Method and apparatus for software policy management
First Claim
1. A method of software policy management, comprising:
- defining a set of generic policies applicable to both a first policy-enabled software application and a second policy-enabled software application, the first and second policy-enabled software applications having different policies;
creating, independent of the defined policies and during development of the first policy-enabled software application, a first policy enforcement point in uncompelled software code for the first policy-enabled software application, the first policy enforcement point enabling policy management by providing a first information element as an output from a compiled version of the first policy-enabled software application;
creating, independent of the defined policies and during development of the second policy-enabled software application, a second policy enforcement point in uncompelled software code for a second policy-enabled software application, the second policy enforcement point enabling policy management by providing a second information element as an output from a compiled version of the second policy-enabled software application, the compiled version of the second policy-enabled software application having a different policy requirement than the first policy-enabled software application;
creating, based on the defined set of generic policies, first and second policy decision points as database fields in a policy manager external to the first and second policy-enabled software applications;
receiving, at run-time, the first and second information elements at the first and second policy decision points; and
performing policy decision making by configuring policy management at run-time for the first and second software applications having different policy requirements based on the set of generic policies and in response to the received first and second information elements.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for software policy management are provided. A compiled policy-enabled software application includes a policy enforcement point to export an information element to a policy manager. The policy manager includes a policy interpreter having a policy decision point to perform policy decision making based on the received information element from the policy enforcement point. Through a plurality of policy decision points, the policy manager can execute a wide range of policies for different compiled software applications. Policies can be modified centrally in the policy interpreter and changes can affect either one or more of the policy-enabled software applications. A policy manager browser can create and manage the policy decision making performed by the policy interpreter.
-
Citations
18 Claims
-
1. A method of software policy management, comprising:
-
defining a set of generic policies applicable to both a first policy-enabled software application and a second policy-enabled software application, the first and second policy-enabled software applications having different policies; creating, independent of the defined policies and during development of the first policy-enabled software application, a first policy enforcement point in uncompelled software code for the first policy-enabled software application, the first policy enforcement point enabling policy management by providing a first information element as an output from a compiled version of the first policy-enabled software application; creating, independent of the defined policies and during development of the second policy-enabled software application, a second policy enforcement point in uncompelled software code for a second policy-enabled software application, the second policy enforcement point enabling policy management by providing a second information element as an output from a compiled version of the second policy-enabled software application, the compiled version of the second policy-enabled software application having a different policy requirement than the first policy-enabled software application; creating, based on the defined set of generic policies, first and second policy decision points as database fields in a policy manager external to the first and second policy-enabled software applications; receiving, at run-time, the first and second information elements at the first and second policy decision points; and performing policy decision making by configuring policy management at run-time for the first and second software applications having different policy requirements based on the set of generic policies and in response to the received first and second information elements. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable storage device storing statements and instructions for execution by a processor to perform a method of software policy management comprising:
-
defining a set of generic policies applicable to both a first policy-enabled software application and a second policy-enabled software application, the first and second policy-enabled software applications having different policies; creating, independent of the defined policies and during development of the first policy-enabled software application, a first policy enforcement point in uncompelled software code for the first policy-enabled software application, the first policy enforcement point enabling policy management by providing a first information element as an output from a compiled version of the first policy-enabled software application; creating, independent of the defined policies and during development of the second policy-enabled software application, a second policy enforcement point in uncompelled software code for a second policy-enabled software application, the second policy enforcement point enabling policy management by providing a second information element as an output from a compiled version of the second policy-enabled software application, the compiled version of the second policy-enabled software application having a different policy requirement than the first policy-enabled software application; creating, based on the defined set of generic policies, first and second policy decision points as database fields in a policy manager external to the first and second policy-enabled software applications; receiving, at run-time, the first and second information elements at the first and second policy decision points; and performing policy decision making by configuring policy management at run-time for the first and second software applications having different policy requirements based on the set of generic policies and in response to the received first and second information elements. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification