Invention Grant
US08490150B2 System, method, and software for enforcing access control policy rules on utility computing virtualization in cloud computing systems
有权
用于实施云计算系统中实用程序计算虚拟化的访问控制策略规则的系统,方法和软件
- Patent Title: System, method, and software for enforcing access control policy rules on utility computing virtualization in cloud computing systems
- Patent Title (中): 用于实施云计算系统中实用程序计算虚拟化的访问控制策略规则的系统,方法和软件
-
Application No.: US12565318Application Date: 2009-09-23
-
Publication No.: US08490150B2Publication Date: 2013-07-16
- Inventor: Ethan Hadar , Nimrod Vax , Amir Jerbi , Michael Kletskin
- Applicant: Ethan Hadar , Nimrod Vax , Amir Jerbi , Michael Kletskin
- Applicant Address: US NY Islandia
- Assignee: CA, Inc.
- Current Assignee: CA, Inc.
- Current Assignee Address: US NY Islandia
- Agency: Baker Botts, LLP
- Main IPC: G06F17/00
- IPC: G06F17/00 ; H04L29/06
Abstract:
According to one embodiment, a system comprises one or more processors coupled to a memory and executing logic. A policy life cycle component is configured to maintain a repository of security policies. The repository of security policies comprises policies governing access to a virtual host and to a plurality of virtual machines running on the virtual host. The policy life cycle component is also configured to issue a compound policy for an identified virtual operating system running on the virtual host. The compound policy provides a virtual host policy and access rules for each of the plurality of virtual machines running on the virtual host. A topology manager is configured to receive the compound policy from the policy life cycle component, assign the compound to an access control agent, and maintain a security policy topology. The security policy topology stores associations between access control agents and compound policies.
Public/Granted literature
Information query
