System and method for implementing security management using a database-modeled security policy
First Claim
Patent Images
1. A security policy system comprising:
- a security policy stored in a database having a plurality of policy statements wherein a subset of the plurality of policy statements is tagged for inclusion in a tag group;
a metapolicy defined by at least one tag group, wherein said database includes a metapolicy/tag group map;
a comprehensive metapolicy that includes each policy statement of said security policy only once, regardless of the number of tag groups included in the metapolicy/tag group map; and
a security policy management application configured to interact with the security policy.
6 Assignments
0 Petitions
Accused Products
Abstract
A database-modeled security policy includes policy statements stored in a database. Each policy statement has associated standards, guidelines, and procedures. Policy statements are grouped together into tag groups, which are in turn grouped together to form metapolicies. A security administrator uses a security policy management application to create metapolicies for specific audiences. A lightweight directory access protocol module manages access to the security policy. The security policy management application also provides scoring, reporting, and project management functionalities.
103 Citations
25 Claims
-
1. A security policy system comprising:
-
a security policy stored in a database having a plurality of policy statements wherein a subset of the plurality of policy statements is tagged for inclusion in a tag group; a metapolicy defined by at least one tag group, wherein said database includes a metapolicy/tag group map; a comprehensive metapolicy that includes each policy statement of said security policy only once, regardless of the number of tag groups included in the metapolicy/tag group map; and a security policy management application configured to interact with the security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method of implementing security management, comprising the steps of:
-
storing a security policy in a database, wherein said database includes a metapolicy/tag group map; tagging policy statements in the security policy for inclusion in a tag group; and selecting tag groups for inclusion in a metapolicy; and
including all policy statements only once in a comprehensive metapolicy, regardless of the number of tag groups included in the metapolicy/tag group map. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
-
25. A system for security policy management comprising:
-
a security policy stored in a database, the security policy including a plurality of policy statements, wherein said database includes a metapolicy/tag group map; at least one metapolicy including at least one tag group, each of the plurality of policy statements having at least one associated standard, at least one associated guideline, and at least one associated procedure; a comprehensive metapolicy including each policy statement in the security policy only once, regardless of the number of tag groups included in the metapolicy/tag group map; at least one tag group including tagged policy statements; and a security policy management application configured to manage the security policy, the security policy management application residing in an application server.
-
Specification