Security system for event based middleware
First Claim
1. A system for providing security for messages between users on a computer network, the system comprising:
- means for associating a security policy to any of a plurality of previously defined subjects, wherein said subjects are not the users;
means for assigning said messages to said subjects; and
a broker to identify and authorize said users and to enforce said security policies as said messages are communicated between said users in said network.
13 Assignments
0 Petitions
Accused Products
Abstract
A security system (10) for users (50) to employ applications (12) as either publishing applications (24) or subscribing applications (26), for communicating messages (16) on computer networks. Each application (12) includes a client (28) which obtains from the user (50) a user ID (52) and a password (54), for authentication to a broker (30). The messages (16) are each assigned a subject (18) having a security policy (20), which includes an access control list (70) and a quality of protection (72). The access control list (70) may specify who may publish, who may subscribe, and who may ask for guaranteed delivery of messages (16) on the associated subject (18). Similarly, the quality of protection (72) may specify whether such messages (16) are privacy, integrity, or nonrepudiation protected, and whether they are to be audited. The broker (30) then employs the security policy (20) to control publishing and subscribing of the messages (16) and to provide the requested security protections.
-
Citations
26 Claims
-
1. A system for providing security for messages between users on a computer network, the system comprising:
-
means for associating a security policy to any of a plurality of previously defined subjects, wherein said subjects are not the users; means for assigning said messages to said subjects; and a broker to identify and authorize said users and to enforce said security policies as said messages are communicated between said users in said network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of providing security for messages between users of a computer network, the steps comprising:
-
defining subjects for said messages, wherein said subjects are not the users; associating a security policy with each said subject; identifying and authenticating said users to a broker; and enforcing said security policy with said broker automatically as said messages are communicated between said users in said network. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
Specification