-
1.发明授权Apparatus and method for categorizing services using canonical service descriptions 失效使用规范服务描述对服务进行分类的装置和方法公开(公告)号:US08712886B2
公开(公告)日:2014-04-29
申请号:US09758112
申请日:2001-01-03
IPC分类号: G06Q40/00
CPC分类号: G06Q30/02
摘要: An apparatus and method for service classification are provided. The apparatus and method make use of canonical service descriptions which designate minimum requirements for a service to be classified into a corresponding classification. Based on the canonical service description, it can be determined whether a service that wishes to be classified into a particular classification of a taxonomy on a service broker meets the minimum requirements for that classification. Furthermore, the use of canonical service descriptions ensures that all services classified into a particular classification have a minimum level of functionality that will allow them to function properly when invoked.
摘要翻译: 提供了一种服务分类的装置和方法。 该设备和方法使用规范服务描述,其指定要分类为相应分类的服务的最低要求。 基于规范服务描述,可以确定希望分类为服务代理的分类法的特定分类的服务是否满足该分类的最低要求。 此外,使用规范服务描述确保分类为特定分类的所有服务具有最小级别的功能,这将允许它们在被调用时正常运行。
-
公开(公告)号:US07304982B2
公开(公告)日:2007-12-04
申请号:US10334474
申请日:2002-12-31
CPC分类号: H04L63/20 , H04L29/06 , H04L63/0478 , H04L63/104 , H04L67/322 , H04L69/329
摘要: A method, system, apparatus, or computer program product is presented for routing event messages between data processing systems based on privacy policies associated with the data processing systems and based on event policies associated with event types for the event messages. When a system attempts to publish an event message for a particular type of event or to subscribe to those event messages, an event policy is checked to determine whether the system may publish messages for that type of event or may subscribe to those messages. Moreover, if a publishing system publishes an event message that contains personally identifiable information for a user of a data processing system, and a subscribing system has subscribed to event messages having the same event type, then the privacy policies associated with the systems are compared to determine compatibility or incompatibility between the privacy policies before routing a message between the systems.
摘要翻译: 呈现方法,系统,装置或计算机程序产品,用于基于与数据处理系统相关联的隐私策略并且基于与事件消息的事件类型相关联的事件策略在数据处理系统之间路由事件消息。 当系统尝试为特定类型的事件发布事件消息或订阅这些事件消息时,将检查事件策略以确定系统是否可以为该类型的事件发布消息或者可以订阅这些消息。 此外,如果发布系统发布包含用于数据处理系统的用户的个人身份信息的事件消息,并且订阅系统已订阅具有相同事件类型的事件消息,则将与系统相关联的隐私策略与 在系统之间路由消息之前确定隐私策略之间的兼容性或不兼容性。
-
公开(公告)号:US20060294383A1
公开(公告)日:2006-12-28
申请号:US11168716
申请日:2005-06-28
IPC分类号: H04L9/00
CPC分类号: G06F21/606 , G06F21/629 , H04L63/12
摘要: Methods, systems, and products are disclosed in which secure data communications in web services are provided generally by receiving in a web service from a client a request containing an element bearing a first signature, the signature having a value; signing the value of the first signature, thereby creating a second signature; and sending a response from the web service to the client, the response including the second signature. The requester may verify that the response includes the second signature. The request may be encrypted, and the response may be encrypted. The first signature may be encrypted, and the web service may encrypt the value of the first signature and include the encrypted value of the first signature in the response. The web service may receive a request encoded in SOAP and may send a response also encoded in SOAP.
摘要翻译: 公开了一种方法,系统和产品,其中Web服务中的安全数据通信通常通过从客户端接收web服务来提供包含具有第一签名的元素的请求,该签名具有值; 签署第一签名的价值,从而创建第二个签名; 以及将所述web服务的响应发送到所述客户端,所述响应包括所述第二签名。 请求者可以验证响应包括第二个签名。 该请求可以被加密,并且响应可以被加密。 可以对第一签名进行加密,并且web服务可以加密第一签名的值并将第一签名的加密值包括在响应中。 Web服务可以接收以SOAP编码的请求,并且可以发送也以SOAP编码的响应。
-
4.发明授权Method and system for detecting movement of a signed element in a structured document 有权用于检测结构化文档中有符号元素的移动的方法和系统公开(公告)号:US09292619B2
公开(公告)日:2016-03-22
申请号:US11427408
申请日:2006-06-29
CPC分类号: G06F17/30908 , G06F21/64
摘要: A sending entity creates a structured document and communicates it to a receiving entity includes a transform to ensure document elements are not moved during communication. The structured document comprises a root element and a set of child elements. A child element is protected by a digital signature, prior to being positioned within the document. This element includes a sending entity security policy. The receiving entity includes a transform that determines whether the signed element is in a given position within the received document. The transform evaluates the data string against a set of ancestor elements of the signed element to determine whether the signed element is in the given position. If so, the transform preferably outputs the signed element itself. If the transform determines that the signed element has been moved, however, preferably it outputs a given value other than the signed element.
摘要翻译: 发送实体创建结构化文档并将其传送到接收实体包括转换以确保文档元素在通信期间不被移动。 结构化文档包括根元素和一组子元素。 子元素在被放置在文档中之前被数字签名保护。 该元素包括发送实体安全策略。 接收实体包括一个变换,该变换确定有符号元素是否在接收的文档内的给定位置。 该变换根据有符号元素的一组祖先元素来评估数据字符串,以确定有符号元素是否在给定的位置。 如果是,变换优选地输出有符号元素本身。 然而,如果变换确定有符号元素已被移动,则优选地,它输出除了带符号元素之外的给定值。
-
公开(公告)号:US20080022409A1
公开(公告)日:2008-01-24
申请号:US11867291
申请日:2007-10-04
申请人: Maryann Hondo , Anthony Nadalin , Ajamu Wesley
发明人: Maryann Hondo , Anthony Nadalin , Ajamu Wesley
IPC分类号: G06F7/04
CPC分类号: H04L63/20 , H04L29/06 , H04L63/0478 , H04L63/104 , H04L67/322 , H04L69/329
摘要: A method, system, apparatus, or computer program product is presented for routing event messages between data processing systems based on privacy policies associated with the data processing systems and based on event policies associated with event types for the event messages. When a system attempts to publish an event message for a particular type of event or to subscribe to those event messages, an event policy is checked to determine whether the system may publish messages for that type of event or may subscribe to those messages. Moreover, if a publishing system publishes an event message that contains personally identifiable information for a user of a data processing system, and a subscribing system has subscribed to event messages having the same event type, then the privacy policies associated with the systems are compared to determine compatibility or incompatibility between the privacy policies before routing a message between the systems.
摘要翻译: 呈现方法,系统,装置或计算机程序产品,用于基于与数据处理系统相关联的隐私策略并且基于与事件消息的事件类型相关联的事件策略在数据处理系统之间路由事件消息。 当系统尝试为特定类型的事件发布事件消息或订阅这些事件消息时,将检查事件策略以确定系统是否可以为该类型的事件发布消息或者可以订阅这些消息。 此外,如果发布系统发布包含用于数据处理系统的用户的个人身份信息的事件消息,并且订阅系统已订阅具有相同事件类型的事件消息,则将与系统相关联的隐私策略与 在系统之间路由消息之前确定隐私策略之间的兼容性或不兼容性。
-
6.发明申请公开(公告)号:US20060230430A1
公开(公告)日:2006-10-12
申请号:US10907577
申请日:2005-04-06
IPC分类号: H04L9/00
CPC分类号: H04L63/102 , H04L63/08
摘要: A method, system and computer program product for implementing authorization policies for web services may include defining an authorization policy for access to a web service. The method, system and computer program product may also include attaching the authorization policy to a service definition for the web service.
摘要翻译: 用于实现web服务的授权策略的方法,系统和计算机程序产品可以包括定义用于访问web服务的授权策略。 方法,系统和计算机程序产品还可以包括将授权策略附加到web服务的服务定义。
-
公开(公告)号:US07903656B2
公开(公告)日:2011-03-08
申请号:US11867291
申请日:2007-10-04
CPC分类号: H04L63/20 , H04L29/06 , H04L63/0478 , H04L63/104 , H04L67/322 , H04L69/329
摘要: A method, system, apparatus, or computer program product is presented for routing event messages between data processing systems based on privacy policies associated with the data processing systems and based on event policies associated with event types for the event messages. When a system attempts to publish an event message for a particular type of event or to subscribe to those event messages, an event policy is checked to determine whether the system may publish messages for that type of event or may subscribe to those messages. Moreover, if a publishing system publishes an event message that contains personally identifiable information for a user of a data processing system, and a subscribing system has subscribed to event messages having the same event type, then the privacy policies associated with the systems are compared to determine compatibility or incompatibility between the privacy policies before routing a message between the systems.
摘要翻译: 呈现方法,系统,装置或计算机程序产品,用于基于与数据处理系统相关联的隐私策略并且基于与事件消息的事件类型相关联的事件策略在数据处理系统之间路由事件消息。 当系统尝试为特定类型的事件发布事件消息或订阅这些事件消息时,将检查事件策略以确定系统是否可以为该类型的事件发布消息或者可以订阅这些消息。 此外,如果发布系统发布包含用于数据处理系统的用户的个人身份信息的事件消息,并且订阅系统已订阅具有相同事件类型的事件消息,则将与系统相关联的隐私策略与 在系统之间路由消息之前确定隐私策略之间的兼容性或不兼容性。
-
8.发明授权公开(公告)号:US07657924B2
公开(公告)日:2010-02-02
申请号:US10907577
申请日:2005-04-06
IPC分类号: H04L9/00
CPC分类号: H04L63/102 , H04L63/08
摘要: A method, system and computer program product for implementing authorization policies for web services may include defining an authorization policy for access to a web service. The method, system and computer program product may also include attaching the authorization policy to a service definition for the web service.
摘要翻译: 用于实现web服务的授权策略的方法,系统和计算机程序产品可以包括定义用于访问web服务的授权策略。 方法,系统和计算机程序产品还可以包括将授权策略附加到web服务的服务定义。
-
9.发明申请METHOD AND SYSTEM FOR DETECTING MOVEMENT OF A SIGNED ELEMENT IN A STRUCTURED DOCUMENT 有权用于检测结构化文档中的符号元素的运动的方法和系统公开(公告)号:US20080005660A1
公开(公告)日:2008-01-03
申请号:US11427408
申请日:2006-06-29
IPC分类号: G06F17/00
CPC分类号: G06F17/30908 , G06F21/64
摘要: A system in which a sending entity creates a structured document and communicates that document to a receiving entity includes a transform to ensure that document elements are not moved during communication. The structured document is typically XML, and the document comprises a root element and a set of one or more child elements. At least one child element is protected, for example, by a digital signature, prior to being positioned within the XML document. This “signed” element includes a sending entity security policy, preferably in the form of a position dependent or absolute path expression. The receiving entity includes a transform that determines whether the signed element is in a given position within the received XML document. Typically, the given position is the position at which the signed element was placed within the structured document by the sending entity. The transform evaluates the data string against a set of one or more ancestor elements of the signed element to determine whether the signed element is in the given position within the received document. If so, the transform preferably outputs the signed element itself. If the transform determines that the signed element has been moved, however, preferably it outputs a given value other than the signed element. The transform is computationally-inefficient because it works by enforcing an intended path (as specified in the position dependent or absolute path expression) from the signed element back up to the XML document root. In effect, the algorithm requires visitation of only the referenced element's ancestors, and not the entire XML tree.
摘要翻译: 发送实体创建结构化文档并将该文档传送到接收实体的系统包括转换以确保文档元素在通信期间不被移动。 结构化文档通常是XML,并且文档包括根元素和一组一个或多个子元素。 至少一个子元素在被定位在XML文档之前被保护,例如通过数字签名。 该“签名”元素包括发送实体安全策略,优选地以位置相关或绝对路径表达的形式。 接收实体包括一个变换,该变换确定有符号元素是否处于接收的XML文档内的给定位置。 通常,给定的位置是发送实体在签名元素放置在结构化文档内的位置。 变换根据有符号元素的一个或多个祖先元素的集合来评估数据串,以确定有符号元素是否处于接收到的文档内的给定位置。 如果是,变换优选地输出有符号元素本身。 然而,如果变换确定有符号元素已被移动,则优选地,它输出除了带符号元素之外的给定值。 该转换在计算上是低效的,因为它通过从signed元素备份到XML文档根来强制执行预定的路径(在位置相关或绝对路径表达式中指定)。 实际上,该算法只需要访问引用元素的祖先,而不是整个XML树。
-
-
-
-
-
-
-
-
搜索结果
9 条记录 (耗时 0.011 秒)
