Efficient evaluation of rules
First Claim
Patent Images
1. A computer-implemented method for a policy engine first to organize pre-runtime and second to select policy rules in a way to effect an efficient evaluation of a protocol event at runtime, said protocol event having an agent descriptor, a protocol name, and a protocol action, said method comprising the steps of:
- providing a policy engine first to organize pre-runtime and second to select policy rules in a way to effect an efficient evaluation of a protocol event at runtime, said protocol event having an agent descriptor, a protocol name, and a protocol action, said policy engine;
creating a first associative array having a first key and a first value, wherein said first key corresponds to an agent descriptor and said first value is a reference to a second associative array having a second key and a second value;
creating a second associative array, wherein said second key corresponds to a protocol name and said second value is a reference to a third associative array having a third key and a third value;
creating a third associative array, wherein said third key corresponds to a protocol action and said third value is a reference to a fourth associative array having a fourth key and a fourth value;
creating a fourth associative array, wherein said fourth key corresponds to a set of policy rules and said fourth value is a rank number associated with said any of said policy rules;
upon receiving at runtime an incoming protocol event comprising an associated agent descriptor, an associated protocol name, and an associated protocol action, selecting said first associative array, wherein said first key corresponds to said associated agent descriptor and said first value is a reference to said second associative array;
selecting said second associative array, wherein said second key corresponds to said associated protocol name and said second value is a reference to said third associative array;
selecting said third associative array, wherein said third key corresponds to said associated protocol action and said third value is a reference to said fourth associative array; and
selecting said fourth associative array, wherein said fourth key corresponds to any of said policy rules and said fourth value is a said rank number associated with said any of said policy rules, wherein said rank number is a relative value dependent on, and does not have to be unique with respect to, other rank numbers in said fourth associative array.
13 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus uses a proprietary algorithm for organizing network security policy rules in a way that minimizes the number of rules considered when determining the set of rules applicable to a given protocol event.
-
Citations
10 Claims
-
1. A computer-implemented method for a policy engine first to organize pre-runtime and second to select policy rules in a way to effect an efficient evaluation of a protocol event at runtime, said protocol event having an agent descriptor, a protocol name, and a protocol action, said method comprising the steps of:
-
providing a policy engine first to organize pre-runtime and second to select policy rules in a way to effect an efficient evaluation of a protocol event at runtime, said protocol event having an agent descriptor, a protocol name, and a protocol action, said policy engine; creating a first associative array having a first key and a first value, wherein said first key corresponds to an agent descriptor and said first value is a reference to a second associative array having a second key and a second value; creating a second associative array, wherein said second key corresponds to a protocol name and said second value is a reference to a third associative array having a third key and a third value; creating a third associative array, wherein said third key corresponds to a protocol action and said third value is a reference to a fourth associative array having a fourth key and a fourth value; creating a fourth associative array, wherein said fourth key corresponds to a set of policy rules and said fourth value is a rank number associated with said any of said policy rules; upon receiving at runtime an incoming protocol event comprising an associated agent descriptor, an associated protocol name, and an associated protocol action, selecting said first associative array, wherein said first key corresponds to said associated agent descriptor and said first value is a reference to said second associative array; selecting said second associative array, wherein said second key corresponds to said associated protocol name and said second value is a reference to said third associative array; selecting said third associative array, wherein said third key corresponds to said associated protocol action and said third value is a reference to said fourth associative array; and selecting said fourth associative array, wherein said fourth key corresponds to any of said policy rules and said fourth value is a said rank number associated with said any of said policy rules, wherein said rank number is a relative value dependent on, and does not have to be unique with respect to, other rank numbers in said fourth associative array. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer system for a policy engine first to organize pre-runtime and second to select policy rules in a way to effect an efficient evaluation of a protocol event at runtime, said protocol event having an agent descriptor, a protocol name, and a protocol action, said computer system comprising:
-
at least one computer with accessibly coupled computer memory; a policy engine first to organize pre-runtime and second to select policy rules in a way to effect an efficient evaluation of a protocol event at runtime, said protocol event having an agent descriptor, a protocol name, and a protocol action contains program code segments residing in said computer memory accessibly coupled to said computer of said computer system comprised of; a program code segment supporting creating a first associative array having a first key and a first value, wherein said first key corresponds to an agent descriptor and said first value is a reference to a second associative array having a second key and a second value; a program code segment supporting creating a second associative array, wherein said second key corresponds to a protocol name and said second value is a reference to a third associative array having a third key and a third value; a program code segment supporting creating a third associative array, wherein said third key corresponds to a protocol action and said third value is a reference to a fourth associative array having a fourth key and a fourth value; a program code segment supporting creating a fourth associative array, wherein said fourth key corresponds to a set of policy rules and said fourth value is a rank number associated with said any of said policy rules; a program code segment supporting, upon receiving at runtime an incoming protocol event comprising an associated agent descriptor, an associated protocol name, and an associated protocol action, selecting said first associative array, wherein said first key corresponds to said associated agent descriptor and said first value is a reference to a said second associative array; a program code segment supporting selecting said second associative array, wherein said second key corresponds to said associated protocol name and said second value is a reference to said third associative array; a program code segment supporting selecting said third associative array, wherein said third key corresponds to said associated protocol action and said third value is a reference to said fourth associative array; and a program code segment supporting selecting said fourth associative array, wherein said fourth key corresponds to any of said policy rules and said fourth value is said rank number associated with said any of said policy rules, wherein said rank number is a relative value dependent on, and does not have to be unique with respect to, other rank numbers in said fourth associative array. - View Dependent Claims (7, 8, 9, 10)
-
Specification