Tagging Security-Relevant System Objects
First Claim
1. A computer-implemented method comprising:
- detecting an event associated with a system component;
filtering the event based on a configurable policy; and
based at least in part on the detecting and the filtering, assigning a tag to a data object representing the system component.
2 Assignments
0 Petitions
Accused Products
Abstract
Devices described herein are configured to propagate tags among data objects representing system components. Such devices may detect an event associated with a plurality of system components. Based at least in part on detecting the event and on a configurable policy, the devices may propagate a tag that is assigned to a data object representing one of the plurality of system components to another data object representing another of the plurality of system components. One example of such a tag may be associated with a tree object that represents an execution chain of instances of at least the system component represented by the data object and the other system component represented by the other data object. Another example of such a tag may be a user-specified tag of another entity that the entity associated with the devices subscribes to.
35 Citations
26 Claims
-
1. A computer-implemented method comprising:
-
detecting an event associated with a system component; filtering the event based on a configurable policy; and based at least in part on the detecting and the filtering, assigning a tag to a data object representing the system component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method comprising:
-
detecting an event associated with a plurality of system components; and based at least in part on a configurable policy and on detecting the event, propagating a tag that is assigned to a data object representing one of the plurality of system components to another data object representing another of the plurality of system components. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system comprising:
-
a processor; a memory coupled to the processor, the memory storing; data objects representing a plurality of system components, a tree object representing an execution chain of instances of at least a subset of the system components, and executable instructions, which, when operated by the processor, perform operations including; assigning a tag for the tree object to the data objects representing the subset of the system components, assigning one or more tags to the tree object, those tags applying to the data objects having the tag for the tree object, and making a decision based at least in part on tags assigned to the data objects representing the subset of the system components and the tags assigned to tree object. - View Dependent Claims (21, 22, 23)
-
-
24. One or more non-transitory computer-readable media having stored thereon a plurality of programming instructions that, when executed by a computing device, cause the computing device to perform operations comprising:
-
subscribing, by an entity, to user-specified tags of another entity, the user-specified tags being associated with data objects representing system components of computing devices of the other entity, assigning the other entity'"'"'s user-specified tags to data objects representing system components of computing devices of the entity; and making a decision based at least in part on the other entity'"'"'s user-specified tags. - View Dependent Claims (25, 26)
-
Specification