-
公开(公告)号:US20060230432A1
公开(公告)日:2006-10-12
申请号:US11102848
申请日:2005-04-08
IPC分类号: H04L9/00
CPC分类号: G06F17/3089
摘要: The present invention provide for an algebraic mapping of a policy expression from a compact to a normalized form, both in Boolean and set formulations. The policy algebra is defined in such a way that policy alternatives within the normalized expression will be the same across equivalent compact expressions—regardless of how the assertions are arbitrarily constrained or what operators are used to constrain such equivalent expressions. Moreover, the present invention also provides a model for identifying alternatives that are equivalent by comparing only the root element names or QName of each assertion within an alternative. In addition, embodiments as described herein can utilize the identification of equivalent alternatives in order to create an intersection policy expression to limit alternatives of admissible behavior to those in common across both endpoints.
-
公开(公告)号:US20060150200A1
公开(公告)日:2006-07-06
申请号:US11003307
申请日:2004-12-03
申请人: Shy Cohen , Geary Eppley , Douglas Purdy , James Johnson , Stephen Millet , Stephen Swartz , Vijay Gajjala , Aaron Stern , Alexander DeJarnatt , Alfred Lee , Anand Rjagopalan , Anastasios Kasiolas , Chaitanya Upadhyay , Christopher Kaler , Craig Critchley , David Levin , David Driver , David Wortendyke , Douglas Walter , Elliot Waingold , Erik Christensen , Erin Honeycutt , Eugene Shvets , Evgeny Osovetsky , Giovanni Della-Libera , Jesus Ruiz-Scougall , John Doty , Jonathan Wheeler , Kapil Gupta , Kenneth Wolf , Krishnan Srinivasan , Lance Olson , Matthew Tavis , Mauro Ottaviani , Max Feingold , Michael Coulson , Michael Marucheck , Michael Vernal , Michael Dice , Mohamed-Hany Ramadan , Mohammad Makarechian , Natasha Jethanandani , Richard Dievendorff , Richard Hill , Ryan Sturgell , Saurab Nog , Scott Seely , Serge Sverdlov , Siddhartha Puri , Sowmyanarayanan Srinivasan , Stefan Batres , Stefan Pharies , Tirunelveli Vishwanath , Tomasz Janczuk , Uday Hegde , Umesh Madan , Vaithialingam Balayogan , Vipul Modi , Yaniv Pessach , Yasser Shohoud
发明人: Shy Cohen , Geary Eppley , Douglas Purdy , James Johnson , Stephen Millet , Stephen Swartz , Vijay Gajjala , Aaron Stern , Alexander DeJarnatt , Alfred Lee , Anand Rjagopalan , Anastasios Kasiolas , Chaitanya Upadhyay , Christopher Kaler , Craig Critchley , David Levin , David Driver , David Wortendyke , Douglas Walter , Elliot Waingold , Erik Christensen , Erin Honeycutt , Eugene Shvets , Evgeny Osovetsky , Giovanni Della-Libera , Jesus Ruiz-Scougall , John Doty , Jonathan Wheeler , Kapil Gupta , Kenneth Wolf , Krishnan Srinivasan , Lance Olson , Matthew Tavis , Mauro Ottaviani , Max Feingold , Michael Coulson , Michael Marucheck , Michael Vernal , Michael Dice , Mohamed-Hany Ramadan , Mohammad Makarechian , Natasha Jethanandani , Richard Dievendorff , Richard Hill , Ryan Sturgell , Saurab Nog , Scott Seely , Serge Sverdlov , Siddhartha Puri , Sowmyanarayanan Srinivasan , Stefan Batres , Stefan Pharies , Tirunelveli Vishwanath , Tomasz Janczuk , Uday Hegde , Umesh Madan , Vaithialingam Balayogan , Vipul Modi , Yaniv Pessach , Yasser Shohoud
IPC分类号: G06F9/46
摘要: A web services namespace pertains to an infrastructure for enabling creation of a wide variety of applications. The infrastructure provides a foundation for building message-based applications of various scale and complexity. The infrastructure or framework provides APIs for basic messaging, secure messaging, reliable messaging and transacted messaging. In some embodiments, the associated APIs are factored into a hierarchy of namespaces in a manner that balances utility, usability, extensibility and versionability.
-
公开(公告)号:US07453875B2
公开(公告)日:2008-11-18
申请号:US11087139
申请日:2005-03-23
申请人: Michael S. Vernal , Erik B. Christensen , Martin Gudgin , John R. Justice , Gopal Kakivaya , David Langworthy , Yaniv Pessach , Jeffrey Schlimmer , Elliot Waingold , Kenneth D. Wolf
发明人: Michael S. Vernal , Erik B. Christensen , Martin Gudgin , John R. Justice , Gopal Kakivaya , David Langworthy , Yaniv Pessach , Jeffrey Schlimmer , Elliot Waingold , Kenneth D. Wolf
CPC分类号: H04L69/16 , H04L69/164 , H04L69/32 , H04L69/328
摘要: A sending computer system can identify one or more available network resources at one or more network computers by sending a request for services using Simple Object Access Protocol (SOAP) over User Datagram Protocol (UDP). In particular, the sending computer system prepares a SOAP message that includes a request for available resources. The sending computer system then encapsulates the SOAP message into a user datagram, and sends the user datagram to one or more identifiable computer systems on the network. In one implementation, the sending computer system sends the user datagram to a multi-cast Uniform Resource Identifier (URI). The receiving computer system receives the message through UDP, unpacks the message, and responds to the SOAP message request. Accordingly, the sending computer system can query multiple computer systems in an efficient manner without necessarily incurring the overhead otherwise associated with connection-oriented communication.
摘要翻译: 发送计算机系统可以通过使用通过用户数据报协议(UDP)的简单对象访问协议(SOAP)发送对服务的请求来识别一个或多个网络计算机上的一个或多个可用网络资源。 特别地,发送计算机系统准备包括对可用资源的请求的SOAP消息。 发送计算机系统然后将SOAP消息封装成用户数据报,并将用户数据报发送到网络上的一个或多个可识别的计算机系统。 在一个实现中,发送计算机系统将用户数据报发送到多播统一资源标识符(URI)。 接收计算机系统通过UDP接收消息,解包消息,并响应SOAP消息请求。 因此,发送计算机系统可以以有效的方式查询多个计算机系统,而不必引起另外与面向连接的通信相关的开销。
-
公开(公告)号:US20060133427A1
公开(公告)日:2006-06-22
申请号:US11003847
申请日:2004-12-03
申请人: Kenneth Wolf , Michael Vernal , Christopher Kaler , Elliot Waingold , Eric Christensen , Jeffrey Schlimmer , Martin Gudgin , Siddhartha Puri
发明人: Kenneth Wolf , Michael Vernal , Christopher Kaler , Elliot Waingold , Eric Christensen , Jeffrey Schlimmer , Martin Gudgin , Siddhartha Puri
IPC分类号: H04J3/07
CPC分类号: G06F17/2247 , G06F17/2258 , H04L67/02 , H04L69/08 , H04L69/329
摘要: A mechanism for sending structured data using a corresponding byte stream. Upon accessing structured data such as a Simple Object Access Protocol (SOAP) envelope, a byte stream is generated. The byte stream includes bytes that represent the structured data, as well as a collection of bytes that represents properties about the byte stream such as, for example, a mode of communication. The byte stream may then be passed to a communication module (e.g., a TCP or Named Pipes module) capable of receiving and transmitting the byte stream.
-
公开(公告)号:US20060215571A1
公开(公告)日:2006-09-28
申请号:US11087139
申请日:2005-03-23
申请人: Michael Vernal , Erik Christensen , Martin Gudgin , John Justice , Gopal Kakivaya , David Langworthy , Yaniv Pessach , Jeffrey Schlimmer , Elliot Waingold , Kenneth Wolf
发明人: Michael Vernal , Erik Christensen , Martin Gudgin , John Justice , Gopal Kakivaya , David Langworthy , Yaniv Pessach , Jeffrey Schlimmer , Elliot Waingold , Kenneth Wolf
IPC分类号: H04L1/00
CPC分类号: H04L69/16 , H04L69/164 , H04L69/32 , H04L69/328
摘要: A sending computer system can identify one or more available network resources at one or more network computers by sending a request for services using SOAP over UDP. In particular, the sending computer system prepares a SOAP message that includes a request for available resources. The sending computer system then encapsulates the SOAP message into a user datagram, and sends the user datagram to one or more identifiable computer systems on the network. In one implementation, the sending computer system sends the user datagram to a multi-cast URI. The receiving computer system receives the message through UDP, unpacks the message, and responds to the SOAP message request. Accordingly, the sending computer system can query multiple computer systems in an efficient manner without necessarily incurring the overhead otherwise associated with connection-oriented communication.
摘要翻译: 发送计算机系统可以通过使用SOAP over UDP发送对服务的请求来识别一个或多个网络计算机上的一个或多个可用网络资源。 特别地,发送计算机系统准备包括对可用资源的请求的SOAP消息。 发送计算机系统然后将SOAP消息封装成用户数据报,并将用户数据报发送到网络上的一个或多个可识别的计算机系统。 在一个实现中,发送计算机系统将用户数据报发送到多播URI。 接收计算机系统通过UDP接收消息,解包消息,并响应SOAP消息请求。 因此,发送计算机系统可以以有效的方式查询多个计算机系统,而不必引起另外与面向连接的通信相关的开销。
-
6.发明申请公开(公告)号:US20060174016A1
公开(公告)日:2006-08-03
申请号:US11048346
申请日:2005-02-01
申请人: Craig Critchley , David Wortendyke , Elliot Waingold , Eric Zinda , Erik Christensen , Giovanni Della-Libera , Kenneth Wolf , Michael Vernal , Shy Cohen , Stefan Pharies , Stephen Millet , Stephen Swartz , Tomasz Janczuk , Uday Hegde , Yaniv Pessach
发明人: Craig Critchley , David Wortendyke , Elliot Waingold , Eric Zinda , Erik Christensen , Giovanni Della-Libera , Kenneth Wolf , Michael Vernal , Shy Cohen , Stefan Pharies , Stephen Millet , Stephen Swartz , Tomasz Janczuk , Uday Hegde , Yaniv Pessach
CPC分类号: G06F9/546
摘要: The present invention provides for an automated, user friendly way of constructing and using a binding object. A developer is presenting and selects binding elements that will ultimately be used to create a runtime communication channel for transporting a message between a client and service endpoint. After receiving the user input, metadata, a channel factory and listener factory are created. The metadata describes binding elements and provides an abstract representation of a protocol stack that implements communication aspects at runtime. The channel factory is configured to use the collection of metadata at runtime to generate the runtime communication channel. Further, the listener factory is configured to accept the runtime communication channel for de-multiplex the communication aspects in order to process the message at a service endpoint. The present invention also provides for groupings of binding elements and standardized binging objects organized based on industry need.
摘要翻译: 本发明提供了一种自动化,用户友好的构造和使用绑定对象的方式。 开发人员正在呈现并选择将最终用于创建用于在客户端和服务端点之间传输消息的运行时通信通道的绑定元素。 收到用户输入后,创建元数据,渠道工厂和监听工厂。 元数据描述绑定元素,并提供在运行时实现通信方面的协议栈的抽象表示。 通道工厂配置为在运行时使用元数据的集合来生成运行时通信通道。 此外,收听工厂被配置为接受运行时通信信道以解复用通信方面,以便在服务端点处理消息。 本发明还提供了基于行业需要组织的结合元件和标准化ing物的分组。
-
公开(公告)号:US20060173854A1
公开(公告)日:2006-08-03
申请号:US11049051
申请日:2005-02-01
申请人: Mauro Ottaviani , Alfred Lee , Elliot Waingold
发明人: Mauro Ottaviani , Alfred Lee , Elliot Waingold
IPC分类号: G06F17/30
CPC分类号: H04L67/14 , H04L69/16 , H04L69/162
摘要: A listener operating in user-mode can dispatch control of a client connection to a listener without exposing system memory or other sensitive services or components. For example, a client component requests access to a network component through connection with a user-mode listener. Based on information contained in the client request, the listener passes a call to an application program interface, which returns a first set of data that includes user-mode contextual information. The listener passes this first set of data to the requested network component. Another call is made to an application program interface, which includes the first set of data, and a request for socket duplication. The application program interface returns control of the requested socket to the network component, such that the network component and the client component communicate directly through the requested socket in user-mode.
-
公开(公告)号:US07640573B2
公开(公告)日:2009-12-29
申请号:US10780274
申请日:2004-02-16
申请人: Giovanni M. Della-Libera , Vijay K. Gajjala , Tomasz Janczuk , John R. Lambert , Elliot Waingold
发明人: Giovanni M. Della-Libera , Vijay K. Gajjala , Tomasz Janczuk , John R. Lambert , Elliot Waingold
CPC分类号: G06F21/335
摘要: A system for processing multiple types of security schemes includes a server having a claims engine that extracts claim(s) from security token(s) and maps extracted claims to other claims. The term claim as used in this context is a statement about a token's subject. The claims engine can extract claim(s) from one or more different types of security tokens corresponding to the multiple security schemes. These extracted claim(s) can then be selectively mapped to other claims using mapping information that is accessible to the server. The security decision can then be based on the extracted and/or derived claim(s) rather than tokens. This system can thereby support multiple security schemes and simplify the security process for the user.
摘要翻译: 用于处理多种类型的安全方案的系统包括具有从安全令牌提取权利要求并将提取的权利要求映射到其他权利要求的权利要求引擎的服务器。 在这种情况下使用的这个术语是关于令牌主题的声明。 索赔引擎可以从对应于多个安全方案的一个或多个不同类型的安全令牌中提取索赔。 然后可以使用服务器可访问的映射信息将这些提取的权利要求选择性地映射到其他权利要求。 然后,安全性决定可以基于提取的和/或导出的权利要求而不是令牌。 因此,该系统可以支持多种安全方案,并简化用户的安全过程。
-
公开(公告)号:US20060178152A1
公开(公告)日:2006-08-10
申请号:US11051238
申请日:2005-02-04
申请人: Bradford Lovering , David Wortendyke , Elliot Waingold , Erik Christensen , Kenneth Wolf , Michael Vernal , Shy Cohen , Stefan Pharies
发明人: Bradford Lovering , David Wortendyke , Elliot Waingold , Erik Christensen , Kenneth Wolf , Michael Vernal , Shy Cohen , Stefan Pharies
IPC分类号: H04Q7/20
CPC分类号: G06F9/546 , G06F2209/547 , H04L67/10
摘要: The present invention provides for a channel model capable of generating a runtime communication channel with pluggable modular channel components. These channel components implement one of a set of standard interfaces that allow processing details of communication semantics between components to be represented in a polymorphic way. A message and corresponding communication semantics are recursively passed through the channel components using the standard interface, thereby abstracting other modules and components from specific implementation details of how the communication semantics are performed. The message may then be sent to the next appropriate module for further processing, or the processing may be completed at that particular component or module. Note also that the message can also be de-multiplexed on the service side in a similar fashion as that described above.
摘要翻译: 本发明提供一种能够生成具有可插拔模块化信道分量的运行时通信信道的信道模型。 这些通道组件实现了一组标准接口之一,允许处理以多态方式表示的组件之间的通信语义的细节。 消息和对应的通信语义通过使用标准接口的信道分量递归地传递,从而将其他模块和组件从如何执行通信语义的具体实现细节中抽象出来。 然后可以将消息发送到下一个适当的模块进一步处理,或者可以在该特定组件或模块处完成处理。 还要注意,消息也可以以与上述相似的方式在服务端解复用。
-
公开(公告)号:US20050278390A1
公开(公告)日:2005-12-15
申请号:US11207034
申请日:2005-08-19
CPC分类号: H04L63/126 , G06F21/6218 , G06F2221/2141 , H04L45/34 , H04L45/566 , H04L63/04 , H04L63/0428 , H04L63/08 , H04L63/102 , H04L63/123 , H04L67/02 , Y10S707/99939
摘要: Methods, systems, and data structures for communicating object metadata are provided. A generic metadata container is presented that allows object metadata to be described in an extensible manner using protocol-neutral and platform-independent methodologies. A metadata scope refers to a dynamic universe of targets to which the included metadata statements correspond. Metadata properties provide a mechanism to describe the metadata itself, and metadata security can be used to ensure authentic metadata is sent and received. Mechanisms are also provided to allow refinement and replacement of metadata statements. The generic metadata container can be adapted to dynamically define access control rights to a range of objects by a range of users, including granted and denied access rights.
摘要翻译: 提供了传达对象元数据的方法,系统和数据结构。 提出了一个通用的元数据容器,允许使用协议中立和平台无关的方法以可扩展的方式描述对象元数据。 元数据范围是指所包含的元数据语句对应的目标的动态范围。 元数据属性提供了一种描述元数据本身的机制,并且可以使用元数据安全性来确保发送和接收真实的元数据。 还提供了机制来允许细化和替换元数据语句。 通用元数据容器可以被适配成动态地定义一系列用户对一系列对象的访问控制权限,包括授权和被拒绝的访问权限。
-
-
-
-
-
-
-
-
-
搜索结果
15 条记录 (耗时 0.022 秒)
