Patent application number | Description | Published |
20120131091 | IDENTIFYING COMPATIBLE WEB SERVICE POLICIES - Methods, systems, and devices are described for identifying compatible web service policies between a web service and a web service client. A first and second set of one or more identifiers linked to web service policies supported by the web service and web service client may be calculated, respectively. The sets of identifiers may be compared. Using the comparison, a number of common identifiers present in the first set of one or more identifiers linked to the web service policies supported by the web service and the second set of one or more identifiers linked to the web service policies supported by the web service client may be identified. Using the number of common identifiers, a web service policy of the web service compatible with a web service policy of the web service client may be identified. | 05-24-2012 |
20120131135 | NONCONFORMING WEB SERVICE POLICY FUNCTIONS - Arrangements for enforcing a nonconforming web service policy document are presented. A request for a web service policy document may be received by a web service. A conforming web service policy document may be generated using the nonconforming web service policy document. The nonconforming web service policy document may comprise one or more functions unsupported by the web service description language. The conforming web service policy document may be transmitted to the web service client. The nonconforming web service policy document may be enforced by the web service, wherein the functions that are unsupported by the web service description language standard modifies enforcement of the web service policy document by the web service computer system. The conforming web service policy document may comprise sufficient information for the web service client computer system to comply with the nonconforming web service policy document. | 05-24-2012 |
20120131164 | ATTACHING WEB SERVICE POLICIES TO A GROUP OF POLICY SUBJECTS - In one set of embodiments, methods, systems, and apparatus are provided to attach one or more quality of service policies to resources in an enterprise system by receiving a first global policy attachment that references an attachment attribute value and a first service policy, receiving a request to access a policy subject associated with a subject attribute value, identifying an effective policy set referenced by the first global policy attachment, the effective policy set including the first service policy if the attachment attribute value equals the subject attribute value, and granting the request to access based upon the at least one effective policy. The at least one effective policy may further include a first service policy referenced by the first global policy attachment if a first policy attachment scope referenced by the first global policy attachment matches or contains a subject scope associated with the policy subject. | 05-24-2012 |
20120131469 | RUNTIME USAGE ANALYSIS FOR A DISTRIBUTED POLICY ENFORCEMENT SYSTEM - In one set of embodiments, methods, systems, and apparatus are provided for determining, by a server, a policy association between a web service policy and a policy subject associated with an application hosted by the server, the policy association being made while the server is offline, generating a runtime usage association based on the policy association, wherein the runtime usage association is between the web service policy and the policy subject; and generating a user interface based upon the runtime usage association, the user interface displaying one or more web service policies associated with one or more policy subjects of the application. The runtime usage association may be updated in response to a change to the policy association made by an administrative tool, where the change and the updating occur in real time while the server is online. | 05-24-2012 |
20120131654 | PROPAGATING SECURITY IDENTITY INFORMATION TO COMPONENTS OF A COMPOSITE APPLICATION - Various methods and systems for propagating identity information in a composite application are presented. State data of a composite application, as executed for a particular entity, may be transferred to and stored by a computer-readable storage medium. The state data may include a portion of a set of subject information linked with the entity. A security attribute of the subject may not be present in the portion of the set of subject information in the state data transferred to the non-transitory computer-readable storage medium. After a period of time, such as an hour or a day, the state data of the composite application as executed for the entity may be retrieved and the security attribute of the set of subject information linked with the entity may be determined. The composite application may then continue to be executed for the entity. | 05-24-2012 |
20130086242 | ADVERTISEMENT OF CONDITIONAL POLICY ATTACHMENTS - Framework for conditionally attaching web service policies to a policy subject (e.g., a web service client or service endpoint) at subject runtime. In one set of embodiments, a constraint expression can be defined that specifies one or more runtime conditions under which a policy should be attached to a policy subject. The constraint expression can be associated with the policy and the policy subject via policy attachment metadata. The constraint expression can then be evaluated at runtime of the policy subject to determine whether attachment of the policy to the policy subject should occur. If the evaluation indicates that the policy should be attached, the attached policy can be processed at the policy subject (e.g., enforced or advertised) as appropriate. Using these techniques, the policy subject can be configured to dynamically exhibit different behaviors based on its runtime context. | 04-04-2013 |
20140109195 | PROPAGATING SECURITY IDENTITY INFORMATION TO COMPONENTS OF A COMPOSITE APPLICATION - Various methods and systems for propagating identity information in a composite application are presented. State data of a composite application, as executed for a particular entity, may be transferred to and stored by a computer-readable storage medium. The state data may include a portion of a set of subject information linked with the entity. A security attribute of the subject may not be present in the portion of the set of subject information in the state data transferred to the non-transitory computer-readable storage medium. After a period of time, such as an hour or a day, the state data of the composite application as executed for the entity may be retrieved and the security attribute of the set of subject information linked with the entity may be determined The composite application may then continue to be executed for the entity. | 04-17-2014 |
20140129706 | IDENTIFYING COMPATIBLE WEB SERVICE POLICIES - Methods, systems, and devices are described for identifying compatible web service policies between a web service and a web service client. A first and second set of one or more identifiers linked to web service policies supported by the web service and web service client may be calculated, respectively. The sets of identifiers may be compared. Using the comparison, a number of common identifiers present in the first set of one or more identifiers linked to the web service policies supported by the web service and the second set of one or more identifiers linked to the web service policies supported by the web service client may be identified. Using the number of common identifiers, a web service policy of the web service compatible with a web service policy of the web service client may be identified. | 05-08-2014 |