Computer system security service
First Claim
1. A system providing a computer security service for a computer network accessible by users and comprising services and resources, the system comprising,a computer system that executes security service software components,said software components comprising;
- a policy builder component available to one or more policy managers, for defining access policies for the computer network users, services and resources, anda web-based delegated administration component accessible to users for defining access policies for the computer network users, services and resources, the delegated administration component comprising a graphical user interface available to users for defining said access policies.
5 Assignments
0 Petitions
Accused Products
Abstract
A security service of computer networks having a policy builder, an LDAP-compliant database, a validator and an API. The policy builder component provides a graphical user interface to be used by a policy manager to define access policies for users seeking to access network services and resources. The graphical user interface has a grid of nodes representing access policies. The grid is arranged to correspond to a defined tree structure representing services and resources and a business relationship tree structure representing users. The graphical user interface permits the policy manager to define policy builder plug-ins for access policy customization. The LDAP-compliant database maintains the policy builder plug-ins. The validator component receives requests from users and queries the LDAP-compliant database to obtain relevant access policies as defined by the policy manager. The system provides for double inheritance of access policies such that where there is no express definition of an access policy for a node, the access policies are propagated according to the hierarchical structures of the data. The validator includes validator plug-ins for carrying out access policies corresponding to the access policies defined by policy builder plug-ins.
365 Citations
7 Claims
-
1. A system providing a computer security service for a computer network accessible by users and comprising services and resources, the system comprising,
a computer system that executes security service software components, said software components comprising; -
a policy builder component available to one or more policy managers, for defining access policies for the computer network users, services and resources, and a web-based delegated administration component accessible to users for defining access policies for the computer network users, services and resources, the delegated administration component comprising a graphical user interface available to users for defining said access policies. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification