Method for detecting, monitoring, and controlling web services
First Claim
Patent Images
1. A method for providing security and monitoring, comprising the steps of:
- dynamically generating signatures;
passively scanning data packets in a network based on the signatures; and
processing structured data within the data packets.
1 Assignment
0 Petitions
Accused Products
Abstract
A method scans SOAP and/or XML messages over TCP/IP and performs detection, monitoring, validation, and/or prevention from a monitoring, compliance, security, or integrity perspective. The method achieves these goals through a combination of scanning SOAP and/or XML non-intrusively, without reliance on Web Service Definition Language (WSDL), and providing external enforcement. The combination of non-intrusiveness, WSDL-blindness, and external enforcement techniques truly provides a scalable and reliable deployment of Web Services at the enterprise level.
-
Citations
24 Claims
-
1. A method for providing security and monitoring, comprising the steps of:
-
dynamically generating signatures;
passively scanning data packets in a network based on the signatures; and
processing structured data within the data packets. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for providing security and monitoring, comprising the steps of:
-
passively scanning data packets in a network;
validating structured data in the data packets based on a schema; and
notifying an external enforcement point if the structured data fails validation. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A method for providing security and monitoring, comprising the steps of:
-
passively scanning data packets in a network, the data packets comprising interface definition of structured data; and
generating signatures based on the interface definition. - View Dependent Claims (17, 18, 19)
-
-
20. A method for providing security and monitoring, comprising the steps of:
-
communicating structured data to an application service via a network;
receiving response structured data from the application service; and
dynamically generating signatures based on the request and response structure data. - View Dependent Claims (21, 22, 23)
-
-
24. A method for providing security and monitoring, comprising the steps of:
-
dynamically generating signatures;
passively scanning data packets in a network based on the signatures;
providing statistics on structured data within the data packets;
validating structured data in the data packets based on a schema; and
notifying an external enforcement point if the structured data fails validation.
-
Specification