Computing resource policy regime specification and verification
First Claim
Patent Images
1. A system, comprising:
- an interface configured to;
receive a computing resource policy regime specification from a first user, wherein the computing resource policy regime specification is applicable to a set of one or more computing resources sharing at least a portion of a first domain name, wherein the first domain name comprises a domain designated as a higher trust domain, wherein the computing resource policy regime specification comprises a plurality of rules describing a set of requirements with which a given computing resource belonging to the set must comply, and wherein receiving the computing resource policy regime specification includes receiving a command to duplicate an existing policy specification and creating the policy regime specification as a copy of the existing policy specification;
a set of one or more processors configured to;
associate the received computing resource policy regime specification with a first computing resource, wherein the association is performed based at least in part on the first computing resource being accessible via a resource domain name that includes at least the portion of the first domain name; and
dispatch an assessment of compliance by the first computing resource with the associated received computing resource policy regime specification, wherein the assessment includes performing a set of one or more scans of the first computing resource for compliance with at least some of the requirements included in the set of requirements, and wherein at least one of the requirements included in the set of requirements pertains to a protocol used by the first computing resource; and
a memory coupled to the set of one or more processors and configured to provide the set of one or more processors with instructions.
1 Assignment
0 Petitions
Accused Products
Abstract
A computing resource policy regime specification is received from a first user. The computing policy regime specification comprises a plurality of rules. The received computing resource policy regime specification is associated with a computing resource. An assessment of compliance by the computing resource with the computing resource policy regime specification is dispatched.
-
Citations
20 Claims
-
1. A system, comprising:
-
an interface configured to; receive a computing resource policy regime specification from a first user, wherein the computing resource policy regime specification is applicable to a set of one or more computing resources sharing at least a portion of a first domain name, wherein the first domain name comprises a domain designated as a higher trust domain, wherein the computing resource policy regime specification comprises a plurality of rules describing a set of requirements with which a given computing resource belonging to the set must comply, and wherein receiving the computing resource policy regime specification includes receiving a command to duplicate an existing policy specification and creating the policy regime specification as a copy of the existing policy specification; a set of one or more processors configured to; associate the received computing resource policy regime specification with a first computing resource, wherein the association is performed based at least in part on the first computing resource being accessible via a resource domain name that includes at least the portion of the first domain name; and dispatch an assessment of compliance by the first computing resource with the associated received computing resource policy regime specification, wherein the assessment includes performing a set of one or more scans of the first computing resource for compliance with at least some of the requirements included in the set of requirements, and wherein at least one of the requirements included in the set of requirements pertains to a protocol used by the first computing resource; and a memory coupled to the set of one or more processors and configured to provide the set of one or more processors with instructions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method, comprising:
-
receiving a computing resource policy regime specification from a first user, wherein the computing resource policy regime specification is applicable to a set of one or more computing resources sharing at least a portion of a first domain name, wherein the first domain name comprises a domain designated as a higher trust domain, wherein the computing resource policy regime specification comprises a plurality of rules describing a set of requirements with which a given computing resource belonging to the set must comply, and wherein receiving the computing resource policy regime specification includes receiving a command to duplicate an existing policy specification and creating the policy regime specification as a copy of the existing policy specification; associating the received computing resource policy regime specification with a first computing resource, wherein the association is performed based at least in part on the first computing resource being accessible via a resource domain name that includes at least the portion of the first domain name; and dispatching an assessment of compliance by the first computing resource with the associated received computing resource policy regime specification, wherein the assessment includes performing a set of one or more scans of the first computing resource for compliance with at least some of the requirements included in the set of requirements, and wherein at least one of the requirements included in the set of requirements pertains to a protocol used by the first computing resource. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. A computer program product embodied in a non-transitory computer readable storage medium and comprising computer instructions for:
-
receiving a computing resource policy regime specification from a first user, wherein the computing resource policy regime specification is applicable to a set of one or more computing resources sharing at least a portion of a first domain name, wherein the first domain name comprises a domain designated as a higher trust domain, wherein the computing resource policy regime specification comprises a plurality of rules describing a set of requirements with which a given computing resource belonging to the set must comply, and wherein receiving the computing resource policy regime specification includes receiving a command to duplicate an existing policy specification and creating the policy regime specification as a copy of the existing policy specification; associating the received computing resource policy regime specification with a first computing resource, wherein the association is performed based at least in part on the first computing resource being accessible via a resource domain name that includes at least the portion of the first domain name; and dispatching an assessment of compliance by the first computing resource with the associated received computing resource policy regime specification, wherein the assessment includes performing a set of one or more scans of the first computing resource for compliance with at least some of the requirements included in the set of requirements, and wherein at least one of the requirements included in the set of requirements pertains to a protocol used by the first computing resource.
-
Specification