Methods and systems for securing a system in an adaptive computer environment
First Claim
Patent Images
1. An automated method for securing a target system, comprising:
- detecting a request to change an entity in the target system, the target system having an existing security profile;
constructing a security configuration group associated with the entity, the security configuration group including security policy of the entity with associated constraints;
fusing the security configuration group with the existing security profile to form a unified security profile, the fusing of the security configuration group including automatically resolving any conflict with constraints associated with security policy of the entity; and
prosecuting the unified security profile onto the target system.
2 Assignments
0 Petitions
Accused Products
Abstract
An automated method for securing a target system is provided. In this method, a request to change an entity in the target system is detected. The target system has an existing security profile or one is created. As a result, a security configuration group associated with the changed entity is constructed. The security configuration group is then fused with the existing security profile to form a unified security profile, and the unified security profile is prosecuted onto the target system. Other methods and a system for securing the target system are also described.
16 Citations
24 Claims
-
1. An automated method for securing a target system, comprising:
-
detecting a request to change an entity in the target system, the target system having an existing security profile; constructing a security configuration group associated with the entity, the security configuration group including security policy of the entity with associated constraints; fusing the security configuration group with the existing security profile to form a unified security profile, the fusing of the security configuration group including automatically resolving any conflict with constraints associated with security policy of the entity; and prosecuting the unified security profile onto the target system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for securing a target system, comprising:
-
receiving a request to add an entity to the target system, the target system having an existing security profile; adding a security configuration associated with the entity to a security configuration group the security configuration associated with the entity including associated constraints; fusing the security configuration group with the existing security profile to form a unified security profile, the fusing of the security configuration group including automatically resolving any conflict with constraints associated with the security policy of the entity; and prosecuting the unified security profile onto the target system. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A method for securing a target system, comprising:
-
receiving a request to remove an entity from the target system, the target system having an existing security configuration group within an existing security profile, the security configuration group including security policy of the entity with associated constraints; removing a security configuration associated with the entity from the existing security configuration group; fusing the existing security configuration group with the existing security profile to form a unified security profile, the fusing of the security configuration group including automatically resolving any conflict with constraints associated with security policy of the entity; and prosecuting the unified security profile onto the target system. - View Dependent Claims (20)
-
-
21. A system for securing a target system, comprising:
-
a memory for storing an adaptive security program module; and a central processing unit for executing the adaptive security program module stored in the memory, the adaptive security program module including, logic for detecting a request to change an entity in the target system, the target system having an existing security profile; if the request is to add the entity to the target system, logic for adding a security configuration associated with the entity to a security configuration group; if the request is to remove the entity from the target system, logic for removing the security configuration associated with the entity from an existing security configuration group; logic for fusing the security configuration group with the existing security profile to form a unified security profile when the entity is added to the target system; logic for fusing the existing security configuration group with the existing security profile to form the unified security profile when the entity is removed from the target system; and logic for prosecuting the unified security profile onto the target system, wherein the detection of the request to change the entity, the fusion to form the unified security profile, and the prosecution of the unified security profile are automatic, wherein the security configuration including security policy of the entity with associated constraints and the fusing of the security configuration group including automatically resolving any conflict with constraints associated with security policy of the entity.
-
-
22. An automated method for securing a target system, comprising:
-
detecting a request to update the target system, the target system having an existing security profile; selecting an existing security configuration group associated with the existing security profile, the security configuration group including security policy of an entity with associated constraints; fusing the existing security configuration group with the existing security profile to form a unified security profile, the fusing of the security configuration group including automatically resolving any conflict with constraints associated with security policy of the entity; and prosecuting the unified security profile onto the target system. - View Dependent Claims (23)
-
-
24. An automated method for securing a target system, comprising:
-
detecting a request to change an entity in the target system; constructing a security configuration group associated with the entity, the security configuration group including security policy of the entity with associated constraints; fusing the security configuration group to form a unified security profile, the fusing of the security configuration group including automatically resolving any conflict with constraints associated with security policy of the entity; and prosecuting the unified security profile onto the target system.
-
Specification