| 发明名称 |
Uniformly transforming the characteristics of a production environment |
| 摘要 |
Embodiments of the present invention disclose a method, computer program product, and system for generating a secure sandbox environment. A computer identifies components of a production environment that utilizes sensitive information during operation. The components of the production environment can include one or more server computers, one or more storage devices, and one or more applications. The computer receives a security policy that defines what constitutes sensitive information, and in response identifies the sensitive information of the production environment. The computer modifies the sensitive information such that the production environment can utilize the sensitive information without error, and such that the sensitive information cannot be identified from the modified sensitive information. The computer generates the sandbox environment, based at least in part, on the identified components of the production environment and the modified sensitive information. |
| 申请公布号 |
US9003479(B2) |
申请公布日期 |
2015.04.07 |
| 申请号 |
US201213710597 |
申请日期 |
2012.12.11 |
| 申请人 |
International Business Machines Corporation |
发明人 |
Fitterer Annemarie R.;Lloyd Nicholas S.;Thulasi Reddy Rama Mohan;Yedavilli Aruna |
| 分类号 |
G06F21/00;G06F21/57;G06F21/53;G06F21/10;G06F9/44 |
主分类号 |
G06F21/00 |
| 代理机构 |
|
代理人 |
Simek Daniel R. |
| 主权项 |
1. A computer program product for generating a secure sandbox environment, the computer program product comprising:
one or more computer-readable storage media and program instructions stored on the one or more computer-readable storage media, the program instructions comprising: program instructions to identify components of a production environment including one or more server computers, one or more storage devices, and one or more applications, wherein the production environment includes sensitive information and utilizes the sensitive information during operation; program instructions to receive a security policy that defines which information included in the production environment is sensitive information, and in response, identifying the sensitive information that is stored in the production environment based on the received security policy, wherein the identified sensitive information comprises: a first set of sensitive information that includes user names and passwords, and a second set of sensitive information that includes confidential data that the production environment utilizes after a login to the production environment; program instructions to modify the second set of sensitive information that is stored in the production environment, in a manner that allows the production environment to utilize the modified sensitive information without error or additional modification to the modified sensitive information, and the identified sensitive information cannot be identified from the modified sensitive information; and program instructions to generate the sandbox environment based, at least in part, on the identified components of the production environment and the modified sensitive information, wherein the generated sandbox environment is capable of utilizing the modified sensitive information in the same manner that the production environment utilizes sensitive information. |
| 地址 |
Armonk NY US |
