Checking the security of web services configurations
First Claim
Patent Images
1. A computer-implemented method comprising:
- translating detailed security policies into a model, the detailed security policies being enforced during exchange of messages between one or more endpoints, the one or more endpoints hosting respective principals networked in a distributed operating environment; and
evaluating the model to determine if the detailed security policies enforce one or more security goals of at least one of the one or more endpoints.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for checking security goals of a distributed system are described. In one aspect, detailed security policies are converted into a model. The detailed security policies are enforced during exchange of messages between one or more endpoints. The one or more endpoints host respective principals networked in a distributed operating environment. The model is evaluated to determine if the detailed security policies enforce one or more security goals of at least one of the one or more endpoints.
71 Citations
20 Claims
-
1. A computer-implemented method comprising:
-
translating detailed security policies into a model, the detailed security policies being enforced during exchange of messages between one or more endpoints, the one or more endpoints hosting respective principals networked in a distributed operating environment; and
evaluating the model to determine if the detailed security policies enforce one or more security goals of at least one of the one or more endpoints. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A computer-readable medium comprising computer-program instructions executable by a processor for:
-
converting detailed security policies into a model, the detailed security policies being enforced during exchange of messages between one or more endpoints, the one or more endpoints hosting respective principals networked in a distributed operating environment; and
evaluating the model to determine if the detailed security policies enforce one or more security goals of at least one of the one or more endpoints. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A computer-implemented method comprising:
-
querying detailed security policies with one or more of a schema checking or identifier scoping query, an endpoint configuration setting query, a policy dispatch query, an individual policy query, a policy compatibility query, or a custom query, the security policies associated with exchange of message(s) between one or more endpoints hosting respective principals networked in a distributed operating environment; and
responsive to the querying, generating a positive or a negative security report. - View Dependent Claims (19, 20)
-
Specification