Dynamic negotiation of security arrangements between web services
First Claim
Patent Images
1. A method of dynamically determining security options for exchange of at least one message between services, comprising the steps of:
- providing a computer-readable security option profile data structure stored in memory for a first service;
obtaining a computer-readable security option profile data structure for a second service;
wherein the security option profile data structures for the first and second services includepreference sets, divided into community preferences and service preferences, applicable to communities of collaboration partners and individual collaboration partners, respectively, each preference set includingalgorithm preferences for selecting among security arrangement algorithms;
security arrangement preferences for selecting among security arrangements; and
rules for categorizing, prioritizing and comparing preference sets;
receiving a message at the first service from the second service; and
employing the rules to determine security algorithms and arrangements between the first and second services.
6 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to computer-based devices and methods negotiate and implement security arrangements between two or more web services. More particularly, it relates to devices and methods that specify input and output interfaces, computation and generation of a security contract consistent with inputs, and implementation of security in accordance with negotiated security arrangements. Particular aspects of the present invention are described in the claims, specification and drawings.
49 Citations
18 Claims
-
1. A method of dynamically determining security options for exchange of at least one message between services, comprising the steps of:
-
providing a computer-readable security option profile data structure stored in memory for a first service; obtaining a computer-readable security option profile data structure for a second service; wherein the security option profile data structures for the first and second services include preference sets, divided into community preferences and service preferences, applicable to communities of collaboration partners and individual collaboration partners, respectively, each preference set including algorithm preferences for selecting among security arrangement algorithms; security arrangement preferences for selecting among security arrangements; and rules for categorizing, prioritizing and comparing preference sets; receiving a message at the first service from the second service; and employing the rules to determine security algorithms and arrangements between the first and second services. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
Specification