Graphical network security policy management
US6484261B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Dec 11, 1998 |
| Grant date | Nov 19, 2002 |
| Priority date | — |
| Expiry date | Dec 11, 2018 |
Classification
- Technology area (CPC Y)Emerging Cross-Sectional Technologies
- CPC primaryY10S715/967
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method of establishing a representation of an abstract network security policy is disclosed. The representation is established in the form of a decision tree that is constructed by assembling graphical symbols representing policy actions and policy conditions. A user modifies properties of the graphical symbols to create a logical representation of the policy. Concurrently, the logical representation is transformed into a textual script that represents the policy, and the script is displayed as the user works with the logical representation. When the policy representation is saved, the script is translated into machine instructions that govern the operation of a network gateway or firewall. The policy representation is named. The policy representation may be applied to other network devices or objects by moving an icon identifying the representation over an icon representing the network device. Policies, network objects, and network services are stored in the form of trees.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.