Security policy verification system
First Claim
Patent Images
1. A non-transitory computer-readable medium having instructions stored thereon that, when executed by a processor, cause the processor to provide a security policy verification system, the providing comprising:
- receiving an implementation of a first security policy, wherein the received implementation is one of a plurality of implementations of the first security policy, each implementation is different from the other implementations in terms of being in a different computer language, a different platform, or a different framework, and the first security policy is one of a plurality of security policies;
recognizing which implementation of the plurality of implementations of the first security policy was received, wherein the plurality of implementations are recognizable;
parsing programming language code of the implementation of the first security policy;
identifying a first annotation in the programming language code;
matching the first annotation to the first security policy to which the first annotation corresponds; and
displaying a natural language description of the first security policy in a user interface, wherein the natural language description of the first security policy describes at least one access privilege that is assigned to at least one role.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are provided that comprise a security policy verification system for verifying security policies. The system parses programming language code that implements security policies, and identifies annotations in the programming language code. The system then matches the annotations to the security policies to which the annotations correspond. The system then displays a natural language description of the security policy in a user interface.
-
Citations
18 Claims
-
1. A non-transitory computer-readable medium having instructions stored thereon that, when executed by a processor, cause the processor to provide a security policy verification system, the providing comprising:
-
receiving an implementation of a first security policy, wherein the received implementation is one of a plurality of implementations of the first security policy, each implementation is different from the other implementations in terms of being in a different computer language, a different platform, or a different framework, and the first security policy is one of a plurality of security policies; recognizing which implementation of the plurality of implementations of the first security policy was received, wherein the plurality of implementations are recognizable; parsing programming language code of the implementation of the first security policy; identifying a first annotation in the programming language code; matching the first annotation to the first security policy to which the first annotation corresponds; and displaying a natural language description of the first security policy in a user interface, wherein the natural language description of the first security policy describes at least one access privilege that is assigned to at least one role. - View Dependent Claims (2, 3, 4, 5, 6, 7, 16)
-
-
8. A computer-implemented method, performed by a processor, for providing a security policy verification system, comprising:
-
receiving an implementation of a first security policy, wherein the received implementation is one of a plurality of implementations of the first security policy, each implementation is different from the other implementations in terms of being in a different computer language, a different platform, or a different framework, and the first security policy is one of a plurality of security policies; recognizing which implementation of the plurality of implementations of the first security policy was received, wherein the plurality of implementations are recognizable; parsing programming language code of the implementation of the first security policy; identifying, by the processor, a first annotation in the programming language code; matching, by the processor, the first annotation to the first security policy to which the first annotation corresponds; and displaying a natural language description of the first security policy in a user interface, wherein the natural language description of the first security policy describes at least one access privilege that is assigned to at least one role. - View Dependent Claims (9, 10, 11, 17)
-
-
12. A security policy verification system, comprising:
-
a processor; a memory storing instructions coupled to the processor; a receiving module that receives an implementation of a first security policy, wherein the received implementation is one of a plurality of implementations of the first security policy, each implementation is different from the other implementations in terms of being in a different computer language, a different platform, or a different framework, and the first security policy is one of a plurality of security policies; a recognizing module that recognizes which implementation of the plurality of implementations of the first security policy was received, wherein the plurality of implementations are recognizable; a parser, executed by the processor, for parsing programming language code of the implementation of the first security policy and identifying a first annotation within the programming language code; a security policy module, executed by the processor, that matches the first annotation to the first security policy to which the first annotation corresponds; and a user interface that displays a natural language description of the first security policy implementation, wherein the natural language description of the first security policy describes at least one access privilege that is assigned to at least one role. - View Dependent Claims (13, 14, 15, 18)
-
Specification