Automated compliance policy enforcement in software systems
First Claim
Patent Images
1. A method comprising:
- collecting information from a plurality of components of a software system;
storing the collected information in a data repository;
parsing a compliance policy for the software system to determine a compliance test that includes a predefined database query for the data repository, wherein the database query produces a result which indicates whether the software system is in compliance with a configuration requirement for the software system;
determining whether the software system violates the compliance policy by performing the database query of the compliance test on the data repository;
in response to determining that the software system violates the compliance policy;
retrieving a change package for the compliance test; and
automatically deploying the change package to the software system to resolve the violation;
evaluating the software system using the compliance policy after automatically deploying the change package; and
clearing the violation in response to determining that the software system conforms to the compliance policy.
1 Assignment
0 Petitions
Accused Products
Abstract
Some embodiments of the present invention provide a system that maintains a software system. During operation, the system obtains a compliance policy for the software system and monitors the software system for a violation of the compliance policy. If such a violation is detected, the system retrieves a change package associated with the violation based on the compliance policy and automatically deploys the change package to the software system to resolve the violation.
-
Citations
18 Claims
-
1. A method comprising:
-
collecting information from a plurality of components of a software system; storing the collected information in a data repository; parsing a compliance policy for the software system to determine a compliance test that includes a predefined database query for the data repository, wherein the database query produces a result which indicates whether the software system is in compliance with a configuration requirement for the software system; determining whether the software system violates the compliance policy by performing the database query of the compliance test on the data repository; in response to determining that the software system violates the compliance policy; retrieving a change package for the compliance test; and automatically deploying the change package to the software system to resolve the violation; evaluating the software system using the compliance policy after automatically deploying the change package; and clearing the violation in response to determining that the software system conforms to the compliance policy. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system comprising:
-
a change package repository comprising a set of change packages for the software system; a data repository configured to store information collected from a plurality of components of the software system; and a configuration framework configured to parse a compliance policy to determine a compliance test that includes a predefined database query, wherein the database query produces a result which indicates whether the software system is in compliance with a configuration requirement for the software system, and wherein the configuration framework comprises; a configuration engine configured to determine whether the software system violates the compliance policy by performing the database query of the compliance test on the data repository; and an enforcement engine configured to; retrieve a change package for the compliance test from the set of change packages using the compliance policy; and automatically deploy the change package to the software system to resolve the violation; wherein the configuration framework is further configured to evaluate the software system using the compliance policy after automatically deploying the change package, and to clear the violation. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method comprising:
-
collecting information from a plurality of components of a software system; storing the collected information in a data repository; parsing a compliance policy for the software system to determine a compliance test that includes a predefined database query for the data repository, wherein the database query produces a result which indicates whether the software system is in compliance with a configuration requirement for the software system; determining whether the software system violates the compliance policy by performing the database query of the compliance test on the data repository; in response to determining that the software system violates the compliance policy; retrieving a change package for the compliance test; and automatically deploying the change package to the software system to resolve the violation; evaluating the software system using the compliance policy after automatically deploying the change package; and clearing the violation in response to determining that the software system conforms to the compliance policy. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification