摘要 |
A policy manager (210) manages security policy. An application guard (426) manages access of securable components according to specification provided by security policy. The policy manager includes a management station (212) for construction and editing the security policy. The policy manager manages and customizes local policy to each client. An additional application guard is located on each client for managing access of the securable components which are specified by the customized local policy based on security policy. The security policy allows or denies to securable components for the user. The security policy is bulk loaded at the system using a policy holder. The application guard provides additional customized code to process and evaluate authorization requests depending on additional customized code. |