×

System and method for incrementally distributing a security policy in a computer network

  • US 7,363,650 B2
  • Filed: 09/13/2002
  • Issued: 04/22/2008
  • Est. Priority Date: 10/28/1998
  • Status: Expired due to Term
First Claim
Patent Images

1. A system for updating a security policy in a distributed computing environment, comprising:

  • a policy manager, coupled to a network, includinga global version of a security policy;

    tracking means for recording a sequence of incremental changes to be made to the global version of the security policy at the policy manager;

    computing means for pre-computing an accumulated delta based on the sequence of incremental changes to the global version of the security policy, said pre-computing being executed prior to updating the security policy;

    updating means for combining the accumulated delta with the global version of the security policy to generate a second version of the security policy; and

    a policy distributor for determining which application guard the sequence of incremental changes is applicable to and for transmitting the accumulated delta to the application guard through the network; and

    the application guard, coupled to the network, forstoring a local version of the security policy, said local version being a subset of the global version of the security policy;

    receiving the accumulated delta distributed through the network;

    updating the local version of the security policy by combining the received accumulated delta with the local version of the security policy to generate a copy of an updated local version of the security policy based on the sequence of incremental chances to the global version of the security policy; and

    storing the undated local version of the security policy.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×