Virtual distributed security system
First Claim
Patent Images
1. A distributed security system comprising:
- a security policy written in a security policy language; and
a least one computer device that processes data in accordance with the security policy.
2 Assignments
0 Petitions
Accused Products
Abstract
A distributed security system is provided. The distributed security system uses a security policy that is written in a policy language that is transport and security protocol independent as well as independent of cryptographic technologies. This security policy can be expressed using the language to create different security components allowing for greater scalability and flexibility. By abstracting underlying protocols and technologies, multiple environments and platforms can be supported.
195 Citations
32 Claims
-
1. A distributed security system comprising:
-
a security policy written in a security policy language; and
a least one computer device that processes data in accordance with the security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method of delegating security credentials, the method including:
-
providing to a second party a first license issued to a first party; and
providing to the second party a second license that allows the second party to use the first license. - View Dependent Claims (23, 24)
-
-
25. A method of transmitting a message between a first party and a second party, the method including:
-
receiving from the first party a message addressed to the second party, wherein the message is transported with a first transport and formatted in accordance with a first protocol;
determining a transport and protocol required by the second party from a security policy; and
transmitting the message to the second party using the transport and protocol required by the second party.
-
-
26. A method of transmitting a secure message between a first party and a second party, the method including:
-
formatting the message with a markup language; and
inserting a security credential into a header of the message. - View Dependent Claims (27, 28, 29)
-
-
30. A method of defining a security arrangement between entities of a distributed computing system, the method including:
-
identifying a portion of a first security policy written in a first security policy language;
identifying a portion of a second security policy written in a second security policy language; and
processesing data in accordance with the portion of the first security policy and the portion of the second security policy. - View Dependent Claims (31, 32)
-
Specification