Enhanced security and processing for web service business transactions

US 7,337,148 B2
Filed: 10/21/2003
Issued: 02/26/2008
Est. Priority Date: 10/21/2003
Status: Active Grant

First Claim

Patent Images

1. A method for conducting a business transaction over a network, the method comprising the computer-implemented steps of:

specifying, in a publicly-available description of a web service that is provided by a first party, that at least some communications to said web service are to include trading partner information;

receiving, by said first party, a request for said web service;

wherein said request was constructed, based on said description, to include particular trading partner information associated with business transactions between said first party and a second party;

wherein said particular trading partner information includes identification of said second party as a trading partner of said first party;

based on said particular trading partner information, determining whether said second party is an established trading partner of said first party;

if it is determined that said second party is an established trading partner of said first party, then based on said particular trading partner information, retrieving information about one or more agreements that govern business transactions between said first party and said second party; and

servicing said request for said web service according to one or more of said agreements.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A technique is described in which a web service provider is able to specify that messages related to business transactions with the web service includes trading partner information. For example, a provider may specify such requirements in a WSDL description of the relevant web service and may register the description with a UDDI registry. The trading partner information is regarding business transactions between the requesting party and the provider and is related to pre-established trading partner relationships and associated agreements and processes. Such trading partner information typically includes information that identifies, for example, the requesting party and the type of transaction. Consequently, the provider can determine whether the received request originates from an established trading partner and whether the requesting party is entitled to conduct the requested business transaction. Hence, application-level security is provided to electronic business transactions. Furthermore, enhanced processing of the business transaction results from being able to access, based on the received trading partner information, more elaborate data models associated with electronic transaction processes established between the trading partners.

Citations

40 Claims

1. A method for conducting a business transaction over a network, the method comprising the computer-implemented steps of:
- specifying, in a publicly-available description of a web service that is provided by a first party, that at least some communications to said web service are to include trading partner information;
  
  receiving, by said first party, a request for said web service;
  
  wherein said request was constructed, based on said description, to include particular trading partner information associated with business transactions between said first party and a second party;
  
  wherein said particular trading partner information includes identification of said second party as a trading partner of said first party;
  
  based on said particular trading partner information, determining whether said second party is an established trading partner of said first party;
  
  if it is determined that said second party is an established trading partner of said first party, then based on said particular trading partner information, retrieving information about one or more agreements that govern business transactions between said first party and said second party; and
  
  servicing said request for said web service according to one or more of said agreements.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 2. The method of claim 1, further comprising the computer-implemented steps of:
    - based on at least a portion of said particular trading partner information, determining whether said second party is an established trading partner of said first party; and
      
      if it is determined that said second party is an established trading partner of said first party, then accessing, based on said particular trading partner information, information about said second party.
  - 3. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 2.
  - 4. The method of claim 1, further comprising the computer-implemented steps of:
    - based on at least a portion of said particular trading partner information, determining whether said second party is an established trading partner of said first party;
      
      based on at least a portion of said particular trading partner information, determining whether said second party is entitled to conduct said business transaction; and
      
      if it is determined that said second party is an established trading partner of said first party and that said second party is entitled to conduct said business transaction, then accessing, based on said particular trading partner information, information about said second party.
  - 5. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 4.
  - 6. The method of claim 1, further comprising the computer-implemented steps of:
    - based on at least a portion of said particular trading partner information, determining whether said second party is an established trading partner of said first party; and
      
      if it is determined that said second party is an established trading partner of said first party, thenaccessing, based on said particular trading partner information, information about one or more agreements between said first party and said second party, wherein said agreements are associated with business processes between said first party and said second party, andservicing said request for said web service according to one or more of said agreements.
  - 7. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 6.
  - 8. The method of claim 1, wherein said description of said web service is represented in Web Services Description Language (WSDL).
  - 9. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 8.
  - 10. The method of claim 1, wherein said description of said web service is registered in a Universal Description, Discovery and Integration (UDDI) registry that is available to the public.
  - 11. The method of claim 10, wherein said request was constructed based on information obtained by accessing said description from said registry and interpreting said description.
  - 12. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 11.
  - 13. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 10.
  - 14. The method of claim 1, wherein said particular trading partner information is received in a SOAP message.
  - 15. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 14.
  - 16. The method of claim 1, wherein said particular trading partner information includes identification of a physical site that is associated with said second party from which said request is received.
  - 17. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 16.
  - 18. The method of claim 1, wherein said particular trading partner information includes identification of a type of party that characterizes said second party.
  - 19. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 18.
  - 20. The method of claim 1, wherein said particular trading partner information includes identification of a business purpose that is associated with said request.
  - 21. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 20.
  - 22. The method of claim 1, wherein said particular trading partner information includes a username and a password that are used by said first party to authenticate said second party as an established trading partner of said first party.
  - 23. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 22.
  - 24. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 1.
  - 25. The method of claim 1, wherein said publicly-available description of said web service specifies requirements for becoming a trading partner of said first party.

26. A method for conducting a business-to-business transaction over a network using SOAP messaging, in which a first legacy application that is not designed to communicate with web services and that is associated with a first party communicates with a second application that is associated with a second party, the method comprising the computer-implemented steps of:
- specifying in a publicly-available description of a web service, that at least some XML documents that are transmitted to said first legacy application as part of web service exchanges, are to include specific trading partner information;
  
  receiving in a SOAP-based message from said second application, by said first legacy application, an XML document that is associated with a business-to-business transaction between said first party and said second party;
  
  wherein said XML document was constructed, based on said description, to include identification of said second party as a trading partner of said first party;
  
  based on said particular trading partner information, determining whether said second party is an established trading partner of said first party;
  
  if it is determined that said second party is an established trading partner of said first party, then based on said particular trading partner information, retrieving information about agreements that govern business transactions between said first party and said second party; and
  
  servicing, by said first legacy application, said business-to-business transaction according to one or more of said agreements.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
- - 27. The method of claim 26, wherein said XML document received from said second application includes particular trading partner information, the method further comprising the computer-implemented steps of:
    - based on at least a portion of said particular trading partner information that is included in said XML document, accessing information about one or more processes used for business transactions between said first party and said second party; and
      
      replying, by said first legacy application, to said second application in response to said XML document and according to a process of the one or more processes.
  - 28. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 27.
  - 29. The method of claim 26, wherein said second application is a legacy application that is not designed to communicate with web services.
  - 30. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 29.
  - 31. The method of claim 26, wherein said description of said web service is represented in Web Services Description Language (WSDL).
  - 32. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 31.
  - 33. The method of claim 26, wherein said description of said web service is registered in a Universal Description, Discovery and Integration (UDDI) registry that is available to the public.
  - 34. The method of claim 33, wherein said XML document was constructed based on information obtained by accessing said description from said registry and interpreting said description.
  - 35. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 34.
  - 36. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 26.
  - 37. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 33.
  - 38. The method of claim 26, wherein said publicly-available description of said web service specifies requirements for becoming a trading partner of said first party.

39. A method for conducting a business transaction over a network, the method comprising the computer-implemented steps of:
- accessing, by a second party, from a publicly-available Universal Description, Discovery and Integration (UDDI) registry, a description of a web service that is provided by a first party, wherein said description includes a requirement that at least one communication to said web service is to include trading partner information;
  
  determining from said description, by said second party, that at least one communication to said web service is to include trading partner information;
  
  constructing, based on said description, a message to said web service that includes particular trading partner information according to said requirement;
  
  wherein said particular trading partner information includes identification of said second party as a trading partner of said first party; and
  
  transmitting said message to said web service to allow said web service to;
  
  determine, based on said particular trading partner information, whether said second party is an established trading partner of said first party;
  
  if it is determined that said second party is an established trading partner of said first party, then based on said particular trading partner information, retrieve information about one or more agreements that govern business transactions between said first party and said second party; and
  
  service a request for said web service according to one or more of said agreements.
- View Dependent Claims (40)
- - 40. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform the method recited in claim 39.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Xie, Nan, Singh, Vebhhav
Primary Examiner(s)
ELISCA, PIERRE E

Application Number

US10/691,149
Publication Number

US 20050086178A1
Time in Patent Office

1,589 Days
Field of Search

705/80, 705/1
US Class Current

705/80
CPC Class Codes

G06Q 30/06 Buying, selling or leasing ...

G06Q 50/188 Electronic negotiation

Enhanced security and processing for web service business transactions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

40 Claims

Specification

Solutions

Use Cases

Quick Links

Enhanced security and processing for web service business transactions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

40 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links