公开(公告)号：US20050086197A1

公开(公告)日：2005-04-21

申请号：US10952787

申请日：2004-09-30

Applicant: Toufic Boubez ,  Scott Morrison ,  Dimitri Sirota ,  Francois Lascelles

Inventor： Toufic Boubez ,  Scott Morrison ,  Dimitri Sirota ,  Francois Lascelles

IPC: G06F7/00 ,  G06F13/14 ,  H04L12/16 ,  H04L12/66 ,  H04L29/00 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L63/10 ,  H04L63/20 ,  H04L67/02

Abstract: A method and system for securing web services on one or more server computers by one or more client computers, the computers connected to one or more networks through one or more network interfaces, each computer having one or more memories and one or more central processing units (CPUs), the system comprising one or more logical expressions that define constraints on one or more service releases; a gateway process receiving service request messages from one or more of the clients for i) identifying the service request message, ii) processing the service request message in accordance with one or more of the logical expressions associated with the requested service and iii) providing access to the requested service if the constraints are satisfied. The system includes an agent process associated with one or more the clients, for receiving service request messages from an associated client, the message destined for a requested service and applying to the received request message one or more of a subset of the logical expressions associated with the requested service for forwarding to the gateway process.

Abstract translation: 一种用于通过一个或多个客户端计算机在一个或多个服务器计算机上保护Web服务的方法和系统，所述计算机通过一个或多个网络接口连接到一个或多个网络，每个计算机具有一个或多个存储器和一个或多个中央处理单元 （CPU），所述系统包括定义对一个或多个服务发布的约束的一个或多个逻辑表达; 网关进程从一个或多个客户端接收服务请求消息，用于i）识别服务请求消息，ii）根据与所请求服务相关联的一个或多个逻辑表达来处理服务请求消息，以及iii）提供访问 如果满足约束，则发送到所请求的服务。 该系统包括与一个或多个客户端相关联的用于从相关联的客户端接收服务请求消息的代理进程，该目的地是所请求的服务的消息，并且向接收到的请求消息应用一个或多个与 所请求的服务转发到网关进程。