Application level security
First Claim
1. A method performed at a security service arbitrator, the method comprising:
- receiving a security tender comprising security requirements for an application;
searching for security services to fulfill the security requirements;
determining that the security services satisfy the security requirements; and
generating a security contract for the application, the security contract specifying how the application is to communicate with the security services.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques for providing application layer security may be facilitated by an arbitrator. In general, in one implementation, an arbitrator may receive a security tender including security requirements for an application, search for security services to fulfill the security requirements, determine whether discovered security services can satisfy the security requirements, and, if security services that can satisfy the security requirements exist, generate a security contract for the application, the security contract specifying how the application is to communicate with the security services that can satisfy the security requirements.
-
Citations
30 Claims
-
1. A method performed at a security service arbitrator, the method comprising:
-
receiving a security tender comprising security requirements for an application;
searching for security services to fulfill the security requirements;
determining that the security services satisfy the security requirements; and
generating a security contract for the application, the security contract specifying how the application is to communicate with the security services. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system comprising:
an arbitrator comprising;
a registrar operable to generate a security contract for an application in response to a security tender, the security tender comprising application security requirements, the security contract specifying how the application is to communicate with security services that can satisfy the security requirements; and
an administrator operable to determine whether the security contract is invalid. - View Dependent Claims (11, 12, 13, 14, 15)
-
16. An article comprising a machine-readable medium storing instructions operable to cause one or more machines to perform operations comprising:
-
determining whether a security tender has been received at an arbitrator, the security tender comprising security requirements for an application;
searching for security services to fulfill the security requirements;
determining that the security services satisfy the security requirements; and
generating a security contract for the application, the security contract specifying how the application is to communicate with the security services. - View Dependent Claims (17, 18, 19, 20, 21)
-
-
22. A method performed by an application, the method comprising:
-
generating a security tender, the security tender containing security requirements for the application; and
determining whether a security contract has been received, the contract specifying how the application is to communicate with security services that satisfy the security requirements. - View Dependent Claims (23, 24, 25)
-
-
26. An article comprising a machine-readable medium storing instructions operable to cause one or more machines to perform operations comprising:
-
generating a security tender at an application, the security tender containing security requirements for the application; and
determining whether a security contract has been received, the contract specifying how the application is to communicate with security services that satisfy the security requirements. - View Dependent Claims (27, 28, 29)
-
-
30. A system comprising:
-
an article comprising a machine-readable medium storing instructions operable to cause one or more machines to perform operations comprising;
generating a security tender, the security tender containing security requirements for the application, determining whether a security contract has been received, the contract specifying how the application is to communicate with security services that satisfy the security requirements, determining that communication is desired with a second application, contacting a security service based on a type of communication, communicating with the second application in accordance with the security service, determining whether the contract is still valid, and if the contract is not still valid, terminating communication with the second application; and
an arbitrator operable to;
receive the security tender, search for security services to fulfill the security requirements, the security requirements varying depending on application communication functions, determine that the security services satisfy the security requirements, generate the security contract, bind the contract with the application, receive remote security requirements from a remote arbitrator, determine that security services that can satisfy the remote security requirements exist, generate a message regarding the security services, generate a security contract for an application based on the security services that can satisfy the security requirements, monitor the security contract to determine whether it is still valid, and if the contract is not still valid, revoke the contract.
-
Specification