发明名称 |
System, Method, and Software for Enforcing Access Control Policy Rules on Utility Computing Virtualization in Cloud Computing Systems |
摘要 |
According to one embodiment, a system comprises one or more processors coupled to a memory and executing logic. A policy life cycle component is configured to maintain a repository of security policies. The repository of security policies comprises policies governing access to a virtual host and to a plurality of virtual machines running on the virtual host. The policy life cycle component is also configured to issue a compound policy for an identified virtual operating system running on the virtual host. The compound policy provides a virtual host policy and access rules for each of the plurality of virtual machines running on the virtual host. A topology manager is configured to receive the compound policy from the policy life cycle component, assign the compound to an access control agent, and maintain a security policy topology. The security policy topology stores associations between access control agents and compound policies.
|
申请公布号 |
US2011072486(A1) |
申请公布日期 |
2011.03.24 |
申请号 |
US20090565318 |
申请日期 |
2009.09.23 |
申请人 |
COMPUTER ASSOCIATES THINK, INC. |
发明人 |
HADAR ETHAN;VAX NIMROD;JERBI AMIR;KLETSKIN MICHAEL |
分类号 |
G06F21/00;G06F9/455 |
主分类号 |
G06F21/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|