter and changes can affect either one or more of the policy-enabled software applications. A policy manager browser can create and manage the policy decision making performed by the policy interpreter.

42 Citations

View as Search Results

25 Claims

1. A method of software policy management, comprising:
- defining a set of generic policies applicable to both a first policy-enabled software application and a second policy-enabled software application;
  
  creating a first policy enforcement point in uncompiled software code for the first policy-enabled software application, the first policy enforcement point providing a first information element as an output from a compiled version of the first policy-enabled software application;
  
  creating a second policy enforcement point in uncompiled software code for a second policy-enabled software application, the second policy enforcement point providing a second information element as an output from a compiled version of the second policy-enabled software application, the compiled version of the second policy-enabled software application having a different policy requirement than the first policy-enabled software application;
  
  creating, based on the defined set of generic policies, first and second policy decision points as database fields in a policy manager external to the first and second policy-enabled software applications;
  
  receiving the first and second information elements at the first and second policy decision points; and
  
  performing policy decision making for the first and second software applications having different policy requirements based on the set of generic policies and in response to the received first and second information elements.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1 wherein the step of performing policy decision making for the first and second software applications having different policy requirements comprises different decision making for the first and second software applications.
  - 3. The method of claim 1 wherein the first and second software applications have different policies.
  - 4. The method of claim 1 wherein the first and second software applications have different policy types.
  - 5. The method of claim 1 further comprising receiving a policy decision at the first policy enforcement point and determining an action to be taken in the first policy-enabled software application in response to the received policy decision.
  - 6. The method of claim 1 further comprising generating and propagating a corporate policy decision by returning the corporate policy decision to the first and second compiled policy-enabled software applications.
  - 7. The method of claim 1 wherein the compiled version of the first policy-enabled software application is deployed in a plurality of instances, and the method further comprises generating and propagating an individual application policy decision by returning the individual application policy decision to each of the plurality of instances of the first policy-enabled software application.
  - 8. The method of claim 1 wherein the steps of creating the first and second policy enforcement points are performed before the step of defining the policies.
  - 9. The method of claim 8 wherein the policies are defined in relation to the data in the first information element and/or the second information element.
  - 10. The method of claim 1 wherein the steps of creating the first and second policy enforcement points are performed independent of the defined policies.
  - 11. A computer-readable medium storing statements and instructions for execution by a processor to perform the method of software policy management of claim 1.

12. A system for software policy management comprising:
- a first compiled policy-enabled software application including a first policy enforcement point to export a first information element;
  
  a second compiled policy-enabled software application including a second policy enforcement point to export a second information element, the second compiled policy-enabled software application having a different policy requirement than the first compiled policy-enabled software application; and
  
  a policy interpreter including first and second policy decision points to receive the first and second information elements, respectively, and having a set of generic policies applicable to both the first and second compiled policy-enabled software applications, the policy interpreter arranged to perform policy decision making for the first and second software applications having different policy requirements based on the set of generic policies and on the received first and second information elements.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 13. The system of claim 12 wherein the policy interpreter is arranged to perform different decision making for the first and second software applications.
  - 14. The system of claim 12 wherein the first and second software applications have different policies.
  - 15. The system of claim 12 wherein the first and second software applications have different policy types.
  - 16. The system of claim 12 further comprising a policy manager editor to create and manage the policy decision making performed by the policy interpreter.
  - 17. The system of claim 12 wherein the first compiled policy-enabled software application determines an action to be taken in response to receiving a policy decision from the policy interpreter.
  - 18. The system of claim 12 wherein the policy interpreter generates a corporate policy decision and propagates the corporate policy decision by returning the corporate policy decision to the first and second compiled policy-enabled software applications.
  - 19. The system of claim 12 wherein the first compiled policy-enabled software application is deployed in a plurality of instances, and the policy interpreter generates an individual application policy decision and propagates the individual application policy decision by returning the individual application policy decision to each of the plurality of instances of the first policy-enabled software application.
  - 20. The system of claim 12 wherein the first policy enforcement point is included in a method in a class in the first compiled policy-enabled software application.
  - 21. The system of claim 20 wherein the class comprises policy enforcement import statements.
  - 22. The system of claim 12 wherein the first information element comprises keyword-value pairs on which the policy interpreter will make decisions.
  - 23. The system of claim 12 wherein the first information element comprises a list of policy rule sets to be performed for a given policy.
  - 24. The system of claim 12 wherein the first information element comprises a policy indicator to indicate a policy rule execution status.

25. A method of software policy management, comprising:
- defining a set of generic policies applicable to both a first policy-enabled software application and a second policy-enabled software application;
  
  creating a first policy enforcement point in uncompiled software code for the first policy-enabled software application, the first policy enforcement point providing a first information element as an output from a compiled version of the first policy-enabled software application;
  
  creating a second policy enforcement point in uncompiled software code for a second policy-enabled software application, the second policy enforcement point providing a second information element as an output from a compiled version of the second policy-enabled software application, the compiled version of the second policy-enabled software application having a different policy requirement than the first policy-enabled software application; and
  
  creating, based on the defined set of generic policies, first and second policy decision points as database fields in a policy manager external to the first and second policy-enabled software applications, the first and second policy decision points to receive the first and second information elements and perform policy decision making for the first and second software applications having different policy requirements based on the set of generic policies and in response to the received first and second information elements.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Her Majesty The Queen In Right of Canada As Represented By The Minister of National Defence
Original Assignee
Public Health Agency of Canada (Government of Canada), Her Majesty The Queen In Right of Canada As Represented By The Minister of National Defence
Inventors
Turner, Cameron, Bishay, Hany

Granted Patent

US 8,418,124 B2
Time in Patent Office

Days
Field of Search
US Class Current

717/120
CPC Class Codes

G06F 21/629 to features or functions of...

METHOD AND APPARATUS FOR SOFTWARE POLICY MANAGEMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

42 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR SOFTWARE POLICY MANAGEMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links