Security provider development model

US 20050097351A1
Filed: 10/08/2004
Published: 05/05/2005
Est. Priority Date: 10/10/2003
Status: Active Grant

First Claim

Patent Images

1. A method for providing a security provider for a client, said method comprising:

providing a service provider interface that is compatible with a security framework layer;

providing one or more services wherein the one or more services include at least one of;

authentication, authorization, auditing, role mapping and credential mapping;

exposing the one or more services through the service provider interface; and

wherein the framework layer exposes the one or more services to an application program interface.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for providing a security provider for a client, said method comprising, providing a service provider interface that is compatible with a security framework layer providing one or more services wherein the one or more services include at least one of, authentication, authorization, auditing, role mapping and credential mapping exposing the one or more services through the service provider interface and wherein the framework layer exposes the one or more services to an application program interface.

107 Citations

View as Search Results

23 Claims

1. A method for providing a security provider for a client, said method comprising:
- providing a service provider interface that is compatible with a security framework layer;
  
  providing one or more services wherein the one or more services include at least one of;
  
  authentication, authorization, auditing, role mapping and credential mapping;
  
  exposing the one or more services through the service provider interface; and
  
  wherein the framework layer exposes the one or more services to an application program interface.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - providing a configuration schema for the security provider.
  - 3. The method of claim 1, further comprising:
    - integrating the security provider into the client at run-time.
  - 4. The method of claim 1 wherein:
    - the security provider is capable of receiving configuration information at run-time.
  - 5. The method of claim 1 wherein:
    - the service provider interface can include one or more of;
      
      a programmatic interface, a protocol, and a mechanism for exchanging messages.
  - 6. The method of claim 1 wherein:
    - the application program interface can include one or more of;
      
      a programmatic interface, a protocol, and a mechanism for exchanging messages.
  - 7. The method of claim 1 wherein:
    - the security provider is capable of executing as part of;
      
           1) a web application server;
      
           2) an application;
      
           3) a network firewall;
      
           4) a web server;
      
           5) a data store; and
      
           6) an operating system.
  - 8. The method of claim 1 wherein:
    - the security provider is capable of interacting with the client; and
      
      wherein the client is capable of integrating a plurality of security providers each of which implement a security provider interface.

9. A method for providing a security provider, said method comprising:
- providing a security service provider interface that is compatible with a framework layer;
  
  providing one or more services wherein the one or more services include at least one of;
  
  authentication, authorization, auditing, role mapping and credential mapping;
  
  exposing the one or more services through the service provider interface;
  
  wherein the framework layer exposes the one or more services to an application program interface; and
  
  wherein the security provider can be dynamically integrated into a security service module.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The method of claim 9, further comprising:
    - providing a configuration schema for the security provider.
  - 11. The method of claim 9 wherein:
    - the security provider is capable of receiving configuration information at run-time.
  - 12. The method of claim 9 wherein:
    - the service provider interface can include one or more of;
      
      a programmatic interface, a protocol, and a mechanism for exchanging messages.
  - 13. The method of claim 9 wherein:
    - the application program interface can include one or more of;
      
      a programmatic interface, a protocol, and a mechanism for exchanging messages.
  - 14. The method of claim 9 wherein:
    - the security provider is capable of executing as part of;
      
           1) a web application server;
      
           2) an application;
      
           3) a network firewall;
      
           4) a web server;
      
           5) a data store; and
      
           6) an operating system.
  - 15. The method of claim 9 wherein:
    - the security provider is capable of interacting with the security service module; and
      
      wherein the security service module is capable of integrating a plurality of security providers each of which implement a service provider interface.

16. A machine readable medium having instructions stored thereon to cause a system to:
- provide a service provider interface that is compatible with a security framework layer;
  
  provide one or more services wherein the one or more services include at least one of;
  
  authentication, authorization, auditing, role mapping and credential mapping;
  
  expose the one or more services through the service provider interface; and
  
  wherein the framework layer exposes the one or more services to an application program interface.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
- - 17. The machine readable medium of claim 16, further comprising instructions stored thereon that cause the system to:
    - provide a configuration schema for the security provider.
  - 18. The machine readable medium of claim 16, further comprising instructions stored thereon that cause the system to:
    - integrate the security provider into the client at run-time.
  - 19. The machine readable medium of claim 16 wherein:
    - the security provider is capable of receiving configuration information at run-time.
  - 20. The machine readable medium of claim 16 wherein:
    - the service provider interface can include one or more of;
      
      a programmatic interface, a protocol, and a mechanism for exchanging messages.
  - 21. The machine readable medium of claim 16 wherein:
    - the application program interface can include one or more of;
      
      a programmatic interface, a protocol, and a mechanism for exchanging messages.
  - 22. The machine readable medium of claim 16 wherein:
    - the security provider is capable of executing as part of;
      
           1) a web application server;
      
           2) an application;
      
           3) a network firewall;
      
           4) a web server;
      
           5) a data store; and
      
           6) an operating system.
  - 23. The machine readable medium of claim 16 wherein:
    - the security provider is capable of interacting with the client; and
      
      wherein the client is capable of integrating a plurality of security providers each of which implement a security provider interface.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
BEA Systems Incorporated (Oracle Corporation)
Inventors
Xu, Mingde, Byrne, David, Howes, Jason, Patrick, Paul, Riendeau, Richard J., Yagen, Kenneth D., Falco, Mark A.

Granted Patent

US 7,603,548 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/29
CPC Class Codes

G06F 21/6218   to a system of files or obj...

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

Security provider development model

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

107 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Security provider development model

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

107 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links