AUTOMATED MULTI-LEVEL FEDERATION AND ENFORCEMENT OF INFORMATION MANAGEMENT POLICIES IN A DEVICE NETWORK
First Claim
1. A method for managing a plurality of disparate computer application and data control policies on a computing device, comprising:
- providing at least one policy distribution point, said at least one policy distribution point including at least one information management policy;
providing a plurality of policy enforcement points, including a first policy enforcement point operating at first policy enforcement level, and a second policy enforcement point operating at second policy enforcement level;
allocating a first policy element to said first policy enforcement point, and a second policy element to said second policy enforcement point; and
providing a management compartment in computer memory in communication with said computing device, said management compartment including one or more computer applications, data, and metadata specified and controlled by said at least one information management policy.
6 Assignments
0 Petitions
Accused Products
Abstract
Methods, apparatus, systems, and non-transitory computer-readable media for managing a plurality of disparate computer application and data control policies on a computing device, especially a computing device connected to a computer network, are described. In one example, at least one policy distribution point is provided that includes least one policy distribution point including at least one information management policy. A plurality of policy enforcement points, including a first policy enforcement point operating at a first policy enforcement level, and a second enforcement point operating at second policy enforcement level, are also provided. A first policy element to the first policy enforcement point, and a second policy element to the second policy enforcement point, are allocated. A management compartment in computer memory in communication with said computing device including one or more computer applications, data, and metadata specified and controlled by the information management policy is also provided.
-
Citations
28 Claims
-
1. A method for managing a plurality of disparate computer application and data control policies on a computing device, comprising:
-
providing at least one policy distribution point, said at least one policy distribution point including at least one information management policy; providing a plurality of policy enforcement points, including a first policy enforcement point operating at first policy enforcement level, and a second policy enforcement point operating at second policy enforcement level; allocating a first policy element to said first policy enforcement point, and a second policy element to said second policy enforcement point; and providing a management compartment in computer memory in communication with said computing device, said management compartment including one or more computer applications, data, and metadata specified and controlled by said at least one information management policy. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for managing a plurality of disparate computer application and data control policies on one or more computing devices, comprising:
-
at least one policy distribution point, said at least one policy distribution point comprising at least one information management policy; a plurality of policy enforcement points, including a first policy enforcement point operating at first policy enforcement level and enforcing at least a first policy element of said at least one information management policy, and a second policy enforcement point operating at second policy enforcement level and enforcing at least a second policy element of said at least one information management policy; and a management compartment in computer memory in communication with said computing device, said management compartment including one or more computer applications, data, and metadata specified and controlled by said at least one information management policy. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An apparatus for managing a plurality of disparate computer application and data control policies on at least one computing device, comprising:
-
a plurality of policy enforcement points configured to receive at least one information management policy, comprising at least a first policy element and a second policy element, from one or more policy distribution points, said policy enforcement points further including a first policy enforcement point operating at first policy enforcement level, and a second enforcement point operating at second policy enforcement level, said first policy element being allocated to said first policy enforcement point, and said second policy element being allocated to a second policy enforcement point; and at least one management compartment in computer memory in communication with said computing device, each such management compartment including one or more computer applications, data, and metadata specified and controlled by one of said at least one information management policies. - View Dependent Claims (16, 18, 19, 20, 21)
-
-
17. The apparatus of claim 17, further comprising a capability for defining the management of computer applications that access data or metadata contained in each of said management compartments.
-
22. A non-transitory computer readable medium containing a computer program product providing data and instructions configured to enable a computer to manage a plurality of disparate computer application and data control policies on at least one computing device, said computer program product comprising instructions to enable said computer to:
-
establish and operate a plurality of policy enforcement points configured to receive at least one information management policy provided by one or more policy distribution points, said policy enforcement points further including a first policy enforcement point operating at first policy enforcement level, and a second enforcement point operating at second policy enforcement level, said first policy element being allocated to said first policy enforcement point, and said second policy element being allocated to a second policy enforcement point; and establish and operate at least one management compartment in computer memory in communication with said computing device, said management compartment including one or more computer applications, data, and metadata specified and controlled by said at least one information management policy. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
Specification