Deployment tool and method for managing security lifecycle of a federated web service
First Claim
Patent Images
1. A computer implemented method for deploying a federated web service provider (WSP), the method comprising:
- populating a graphical user interface with a plurality of security mechanism identifiers each corresponding to a security mechanism for one or more transactions, for selection by a deployer, the plurality of security mechanism identifiers maintained by a security provider module that is distinct from a business logic module used to identify security mechanism identifiers for populating the graphical user interface, wherein the business logic module implements a function of the WSP and delegates security functionality to the security provider module;
receiving a selection of a transaction type associated with the one or more transactions;
receiving deployer selection of one of the security mechanism identifiers appropriate for the transaction type associated with the one or more transactions, the selected security mechanism identifier mapped to the transaction type of the one or more transactions to provide a level of security based on sensitivity of the one or more transactions;
generating a client-side provider for identifying the transaction type of each of one or more incoming messages of the one or more transactions and implementing the deployer selections to permit or disallow security mechanisms of the incoming messages in accordance with the deployer selection of security mechanism mapped to the transaction type of the incoming messages, the incoming messages being messages received by the WSP;
receiving updates to one or more security mechanisms; and
updating the security mechanisms maintained by the security provider module without modifying the business logic module, wherein updating includes mapping the updated security mechanism to the one or more transactions during generation of the client-side provider.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for managing a security lifecycle of a federated web service provider (WSP) is described. The method includes populating a graphical user interface with available security mechanisms, receiving a selection of a selected security mechanism from a user, and creating a deployment time policy generator for instantiating the selected security mechanism in outgoing messages generated by the WSP. A system and machine readable-medium for a deployment tool for performing the method are also described.
23 Citations
15 Claims
-
1. A computer implemented method for deploying a federated web service provider (WSP), the method comprising:
-
populating a graphical user interface with a plurality of security mechanism identifiers each corresponding to a security mechanism for one or more transactions, for selection by a deployer, the plurality of security mechanism identifiers maintained by a security provider module that is distinct from a business logic module used to identify security mechanism identifiers for populating the graphical user interface, wherein the business logic module implements a function of the WSP and delegates security functionality to the security provider module; receiving a selection of a transaction type associated with the one or more transactions; receiving deployer selection of one of the security mechanism identifiers appropriate for the transaction type associated with the one or more transactions, the selected security mechanism identifier mapped to the transaction type of the one or more transactions to provide a level of security based on sensitivity of the one or more transactions; generating a client-side provider for identifying the transaction type of each of one or more incoming messages of the one or more transactions and implementing the deployer selections to permit or disallow security mechanisms of the incoming messages in accordance with the deployer selection of security mechanism mapped to the transaction type of the incoming messages, the incoming messages being messages received by the WSP; receiving updates to one or more security mechanisms; and updating the security mechanisms maintained by the security provider module without modifying the business logic module, wherein updating includes mapping the updated security mechanism to the one or more transactions during generation of the client-side provider. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for deploying or redeploying a federated web service provider (WSP), the method comprising:
-
populating a graphical user interface with a plurality of security mechanism identifiers corresponding to security mechanisms appropriate for one or more transactions selected by a deployer, the plurality of security mechanism identifiers maintained by a security provider module distinct from a business logic module that is used to identify security mechanism identifiers for populating the graphical user interface, wherein the business logic module implements a function of the WSP and delegates security functionality to the security provider module; populating the graphical user interface with available deployer-defined policy rules; receiving a selection of a transaction type; indicating which of the available security mechanisms are enabled for the transaction type; indicating which of the deployer-defined policy rules are enabled for the transaction type; receiving deployer selections causing the enabled security mechanism and enabled user-defined policy rules to be changed, the changed security mechanism and user-defined policy rules mapped to the one or more transactions; generating a client-side provider implementing the deployer selections to permit or disallow security mechanisms of incoming messages of the one or more transactions in accordance with the deployer selections and enforce the policy rules on the incoming messages, the incoming messages being messages received by the WSP; generating a deployment time policy generator causing the selected security mechanism to be inserted into outgoing messages generated by the WSP; receiving updates to one or more security mechanisms; and updating the security mechanisms maintained by the security provider module without modifying the business logic module, the updating causing the updated security mechanisms to be inserted into the outgoing messages generated by the WSP independent of the business logic. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory machine readable medium embodying computer program instructions which when implemented by a computer system performs a method for managing a security lifecycle of a federated web service provider (WSP), the machine readable medium comprising:
-
program instructions for populating a graphical user interface with a plurality of security mechanism identifiers each corresponding to a security mechanism for one or more transactions for selection by a deployer, the plurality of security mechanism identifiers maintained by a security provider module distinct from a business logic module that is used to identify security mechanism identifiers for populating the graphical user interface, wherein the business logic module implements a function of the WSP and delegates security functionality to the security mechanism module; program instructions for receiving a selection of a transaction type associated with the one or more transactions; program instructions for receiving deployer selection of one of the security mechanism identifiers appropriate for the transaction type associated with the one or more transactions, the selected security mechanism identifier mapped to the transaction type of the one or more transactions; program instructions for generating a client-side provider for identifying the transaction type of each of one or more incoming messages of the one or more transactions and implementing the deployer selections to permit or disallow security mechanisms of the incoming messages in accordance with the deployer selection of security mechanism mapped to the transaction type of the incoming messages, the incoming messages being messages received by the WSP; program instructions for receiving updates to one or more security mechanisms; and program instructions for updating the security mechanisms maintained by the security provider module without modifying the business logic module, the updated security mechanism used in generating the client-side provider for the one or more transactions independent of the business logic module. - View Dependent Claims (12, 13, 14, 15)
-
Specification