Patent · US Active

Declarative language for specifying a security policy

US7478422B2 · kind B2 · utility

18Cited by

99References

5Claims

0Family size

Assignee

Securify, Inc. · US

Inventors

Luis Valente · Palo Alto, US
Geoffrey Cooper · Palo Alto, US
Robert Shaw · Los Altos, US
Kieran Gerard Sherlock · Palo Alto, US

Key dates

Filing date	Jun 15, 2004
Grant date	Jan 13, 2009
Priority date	—
Expiry date	Jun 20, 2026

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/20
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

The invention is a declarative language system and comprises a language as a tool for expressing network security policy in a formalized way. It allows the specification of security policy across a wide variety of networking layers and protocols. Using the language, a security administrator assigns a disposition to each and every network event that can occur in a data communications network. The event's disposition determines whether the event is allowed (i.e. conforms to the specified policy) or disallowed and what action, if any, should be taken by a system monitor in response to that event. Possible actions include, for example, logging the information into a database, notifying a human operator, and disrupting the offending network traffic.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.