| 发明名称 |
Uniformly transforming the characteristics of a production environment |
| 摘要 |
Embodiments of the present invention disclose a method, computer program product, and system for generating a secure sandbox environment. A computer identifies components of a production environment that utilizes sensitive information during operation. The components of the production environment can include one or more server computers, one or more storage devices, and one or more applications. The computer receives a security policy that defines what constitutes sensitive information, and in response identifies the sensitive information of the production environment. The computer modifies the sensitive information such that the production environment can utilize the sensitive information without error, and such that the sensitive information cannot be identified from the modified sensitive information. The computer generates the sandbox environment, based at least in part, on the identified components of the production environment and the modified sensitive information. |
| 申请公布号 |
US9003483(B2) |
申请公布日期 |
2015.04.07 |
| 申请号 |
US201314072862 |
申请日期 |
2013.11.06 |
| 申请人 |
International Business Machines Corporation |
发明人 |
Fitterer Annemarie R.;Lloyd Nicholas S.;Thulasi Reddy Rama Mohan;Yedavilli Aruna |
| 分类号 |
G06F21/00;G06F21/57;G06F21/53;G06F21/10;G06F9/44 |
主分类号 |
G06F21/00 |
| 代理机构 |
|
代理人 |
Simck Daniel R. |
| 主权项 |
1. A method for generating a secure sandbox environment, the method comprising:
a computer identifying components of a production environment including one or more server computers, one or more storage devices, and one or more applications, wherein the production environment includes sensitive information and utilizes the sensitive information during operation; the computer receiving a security policy that defines which information included in the production environment is sensitive information, and in response, identifying the sensitive information that is stored in the production environment based on the received security policy, wherein the identified sensitive information comprises: a first set of sensitive information that includes user names and passwords, and a second set of sensitive information that includes confidential data that the production environment utilizes after a login to the production environment; the computer modifying the second set of sensitive information that is stored in the production environment, in a manner that allows the production environment to utilize the modified sensitive information without error or additional modification to the modified sensitive information, and the identified sensitive information cannot be identified from the modified sensitive information; and the computer generating a sandbox environment based, at least in part, on the identified components of the production environment and the modified sensitive information, wherein the generated sandbox environment is capable of utilizing the modified sensitive information in the same manner that the production environment utilizes sensitive information. |
| 地址 |
Armonk NY US |
