-
1.发明授权Configuration management database (CMDB) which establishes policy artifacts and automatic tagging of the same 失效配置管理数据库(CMDB),其建立策略伪像和自动标记公开(公告)号:US07971231B2
公开(公告)日:2011-06-28
申请号:US11866243
申请日:2007-10-02
CPC分类号: G06F17/30286 , H04L41/0866 , H04L41/0893
摘要: The present invention discloses a solution for managing policy artifacts using a configuration management database (CMDB). Policies can be associated with a number of information technology resources, such as servers, businesses applications and the like. The solution permits automatic tagging of the policies (auto-discovery) as they enter the CMDB. For example, when a policy is added, it can be compared against a set of tagging rules. Multiple rules can match a new policy, which results in multiple tags being added for the policy. The policy specific tags can be optionally indexed for faster searching. Once indexed, the CMDB can support policy and policy tag based queries. In one embodiment, policy artifacts can be manipulated within a CMDB tool in a manner consistent with how the CMDB tool handles configuration items (CIs).
摘要翻译: 本发明公开了一种使用配置管理数据库(CMDB)来管理策略伪像的解决方案。 策略可以与许多信息技术资源(如服务器,企业应用程序等)相关联。 该解决方案允许在进入CMDB时自动标记策略(自动发现)。 例如,当添加策略时,可以将其与一组标记规则进行比较。 多个规则可以匹配新的策略,从而为策略添加多个标签。 可以选择将特定于策略的标签编入索引,以便更快地进行搜索。 一旦编制索引,CMDB就可以支持基于策略和策略标签的查询。 在一个实施例中,可以以与CMDB工具如何处理配置项(CI)一致的方式在CMDB工具内操纵策略工件。
-
2.发明申请System and Method for Instantiation of Distributed Applications from Disk Snapshots 有权从磁盘快照实例化分布式应用程序的系统和方法公开(公告)号:US20120151198A1
公开(公告)日:2012-06-14
申请号:US12963260
申请日:2010-12-08
申请人: Manish Gupta , Pratik Gupta , Narendran Sachindran , Manish Sethi , Manoj Soni
发明人: Manish Gupta , Pratik Gupta , Narendran Sachindran , Manish Sethi , Manoj Soni
IPC分类号: G06F15/177 , G06F9/00
CPC分类号: G06F9/45558 , G06F2009/4557
摘要: A framework instantiates an application from its disk snapshots taken from a different network environment and migrated to a virtualized environment. Modifications to operating systems and hypervisors are avoided, and no special network isolation support is required. The framework is extensible and plug-in based, allowing product experts to provide knowledge about discovering, updating, starting and stopping of software components. This knowledge base is compiled into a plan that executes various interleaved configuration discovery, updates and start tasks such that a required configuration model can be discovered with minimal start and update task execution. The plan generation automatically stitches together knowledge for the various products, thus significantly simplifying the knowledge specification. Once discovery is complete, the framework utilizes the discovered model to update stale network configurations across software stack and customize configurations beyond network settings.
摘要翻译: 框架从其不同网络环境中获取的磁盘快照实例化应用程序,并迁移到虚拟化环境。 避免了对操作系统和管理程序的修改,并且不需要特殊的网络隔离支持。 该框架是可扩展和插件的,允许产品专家提供关于发现,更新,启动和停止软件组件的知识。 该知识库被编译成执行各种交错配置发现,更新和启动任务的计划,使得可以以最少的启动和更新任务执行发现所需的配置模型。 计划生成自动将各种产品的知识拼接在一起,从而大大简化了知识规范。 一旦发现完成,该框架利用所发现的模型来更新跨软件堆栈的陈旧网络配置,并定制超出网络设置的配置。
-
公开(公告)号:US20050138419A1
公开(公告)日:2005-06-23
申请号:US10741634
申请日:2003-12-19
申请人: Pratik Gupta , Govindaraj Sampathkumar , David Kuehr-McLaren , Vincent Williams , Sharon Cutcher , Sumit Taank , Brian Stube , Hari Shankar
发明人: Pratik Gupta , Govindaraj Sampathkumar , David Kuehr-McLaren , Vincent Williams , Sharon Cutcher , Sumit Taank , Brian Stube , Hari Shankar
CPC分类号: G06F21/6218
摘要: An automated, bottom-up role discovery method for a role based control system includes automatically extracting identities and attributes from data sources and automatically clustering the identities based on the attributes to form recommended roles. The recommended roles may be modified by intervention of an administrator. Additionally, the recommended roles may be aggregated by defining the role definition as an attribute of each constituent identity, and re-clustering the identities to generate refined roles. The recommended, modified, and/or refined roles may then be utilized in a role based control system, such as a role based access control system. Periodically performing the role discovery process provides a means to audit a role based access control system.
摘要翻译: 用于基于角色的控制系统的自动化的自下而上角色发现方法包括自动从数据源提取身份和属性,并根据属性自动聚类身份以形成推荐角色。 推荐的角色可以通过管理员的干预来修改。 另外,推荐的角色可以通过将角色定义定义为每个组成标识的属性来进行聚合,并重新聚集身份以生成精细角色。 然后,可以在基于角色的控制系统(例如基于角色的访问控制系统)中使用推荐的,修改的和/或细化的角色。 定期执行角色发现过程提供了一种审核基于角色的访问控制系统的方法。
-
4.发明授权Methods, systems, and computer program products that centrally manage password policies 有权集中管理密码策略的方法,系统和计算机程序产品公开(公告)号:US07530097B2
公开(公告)日:2009-05-05
申请号:US10454848
申请日:2003-06-05
IPC分类号: G06F21/00
CPC分类号: G06F21/46 , H04L63/083 , H04L63/18
摘要: A method of controlling password changes in a system having a plurality of data processing systems having separate password registries. Contents of passwords in the password registries of the data processing systems are controlled using password content policies that are centrally shared between the plurality of data processing systems.
摘要翻译: 一种控制具有多个数据处理系统的系统中的密码改变的方法,所述数据处理系统具有单独的密码登记。 使用在多个数据处理系统之间集中共享的密码内容策略来控制数据处理系统的密码登记中的密码内容。
-
5.发明申请公开(公告)号:US20050138061A1
公开(公告)日:2005-06-23
申请号:US10741708
申请日:2003-12-19
申请人: David Kuehr-McLaren , Pratik Gupta , Govindaraj Sampathkumar , Vincent Williams , Sharon Cutcher , Sumit Taank , Brian Stube , Hari Shankar
发明人: David Kuehr-McLaren , Pratik Gupta , Govindaraj Sampathkumar , Vincent Williams , Sharon Cutcher , Sumit Taank , Brian Stube , Hari Shankar
IPC分类号: G06F17/00
摘要: Policies defining the entitlements to be assigned to a new identity joining a role are automatically generated. An automatic policy assigns a new identity the entitlements commonly owned by a predetermined number of identities in the role, which may be all of the role identities. A conditional policy recommends that a new identity be assigned the non-commonly-owned entitlements associated with the role identity whose non-entitlement attributes most closely match the non-entitlement attributes of the new identity. This may be automatically determined by iterating through a vector that maps the non-commonly-owned entitlements with the non-entitlement attributes of each role identity, comparing the non-entitlement attributes of the new identity to find the closest match. The non-commonly-owned entitlements of that identity are then recommended to be assigned to the new identity, upon approval.
摘要翻译: 将自动生成定义要分配给加入角色的新身份的权利的策略。 自动策略将新身份分配给角色中预定数量的身份共同拥有的权利,这些身份可能是所有角色身份。 条件政策建议将新身份分配给与非授权属性与新身份的非授权属性最接近的角色身份相关联的非共同所有权利。 这可以通过迭代通过将非共同所有权利与每个角色身份的非授权属性进行映射的向量来自动确定,比较新身份的非授权属性以找到最接近的匹配。 然后,建议将该身份的非共同所有权利分配给新身份,并经批准。
-
6.发明授权公开(公告)号:US07284000B2
公开(公告)日:2007-10-16
申请号:US10741708
申请日:2003-12-19
申请人: David G. Kuehr-McLaren , Pratik Gupta , Govindaraj Sampathkumar , Vincent C. Williams , Sharon L. Cutcher , Sumit Taank , Brian A. Stube , Hari Shankar
发明人: David G. Kuehr-McLaren , Pratik Gupta , Govindaraj Sampathkumar , Vincent C. Williams , Sharon L. Cutcher , Sumit Taank , Brian A. Stube , Hari Shankar
IPC分类号: G06F17/30
摘要: Policies defining the entitlements to be assigned to a new identity joining a role are automatically generated. An automatic policy assigns a new identity the entitlements commonly owned by a predetermined number of identities in the role, which may be all of the role identities. A conditional policy recommends that a new identity be assigned the non-commonly-owned entitlements associated with the role identity whose non-entitlement attributes most closely match the non-entitlement attributes of the new identity. This may be automatically determined by iterating through a vector that maps the non-commonly-owned entitlements with the non-entitlement attributes of each role identity, comparing the non-entitlement attributes of the new identity to find the closest match. The non-commonly-owned entitlements of that identity are then recommended to be assigned to the new identity, upon approval.
摘要翻译: 将自动生成定义要分配给加入角色的新身份的权利的策略。 自动策略将新身份分配给角色中预定数量的身份共同拥有的权利,这些身份可能是所有角色身份。 条件政策建议将新身份分配给与非授权属性与新身份的非授权属性最接近的角色身份相关联的非共同所有权利。 这可以通过迭代通过将非共同所有权利与每个角色身份的非授权属性进行映射的向量来自动确定,比较新身份的非授权属性以找到最接近的匹配。 然后,建议将该身份的非共同所有权利分配给新身份,并经批准。
-
7.发明申请System for dynamic network reconfiguration and quarantine in response to threat conditions 失效用于动态网络重新配置和检疫的系统,以应对威胁状况公开(公告)号:US20050278784A1
公开(公告)日:2005-12-15
申请号:US10868122
申请日:2004-06-15
申请人: Pratik Gupta , David Lindquist
发明人: Pratik Gupta , David Lindquist
CPC分类号: H04L63/145
摘要: A method, apparatus, and computer instructions for responding to a threat condition within the network data processing system. A threat condition within the network data processing system is detected. At least one routing device is dynamically reconfigured within the network data processing system to isolate or segregate one or more infected data processing systems within the network data processing system. This dynamic reconfiguration occurs in response to the threat condition being detected.
摘要翻译: 一种用于响应网络数据处理系统内的威胁状况的方法,装置和计算机指令。 检测到网络数据处理系统内的威胁状况。 在网络数据处理系统内动态地重新配置至少一个路由设备,以隔离或隔离网络数据处理系统内的一个或多个被感染的数据处理系统。 响应于检测到的威胁状况而发生动态重新配置。
-
公开(公告)号:US20050138420A1
公开(公告)日:2005-06-23
申请号:US10741904
申请日:2003-12-19
申请人: Govindaraj Sampathkumar , Pratik Gupta , David Kuehr-McLaren , Vincent Williams , Sharon Cutcher , Sumit Taank , Brian Stube , Hari Shankar
发明人: Govindaraj Sampathkumar , Pratik Gupta , David Kuehr-McLaren , Vincent Williams , Sharon Cutcher , Sumit Taank , Brian Stube , Hari Shankar
IPC分类号: H04L9/00
CPC分类号: G06Q10/10 , G06F21/604 , G06F21/6218 , G06F2221/2145
摘要: A role hierarchy is automatically generated by hierarchically ranking roles in a role based control system, each role including a plurality of identities having attributes. Iteratively at each hierarchical level: each non-cohesive role (wherein, in this case, at least one attribute is not possessed by every identity in the role) is replaced, at the same hierarchical level, by a cohesive role formed by grouping identities having at least one common attribute. The remaining identities are clustered into children roles based on attributes other than the common attribute, and the children roles are added to the role hierarchy at a hierarchical level below the cohesive role. If no common attribute exists in the non-cohesive role, the role is clustered into two or more new roles based on all the attributes in the role, and the non-cohesive role is replaced with the new roles at the same hierarchical level.
摘要翻译: 通过在基于角色的控制系统中对角色进行分级排序自动生成角色层次结构,每个角色包括具有属性的多个身份。 迭代地在每个层次级别:每个非凝聚的角色(其中,在这种情况下,角色中的每个身份不具有至少一个属性)在相同的层次上由通过将身份分组 至少有一个共同的属性。 剩余的身份基于公共属性以外的属性聚类成儿童角色,并且儿童角色被添加到角色层次结构中,层级低于凝聚角色。 如果非凝聚角色中不存在共同属性,则该角色将基于角色中的所有属性聚集到两个或多个新角色中,并且将非相关角色替换为同一层次级别的新角色。
-
9.发明授权公开(公告)号:US08533168B2
公开(公告)日:2013-09-10
申请号:US11780956
申请日:2007-07-20
申请人: David G. Kuehr-McLaren , Pratik Gupta , Govindaraj Sampathkumar , Vincent C. Williams , Sharon L. Cutcher , Sumit Taank , Brian A. Stube , Hari Shankar
发明人: David G. Kuehr-McLaren , Pratik Gupta , Govindaraj Sampathkumar , Vincent C. Williams , Sharon L. Cutcher , Sumit Taank , Brian A. Stube , Hari Shankar
摘要: Policies defining the entitlements to be assigned to a new identity joining a role are automatically generated. An automatic policy assigns a new identity the entitlements commonly owned by a predetermined number of identities in the role, which may be all of the role identities. A conditional policy recommends that a new identity be assigned the non-commonly-owned entitlements associated with the role identity whose non-entitlement attributes most closely match the non-entitlement attributes of the new identity. This may be automatically determined by iterating through a vector that maps the non-commonly-owned entitlements with the non-entitlement attributes of each role identity, comparing the non-entitlement attributes of the new identity to find the closest match. The non-commonly-owned entitlements of that identity are then recommended to be assigned to the new identity, upon approval.
摘要翻译: 将自动生成定义要分配给加入角色的新身份的权利的策略。 自动策略将新身份分配给角色中预定数量的身份共同拥有的权利,这些身份可能是所有角色身份。 条件政策建议将新身份分配给与非授权属性与新身份的非授权属性最接近的角色身份相关联的非共同所有权利。 这可以通过迭代通过将非共同所有权利与每个角色身份的非授权属性进行映射的向量来自动确定,比较新身份的非授权属性以找到最接近的匹配。 然后,建议将该身份的非共同所有权利分配给新身份,并经批准。
-
10.发明授权System and method for instantiation of distributed applications from disk snapshots 有权从磁盘快照实例化分布式应用程序的系统和方法公开(公告)号:US08495352B2
公开(公告)日:2013-07-23
申请号:US12963260
申请日:2010-12-08
申请人: Manish Gupta , Pratik Gupta , Narendran Sachindran , Manish Sethi , Manoj Soni
发明人: Manish Gupta , Pratik Gupta , Narendran Sachindran , Manish Sethi , Manoj Soni
CPC分类号: G06F9/45558 , G06F2009/4557
摘要: A framework instantiates an application from its disk snapshots. The disk snapshots are taken from a different network environment and migrated to a virtualized environment. Modifications to operating systems and hypervisors are avoided, and no special network isolation support is required. The framework is extensible and plug-in based, allowing product experts to provide knowledge about discovering, updating, starting and stopping of software components. This knowledge base is compiled into a plan that executes various interleaved configuration discovery, updates and start tasks such that a required configuration model can be discovered with minimal start and update task execution. The plan generation automatically stitches together knowledge for the various products, thus significantly simplifying the knowledge specification. Once discovery is complete, the framework utilizes the discovered model to update stale network configurations across software stack and customize configurations beyond network settings.
摘要翻译: 框架从其磁盘快照实例化应用程序。 磁盘快照取自不同的网络环境,并迁移到虚拟化环境。 避免了对操作系统和管理程序的修改,并且不需要特殊的网络隔离支持。 该框架是可扩展和插件的,允许产品专家提供关于发现,更新,启动和停止软件组件的知识。 该知识库被编译成执行各种交错配置发现,更新和启动任务的计划,使得可以以最少的启动和更新任务执行发现所需的配置模型。 计划生成自动将各种产品的知识拼接在一起,从而大大简化了知识规范。 一旦发现完成,该框架利用所发现的模型来更新跨软件堆栈的陈旧网络配置,并定制超出网络设置的配置。
-
-
-
-
-
-
-
-
-
搜索结果
12 条记录 (耗时 0.025 秒)
