Method and appliance for XML policy matching
First Claim
Patent Images
1. A method of enforcing application-layer policies to application layer formatted documents, each policy defining a rule and an action, comprising:
- a) distinctly storing simple policies and complex policies applicable to the application layer formatted documents in a simple policies data structure and respectively a complex policies data structure;
b) parsing a document received as streaming application layer data in a hierarchical structure, for enabling evaluation of an object in the document;
c) simultaneously querying the simple and complex policies data structures to identify all policies corresponding to the object;
d) discontinue the query for that object in the simple and complex policies data structures once all simple and complex policies that match the object are identified; and
e) executing the actions defined by the simple and complex policies corresponding to the object.
12 Assignments
0 Petitions
Accused Products
Abstract
An XML matching engine and method are provided, where policy rules expressed using XPath/XQuery policies are matched to streaming XML documents. Two distinct data structures are used: a combined modified DFA data structure for storing simple XPath queries (no wildcards or descendents) and a modified AFilter structure for storing complex queries (with wildcards or/and descendents). As the matching engine receives XML tags from XML parser, matching is performed in both structures in parallel.
40 Citations
9 Claims
-
1. A method of enforcing application-layer policies to application layer formatted documents, each policy defining a rule and an action, comprising:
-
a) distinctly storing simple policies and complex policies applicable to the application layer formatted documents in a simple policies data structure and respectively a complex policies data structure; b) parsing a document received as streaming application layer data in a hierarchical structure, for enabling evaluation of an object in the document; c) simultaneously querying the simple and complex policies data structures to identify all policies corresponding to the object; d) discontinue the query for that object in the simple and complex policies data structures once all simple and complex policies that match the object are identified; and e) executing the actions defined by the simple and complex policies corresponding to the object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for enforcing application-layer policies to XML documents, each policy defining a rule and an action, comprising:
-
a XML parser for parsing a XML document received as streaming XML data in a hierarchical structure to enable evaluation of an object in the XML document;
a simple policies data structure for storing XPath queries that do not use wildcard “
*” and
descendent “
//”
expressions;a complex policies data structure for storing XPath queries that use wildcard “
*” and
descendent “
//”
expressions;means for simultaneously querying the simple and complex policies data structures to identify all policies corresponding to the object; and means for executing the actions defined by the policies corresponding to the object identified in the data structures.
-
Specification