System and method for categorizing security profile rules within a computer system

US 7,062,649 B2
Filed: 01/12/2001
Issued: 06/13/2006
Est. Priority Date: 01/12/2001
Status: Expired due to Term

First Claim

Patent Images

1. A computer system, comprising:

a display device having a screen for displaying images; and

a security application defining a list of security rules for locking down resources of said computer system, said security application configured to categorize said rules into a plurality of categories and to display at least one of said categories on said screen, said security application configured to determine which of said rules are associated with said one category in response to a selection of said one category by a user of said computer system, said security application configured to display on said screen each of said rules associated with said one category in response to said selection, said security application further configured to allow said user to enable ones of said rules and to cause said computer system to enforce said enabled ones of said rules by modifying a machine state of said computer system, wherein different ones of said categories respectively pertain to different ones of a plurality of applications and wherein said rules are categorized such that said one category is assigned only to ones of said rules that affect a particular application pertaining to said one category.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for simplifying selection of security profile rules within a computer system utilizes a display device and a security application. The security application defines a list of security rules for locking down resources of a computer system and categorizes these rules into a plurality of categories. The security application displays at least one of these categories on a screen of the display device. When a user selects one of the categories, the security application determines which of the security rules are associated with the selected category and displays each of these associated security rules. The user then may enable ones of the displayed rule, and the security application, in response to an activation request, causes the computer system to enforce the enabled rules by modifying a machine state of the computer system.

36 Citations

View as Search Results

19 Claims

1. A computer system, comprising:
- a display device having a screen for displaying images; and
  
  a security application defining a list of security rules for locking down resources of said computer system, said security application configured to categorize said rules into a plurality of categories and to display at least one of said categories on said screen, said security application configured to determine which of said rules are associated with said one category in response to a selection of said one category by a user of said computer system, said security application configured to display on said screen each of said rules associated with said one category in response to said selection, said security application further configured to allow said user to enable ones of said rules and to cause said computer system to enforce said enabled ones of said rules by modifying a machine state of said computer system, wherein different ones of said categories respectively pertain to different ones of a plurality of applications and wherein said rules are categorized such that said one category is assigned only to ones of said rules that affect a particular application pertaining to said one category.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computer system of claim 1, wherein said computer system further comprises memory storing various computer applications, and wherein said security application is further configured to determine which computer applications are stored in said memory and to display said categories based on a determination by said security application as to which computer applications are stored in said memory.
  - 3. The system of claim 1, wherein said one category is displayed on said screen by said security application in response to a selection of another category by said user.
  - 4. The system of claim 1, wherein said one category is a sub-category of another of said categories.
  - 5. The system of claim 1, wherein each of said rules is assigned to a respective one of said categories based on whether said each rule controls access to an application pertaining to said respective one category.
  - 6. The system of claim 1, wherein each of said categories is assigned only to ones of said security rules that affect a respective one of said applications pertaining to said each category.
  - 7. The system of claim 1, wherein said security application, in response to a selection of one of said rules, is configured to display help information pertaining to said one rule.

8. A system for locking down resources of computer systems, comprising:
- means for defining a list of security rules for locking down resources of a computer system;
  
  means for categorizing said rules into a plurality of categories;
  
  means for displaying at least one of said categories;
  
  means for determining, in response to a selection of said one category, which of said rules is associated with said one category;
  
  means for displaying each of said rules determined to be associated with said one category;
  
  means for enabling ones of said rules based on user inputs; and
  
  means for enforcing each of said enabled rules,wherein different ones of said categories respectively pertain to different ones of a plurality of applications and wherein said categorizing means is configured to assign said one category only to ones of said rules that affect a particular application pertaining to said one category.
- View Dependent Claims (9, 10, 11)
- - 9. The system of claim 8, further comprising:
    - means for storing various computer applications;
      
      means for identifying which computer applications are stored in said storing means; and
      
      means for displaying said categories based on which computer applications are identified by said identifying means.
  - 10. The system of claim 8, further comprising:
    - means for selecting another of said categories; and
      
      means for displaying said one category in response to a selection by said selecting means.
  - 11. The system of claim 8, wherein said one category is a sub-category of another of said categories.

12. A method for locking down resources of computer systems, comprising:
- defining a list of security rules for locking down resources of a computer system;
  
  categorizing said rules into a plurality of categories, wherein different ones of the plurality of categories pertain to different ones of a plurality of applications;
  
  displaying at least one of said categories;
  
  determining, in response to a selection of said one category, which of said rules is associated with said one category;
  
  displaying each of said rules determined to be associated with said one category;
  
  enabling ones of said rules; and
  
  enforcing each of said enabled rules based on said enabling, wherein said categorizing comprises assigning said one category only to ones of said rules that affect a particular application pertaining to said one category.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The method of claim 12, wherein said computer system has memory and said method further comprises:
    - storing various computer applications in said memory;
      
      determining which computer applications are stored in said memory; and
      
      displaying said categories based on said determining which computer applications are stored in said memory.
  - 14. The method of claim 12, further comprising:
    - selecting another of said categories; and
      
      displaying said one category in response to said selecting.
  - 15. The method of claim 12, wherein said one category is a sub-category of another of said categories.
  - 16. The method of claim 12, wherein said categorizing comprises assigning each of said rules to a respective one of said categories in response to a determination that said each rule controls access to an application pertaining to said respective one category.
  - 17. The method of claim 12, wherein each of said categories pertains to only a respective one of said applications.
  - 18. The method of claim 12, further comprising:
    - selecting one of said rules; and
      
      displaying help information pertaining to said one rule in response to said selecting.
  - 19. The method of claim 12, further comprising making said selection in response to a determination that said one category pertains to said particular application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micro Focus LLC (Open Text Corporation)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Daigle, Brian K., Daniell, William T.
Primary Examiner(s)
Sheikh, Ayaz
Assistant Examiner(s)
LAFORGIA, CHRISTIAN A

Application Number

US09/760,236
Publication Number

US 20020095592A1
Time in Patent Office

1,978 Days
Field of Search

713/201, 713/200, 713/164, 713/166, 713/167, 713/165, 726/1, 726/27
US Class Current

713/165
CPC Class Codes

G06F 21/604 Tools and structures for ma...

G06F 21/6218 to a system of files or obj...

System and method for categorizing security profile rules within a computer system

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for categorizing security profile rules within a computer system

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links