Method and system for enforcing network security by preserving event execution information utilizing a service event stack
First Claim
1. A method for enhancing network security by using a service entry stack in a distributed computer network, the method comprising:
- receiving, by an event system, an indication for publishing, by a publisher, a first event to an editable subscriber list of one or more event subscribers;
using a processor to examine authorization concerns for publishing the first event to each event subscriber by sequentially examining each event subscriber in the subscriber list utilizing a service entry stack maintained in a computer-readable medium for recording event execution information and process hierarchy of the distributed computer network;
if the first event is allowed to be published to the event subscriber, publishing the first event to the event subscriber and pushing a first entry to the service entry stack indicating that the first event is now published to the event subscriber;
recording the first entry in the service entry stack via a state change in the computer-readable medium;
wherein the service entry stack retains execution information related to the published event, thereby enhancing the security for event publication.
11 Assignments
0 Petitions
Accused Products
Abstract
A method and system is disclosed for enhancing network security by using a service entry stack in a distributed computer network. After an event system receives an indication for a publisher to publish a first event to a subscriber list of one or more event subscribers, authorization concerns are examined for publishing the first event to each event subscriber by sequentially examining each event subscriber in the subscriber list. When publishing the first event to the event subscriber, a service entry stack is utilized for recording event execution information and process hierarchy of the distributed computer network so that such information can be used for enhancing the security of the distributed computer network.
-
Citations
12 Claims
-
1. A method for enhancing network security by using a service entry stack in a distributed computer network, the method comprising:
-
receiving, by an event system, an indication for publishing, by a publisher, a first event to an editable subscriber list of one or more event subscribers; using a processor to examine authorization concerns for publishing the first event to each event subscriber by sequentially examining each event subscriber in the subscriber list utilizing a service entry stack maintained in a computer-readable medium for recording event execution information and process hierarchy of the distributed computer network; if the first event is allowed to be published to the event subscriber, publishing the first event to the event subscriber and pushing a first entry to the service entry stack indicating that the first event is now published to the event subscriber; recording the first entry in the service entry stack via a state change in the computer-readable medium; wherein the service entry stack retains execution information related to the published event, thereby enhancing the security for event publication. - View Dependent Claims (2, 3)
-
-
4. A method for enhancing network security by using a service entry stack in a distributed computer network, the method comprising:
-
receiving, by an event system, an indication for publishing a first event to a subscriber list of one or more event subscribers by a publisher; publishing, by the event system, a second event to a first group of security subscribers including at least one security manager determining whether the publisher is authorized to publish the first event, the second event containing the subscription list; examining authorization concerns and publishing the first event to each event subscriber of the subscriber list by sequentially examining each event subscriber in the subscriber list, the examining further comprising; evaluating, by the event system, whether an event subscriber is authorized to receive the first event; publishing, by the event system, a third event to a second group of security subscribers including at least one security manager determining whether there are authorization concerns for publishing the first event; if the first event is allowed to be published to the event subscriber, pushing a first entry to the service entry stack indicating that the first event is now published to the event subscriber; calling a service event handler for the event subscriber to publish the first event; pushing one or more entries to the service entry stack representing one or more events executed and triggered by publishing the first event to the event subscriber; returning the service event handler back to the event system when there are no more events triggered by the published first event; and popping the first entry out from the service entry stack, wherein the service entry stack helps to reflect a process hierarchy of the distributed computer network and retains execution information related to the published event on a computer-readable storage medium, thereby enhancing the security for event publication.
-
-
5. An event system in a distributed computer network using a service entry stack for enhancing network security, the system comprising:
-
an examining module on a first computer system in the distributed computer network for, after receiving an indication for publishing, by a publisher, a first event to a subscriber list of one or more event subscribers, examining authorization concerns for publishing the first event to each event subscriber; a service entry stack for recording event execution information and process hierarchy of the distributed computer network while the examining module of the event system sequentially examining each event subscriber in the subscriber list, wherein at least one event subscriber is on a second computer system in the distributed computer network; editing the subscriber list to enforce security criteria for each event subscriber; and a publishing module for publishing the first event to the event subscriber if it is authorized to receive the first event; wherein if the first event is allowed to be published to the event subscriber, the service entry stack receives information related to the published event, the execution information including an indication that the first event is now published to the event subscriber. - View Dependent Claims (6, 7)
-
-
8. A system for enhancing network security by using a service entry stack in a distributed computer network including a plurality of computers, the system comprising:
-
receiving, by an event system on a first computer system in the distributed computer network, an indication for publishing a first event to a subscriber list of one or more event subscribers by a publisher, wherein at least one event subscriber is on a second computer system in the distributed computer network; publishing, by the event system, a second event to a first group of security subscribers including at least one security manager determining whether the publisher is authorized to publish the first event, the second event containing the subscription list; examining authorization concerns and publishing the first event to each event subscriber of the subscriber list by sequentially examining each event subscriber in the subscriber list, the examining further comprising means for; evaluating, by the event system, whether an event subscriber is authorized to receive the first event; publishing, by the event system, a third event to a second group of security subscribers including at least one security manager determining whether there are authorization concerns for publishing the first event; if the first event is allowed to be published to the event subscriber, pushing a first entry to the service entry stack indicating that the first event is now published to the event subscriber; calling a service event handler for the event subscriber to publish the first event; pushing one or more entries to the service entry stack representing one or more events executed and triggered by publishing the first event to the event subscriber; returning the service event handler back to the event system when there are no more events triggered by the published first event; and popping the first entry out from the service entry stack, wherein the service entry stack helps to reflect a process hierarchy of the distributed computer network and retains execution information related to the published event, thereby enhancing the security for event publication.
-
-
9. A computer-readable storage medium comprising computer-interpretable instructions that, when executed by a computer:
-
receive, by an event system, an indication for publishing, by a publisher, a first event to a subscriber list of one or more event subscribers; examine authorization concerns for publishing the first event to each event subscriber by sequentially examining each event subscriber in the subscriber list utilizing a service entry stack for recording event execution information and process hierarchy of the distributed computer network; publish the first event to the event subscriber if it is authorized to receive the first event; and updating the service entry stack with the first event and first event security information; wherein the first event security information includes an indication that the first event is now published to the event subscriber; and wherein the service entry stack retains execution information related to the published event, thereby enhancing the security for event publication. - View Dependent Claims (10, 11)
-
-
12. A computer-readable storage medium comprising computer-interpretable instructions that, when executed by a computer:
-
receive, by an event system, an indication for publishing a first event to a subscriber list of one or more event subscribers by a publisher; publish, by the event system, a second event to a first group of security subscribers including at least one security manager determining whether the publisher is authorized to publish the first event, the second event containing the subscription list; examine authorization concerns and publish the first event to each event subscriber of the subscriber list by sequentially examining each event subscriber in the subscriber list, the examining further comprising instructions for; evaluating, by the event system, whether an event subscriber is authorized to receive the first event; publishing, by the event system, a third event to a second group of security subscribers including at least one security manager determining whether there are authorization concerns for publishing the first event; if the first event is allowed to be published to the event subscriber, pushing a first entry to the service entry stack indicating that the first event is now published to the event subscriber; calling a service event handler for the event subscriber to publish the first event; pushing one or more entries to the service entry stack representing one or more events executed and triggered by publishing the first event to the event subscriber; returning the service event handler back to the event system when there are no more events triggered by the published first event; and popping the first entry out from the service entry stack, wherein the service entry stack helps to reflect a process hierarchy of the distributed computer network and retains execution information related to the published event, thereby enhancing the security for event publication.
-
Specification