COMPUTER SYSTEM, MANAGEMENT SYSTEM AND RECORDING MEDIUM
First Claim
Patent Images
1. A computer system comprising:
- a client computer;
a first management computer coupled to the client computer; and
a second management computer coupled to the client computer and the first management computer,wherein the first management computer sends, to the client computer, first security policy information for controlling the operation of a security management program of the client computer, and rule information denoting a rule for creating second security policy information from a plurality of pieces of the first security policy information,wherein the second management computer sends, to the client computer, other first security policy information in which the control operation differs from that of the first security policy information sent to the client computer from the first management computer, andwherein the client computer creates, on the basis of the rule information received from the first management computer, the second security policy information from the first security policy information received from the first management computer and the other first security policy information received from the second management computer, and controls the operation of the security management program based on the second security policy information.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention prevents the deterioration of security while maintaining usability in a case where a plurality of policies are applied to a client computer. Policies created by respective management servers 10 (Ma through Md) and by a highest-level management server 10 (Msa) are set in a client computer 20. The highest-level management server delivers, to the client computer, a merge rule for creating one policy from a plurality of policies. The client computer creates a new policy from a plurality of policies and the merge rule, and manages a security function.
69 Citations
15 Claims
-
1. A computer system comprising:
-
a client computer; a first management computer coupled to the client computer; and a second management computer coupled to the client computer and the first management computer, wherein the first management computer sends, to the client computer, first security policy information for controlling the operation of a security management program of the client computer, and rule information denoting a rule for creating second security policy information from a plurality of pieces of the first security policy information, wherein the second management computer sends, to the client computer, other first security policy information in which the control operation differs from that of the first security policy information sent to the client computer from the first management computer, and wherein the client computer creates, on the basis of the rule information received from the first management computer, the second security policy information from the first security policy information received from the first management computer and the other first security policy information received from the second management computer, and controls the operation of the security management program based on the second security policy information. - View Dependent Claims (2, 3, 4, 5, 9, 10)
-
-
6. A management system for managing a client computer, comprising:
-
a first management computer coupled to the client computer; and a second management computer coupled to the client computer, wherein the first management computer sends, to the client computer, first security policy information for controlling the operation of a security management program of the client computer, and rule information denoting a rule for creating second security policy information from a plurality of pieces of the first security policy information, wherein the second management computer sends, to the client computer, other first security policy information in which the control operation differs from that of the first security policy information sent to the client computer from the first management computer, and wherein inside the client computer, the management system creates, on the basis of the rule information received from the first management computer, the second security policy information from the first security policy information received from the first management computer and the other first security policy information received from the second management computer, and controls the operation of the security management program based on the created second security policy information. - View Dependent Claims (7, 8)
-
-
11. A recording medium, which records a computer program for causing a computer that is communicably coupled to a client computer to function as a management computer, this computer-readable recording medium recording a computer program for realizing:
-
a function to create a plurality of pieces of first security policy information for controlling the operation of a security management program of the client computer; a function to create rule information denoting a rule for creating second security policy information from the respective pieces of first security policy information; and a function to send the respective pieces of first security policy information and the rule information to the client computer, to thereby create the second security policy information from the respective pieces of first security policy information based on the rule information inside the client computer, and to control the operation of the security management program based on the created second security policy information. - View Dependent Claims (12, 13, 14, 15)
-
Specification