Policies as workflows
First Claim
Patent Images
1. A method of enforcing policies on communications, comprising:
- receiving a communication to a processing device;
analyzing at least one criteria of the received communication to determine one or more policies to be applied to the communication, wherein the at least one criteria includes at least one of the following;
a requester of the received communication, a target resource of the received communication, or a responder of the received communication;
prior to passing the target resource the received communication, modifying the received communication based on the one or more policies from the target resource;
using a workflow to enforce the one or more policies on the modified received communication;
executing the workflow using an interface to apply the determined one or more policies to the communication, the workflow including a logical combination of one or more conditions to be satisfied, wherein executing the workflow comprises;
executing a first action to invoke a policy object associated with a first one of the policies to be applied to the communication, the policy object including a second combination of one or more conditions associated with the first policy, wherein the executing of the first action is performed by a first delegated process, andexecuting a second action to invoke a second policy object associated with a second one of the policies to be applied to the communication, wherein the executing of the second action is performed by a second delegated process, where at least one of the delegated processes is delegated to a private interface, wherein the private interface executes at least one of the actions, and where the action executed by the private interface is not known to the workflow interface, and wherein the first action and the second action are at least partially executed in parallel;
determining that the one or more conditions have been satisfied and that the first and second actions have been executed;
in response to the one or more conditions having been satisfied and the first and second actions having been executed, validating the one or more policies; and
based upon the applied one or more policies, processing the received communication.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and machine-readable mediums are disclosed for policy enforcement. In one embodiment, the method comprises receiving a communication and executing a workflow to apply one or more policies to the communication. The workflow includes a logical combination of one or more conditions to be satisfied and one or more actions to be executed to enforce the one or more policies on the communication.
190 Citations
19 Claims
-
1. A method of enforcing policies on communications, comprising:
-
receiving a communication to a processing device; analyzing at least one criteria of the received communication to determine one or more policies to be applied to the communication, wherein the at least one criteria includes at least one of the following;
a requester of the received communication, a target resource of the received communication, or a responder of the received communication;prior to passing the target resource the received communication, modifying the received communication based on the one or more policies from the target resource; using a workflow to enforce the one or more policies on the modified received communication; executing the workflow using an interface to apply the determined one or more policies to the communication, the workflow including a logical combination of one or more conditions to be satisfied, wherein executing the workflow comprises; executing a first action to invoke a policy object associated with a first one of the policies to be applied to the communication, the policy object including a second combination of one or more conditions associated with the first policy, wherein the executing of the first action is performed by a first delegated process, and executing a second action to invoke a second policy object associated with a second one of the policies to be applied to the communication, wherein the executing of the second action is performed by a second delegated process, where at least one of the delegated processes is delegated to a private interface, wherein the private interface executes at least one of the actions, and where the action executed by the private interface is not known to the workflow interface, and wherein the first action and the second action are at least partially executed in parallel; determining that the one or more conditions have been satisfied and that the first and second actions have been executed; in response to the one or more conditions having been satisfied and the first and second actions having been executed, validating the one or more policies; and based upon the applied one or more policies, processing the received communication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system of enforcing policies on communications comprising:
-
a processor; an interface configured to receive a communication; and memory storing instructions that, when executed by the processor, provide workflow logic for analyzing at least one criteria of the communication received through the interface, wherein the at least one criteria includes at least one of the following;
a requester of the received communication, a target resource of the received communication, or a responder of the received communication and determining a logical combination of at least one condition to evaluate, wherein executing the workflow includes executing a first action to invoke a policy object associated with a first one of the policies to be applied to the communication, the policy object including a second combination of one or more conditions associated with the first policy, wherein the executing of the first action is performed by a first delegated process, and executing a second action to invoke a second policy object associated with a second one of the policies to be applied to the communication, wherein the executing of the second action is performed by a second delegated process, where at least one of the delegated processes is delegated to a private interface, wherein the private interface executes at least one of the actions, and where the action executed by the private interface is not known to the workflow interface, and wherein the first action and the second action are at least partially executed in parallel, determine that the one or more conditions have been satisfied and that the first and second actions have been executed, in response to the one or more conditions having been satisfied and the first and second actions having been executed, validate the one or more policies, prior to passing the target resource the received communication, modifying the received communication based on the one or more policies from the target resource and using a workflow to enforce the one or more policies on the modified received communication, the instructions further providing logic that processes the communication based at least in part upon a result of the one or more policies as executed on the communication using an interface. - View Dependent Claims (17)
-
-
18. At least one non-transitory machine-readable medium, having stored thereon sequences of instructions, which, when executed by a machine cause the machine to:
-
receive a communication; and
analyze at least one criteria of the received communication to determine one or more policies to be applied to the communication, wherein the at least one criteria includes at least one of the following;
a requester of the received communication, a target resource of the received communication, or a responder of the received communication;prior to passing the target resource the received communication, modify the received communication based on the one or more policies from the target resource; use a workflow to enforce the one or more policies on the modified received communication; execute the workflow using an interface to apply one or more policies to the communication, the workflow including a logical combination of one or more conditions to be satisfied, wherein executing the workflow comprises; executing a first action to invoke a policy object associated with a first one of the policies to be applied to the communication, the policy object including a second combination of one or more conditions associated with the first policy, wherein the executing of the first action is performed by a first delegated process, and executing a second action to invoke a second policy object associated with a second one of the policies to be applied to the communication, wherein the executing of the second action is performed by a second delegated process, where at least one of the delegated processes is delegated to a private interface, wherein the private interface executes at least one of the actions, and where the action executed by the private interface is not known to the workflow interface, and wherein the first action and the second action are at least partially execute in parallel; determining that the one or more conditions have been satisfied and that the first and second actions have been executed; in response to the one or more conditions having been satisfied and the first and second actions having been executed, validating the one or more policies; and based upon the applied one or more policies, process the received communication.
-
-
19. A system of enforcing policies on communications, the system comprising:
-
a processor; and a memory coupled to the processor, wherein the memory includes sets of instructions which when executed by the processor, cause the processor to; receive a communication to a processing device; analyze at least one criteria of the received communication to determine one or more policies to be applied to the communication, wherein the at least one criteria includes at least one of the following;
a requester of the received communication, a target resource of the received communication, or a responder of the received communication;prior to passing the target resource of the received communication, modify the received communication based on the one or more policies from the target resource; use a workflow to enforce the one or more policies on the modified received communication; execute the workflow using the interface to apply the one or more policies to the communication, the workflow including a logical combination of one or more conditions to be satisfied, wherein executing the workflow comprises; executing a first action to invoke a policy object associated with a first one of the policies to be applied to the communication, the policy object including a second combination of one or more conditions associated with the first policy, wherein the executing of the first action is performed by a first delegated process, and executing a second action of the one or more actions to invoke a second policy object associated with a second one of the policies to be applied to the communication, wherein the executing of the second action is performed by a second delegated process, where at least one of the delegated processes is delegated to a private interface, wherein the private interface executes at least one of the actions, and where the action executed by the private interface is not known to the workflow interface, and wherein the first action and the second action are at least partially executed in parallel; determining that the one or more conditions have been satisfied and that the first and second actions have been executed; in response to the one or more conditions having been satisfied and the first and second actions having been executed, validating the one or more policies; and based upon the applied one or more policies, process the received communication.
-
Specification