System and method for ensuring proper implementation of computer security policies
First Claim
1. A system for monitoring the processing of security commands related to security profiles in a computer system, comprising:
- a profile monitor for receiving an input security command related to a security profile;
a profile verification unit for verifying the input security command using at least one reference security profile to generate a verified output security command; and
a profile processor for processing the output security command.
8 Assignments
0 Petitions
Accused Products
Abstract
Security profiles generated, amended, or deleted by an administrator are monitored to determine whether the administrator'"'"'s actions are in compliance with known security policies. Out-of-compliance commands affecting the profiles are refused or otherwise modified to conform with the policies, depending on the circumstances. Feedback of the failure to comply may be provided and may take the form of a screen inquiry to the administrator, a notification to the administrator that the profile has been automatically modified, or a report of the transaction to a chief administrator. In this manner, negligent and intentional failures to comply with security policies by a local security administrator are mitigated or eliminated.
-
Citations
48 Claims
-
1. A system for monitoring the processing of security commands related to security profiles in a computer system, comprising:
-
a profile monitor for receiving an input security command related to a security profile; a profile verification unit for verifying the input security command using at least one reference security profile to generate a verified output security command; and a profile processor for processing the output security command. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for monitoring the processing of security commands related to security profiles in a computer system, comprising:
-
receiving an input security command related to a security profile; verifying the input security command using at least one reference security profile to generate a verified output security command; and processing at a profile processor, the output security command. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A computer program product comprising computer program code stored in at least one memory, when executed by at least one processor, the computer program product configured to perform a method for monitoring the processing of security commands related to security profiles in a computer system, the method comprising:
-
receiving an input security command related to a security profile; verifying the input security command using at least one reference security profile to generate a verified output security command; and processing at a profile processor, the output security command. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48)
-
Specification