Policy application across multiple nodes

US 7,496,649 B2
Filed: 02/20/2004
Issued: 02/24/2009
Est. Priority Date: 02/20/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

retrieving an intermediate node policy having one or more protocol requirements for messages being transmitted to or from the intermediate node, the intermediate node being between a source node and a destination node in a communication path;

forming a first policy-compliant message in accordance with the intermediate node policy, the first policy-compliant message including a request for a destination node policy having one or more protocol requirements for messages being transmitted to or from the destination node;

transmitting the first policy-compliant message to the intermediate node for receipt and validation of the first policy-compliant message by the intermediate node;

receiving the destination node policy;

forming a second policy-compliant message in accordance with both the intermediate node policy and the destination node policy;

transmitting the second policy-compliant message to the destination node;

determining whether the destination node policy specifies an additional intermediate node;

if the destination node policy specifies an additional intermediate node, forming a third policy-compliant message in accordance with the intermediate node policy, the third policy-compliant message including a request for an additional intermediate node policy having one or more protocol requirements for messages being transmitted to or from the additional intermediate node, and if the destination node policy specifies more than one intermediate nodes, the destination node policy also specifies an order of the intermediate nodes in the communication path, the order of intermediate nodes being important for the order of retrieving and applying the policies of the intermediate nodes.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method includes retrieving an intermediate node policy characterizing communication properties supported by an intermediate node, the intermediate node being between a source node and a destination node in a communication path. The method includes forming a first policy-compliant message in accordance with the intermediate node policy, the first policy-compliant message including a request for a destination node policy characterizing communication properties supported by the destination node. A system includes a policy retriever comparing a source policy to one to an intermediate policy to determine whether the source policy is compatible with the intermediate policy. A message generator generates a policy request message by applying the intermediate policy to a request for a policy related to a destination node.

Citations

27 Claims

1. A method comprising:
- retrieving an intermediate node policy having one or more protocol requirements for messages being transmitted to or from the intermediate node, the intermediate node being between a source node and a destination node in a communication path;
  
  forming a first policy-compliant message in accordance with the intermediate node policy, the first policy-compliant message including a request for a destination node policy having one or more protocol requirements for messages being transmitted to or from the destination node;
  
  transmitting the first policy-compliant message to the intermediate node for receipt and validation of the first policy-compliant message by the intermediate node;
  
  receiving the destination node policy;
  
  forming a second policy-compliant message in accordance with both the intermediate node policy and the destination node policy;
  
  transmitting the second policy-compliant message to the destination node;
  
  determining whether the destination node policy specifies an additional intermediate node;
  
  if the destination node policy specifies an additional intermediate node, forming a third policy-compliant message in accordance with the intermediate node policy, the third policy-compliant message including a request for an additional intermediate node policy having one or more protocol requirements for messages being transmitted to or from the additional intermediate node, and if the destination node policy specifies more than one intermediate nodes, the destination node policy also specifies an order of the intermediate nodes in the communication path, the order of intermediate nodes being important for the order of retrieving and applying the policies of the intermediate nodes.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method as recited in claim 1 wherein the forming operation further comprises forming a first policy-compliant message including a source node policy having one or more protocol requirement for messages being transmitted to or from the source node.
  - 3. The method as recited in claim 1 further comprising:
    - retrieving the destination node policy;
      
      forming a second policy-compliant message, the second policy-compliant message including an underlying message, the second policy-compliant message conforming to the destination node policy;
      
      forming a third policy-compliant message, the third policy-compliant message including the second policy-compliant message, the third policy-compliant message conforming to the intermediate node policy.
  - 4. The method as recited in claim 1 further comprising determining whether the intermediate node policy is compatible with a source node policy having one or more protocol requirement for messages being transmitted to or from the source node.
  - 5. The method as recited in claim 1 further comprising determining whether the intermediate node policy is compatible with a source node policy having one or more protocol requirement for messages being transmitted to or from the source node, wherein the determining operation comprises receiving a notification from a service that the intermediate node policy is compatible with the source node policy.
  - 6. The method as recited in claim 1 wherein the retrieving operation comprises incrementally receiving the intermediate node policy.
  - 7. The method as recited in claim 1 wherein the retrieving operation comprises receiving the intermediate node policy from a node other than the intermediate node.
  - 8. The method as recited in claim 1 wherein the retrieving operation comprises reading the intermediate node policy from a cache memory at the source node.

9. A computer-readable storage medium having a plurality of executable programming instructions stored thereon which, when operated, perform operations comprising:
- retrieving a intermediate node policy and a destination node policy, the intermediate node policy having one or more protocol requirements for messages being transmitted to or from an intermediate node and the destination node policy having one or more protocol requirements for messages being transmitted to or from a destination node, the intermediate node being between a source node and the destination node in a communication path;
  
  applying the intermediate node policy and the destination node policy to an underlying message in order of the destination node policy followed by the intermediate node policy;
  
  creating a first policy-compliant message including the underlying message, the first policy-compliant message being created according to the intermediate node policy;
  
  transmitting the first policy-compliant message to the intermediate node for receipt and validation of the first policy-compliant message by the intermediate node;
  
  creating a second policy-compliant message including the first policy-compliant message, the second policy-compliant message being created according to the intermediate node policy and the destination node policy;
  
  transmitting the second policy-compliant message to the destination node;
  
  determining whether the destination node policy specifies an additional intermediate node;
  
  if the destination node policy specifies an additional intermediate node, forming a third policy-compliant message in accordance with the intermediate node policy, the third policy-compliant message including a request for an additional intermediate node policy having one or more protocol requirements for messages being transmitted to or from the additional intermediate node, and if the destination node policy specifies more than one intermediate nodes, the destination node policy also specifies an order of the intermediate nodes in the communication path, the order of intermediate nodes being important for the order of retrieving and applying the policies of the intermediate nodes.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The computer-readable storage medium as recited in claim 9 wherein the operation further comprise selecting one of the one or more protocol requirements from the intermediate node policy.
  - 11. The computer-readable storage medium as recited in claim 9 wherein the operation further comprise determining whether the intermediate node policy is compatible with a source node policy havinq one or more protocol requirements for messages being transmitted to or from the source node.
  - 12. The computer-readable storage medium as recited in claim 9 wherein the retrieving operation comprises retrieving one or more of the intermediate node policy and the destination node policy from a node other than the intermediate node, the destination node, and the source node.
  - 13. The computer-readable storage medium as recited in claim 9 wherein the retrieving operation comprises requesting each of the intermediate node policy and the destination node policy in order of the intermediate node followed by the destination node.
  - 14. The computer-readable storage medium as recited in claim 9 wherein the retrieving operation comprises incrementally receiving at least one of the intermediate node policy and the destination node policy.
  - 15. The computer-readable storage medium as recited in claim 9 wherein the retrieving operation comprises reading at least one of the intermediate node policy and the destination node policy from a cache memory at the source node.
  - 16. The computer-readable storage medium as recited in claim 9 wherein the operation further comprise determining whether a message from the intermediate node conforms to a source node policy having one or more protocol requirement for messages being transmitted to or from the source node.

17. A system comprising:
- a processor;
  
  a policy retriever configured to be operated by the processor to retrieve an intermediate node policy having one or more protocol requirements for messages being transmitted to or from an intermediate node between a source node and a destination in a communication path;
  
  a message generator configured to be operated by the processor to generate a request message in accordance with the intermediate node policy, the request message including a request for a destination node policy having one or more protocol requirements for messages being transmitted to or from the destination node;
  
  transmitting the request message to the intermediate node for receipt and validation of the request message by the intermediate node;
  
  receiving the destination node policy;
  
  forming a second request message in accordance with both the intermediate node policy and the destination node policy;
  
  transmitting the second request message to the destination node;
  
  determining whether the destination node policy specifies an additional intermediate node;
  
  if the destination node policy specifies an additional intermediate node, forming a third request message in accordance with the intermediate node policy, the third request message including a request for an additional intermediate node policy having one or more protocol requirements for messages being transmitted to or from the additional intermediate node, and if the destination node policy specifies more than one intermediate nodes, the destination node policy also specifies an order of the intermediate nodes in the communication path, the order of intermediate nodes being important for the order of retrieving and applying the policies of the intermediate nodes.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
- - 18. The system as recited in claim 17 wherein the policy retriever compares a source node policy having one or more protocol requirement for messages being transmitted to or from the source node to the intermediate node policy to determine whether the source node policy is compatible with the intermediate node policy.
  - 19. The system as recited in claim 18 wherein the policy retriever selects one of the protocol requirements from the intermediate node policy based on the source node policy.
  - 20. The system as recited in claim 18, wherein the message generator further transmits a message to the intermediate node, the message including at least a portion of the source node policy.
  - 21. The system as recited in claim 18, further comprising a policy generator generating the source node policy, wherein generating comprises generating the one or more protocol requirements and at least one relationship operator associated with the or more protocol requirements.
  - 22. The system as recited in claim 21, wherein the policy generator generates a usage attribute related to one of the or more protocol requirements.
  - 23. The system as recited in claim 18 wherein the one or more protocol requirements of the source node policy comprises at least one of:
    - a security protocol;
      
      a routing parameter;
      
      an encryption algorithm;
      
      an audit trail;
      
      a privacy parameter.
  - 24. The system as recited in claim 18, wherein the source node policy further comprises:
    - the one or more protocol requirements specifying protocol parameters;
      
      one or more operators related to the one or more protocol requirements, the one or more operators specifying a relationship between the one or more protocol requirements.
  - 25. The system as recited in claim 18, wherein the source node policy further comprises an input policy characterizing input protocol parameters and an output policy characterizing output protocol parameters.

26. A system comprising:
- a processor;
  
  a policy retriever means to be operated by the processor for retrieving a plurality of policies, each policy having one or more protocol requirements for messages being transmitted to or from one of a plurality of nodes, the plurality of nodes including at least one intermediate node and a destination node, wherein the retrieving includes requesting each of the intermediate node policy and the destination node policy in order of the intermediate node followed by the destination node;
  
  means to be operated by the processor for applying each of the plurality of policies to a message transmitted to the destination node, such that the message conforms to each of the plurality of policies, wherein the applying includes;
  
  determining whether the intermediate node policy is compatible with a source node policy having one or more protocol requirements for messages being transmitted to or from the source node;
  
  in response to the determining, creating a first policy-compliant message including the underlying message, the first policy-compliant message being created according to the intermediate node policy, transmitting the first policy-compliant message to the intermediate node for receipt and validation of the first policy-compliant message by the intermediate node, and creating a second policy-compliant message including the first policy-compliant message, the second policy-compliant message being created according to the intermediate node policy and the destination node policy;
  
  transmitting the second policy-compliant message to the destination node;
  
  determining whether the destination node policy specifies an additional intermediate node;
  
  if the destination node policy specifies an additional intermediate node, forming a third policy-compliant message in accordance with the intermediate node policy, the third policy-compliant message including a request for an additional intermediate node policy having one or more protocol requirements for messages being transmitted to or from the additional intermediate node, and if the destination node policy specifies more than one intermediate nodes, the destination node policy also specifies an order of the intermediate nodes in the communication path, the order of intermediate nodes being important for the order of retrieving and applying the policies of the intermediate nodes.
- View Dependent Claims (27)
- - 27. The system as recited in claim 26 wherein the means for applying comprises a message generator selecting one of the one or more protocol requirements from each of the plurality of policy.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Wong, Sara, Christensen, Erik B., Levin, David, Lee, Alfred IV
Primary Examiner(s)
Nguyen; Dustin

Application Number

US10/783,554
Publication Number

US 20050188072A1
Time in Patent Office

1,831 Days
Field of Search

709/219, 709/224, 709/227, 709/230, 709/229, 709/245, 709/246, 726/1, 726/12, 370/238, 370/466, 370/389, 380/279, 340/442, 705/32
US Class Current

709/223
CPC Class Codes

H04L 67/564   Enhancement of application ...

H04L 67/565   Conversion or adaptation of...

H04L 69/329   in the application layer [O...

Policy application across multiple nodes

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Policy application across multiple nodes

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links