首页> 外国专利> System, Method, and Software for Enforcing Access Control Policy Rules on Utility Computing Virtualization in Cloud Computing Systems

System, Method, and Software for Enforcing Access Control Policy Rules on Utility Computing Virtualization in Cloud Computing Systems

机译：在云计算系统中用于对公用计算虚拟化执行访问控制策略规则的系统，方法和软件

页面导航

摘要
著录项
相似文献

摘要

According to one embodiment, a system comprises one or more processors coupled to a memory and executing logic. A policy life cycle component is configured to maintain a repository of security policies. The repository of security policies comprises policies governing access to a virtual host and to a plurality of virtual machines running on the virtual host. The policy life cycle component is also configured to issue a compound policy for an identified virtual operating system running on the virtual host. The compound policy provides a virtual host policy and access rules for each of the plurality of virtual machines running on the virtual host. A topology manager is configured to receive the compound policy from the policy life cycle component, assign the compound to an access control agent, and maintain a security policy topology. The security policy topology stores associations between access control agents and compound policies.

机译：根据一个实施例，一种系统包括耦合到存储器并执行逻辑的一个或多个处理器。策略生命周期组件配置为维护安全策略的存储库。安全策略库包括管理访问虚拟主机和运行在虚拟主机上的多个虚拟机的策略。策略生命周期组件还配置为针对在虚拟主机上运行的已标识虚拟操作系统发布复合策略。复合策略为虚拟主机上运行的多个虚拟机中的每一个提供虚拟主机策略和访问规则。拓扑管理器配置为从策略生命周期组件接收复合策略，将复合分配给访问控制代理，并维护安全策略拓扑。安全策略拓扑存储访问控制代理和复合策略之间的关联。

著录项

公开/公告号US2011072486A1

专利类型
公开/公告日2011-03-24

原文格式PDF
申请/专利权人 ETHAN HADAR;NIMROD VAX;AMIR JERBI;MICHAEL KLETSKIN;
展开▼

申请/专利号US20090565318
发明设计人 MICHAEL KLETSKIN;NIMROD VAX;ETHAN HADAR;AMIR JERBI;
展开▼

申请日2009-09-23
分类号G06F21/00;G06F9/455;
国家 US
入库时间 2022-08-21 18:11:52

相似文献

专利
外文文献
中文文献