Information security – Policy
Reexamination Certificate
2011-08-30
2011-08-30
Zand, Kambiz (Department: 2434)
Information security
Policy
C726S002000
Reexamination Certificate
active
08010991
ABSTRACT:
An externalized entitlement management system comprises a policy administration point that is configured to receive one or more definitions or updates of entitlement policies specifying subjects, actions, and resources, and to update a first entitlement repository coupled to the policy administration point with the definitions or updates in response to receiving the definitions or updates; one or more policy decision points that are coupled to the policy administration point over a network; one or more policy enforcement points that are integrated into one or more respective first application programs, wherein each of the policy enforcement points is coupled to one of the policy decision points; and one or more action handlers in the policy administration point, wherein each of the action handlers is configured to intercept a particular action represented in an update to an entitlement policy, to transform the action into an entitlement update in a form compatible with a native entitlement mechanism of a second application program that does not have one of the policy enforcement points, to send the transformed entitlement update to the second application program, and to cause a rollback of the update of the first entitlement repository if the second application program fails to implement the entitlement update in the native entitlement mechanism.
REFERENCES:
patent: 6460141 (2002-10-01), Olden
patent: 7117195 (2006-10-01), Chantrain et al.
patent: 7921452 (2011-04-01), Ridlon et al.
patent: 2005/0166260 (2005-07-01), Betts et al.
patent: 2008/0086473 (2008-04-01), Searl
patent: 2008/0184336 (2008-07-01), Sarukkai
Ardanga et al., “A Web Service Architecture for Enforcing Access Control Policies”, Electronic Notes in Theoretical Computer Science, 2005, Elsevier, pp. 47-62.
Seitz et al., “Policy Administration Control and Delegation using XACML and Delegent”, Grid Computing Workshop 2005, 2005, IEEE, pp. 49-54.
Securent Entitlement Management Solution. Concepts Guide. Published by Securent, Aug. 2007. [Retrieved on Sep. 23, 2008]. pp. 1-23. Retrieved from Securent, Part No. 31-CONC-01.
Geer, D. Entitlement Management as a Security Measure. Processor Editorial Article [online]. Published by Processor, pp. 1-3. Dec. 2007 [retrieved on Sep. 23, 2008]. Retrieved from the Internet:<URL:http://www.processor.com/editorial/article.asp?article=articles%2Fp2952%2F33p52%2F33p52.asp>. vol. 29, issue 52. Lincoln, Nebraska, USA.
Crosslogix. Enterprise Entitlement Management: An Overview [online]. Published by CrossLogix. pp. 1-13. Dec. 2001 [retrieved on Sep. 23, 2008]. Retrieved from the Internet:<URL: http://www.rethought.net/documents/crosslogix/Enterprise—Entitlementfinal.pdf>. Redwood Shores, California, USA.
Gupta Rajiv
Prasad Raghavendra
Sarukkai Sekhar
Cisco Technology Inc.
Hickman Palermo & Truong & Becker LLP
Powers William S
Zand Kambiz
LandOfFree
Policy resolution in an entitlement management system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Policy resolution in an entitlement management system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Policy resolution in an entitlement management system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2676713