×

Method and system for managing security policies

  • US 9,043,861 B2
  • Filed: 05/23/2008
  • Issued: 05/26/2015
  • Est. Priority Date: 09/17/2007
  • Status: Active Grant
First Claim
Patent Images

1. A method of managing security policies in an information technologies (IT) system, comprising:

  • receiving an input indicating a high-level security policy for the IT system, the received high-level security policy relating to non-functional system attributes for the IT system and received in a format that is not machine-enforceable at an enforcement entity of the IT system;

    determining a functional model for the IT system, the functional model indicating functional system attributes of the IT system;

    loading at least one pre-configured rule template;

    automatically or semi-automatically generating, by a processor, at least one machine-enforceable rule that is in a ready to execute format in a manner compliant with the received high-level security policy by iteratively filling the at least one pre-configured rule template with functional system attributes indicated by the functional model, wherein the at least one machine-enforceable rule is an output of a model-driven process and are produced from high-level models; and

    distributing the at least one machine-enforceable rule.

View all claims
  • 0 Assignments
Timeline View
Assignment View
    ×
    ×