×

ENFORCING LABEL-BASED RULES ON A PER-USER BASIS IN A DISTRIBUTED NETWORK MANAGEMENT SYSTEM

  • US 20170237745A1
  • Filed: 02/15/2017
  • Published: 08/17/2017
  • Est. Priority Date: 02/16/2016
  • Status: Abandoned Application
First Claim
Patent Images

1. A method of managing security of services executing on servers in a network domain, the method comprising:

  • receiving information describing one or more user groups, each user group containing one or more users associated with the network domain;

    receiving an association between the user group and a set of labeled entities, wherein a labeled entity is a service or a server, the association indicating that users of the user group are permitted to access the labeled entities of the set;

    determining an administrative domain wide policy based on the received association, the administrative domain wide policy specifying a relationship between the user group and the set of labeled entities, the relationship allowing users of the user group to access a service or a server represented by a labeled entity of the set;

    generating management instructions regulating communications between servers of the network domain based on the administrative domain wide policy; and

    sending, to one or more servers, the management instructions to configure each of the one or more servers to implement the administrative domain wide policy.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×