Techniques of transforming policies to enforce control in an information management system
First Claim
Patent Images
1. A method of managing information of a network comprising:
- providing a server handling a first policy language having access to a policy database;
providing a first device comprising a first decision engine to manage information accessible via the first device according to a first set of policies stored on the device, wherein the first set of policies is associated with the first policy language;
providing a second device comprising;
a first application program installed on the second device and managed by a second decision engine, wherein the second decision engine comprises a second policy language; and
a second application program installed on the second device and managed by a third decision engine, wherein the third decision engine comprises a third policy language;
translating a first policy of the policy database into the second policy language;
translating the first policy of the policy database into the third policy language; and
transferring the first policy in the second and third policy languages to the second device.
1 Assignment
0 Petitions
Accused Products
Abstract
In an information management system, policies are deployed to targets and targets can evaluate the policies whether they are connected or disconnected to the system. The policies may be transferred to the target, which may be a device or user. Relevant policies may be transferred while not relevant policies are not. The policies may have policy abstractions.
67 Citations
20 Claims
-
1. A method of managing information of a network comprising:
-
providing a server handling a first policy language having access to a policy database; providing a first device comprising a first decision engine to manage information accessible via the first device according to a first set of policies stored on the device, wherein the first set of policies is associated with the first policy language; providing a second device comprising; a first application program installed on the second device and managed by a second decision engine, wherein the second decision engine comprises a second policy language; and a second application program installed on the second device and managed by a third decision engine, wherein the third decision engine comprises a third policy language; translating a first policy of the policy database into the second policy language; translating the first policy of the policy database into the third policy language; and transferring the first policy in the second and third policy languages to the second device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of managing information of a network comprising:
-
providing a server handling a first policy language having access to a policy database; providing a first device with a first target profile comprising; a first application program installed on the first device and managed by a first decision engine, wherein the first decision engine comprises a second policy language; and a second application program installed on the first device and managed by a second decision engine, wherein the second decision engine comprises a third policy language; translating a first policy of the policy database into the second policy language; translating the first policy of the policy database into the third policy language; transferring the first policy in the second and third policy languages to the first device; receiving an updated first target profile for the first device; selecting a second policy from the policy database based on the updated first target profile; and transferring the second policy to the first device. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification