Instrumentation and monitoring of service level agreement (SLA) and service policy enforcement

US 10,263,857 B2
Filed: 05/05/2016
Issued: 04/16/2019
Est. Priority Date: 02/12/2013
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

capturing, from a policy registry via a processor within a runtime policy correlation data structure, source policy identification information of a registry service policy that comprises a source policy identifier (ID), a source policy name, and a source policy uniform resource locator (URL);

correlating, within the runtime policy correlation data structure using a source policy reference key, the captured source policy identification information with configured runtime policy enforcement processing rules and processing actions established during policy binding at a policy enforcement point (PEP) that cause the PEP to enforce runtime provisions of the registry service policy;

capturing per-transaction service policy enforcement information that documents which configured runtime policy enforcement activities are performed by the PEP on individual transactions;

correlating, within a per-transaction service data table, the captured per-transaction service policy enforcement information with the captured source policy identification information using the source policy reference key;

receiving a query from a policy monitoring point (PMP) for the correlated per-transaction service policy enforcement information of at least one transaction; and

providing the correlated per-transaction service policy enforcement information of the at least one transaction from the per-transaction service data table in response to the query from the PMP.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Source policy identification information of a registry service policy is captured. The source policy identification information includes a source policy identifier (ID), a source policy name, and a source policy uniform resource locator (URL). The captured source policy identification information is correlated with configured policy enforcement processing rules and processing actions using a source policy reference key. Per-transaction service policy enforcement information that documents policy enforcement activities performed by a policy enforcement point (PEP) is captured. The captured per-transaction service policy enforcement information is correlated with the captured source policy identification information using the source policy reference key.

Citations

17 Claims

1. A method, comprising:
- capturing, from a policy registry via a processor within a runtime policy correlation data structure, source policy identification information of a registry service policy that comprises a source policy identifier (ID), a source policy name, and a source policy uniform resource locator (URL);
  
  correlating, within the runtime policy correlation data structure using a source policy reference key, the captured source policy identification information with configured runtime policy enforcement processing rules and processing actions established during policy binding at a policy enforcement point (PEP) that cause the PEP to enforce runtime provisions of the registry service policy;
  
  capturing per-transaction service policy enforcement information that documents which configured runtime policy enforcement activities are performed by the PEP on individual transactions;
  
  correlating, within a per-transaction service data table, the captured per-transaction service policy enforcement information with the captured source policy identification information using the source policy reference key;
  
  receiving a query from a policy monitoring point (PMP) for the correlated per-transaction service policy enforcement information of at least one transaction; and
  
  providing the correlated per-transaction service policy enforcement information of the at least one transaction from the per-transaction service data table in response to the query from the PMP.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, where correlating, within the runtime policy correlation data structure using the source policy reference key, the captured source policy identification information with the configured runtime policy enforcement processing rules and processing actions comprises:
    - compiling an abstract syntax tree (AST) representation of the registry service policy;
      
      recursively traversing the AST representation to identify policy assertions within the AST representation of the registry service policy while adding PEP monitoring instrumentation that facilitates the per-transaction capture of the service policy enforcement information; and
      
      mapping the identified policy assertions within the AST representation of the registry service policy to the captured source policy identification information within the runtime policy correlation data structure to facilitate the correlation of the captured per-transaction service policy enforcement information with the captured source policy identification information using the source policy reference key.
  - 3. The method of claim 2, where mapping the identified policy assertions within the AST representation of the registry service policy to the captured source policy identification information within the runtime policy correlation data structure comprises:
    - creating the configured runtime policy enforcement processing rules and processing actions from the AST representation of the registry service policy; and
      
      storing, during policy normalization to correlate the configured runtime policy enforcement processing rules and processing actions with the registry service policy, identifiers of the configured runtime policy enforcement processing rules and processing actions with the source policy identification information as an entry within the runtime policy correlation data structure, where the entry is indexed using the source policy reference key.
  - 4. The method of claim 1, where capturing the per-transaction service policy enforcement information that documents which configured runtime policy enforcement activities are performed by the PEP on individual transactions comprises:
    - on a per-transaction basis;
      
      capturing performed runtime policy enforcement processing rules and processing actions; and
      
      storing the source policy reference key and mediation enforcement metrics associated with the captured runtime policy enforcement processing rules and processing actions, where the mediation enforcement metrics comprise indications of the captured runtime policy enforcement processing rules and processing actions.
  - 5. The method of claim 4, where storing the source policy reference key and the mediation enforcement metrics comprises storing the source policy reference key and the mediation enforcement metrics within the per-transaction service data table.
  - 6. The method of claim 1, where correlating, within the per-transaction service data table, the captured per-transaction service policy enforcement information with the captured source policy identification information using the source policy reference key comprises adding an entry for each transaction within a policy enforcement data model.

7. A system, comprising:
- a memory; and
  
  a processor programmed to;
  
  capture, from a policy registry within a runtime policy correlation data structure stored in the memory, source policy identification information of a registry service policy that comprises a source policy identifier (ID), a source policy name, and a source policy uniform resource locator (URL);
  
  correlate, within the runtime policy correlation data structure using a source policy reference key, the captured source policy identification information with configured runtime policy enforcement processing rules and processing actions established during policy binding at a policy enforcement point (PEP) that cause the PEP to enforce runtime provisions of the registry service policy;
  
  capture per-transaction service policy enforcement information that documents which configured runtime policy enforcement activities are performed by the PEP on individual transactions;
  
  correlate, within a per-transaction service data table stored in the memory, the captured per-transaction service policy enforcement information with the captured source policy identification information within the memory using the source policy reference key;
  
  receive a query from a policy monitoring point (PMP) for the correlated per-transaction service policy enforcement information of at least one transaction; and
  
  provide the correlated per-transaction service policy enforcement information of the at least one transaction from the per-transaction service data table in response to the query from the PMP.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The system of claim 7, where in being programmed to correlate within the runtime policy correlation data structure using the source policy reference key, the captured source policy identification information with the configured runtime policy enforcement processing rules and processing actions, the processor is programmed to:
    - compile an abstract syntax tree (AST) representation of the registry service policy;
      
      recursively traverse the AST representation to identify policy assertions within the AST representation of the registry service policy while adding PEP monitoring instrumentation that facilitates the per-transaction capture of the service policy enforcement information; and
      
      map the identified policy assertions within the AST representation of the registry service policy to the captured source policy identification information within the runtime policy correlation data structure to facilitate the correlation of the captured per-transaction service policy enforcement information with the captured source policy identification information using the source policy reference key.
  - 9. The system of claim 8, where in being programmed to map the identified policy assertions within the AST representation of the registry service policy to the captured source policy identification information within the shared runtime policy correlation data structure, the processor is programmed to:
    - create the configured runtime policy enforcement processing rules and processing actions from the AST representation of the registry service policy; and
      
      store, during policy normalization to correlate the configured runtime policy enforcement processing rules and processing actions with the registry service policy, identifiers of the configured runtime policy enforcement processing rules and processing actions with the source policy identification information as an entry within the runtime policy correlation data structure, where the entry is indexed using the source policy reference key.
  - 10. The system of claim 7, where in being programmed to capture the per-transaction service policy enforcement information that documents which configured runtime policy enforcement activities are performed by the PEP on the individual transactions, the processor is programmed to:
    - on a per-transaction basis;
      
      capture performed runtime policy enforcement processing rules and processing actions; and
      
      store the source policy reference key and mediation enforcement metrics associated with the captured runtime policy enforcement processing rules and processing actions within the per-transaction service data table, where the mediation enforcement metrics comprise indications of the captured runtime policy enforcement processing rules and processing actions.
  - 11. The system of claim 7, where in being programmed to correlate within the per-transaction service data table, the captured per-transaction service policy enforcement information with the captured source policy identification information within the memory using the source policy reference key, the processor is programmed to add an entry for each transaction within a policy enforcement data model.

12. A computer program product, comprising:
- a computer readable memory device having computer readable program code embodied therewith, where the computer readable program code when executed on a computer causes the computer to;
  
  capture, from a policy registry within a runtime policy correlation data structure, source policy identification information of a registry service policy that comprises a source policy identifier (ID), a source policy name, and a source policy uniform resource locator (URL);
  
  correlate, within the runtime policy correlation data structure using a source policy reference key, the captured source policy identification information with configured runtime policy enforcement processing rules and processing actions established during policy binding at a policy enforcement point (PEP) that cause the PEP to enforce runtime provisions of the registry service policy;
  
  capture per-transaction service policy enforcement information that documents which configured runtime policy enforcement activities are performed by the PEP on individual transactions;
  
  correlate, within a per-transaction service data table, the captured per-transaction service policy enforcement information with the captured source policy identification information using the source policy reference key;
  
  receive a query from a policy monitoring point (PMP) for the correlated per-transaction service policy enforcement information of at least one transaction; and
  
  provide the correlated per-transaction service policy enforcement information of the at least one transaction from the per-transaction service data table in response to the query from the PMP.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The computer program product of claim 12, where in causing the computer to correlate, within the runtime policy correlation data structure using the source policy reference key, the captured source policy identification information with the configured runtime policy enforcement processing rules and processing actions, the computer readable program code when executed on the computer causes the computer to:
    - compile an abstract syntax tree (AST) representation of the registry service policy;
      
      recursively traverse the AST representation to identify policy assertions within the AST representation of the registry service policy while adding PEP monitoring instrumentation that facilitates the per-transaction capture of the service policy enforcement information; and
      
      map the identified policy assertions within the AST representation of the registry service policy to the captured source policy identification information within the runtime policy correlation data structure to facilitate the correlation of the captured per-transaction service policy enforcement information with the captured source policy identification information using the source policy reference key.
  - 14. The computer program product of claim 13, where in causing the computer to map the identified policy assertions within the AST representation of the registry service policy to the captured source policy identification information within the runtime policy correlation data structure, the computer readable program code when executed on the computer causes the computer to:
    - create the configured runtime policy enforcement processing rules and processing actions from the AST representation of the registry service policy; and
      
      store, during policy normalization to correlate the configured runtime policy enforcement processing rules and processing actions with the registry service policy, identifiers of the configured runtime policy enforcement processing rules and processing actions with the source policy identification information as an entry within the runtime policy correlation data structure, where the entry is indexed using the source policy reference key.
  - 15. The computer program product of claim 12, where in causing the computer to capture the per-transaction service policy enforcement information that documents which configured runtime policy enforcement activities are performed by the PEP on the individual transactions, the computer readable program code when executed on the computer causes the computer to:
    - on a per-transaction basis;
      
      capture performed runtime policy enforcement processing rules and processing actions; and
      
      store the source policy reference key and mediation enforcement metrics associated with the captured runtime policy enforcement processing rules and processing actions, where the mediation enforcement metrics comprise indications of the captured runtime policy enforcement processing rules and processing actions.
  - 16. The computer program product of claim 15, where in causing the computer to store the source policy reference key and the mediation enforcement metrics, the computer readable program code when executed on the computer causes the computer to store the source policy reference key and the mediation enforcement metrics within the per-transaction service data table.
  - 17. The computer program product of claim 12, where in causing the computer to correlate, within the per-transaction service data table, the captured per-transaction service policy enforcement information with the captured source policy identification information using the source policy reference key, the computer readable program code when executed on the computer causes the computer to add an entry for each transaction within a policy enforcement data model.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Burke, Thomas C., De Armas, Mario E., Gago, Oswaldo, Muralidharan, Srinivasan, Shah, Gaurang, Smith, Maria E.
Primary Examiner(s)
Srivastava, Vivek
Assistant Examiner(s)
Bukhari, Sibte

Application Number

US15/147,760
Publication Number

US 20160248639A1
Time in Patent Office

1,076 Days
Field of Search

709203
US Class Current
CPC Class Codes

H04L 41/5019   Ensuring fulfilment of SLA

H04L 41/5029   Service quality level-based...

H04L 41/5032   Generating service level re...

H04L 63/20   for managing network securi...

Instrumentation and monitoring of service level agreement (SLA) and service policy enforcement

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Instrumentation and monitoring of service level agreement (SLA) and service policy enforcement

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links