System and method for facilitating the provision of web services across different internet security domains
First Claim
1. A cross-domain Web service publishing system embodied on one or more processing devices comprising:
- a source security domain having a first security clearance classification;
a first cross-domain publishing service located in the source security domain to;
receive a Web service publication request from a service publication requester;
retrieve a Web services description language reference for the Web service from a remote source;
create a call to publish the Web service; and
transmit the call to a first security server located in the source security domain;
a destination security domain having a second security clearance classification;
a second cross-domain publishing service within the destination security domain to;
receive the Web service publication request;
establish a surrogate end point within the destination security domain; and
publish at the surrogate end point a Web services description language reference regarding the provision of the Web service by the Web service provider; and
a high assurance guard (HAG) service configured to provide communication connections between the first cross-domain publishing service and the second cross-domain publishing service;
wherein the HAG service comprises a source HAG node in the source security domain and a destination HAG node in the destination security domain;
wherein the source HAG node is configured to receive the Web service publication request, and to determine whether the Web service publication request violates one or more security rules;
wherein the destination HAG node is configured to receive the Web service publication request from the source HAG node, unwrap the Web service publication request, and pass the Web service publication request to the second cross-domain publishing service; and
wherein the second cross-domain publishing service is configured to determine whether the service identified in the Web service publication request violates one or more security rules, and to create a repository and directory for the service identified in the Web service publication request.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for cross-domain Web-service publishing of information regarding a Web service provider in a first domain having a first security clearance access level into a second domain having a second security clearance access level across a cross-domain security system may comprise a cross-domain publishing service within the second domain receiving through the security system a request to publish information regarding the Web service provider located in the first domain; and may comprise the cross-domain publishing service establishing a surrogate end point within the second domain corresponding to the Web service provider and making available at the surrogate end point Web service information regarding the provision of a Web service by the Web service provider. The second domain cross-domain publishing service may register the Web service provider within the second domain and may also provide a link to the surrogate endpoint.
-
Citations
8 Claims
-
1. A cross-domain Web service publishing system embodied on one or more processing devices comprising:
-
a source security domain having a first security clearance classification; a first cross-domain publishing service located in the source security domain to; receive a Web service publication request from a service publication requester; retrieve a Web services description language reference for the Web service from a remote source; create a call to publish the Web service; and transmit the call to a first security server located in the source security domain; a destination security domain having a second security clearance classification; a second cross-domain publishing service within the destination security domain to; receive the Web service publication request; establish a surrogate end point within the destination security domain; and publish at the surrogate end point a Web services description language reference regarding the provision of the Web service by the Web service provider; and a high assurance guard (HAG) service configured to provide communication connections between the first cross-domain publishing service and the second cross-domain publishing service; wherein the HAG service comprises a source HAG node in the source security domain and a destination HAG node in the destination security domain; wherein the source HAG node is configured to receive the Web service publication request, and to determine whether the Web service publication request violates one or more security rules; wherein the destination HAG node is configured to receive the Web service publication request from the source HAG node, unwrap the Web service publication request, and pass the Web service publication request to the second cross-domain publishing service; and wherein the second cross-domain publishing service is configured to determine whether the service identified in the Web service publication request violates one or more security rules, and to create a repository and directory for the service identified in the Web service publication request. - View Dependent Claims (2, 3, 4)
-
-
5. A method to publish Web service information regarding a Web service provider in a source security domain into a destination security domain, wherein said source security domain has a first security clearance classification and said destination security domain has a second security classification, comprising:
-
in a first cross-domain publishing service location in the source security domain; receiving a Web service publication request from a service publication requester; retrieving a Web services description language reference for the Web service from a remote source; creating a call to publish the Web service; and transmitting the call to a first security server located in the source security domain; in a second cross-domain publishing service within the destination security domain; establishing a surrogate end point within the destination security domain; and publishing at the surrogate end point a Web services description language reference regarding the provision of the Web service by the Web service provider; wherein the source security domain and the destination security domain are communicatively coupled through a high assurance guard (HAG) service; wherein the HAG service comprises a source HAG node in the source security domain and a destination HAG node in the destination security domain; wherein the source HAG node is configured to receive the Web service publication request, and to determine whether the Web service publication request violates one or more security rules; wherein the destination HAG node is configured to receive the Web service publication request from the source HAG node, unwrap the Web service publication request, and pass the Web service publication request to the second cross-domain publishing service; and wherein the second cross-domain publishing service is configured to determine whether the service identified in the web service publication request violates one or more security rules, and to create a repository and directory for the service identified in the Web service publication request. - View Dependent Claims (6, 7, 8)
-
Specification