System and method for the implementation of policies

US 8,214,877 B1
Filed: 05/22/2007
Issued: 07/03/2012
Est. Priority Date: 05/22/2006
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for assessing the compliance associated with policies, comprising:

storing, in a database in a computer memory, a plurality of data structures, wherein each data structure includes a property name and associated value, a component data structure represents a physical or logical entity and a relationship data structure represents an association between two entities;

obtaining, by a policy engine associated with the database and a user interface, a policy comprising a rule, wherein the rule comprises a first condition associated with compliance to the rule;

generating, by the policy engine, one or more filters according to the first condition, wherein each filter comprises a database query statement associated with the first condition and a selected property name and associated value;

in response to an instruction to launch a policy run, selecting a set of data structures from the plurality of data structures;

applying, by the policy engine, the one or more filters to the selected set of data structures in the database such that each data structure in the selected set of structures is evaluated to determine if the value associated with the selected property name meets the first condition;

determining, by the policy engine, a first set of entities that are compliant with the rule based on the application of the one or more filters to the selected set of data structures;

determining a second set of entities that are not compliant with the rule based on the application of the one or more filters to the selected set of data structures; and

outputting the first set of entities and the second set of entities to the user interface.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention provide systems and methods for developing policies which govern entities and applying the developed policies against representations of entities, where the representations are contained in a repository. One embodiment of a method of the present invention includes obtaining a policy comprising a rule, wherein the rule comprises a condition associated with compliance to the rule, generating one or more filters according to the condition, applying the one or more filters to a plurality of representations in a repository, wherein each representation represents an entity and determining a set of entities compliant with the rule based on the application of the one or more filters to the plurality of representations.

89 Citations

View as Search Results

25 Claims

1. A computer-implemented method for assessing the compliance associated with policies, comprising:
- storing, in a database in a computer memory, a plurality of data structures, wherein each data structure includes a property name and associated value, a component data structure represents a physical or logical entity and a relationship data structure represents an association between two entities;
  
  obtaining, by a policy engine associated with the database and a user interface, a policy comprising a rule, wherein the rule comprises a first condition associated with compliance to the rule;
  
  generating, by the policy engine, one or more filters according to the first condition, wherein each filter comprises a database query statement associated with the first condition and a selected property name and associated value;
  
  in response to an instruction to launch a policy run, selecting a set of data structures from the plurality of data structures;
  
  applying, by the policy engine, the one or more filters to the selected set of data structures in the database such that each data structure in the selected set of structures is evaluated to determine if the value associated with the selected property name meets the first condition;
  
  determining, by the policy engine, a first set of entities that are compliant with the rule based on the application of the one or more filters to the selected set of data structures;
  
  determining a second set of entities that are not compliant with the rule based on the application of the one or more filters to the selected set of data structures; and
  
  outputting the first set of entities and the second set of entities to the user interface.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, whereinthe instruction to launch the policy run is scheduled.
  - 3. The method of claim 1, wherein the instruction to launch the policy run is user-initiated.
  - 4. The method of claim 1, wherein implementing the rule as one or more filters comprises:
    - converting a representation of the first condition into one or more hierarchical structures; and
      
      converting the one or more hierarchical structures into a set of query statements.
  - 5. The method of claim 1, further comprising determining a third set of entities that are exempt from the rule.
  - 6. The method of claim 5, further comprising determining a fourth set of entities that are in remediation from the rule.
  - 7. The method of claim 6, further comprising for each entity in the fourth set of entities:
    - identifying a person responsible for bringing that entity into compliance; and
      
      assigning that entity to the person.
  - 8. The method of claim 1, wherein the first condition is a compliance condition.
  - 9. The method of claim 8, wherein the rule further comprises a second condition, wherein the second condition is a scope condition.

10. A system for assessing the compliance associated with policies, comprising:
- a computer processor;
  
  a non-transitory computer-readable medium coupled with the processor comprising;
  
  a repository containing;
  
  a plurality of data structures, wherein each data structure includes a property name and associated value, wherein each component data structure represents a physical or logical entity, wherein a relationship data structure represents an association between two entities; and
  
  a policy comprising a rule containing a first condition associated with compliance to the rule, the condition implemented as one or more filters stored in the repository,a set of instructions executable by the processor; and
  
  a policy engine associated with the repository;
  
  wherein the set of instructions include an instruction to launch a policy run, wherein the policy engine is configured to apply the one or more filters to a selected set of data structures in the repository in response to the instruction to launch a policy run such that each data structure in the selected set of data structures is evaluated to determine if the value associated with the selected property name meets the first condition, wherein each filter comprises a database query statement associated with a first condition and a selected property name and associated value, the policy engine configured to determine a first set of entities that are compliant with the rule based on the application of the one or more filters to the selected set of data structures and a second set of entities that are not compliant with the rule based on the application of the one or more filters to the selected set of data structures; and
  
  a user interface associated with the policy engine and configured to present the first set of entities and the second set of entities that are not compliant with the rule.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The system of claim 10, wherein the instruction to launch the policy run is scheduled.
  - 12. The system of claim 10, wherein the instruction to launch the policy run is user-initiated.
  - 13. The system of claim 10, wherein the policy engine is further configured to determine a third set of entities that are exempt from the rule.
  - 14. The system of claim 13, wherein the policy engine is further configured to determine a fourth set of entities that are in remediation.
  - 15. The system of claim 10, wherein the condition is a compliance condition.
  - 16. The system of claim 15, wherein the rule further comprises a scope condition.

17. A non-transitory computer readable storage medium embodying computer executable instructions implementing a method for assessing the compliance associated with policies, comprising:
- obtaining a policy comprising a rule, wherein the rule comprises a first condition associated with compliance to the rule;
  
  generating one or more filters according to the first condition, wherein each filter comprises a database query statement associated with a first condition and a selected property name and associated value;
  
  in response to an instruction to launch a policy run, selecting a set of data structures from a plurality of data structures;
  
  applying the one or more filters to the selected set of data structures in the database such that each data structure in the selected set of data structures is evaluated to determine if the value associated with the selected property name meets the first condition;
  
  determining a first set of entities that are compliant with the rule based on the application of the one or more filters to the selected set of data structures;
  
  determining a second set of entities that are not compliant with the rule based on the application of the one or more filters to the selected set of data structures; and
  
  outputting the first set of entities and the second set of entities to the user interface.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
- - 18. The non-transitory computer readable storage medium of claim 17, wherein,the instruction to launch the policy run is scheduled.
  - 19. The non-transitory computer readable storage medium of claim 17, wherein the instruction to launch the policy run is user-initiated.
  - 20. The non-transitory computer readable storage medium of claim 17, wherein implementing the rule as one or more filters comprises:
    - converting a representation of the first condition into one or more hierarchical structures andconverting the one or more hierarchical structures into a set of query statements.
  - 21. The non-transitory computer readable storage medium of claim 17, wherein the instructions are further configured to determine a third set of entities that are exempt from the rule.
  - 22. The non-transitory computer readable storage medium of claim 21, wherein the instructions are further configured to determine a fourth set of entities that are in remediation.
  - 23. The non-transitory computer readable storage medium of claim 17, the method further comprising modifying the policy according to one or more policy roles.
  - 24. The non-transitory computer readable storage medium of claim 17, wherein the first condition is a compliance condition.
  - 25. The non-transitory computer readable storage medium of claim 24, wherein the rule further comprises a second condition, wherein the second condition is a scope condition.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Troux Technologies Incorporated
Original Assignee
Troux Technologies Incorporated
Inventors
Devine, Alex, Grimes, Mikal, Corbett, William
Primary Examiner(s)
Zia, Syed A.

Application Number

US11/805,002
Time in Patent Office

1,869 Days
Field of Search

None
US Class Current

726/1
CPC Class Codes

G06Q 10/087 Inventory or stock manageme...

System and method for the implementation of policies

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

89 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for the implementation of policies

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

89 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links