Computer system, management system and recording medium
First Claim
Patent Images
1. A computer system comprising:
- client computers, each of which is configured to execute a security management program using a merged security policy information;
a plurality of management computers, each of which is configured to send a security policy information to respective at least one of the client computers controlled by each of the management computers defined by an administrator of the respective management computer; and
a highest-level management computer configured to send highest-level security policy information to all of the client computers, and configured to send, to each of the client computers, merge rule information which makes it possible to ensure the minimum security unless defined by the security policy information by the administrator of the respective management computer,wherein each of the client computers is configured to create said merged security policy information, on the basis of the merge rule information, the security policy information and the highest-level security policy information,wherein only the highest-level management computer is configured to receive input from a highest-level administrator to create the highest-level security policy information and the merge rule information,wherein the highest-level management computer comprises a merge rule registration display comprising at least one of;
a log file size option, a monitor process boot time option and an inhibit print release password option.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention prevents the deterioration of security while maintaining usability in a case where a plurality of policies are applied to a client computer. Policies created by respective management servers 10 (Ma through Md) and by a highest-level management server 10 (Msa) are set in a client computer 20. The highest-level management server delivers, to the client computer, a merge rule for creating one policy from a plurality of policies. The client computer creates a new policy from a plurality of policies and the merge rule, and manages a security function.
30 Citations
12 Claims
-
1. A computer system comprising:
-
client computers, each of which is configured to execute a security management program using a merged security policy information; a plurality of management computers, each of which is configured to send a security policy information to respective at least one of the client computers controlled by each of the management computers defined by an administrator of the respective management computer; and a highest-level management computer configured to send highest-level security policy information to all of the client computers, and configured to send, to each of the client computers, merge rule information which makes it possible to ensure the minimum security unless defined by the security policy information by the administrator of the respective management computer, wherein each of the client computers is configured to create said merged security policy information, on the basis of the merge rule information, the security policy information and the highest-level security policy information, wherein only the highest-level management computer is configured to receive input from a highest-level administrator to create the highest-level security policy information and the merge rule information, wherein the highest-level management computer comprises a merge rule registration display comprising at least one of;
a log file size option, a monitor process boot time option and an inhibit print release password option. - View Dependent Claims (2, 3, 4)
-
-
5. A management system for managing client computers, comprising:
-
a plurality of management computers, each of which is configured to send a security policy information to respective at least one of the client computers controlled by each of the management computers defined by an administrator of the respective management computer, each of client computers being configured to execute a security management program using a merged security policy information; and a highest-level management computer configured to send highest-level security policy information to all of the client computers, and configured to send, to each of the client computers, merge rule information which makes it possible to ensure the minimum security unless defined by the security policy information by the administrator of the respective management computer, wherein each of the client computers is configured to create said merged security policy information, on the basis of the merge rule information, the security policy information and the highest-level security policy information, wherein only the highest-level management computer is configured to receive input from a highest-level administrator to create the highest-level security policy information and the merge rule information, wherein the highest-level management computer comprises a merge rule registration display comprising at least one of;
a log file size option, a monitor process boot time option and an inhibit print release password option. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A non-transistory computer-readable recording medium, which stores a computer program for causing a highest-level management computer of a plurality of management computers of a computer system to perform steps, the computer system comprising the highest-level management computer coupled to client computers, each of which is configured to execute a security management program using a merged security policy information, where each of the plurality of management computers is configured to send a security policy information to respective at least one of the client computers controlled by each of the management computers defined by an administrator of the respective management computer, the steps comprising:
-
sending highest-level security policy information to all of the client computers, and sending, to each of the client computers, merge rule information which makes it possible to ensure the minimum security unless defined by the security policy information by the administrator of the respective management computer, wherein each of the client computers is configured to create said merged security policy information, on the basis of the merge rule information, the security policy information and the highest-level security policy information; receiving input from a highest-level administrator to create the highest-level security policy information and the merge rule information, wherein only the highest-level management computer is configured to receive input from a highest-level administrator to create the highest-level security policy information and the merge rule information; and displaying, via a merge rule registration display of the highest-level management computer, at least one of;
a log file size option, a monitor process boot time option and an inhibit print release password option. - View Dependent Claims (11, 12)
-
Specification