System and process for brokering a plurality of security applications using a modular framework in a distributed computing environment
First Claim
1. A system for brokering a plurality of security applications using a centralized broker in a distributed computing environment, comprising:
- a centralized broker executing on a designated system within the distributed computing environment;
a set of snap-in components each performing a common management task sharable by a plurality of security applications;
a console interface exposed by the centralized broker, the console interface implementing a plurality of browser methods which each define an browser function which can be invoked by each snap-in component, wherein the browser function comprises at least one member selected from the group comprising integrating snap-in components, accessing a namespace, embedding user interface elements, and handling window messages;
a set of snap-in interfaces exposed by each snap-in component, each snap-in interface implementing a plurality of service methods which each define a user-interface function which can be invoked by the centralized broker, wherein the user-interface function comprises at least one member selected from the group comprising creating and managing folder objects, creating and managing view windows, retrieving icons, merging a context menu, creating and managing menus, and adding items to toolbars; and
at least one security application centrally brokered by the centralized broker by interfacing each security application to the centralized broker through the snap-in components, managing each security application by invoking at least one such browser method via the console interface, and centrally servicing a plurality of the security applications by invoking at least one such service method via at least one such snap-in interface.
10 Assignments
0 Petitions
Accused Products
Abstract
A system and process for brokering a plurality of security applications using a centralized broker in a distributed computing environment is described. A centralized broker is executed on a designated system within the distributed computing environment. A set of snap-in components are provided with each performing a common management task sharable by a plurality of security applications. A console interface is exposed from the centralized broker. The console interface implements a plurality of browser methods which each define an browser function which can be invoked by each snap-in component. A set of snap-in interfaces are exposed from each snap-in component. Each snap-in interface implements a plurality of service methods which each define a user-interface function which can be invoked by the centralized broker. One or more security applications are brokered through the centralized broker. Each security application is interfaced to the centralized broker through the snap-in components. Each security application is managed by invoking at least one such browser method via the console interface. A plurality of the security applications are centrally serviced by invoking at least one such service method via at least one such snap-in interface.
-
Citations
28 Claims
-
1. A system for brokering a plurality of security applications using a centralized broker in a distributed computing environment, comprising:
-
a centralized broker executing on a designated system within the distributed computing environment;
a set of snap-in components each performing a common management task sharable by a plurality of security applications;
a console interface exposed by the centralized broker, the console interface implementing a plurality of browser methods which each define an browser function which can be invoked by each snap-in component, wherein the browser function comprises at least one member selected from the group comprising integrating snap-in components, accessing a namespace, embedding user interface elements, and handling window messages;
a set of snap-in interfaces exposed by each snap-in component, each snap-in interface implementing a plurality of service methods which each define a user-interface function which can be invoked by the centralized broker, wherein the user-interface function comprises at least one member selected from the group comprising creating and managing folder objects, creating and managing view windows, retrieving icons, merging a context menu, creating and managing menus, and adding items to toolbars; and
at least one security application centrally brokered by the centralized broker by interfacing each security application to the centralized broker through the snap-in components, managing each security application by invoking at least one such browser method via the console interface, and centrally servicing a plurality of the security applications by invoking at least one such service method via at least one such snap-in interface. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
a console window running on the centralized broker through which individual controls within each of the security applications can be configured using the browser methods.
-
-
3. A system according to claim 1, further comprising:
each such security application interfacing as a plug-in component to the centralized broker.
-
4. A system according to claim 1, further comprising:
-
at least one security application executed locally on the designated system; and
the at least one local security application brokered as a local process running on the designated system.
-
-
5. A system according to claim 1, further comprising:
-
at least one security application executed remotely on a remote system within the distributed computing environment; and
the at least one remote security application brokered as a remote process running on the remote system.
-
-
6. A system according to claim 5, wherein at least one such snap-in component comprises an agent communication service, further comprising:
-
an agent running on the remote system interfaced to the at least one remote security application; and
the agent communicating with the agent communication service through which the centralized broker manages the at least one remote security application.
-
-
7. A system according to claim 1, further comprising:
-
an event database maintained on each system within the distributed computing environment;
event data from at least one such security application stored in the event database and retrieved from the event database into the centralized broker for use by one or more of the snap-in components.
-
-
8. A system according to claim 7, further comprising:
-
a plurality of event databases formed into an event database hierarchy, comprising;
one such event database designated as a root event database;
each of the other such event databases structured into one or more levels of child event databases;
the stored event data from the child event databases cascaded successively upward to the root event database; and
retrieving the cascaded stored event data from the root event database into the centralized broker.
-
-
9. A system according to claim 1, wherein each security application comprises at least one member selected from the group comprising a firewall, an intrusion detection system, and antivirus scanner.
-
10. A system according to claim 1, wherein the set of communication interfaces is COM-compliant.
-
11. A process for brokering a plurality of security applications using a centralized broker in a distributed computing environment, comprising:
-
executing a centralized broker on a designated system within the distributed computing environment;
providing a set of snap-in components each performing a common management task sharable by a plurality of security applications;
exposing a console interface from the centralized broker, the console interface implementing a plurality of browser methods which each define an browser function which can be invoked by each snap-in component, wherein the browser function comprises at least one member selected from the group comprising integrating snap-in components, accessing a namespace, embedding user interface elements, and handling window messages;
exposing a set of snap-in interfaces from each snap-in component, each snap-in interface implementing a plurality of service methods which each define a user-interface function which can be invoked by the centralized broker, wherein the user-interface function comprises at least one member selected from the group comprising creating and managing folder objects, creating and managing view windows, retrieving icons, merging a context menu, creating and managing menus, and adding items to toolbars; and
brokering one or more security applications through the centralized broker, comprising;
interfacing each security application to the centralized broker through the snap-in components;
managing each security application by invoking at least one such browser method via the console interface; and
centrally servicing a plurality of the security applications by invoking at least one such service method via at least one such snap-in interface. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
running a console window on the centralized broker through which individual controls within each of the security applications can be configured using the browser methods.
-
-
13. A process according to claim 11, further comprising:
interfacing each such security application as a plug-in component to the centralized broker.
-
14. A process according to claim 11, further comprising:
-
executing at least one security application locally on the designated system; and
brokering the at least one local security application as a local process running on the designated system.
-
-
15. A process according to claim 11, further comprising:
-
executing at least one security application remotely on a remote system within the distributed computing environment; and
brokering the at least one remote security application as a remote process running on the remote system.
-
-
16. A process according to claim 15, wherein at least one such snap-in component comprises an agent communication service, further comprising:
-
interfacing an agent running on the remote system to the at least one remote security application; and
communicating with the agent via the agent communication service through which the centralized broker manages the at least one remote security application.
-
-
17. A process according to claim 11, further comprising:
-
maintaining an event database on each system within the distributed computing environment;
storing event data from at least one such security application in the event database; and
retrieving the stored event data from the event database into the centralized broker for use by one or more of the snap-in components.
-
-
18. A process according to claim 17, further comprising:
-
forming a plurality of event databases into an event database hierarchy, comprising;
designating one such event database as a root event database;
structuring each of the other such event databases into one or more levels of child event databases;
cascading the stored event data from the child event databases successively upward to the root event database; and
retrieving the cascaded stored event data from the root event database into the centralized broker.
-
-
19. A process according to claim 11, wherein each security application comprises at least one member selected from the group comprising a firewall, an intrusion detection system, and antivirus scanner.
-
20. A process according to claim 11, wherein the set of communication interfaces is COM-compliant.
-
21. A computer-readable storage medium holding code for brokering a plurality of security applications using a centralized broker in a distributed computing environment, comprising:
-
executing a centralized broker on a designated system within the distributed computing environment;
providing a set of snap-in components each performing a common management task sharable by a plurality of security applications;
exposing a console interface from the centralized broker, the console interface implementing a plurality of browser methods which each define an browser function which can be invoked by each snap-in component, wherein the browser function comprises at least one member selected from the group comprising integrating snap-in components, accessing a namespace, embedding user interface elements, and handling window messages;
exposing a set of snap-in interfaces from each snap-in component, each snap-in interface implementing a plurality of service methods which each define a user-interface function which can be invoked by the centralized broker, wherein the user-interface function comprises at least one member selected from the group comprising creating and managing folder objects, creating and managing view windows, retrieving icons, merging a context menu, creating and managing menus, and adding items to toolbars; and
brokering one or more security applications through the centralized broker, comprising;
interfacing each security application to the centralized broker through the snap-in components;
managing each security application by invoking at least one such browser method via the console interface; and
centrally servicing a plurality of the security applications by invoking at least one such service method via at least one such snap-in interface. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
running a console window on the centralized broker through which individual controls within each of the security applications can be configured using the browser methods.
-
-
23. A storage medium according to claim 21, further comprising:
interfacing each such security application as a plug-in component to the centralized broker.
-
24. A storage medium according to claim 21, further comprising:
-
executing at least one security application locally on the designated system; and
brokering the at least one local security application as a local process running on the designated system.
-
-
25. A storage medium according to claim 21, further comprising:
-
executing at least one security application remotely on a remote system within the distributed computing environment; and
brokering the at least one remote security application as a remote process running on the remote system.
-
-
26. A storage medium according to claim 25, wherein at least one such snap-in component comprises an agent communication service, further comprising:
-
interfacing an agent running on the remote system to the at least one remote security application; and
communicating with the agent via the agent communication service through which the centralized broker manages the at least one remote security application.
-
-
27. A storage medium according to claim 21, further comprising:
-
maintaining an event database on each system within the distributed computing environment;
storing event data from at least one such security application in the event database; and
retrieving the stored event data from the event database into the centralized broker for use by one or more of the snap-in components.
-
-
28. A storage medium according to claim 27, further comprising:
-
forming a plurality of event databases into an event database hierarchy, comprising;
designating one such event database as a root event database;
structuring each of the other such event databases into one or more levels of child event databases;
cascading the stored event data from the child event databases successively upward to the root event database; and
retrieving the cascaded stored event data from the root event database into the centralized broker.
-
Specification