Abstract: A system can be used to enforce policy driven interactions among any set of objects. The availability of objects within a system is monitored and policies applicable to the objects are enforced. Objects within the system such as users, devices, processes and information assets are assigned unique identifiers and their presence is periodically reported to a server by client agents running in the devices. The availability of an object for a specific interaction may be determined through analysis of the presence of the object in the system and the presence and attributes of objects required to facilitate the interaction. Policies are associated with each of the objects. When an attempted interaction of objects is detected by a client agent, a license governing the attempted interaction is dynamically generated in accordance with policies associated with each of the objects participating in the interaction.

Abstract: Policies that govern the rights of system assets with respect to other system assets are enforced through dynamic generation of a license at a policy engine in response to a request by an asset to exercise a right with respect to another asset. The system assets are objects within the system to which behavior-regulating policies are applied. Typical types of system assets include users, devices, information files, and processes, and many other types of assets may also be defined. Upon receiving a request to exercise a right, the policy engine obtains predefined policies that are relevant to the request, and obtains factual information for evaluating the current state of transient conditions upon which rights are contingent as expressed in the policies. Through evaluation of the policies, the policy engine generates a license that expresses rights or prohibitions of the requesting asset with respect to another specified asset.

Abstract: A system can be used to enforce policy driven interactions among any set of objects. The availability of objects within a system is monitored and policies applicable to the objects are enforced. Objects within the system such as users, devices, processes and information assets are assigned unique identifiers and their presence is periodically reported to a server by client agents running in the devices. The availability of an object for a specific interaction may be determined through analysis of the presence of the object in the system and the presence and attributes of objects required to facilitate the interaction. Policies are associated with each of the objects. When an attempted interaction of objects is detected by a client agent, a license governing the attempted interaction is dynamically generated in accordance with licenses associated with each of the objects participating in the interaction.