System and method for generating secure Web service architectures using a Web Services security assessment methodology
First Claim
1. A Web Service system, comprising:
- a service provider comprising one or more computer systems configured to provide one or more secure Web Services on the Web Service system; and
one or more service requesters each comprising one or more computer systems and each configured to access the one or more secure Web Services from the service provider via a network;
wherein the Web Service system is configured according to output of a computer-implemented Web Service architecture design system for designing secure Web Services comprising a plurality of heterogeneous components and one or more security components, wherein the Web Service architecture design system is configured to;
receive one or more Web Service requirements for the Web Service system;
receive user input specifying one or more design aspects of a secure Web Service architecture for the Web Service system;
generate the Web Service architecture in accordance with the received Web Service requirements, the received user input, a Web Services security assessment structured methodology, and one or more security design patterns; and
generate the output including information indicating the secure Web Service architecture; and
wherein the Web service system further comprises a service registry implemented on one or more computer systems, wherein the service provider is further configured to register and publish the secure Web Services in the service registry, and wherein the service requester is further configured to discover the service provider through the service registry.
2 Assignments
0 Petitions
Accused Products
Abstract
System and method for designing and implementing secure Web Services according to a Web Services Security Assessment structured methodology and design patterns. Lifecycles of the Web Services Security Assessment structured methodology may include, but are not limited to: vision and strategy, architecture design, development, integration, and deployment. In one embodiment, security components may be identified based on one or more use case requirements. Web Services objects that need to be protected may be identified. The object relationship for security protection may be defined, and associated trust domains, security policy and strategy and threat profiles may be identified. Protection schemes for these Web Services objects may be generated. Web Services security design patterns may be applied. One embodiment may be implemented as a secure Web Services architecture design mechanism that may receive Web Services requirements as input and assist a user in designing and generating a secure Web Services architecture.
446 Citations
57 Claims
-
1. A Web Service system, comprising:
-
a service provider comprising one or more computer systems configured to provide one or more secure Web Services on the Web Service system; and one or more service requesters each comprising one or more computer systems and each configured to access the one or more secure Web Services from the service provider via a network; wherein the Web Service system is configured according to output of a computer-implemented Web Service architecture design system for designing secure Web Services comprising a plurality of heterogeneous components and one or more security components, wherein the Web Service architecture design system is configured to; receive one or more Web Service requirements for the Web Service system; receive user input specifying one or more design aspects of a secure Web Service architecture for the Web Service system; generate the Web Service architecture in accordance with the received Web Service requirements, the received user input, a Web Services security assessment structured methodology, and one or more security design patterns; and generate the output including information indicating the secure Web Service architecture; and wherein the Web service system further comprises a service registry implemented on one or more computer systems, wherein the service provider is further configured to register and publish the secure Web Services in the service registry, and wherein the service requester is further configured to discover the service provider through the service registry. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for designing and implementing secure Web Services comprising a plurality of heterogeneous components, comprising:
-
means for applying a Web Services security assessment structured methodology and one or more security design patterns to generate output indicating a Web Service architecture; and means for implementing a secure Web Service according to the generated output indicating the Web Service architectures; wherein said Web Services security assessment structured methodology comprises; means for determining one or more security components according to one or more Use Case requirements for the Web Service architecture; means for determining one or more Web Service objects of the Web Service architecture to be protected; means for defining an object relationship for security protection in the Web Service architecture; means for determining one or more associated trust domains, security policy and strategy, and one or more threat profiles for the Web Service architecture; means for determining one or more protection schemes and measures for the Web Services objects; and means for applying one or more Web Services design patterns to the Web Service architecture. - View Dependent Claims (15)
-
-
16. A system for generating a vendor-independent Web Service architecture, comprising:
-
a processor; and a memory comprising program instructions, wherein the program instructions are executable by the processor to; determine one or more security components of a Web Service architecture according to one or more Use Case requirements for the Web Service architecture; determine one or more Web Service objects of the Web Service architecture to be protected;
define an object relationship for security protection in the Web Service architecture;determine one or more associated trust domains, security policy and strategy, and one or more threat profiles for the Web Service architecture; determine one or more protection schemes and measures for the Web Services objects; apply one or more Web Services design patterns to the Web Service architecture; and generate output including information indicating the generated Web Service architecture, wherein the generated output is configured for use in implementing the Web Service architecture. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A computer-implemented method for generating a vendor-independent Web Service architecture, the method comprising:
-
determining one or more security components according to one or more Use Case requirements for the Web Service architecture; determining one or more Web Service objects of the Web Service architecture to be protected; defining an object relationship for security protection in the Web Service architecture; determining one or more associated trust domains, security policy and strategy, and one or more threat profiles for the Web Service architecture; determining one or more protection schemes and measures for the Web Services objects; applying one or more Web Services design patterns to the Web Service architecture; and generating output including information indicating the generated Web Service architecture, wherein the generated output is configured for use in implementing the Web Service architecture. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
-
-
44. A computer-accessible storage medium comprising program instructions, wherein the program instructions are computer-executable to implement:
-
determining one or more security components according to one or more Use Case requirements for the Web Service architecture; determining one or more Web Service objects of the Web Service architecture to be protected; defining an object relationship for security protection in the Web Service architecture; determining one or more associated trust domains, security policy and strategy, and one or more threat profiles for the Web Service architecture; determining one or more protection schemes and measures for the Web Services objects; applying one or more Web Services design patterns to the Web Service architecture; and generating output including information indicating the generated Web Service architecture, wherein the generated output is configured for use in implementing the Web Service architecture. - View Dependent Claims (45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57)
-
Specification