×

System and method for analyzing security policies in a distributed computer network

  • US 7,350,226 B2
  • Filed: 09/13/2002
  • Issued: 03/25/2008
  • Est. Priority Date: 12/13/2001
  • Status: Active Grant
First Claim
Patent Images

1. A system for analyzing security in a distributed computing environment, comprising:

  • a policy manager, includingan enterprise policy data file containing a global security policy, comprised of a plurality of rules for granting or denying users privileges to securable objects; and

    a policy analysis engine for constructing a policy verification query, executing the policy verification query against the global security policy and providing a result set containing policy inconsistencies within the global security policy;

    wherein executing the policy verification query includes generating a first request for users that have a first privilege to a first object and generating a second request for users that have a second privilege to a second object wherein the first and second request are inconsistent and generating said result set containing the policy inconsistencies based on users that match said first request and said second request.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×