Unified generation of policy updates
First Claim
Patent Images
1. A computer system, comprising:
- a compliance item generator configured to generate a unified payload item representation of a payload item from a workload on which the compliance item generator is used, the unified payload item representation being unified across a plurality of different workloads;
a rule parser component configured to access a unified representation of a compliance policy rule and generate a runtime representation of the compliance policy rule, the runtime representation including condition representations of conditions under which the compliance policy rule applies to the payload item represented by the unified payload item representation;
a matching component configured to match the conditions in the runtime representation of the compliance policy rule against information in the unified payload item representation to determine whether a match occurs;
an action component configured to perform an action, identified in the runtime representation of the compliance policy rule, in response to the match; and
at least one computer processor that is a functional part of the computer system and that is activated to facilitate generating the unified payload item representation, generating the runtime representation of the compliance policy rule, matching the conditions, and performing the actions.
2 Assignments
0 Petitions
Accused Products
Abstract
User input mechanisms are displayed for defining a compliance policy update. A unified compliance policy update is generated according to a unified schema that is consistent across different workloads. The unified compliance policy update is sent to a workload where it is deployed.
-
Citations
20 Claims
-
1. A computer system, comprising:
-
a compliance item generator configured to generate a unified payload item representation of a payload item from a workload on which the compliance item generator is used, the unified payload item representation being unified across a plurality of different workloads; a rule parser component configured to access a unified representation of a compliance policy rule and generate a runtime representation of the compliance policy rule, the runtime representation including condition representations of conditions under which the compliance policy rule applies to the payload item represented by the unified payload item representation; a matching component configured to match the conditions in the runtime representation of the compliance policy rule against information in the unified payload item representation to determine whether a match occurs; an action component configured to perform an action, identified in the runtime representation of the compliance policy rule, in response to the match; and at least one computer processor that is a functional part of the computer system and that is activated to facilitate generating the unified payload item representation, generating the runtime representation of the compliance policy rule, matching the conditions, and performing the actions. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method, comprising:
-
receiving a unified representation of a compliance policy to be deployed at a given workload, the unified representation being formed according to a policy schema that is common across different workloads; deploying the compliance policy at the given workload; receiving a unified representation of a payload item from a workload, the unified representation of the payload item being unified across workloads; evaluating the payload item, using the unified representation of the payload item, against rules in the compliance policy, using the unified representation of the compliance policy, to determine whether the compliance policy applies to the payload item; and if so, performing actions, identified in the unified representation of the compliance policy, relative to the payload item. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computing system comprising:
-
a processor; and memory storing instructions executable by the processor, wherein the instructions configure the computing system to; generate a unified payload item representation of a payload item from a workload on which the compliance item generator is used, the unified payload item representation being unified across a plurality of different workloads; access a unified representation of a compliance policy rule and generate a runtime representation of the compliance policy rule, the runtime representation including condition representations of conditions under which the compliance policy rule applies to the payload item represented by the unified payload item representation; match the conditions in the runtime representation of the compliance policy rule against information in the unified payload item representation to determine whether a match occurs; and perform an action, identified in the runtime representation of the compliance policy rule, in response to the match. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification