Enhanced security and processing for web service business transactions
First Claim
1. A method for conducting a business transaction over a network, the method comprising the computer-implemented steps of:
- specifying, in a publicly-available description of a web service that is provided by a first party, that at least some communications to said web service are to include trading partner information;
receiving, by said first party, a request for said web service;
wherein said request was constructed, based on said description, to include particular trading partner information associated with business transactions between said first party and a second party;
wherein said particular trading partner information includes identification of said second party as a trading partner of said first party;
based on said particular trading partner information, determining whether said second party is an established trading partner of said first party;
if it is determined that said second party is an established trading partner of said first party, then based on said particular trading partner information, retrieving information about one or more agreements that govern business transactions between said first party and said second party; and
servicing said request for said web service according to one or more of said agreements.
1 Assignment
0 Petitions
Accused Products
Abstract
A technique is described in which a web service provider is able to specify that messages related to business transactions with the web service includes trading partner information. For example, a provider may specify such requirements in a WSDL description of the relevant web service and may register the description with a UDDI registry. The trading partner information is regarding business transactions between the requesting party and the provider and is related to pre-established trading partner relationships and associated agreements and processes. Such trading partner information typically includes information that identifies, for example, the requesting party and the type of transaction. Consequently, the provider can determine whether the received request originates from an established trading partner and whether the requesting party is entitled to conduct the requested business transaction. Hence, application-level security is provided to electronic business transactions. Furthermore, enhanced processing of the business transaction results from being able to access, based on the received trading partner information, more elaborate data models associated with electronic transaction processes established between the trading partners.
-
Citations
40 Claims
-
1. A method for conducting a business transaction over a network, the method comprising the computer-implemented steps of:
-
specifying, in a publicly-available description of a web service that is provided by a first party, that at least some communications to said web service are to include trading partner information; receiving, by said first party, a request for said web service; wherein said request was constructed, based on said description, to include particular trading partner information associated with business transactions between said first party and a second party; wherein said particular trading partner information includes identification of said second party as a trading partner of said first party; based on said particular trading partner information, determining whether said second party is an established trading partner of said first party; if it is determined that said second party is an established trading partner of said first party, then based on said particular trading partner information, retrieving information about one or more agreements that govern business transactions between said first party and said second party; and servicing said request for said web service according to one or more of said agreements. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method for conducting a business-to-business transaction over a network using SOAP messaging, in which a first legacy application that is not designed to communicate with web services and that is associated with a first party communicates with a second application that is associated with a second party, the method comprising the computer-implemented steps of:
-
specifying in a publicly-available description of a web service, that at least some XML documents that are transmitted to said first legacy application as part of web service exchanges, are to include specific trading partner information; receiving in a SOAP-based message from said second application, by said first legacy application, an XML document that is associated with a business-to-business transaction between said first party and said second party; wherein said XML document was constructed, based on said description, to include identification of said second party as a trading partner of said first party; based on said particular trading partner information, determining whether said second party is an established trading partner of said first party; if it is determined that said second party is an established trading partner of said first party, then based on said particular trading partner information, retrieving information about agreements that govern business transactions between said first party and said second party; and servicing, by said first legacy application, said business-to-business transaction according to one or more of said agreements. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A method for conducting a business transaction over a network, the method comprising the computer-implemented steps of:
-
accessing, by a second party, from a publicly-available Universal Description, Discovery and Integration (UDDI) registry, a description of a web service that is provided by a first party, wherein said description includes a requirement that at least one communication to said web service is to include trading partner information; determining from said description, by said second party, that at least one communication to said web service is to include trading partner information; constructing, based on said description, a message to said web service that includes particular trading partner information according to said requirement; wherein said particular trading partner information includes identification of said second party as a trading partner of said first party; and transmitting said message to said web service to allow said web service to; determine, based on said particular trading partner information, whether said second party is an established trading partner of said first party; if it is determined that said second party is an established trading partner of said first party, then based on said particular trading partner information, retrieve information about one or more agreements that govern business transactions between said first party and said second party; and service a request for said web service according to one or more of said agreements. - View Dependent Claims (40)
-
Specification