Application level security
First Claim
Patent Images
1. A method performed by a security service arbitrator, the method comprising:
- receiving a security tender comprising security requirements for an application, the security requirements specifying the application'"'"'s desired level of security;
searching for security services to fulfill the security requirements;
determining that the security services satisfy the security requirements;
generating a security contract for the application, the security contract specifying how the application is to communicate with the security services;
receiving remote security requirements from a remote security service arbitrator;
determining whether the security services satisfy the remote security requirements;
generating a message regarding the security services; and
generating a second security contract for an application based on the security services that satisfy the remote security requirements.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques for providing application layer security may be facilitated by an arbitrator. In general, in one implementation, an arbitrator may receive a security tender including security requirements for an application, search for security services to fulfill the security requirements, determine whether discovered security services can satisfy the security requirements, and, if security services that can satisfy the security requirements exist, generate a security contract for the application, the security contract specifying how the application is to communicate with the security services that can satisfy the security requirements.
25 Citations
18 Claims
-
1. A method performed by a security service arbitrator, the method comprising:
-
receiving a security tender comprising security requirements for an application, the security requirements specifying the application'"'"'s desired level of security; searching for security services to fulfill the security requirements; determining that the security services satisfy the security requirements; generating a security contract for the application, the security contract specifying how the application is to communicate with the security services; receiving remote security requirements from a remote security service arbitrator; determining whether the security services satisfy the remote security requirements; generating a message regarding the security services; and generating a second security contract for an application based on the security services that satisfy the remote security requirements. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
an arbitrator comprising; a registrar operable to generate a security contract for an application in response to a security tender, the security tender comprising application security requirements specifying the application'"'"'s desired level of security; the security contract specifying how the application is to communicate with security services that can satisfy the security requirements; an administrator operable to determine whether the security contract is invalid; and a negotiator operable to; receive remote security requirements from a remote security service arbitrator; determine whether security services satisfy the remote security requirements; generate a message regarding the security services; and generate a second security contract for an application based on the security services that satisfy the remote security requirements. - View Dependent Claims (9, 10, 11, 12)
-
13. An article comprising a physical machine-readable medium storing instructions operable to cause one or more machines to perform operations comprising:
-
determining whether a security tender has been received at an arbitrator, the security tender comprising security requirements for an application, the security requirements specifying the application'"'"'s desired level of security; searching for security services to fulfill the security requirements; determining that the security services satisfy the security requirements; generating a security contract for the application, the security contract specifying how the application is to communicate with the security services; determining whether remote security requirements from a remote security service arbitrator have been received at the arbitrator; determining whether security services satisfy the remote security requirements; generating a message regarding the security services; and generating a second security contract for an application based on the security services that satisfy the remote security requirements. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A system comprising:
-
an article comprising a physical machine-readable medium storing instructions operable to cause one or more machines to perform operations comprising; generating a security tender, the security tender containing security requirements for the application, the security requirements specifying the application'"'"'s desired level of security, determining whether a security contract has been received, the contract specifying how the application is to communicate with security services that satisfy the security requirements, determining that communication is desired with a second application, contacting a security service based on a type of communication, communicating with the second application in accordance with the security service, determining whether the contract is still valid, and if the contract is not still valid, terminating communication with the second application; and an arbitrator operable to; receive the security tender, search for security services to fulfill the security requirements, the security requirements varying depending on application communication functions, determine that the security services satisfy the security requirements, generate the security contract, bind the contract with the application, receive remote security requirements from a remote arbitrator, determine that security services that can satisfy the remote security requirements exist, generate a message regarding the security services, generate a security contract for an application based on the security services that can satisfy the security requirements, monitor the security contract to determine whether it is still valid, and if the contract is not still valid, revoke the contract.
-
Specification