摘要 |
<P>PROBLEM TO BE SOLVED: To provide a system and method for resolving a rule conflict within a security policy applied to a trusted computing platform. <P>SOLUTION: A file set to which each of conflicting rules v and s refers (or "scope") is determined (step 10). It is then determined (at step 12) if the scope of one of the rules s is a complete subset of the scope of the rule r. If so, the rule s is applied to an accessed file f (at step 14). If not, the conflict is resolved in another way, for example, by determining the most restrictive of rules r and s (at step 16) and applying the result accordingly (step 18). <P>COPYRIGHT: (C)2005,JPO&NCIPI |