METHOD AND SYSTEM FOR DYNAMIC REFINEMENT OF SECURITY POLICIES

摘要

A computerized method is described for dynamically refining a security policy rule set (210). The security policy rule set (210) is used to define legal and illegal actions to be taken on an application running a server from clients. The method involves aggregating a plurality of log entries from one or more log files (230) to create a single set of log entries, grouping the log entries in the single set according to common characteristics and analyzing the groups of log entries to amend the security policy rule set (210). The method helps reduce the instances in which legal actions are rejected by the security policy rule set (210).