Hugh F Mahon - Fort Collins CO
David M Durham - Hillsboro OR
Puqi Tang - Portland OR
Hewlett-Packard Development Company - Houston TX
709223, 709104, 709203, 709220, 709221, 709222, 709224, 709225
Method and apparatus for assigning policies which are rules that govern the use of or access to network services. Each rule defines conditions that when evaluated true trigger actions to allow or deny the service. Techniques are disclosed which provide for explicit, flexible, and centralized assignment of policy to targets which are specified network services. These techniques include explicitly associating a policy with a network resource or process, grouping policy related processes, grouping related targets, associating groups of targets with groups of policies, mapping a user name contained in a policy to an associated network address such as an Internet Protocol (IP) address, and providing dynamically mapped policy identified user and host names with associated network addresses, such as IP addresses, to client processes.