Optimizing interactions between co-located processes

US 8,726,349 B2
Filed: 05/31/2011
Issued: 05/13/2014
Est. Priority Date: 11/24/2010
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a computer system, a request from a first composite application to invoke a web service operation of a second composite application,wherein the first composite application is associated with a reference policy, and the second composite application is associated with a service policy;

determining, by the computer system, based upon the service policy and the reference policy, whether a first mechanism that provides local invocation of the web service operation is secure, the first mechanism providing an optimized invocation of the web service compared to a second mechanism that provides invocation of the web service; and

invoking the web service operation using the first mechanism that provides local invocation rather than the second mechanism in response to determining that the first mechanism that provides local invocation is secure;

wherein determining whether the first mechanism that provides local invocation of the web service is secure comprises determining that an attribute associated with the reference policy and an attribute associated with the service policy indicate that the reference and service policies are applicable to local invocation determinations.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one set of embodiments, methods, systems, and apparatus are provided to enable secure local invocation of a web service in response to receiving a request from a first composite application to invoke a web service operation of a second composite application, where the first application is associated with a reference policy, and the second application is associated with a service policy, then determining, based upon the service policy and the reference policy, whether local invocation is secure, and invoking the operation using the local invocation in response to determining that the local invocation is secure. Attributes associated with the reference and service policies can indicate whether those policies can be used in a local invocation, or if user authentication is needed before performing the invocation with those policies. The local invocation may comprise a procedure call in an application server from the first application to the second application.

Citations

18 Claims

1. A method comprising:
- receiving, at a computer system, a request from a first composite application to invoke a web service operation of a second composite application,wherein the first composite application is associated with a reference policy, and the second composite application is associated with a service policy;
  
  determining, by the computer system, based upon the service policy and the reference policy, whether a first mechanism that provides local invocation of the web service operation is secure, the first mechanism providing an optimized invocation of the web service compared to a second mechanism that provides invocation of the web service; and
  
  invoking the web service operation using the first mechanism that provides local invocation rather than the second mechanism in response to determining that the first mechanism that provides local invocation is secure;
  
  wherein determining whether the first mechanism that provides local invocation of the web service is secure comprises determining that an attribute associated with the reference policy and an attribute associated with the service policy indicate that the reference and service policies are applicable to local invocation determinations.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein determining whether the first mechanism that provides local invocation of the web service is secure comprises determining that an attribute associated with the reference policy indicates that user authentication is needed for a local invocation determination, that an attribute associated with the service policy indicates that the service policy can be used in a local invocation determination, and that a user requesting the local invocation has been authenticated.
  - 3. The method of claim 1, wherein determining whether the first mechanism that provides local invocation of the web service is secure comprises determining that local invocation is secure when the reference and service policies form a valid configuration for local invocation.
  - 4. The method of claim 3, wherein the reference and service policies represent a valid configuration when there is a service policy corresponding to each reference policy, wherein the service policy is of an identical category as the reference policy, andwhen there is a service policy of a security category, then there is a corresponding reference policy of the security category.
  - 5. The method of claim 1, wherein invoking the web service operation using the first mechanism that provides local invocation rather than the second mechanism comprises invoking a procedure call within a process that includes the first composite application and the second composite application.
  - 6. The method of claim 1, wherein invoking the web service operation using the first mechanism that provides local invocation rather than the second mechanism comprises invoking a procedure call from instructions that implement the first composite application to instructions that implement the second composite application.

7. A system comprising:
- a processor; and
  
  a non-transitory memory configured to store a set of instructions which when executed by the processor configure the processor to;
  
  receive a request from a first composite application to invoke a web service operation of a second composite application,wherein the first composite application is associated with a reference policy, and the second composite application is associated with a service policy,determine, based upon the service policy and the reference policy, whether a first mechanism that provides local invocation of the web service operation is secure, the first mechanism providing an optimized invocation of the web service compared to a second mechanism that provides invocation of the web service, wherein to determine whether the first mechanism that provides local invocation of the web service is secure the processor is configured to determine that an attribute associated with the reference policy and an attribute associated with the service policy indicate that the reference and service policies are applicable to local invocation determinations; and
  
  invoke the web service operation using the first mechanism that provides local invocation rather than the second mechanism in response to determining that the first mechanism that provides local invocation is secure.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein to determine whether the first mechanism that provides local invocation of the web service is secure the processor is configured to determine that an attribute associated with the reference policy indicates that user authentication is needed for a local invocation determination, that an attribute associated with the service policy indicates that the service policy can be used in a local invocation determination, and that a user requesting the local invocation has been authenticated.
  - 9. The system of claim 7, wherein to determine whether the first mechanism that provides local invocation of the web service is secure the processor is configured to determine that local invocation is secure if the reference and service policies form a valid configuration for local invocation.
  - 10. The system of claim 9, wherein the reference and service policies represent a valid configuration when there is a service policy corresponding to each reference policy, wherein the service policy is of an identical category as the reference policy, andwhen there is a service policy of a security category, then there is a corresponding reference policy of the security category.
  - 11. The system of claim 7, wherein to invoke the web service operation using the first mechanism that provides local invocation rather than the second mechanism the processor is configured to perform a procedure call within a process that includes the first composite application and the second composite application.
  - 12. The system of claim 7, wherein to invoke the web service operation using the first mechanism that provides local invocation rather than the second mechanism the processor is configured to perform a procedure call from instructions that implement the first composite application to instructions that implement the second composite application.

13. A non-transitory machine-readable medium for a computer system, the non-transitory machine-readable medium having stored thereon a series of instructions executable by a processor, the series of instructions comprising:
- instructions that cause the processor to receive a request from a first composite application to invoke a web service operation of a second composite application,wherein the first composite application is associated with a reference policy, and the second composite application is associated with a service policy;
  
  instructions that cause the processor to determine, based upon the service policy and the reference policy, whether a first mechanism that provides local invocation of the web service operation is secure, the first mechanism providing an optimized invocation of the web service compared to a second mechanism that provides invocation of the web service; and
  
  instructions that cause the processor to invoke the web service operation using the first mechanism that provides local invocation rather than the second mechanism in response to determining that the first mechanism that provides local invocation is securewherein the instructions that cause the processor to determine whether the first mechanism that provides local invocation of the web service is secure comprise instructions that cause the processor to determine that an attribute associated with the reference policy and an attribute associated with the service policy indicate that the reference and service policies are applicable to local invocation determinations.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The non-transitory machine-readable medium of claim 13, wherein the instructions that cause the processor to determine whether the first mechanism that provides local invocation of the web service is secure comprise instructions that cause the processor to determine that an attribute associated with the reference policy indicates that user authentication is needed for a local invocation determination, that an attribute associated with the service policy indicates that the service policy can be used in a local invocation determination, and that a user requesting the local invocation has been authenticated.
  - 15. The non-transitory machine-readable medium of claim 13, wherein the instructions that cause the processor to determine whether the first mechanism that provides local invocation of the web service is secure comprise instructions that cause the processor to determine that when the reference and service policies form a valid configuration for local invocation.
  - 16. The non-transitory machine-readable medium of claim 15, wherein the reference and service policies represent a valid configuration when there is a service policy corresponding to each reference policy, wherein the service policy is of an identical category as the reference policy, andwhen there is a service policy of a security category, then there is a corresponding reference policy of the security category.
  - 17. The non-transitory machine-readable medium of claim 13, wherein the instructions that cause the processor to invoke the web service operation using the first mechanism that provides local invocation rather than the second mechanism comprise instructions that cause the processor to invoke a procedure call within a process that includes the first composite application and the second composite application.
  - 18. The non-transitory machine-readable medium of claim 13, wherein the instructions that cause the processor to invoke the web service operation using the first mechanism that provides local invocation rather than the second mechanism comprise instructions that cause the processor to invoke a procedure call from instructions that implement the first composite application to instructions that implement the second composite application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Kavantzas, Nickolas, Gupta, Pratibha
Primary Examiner(s)
Williams, Jeffrey

Application Number

US13/118,940
Publication Number

US 20120131641A1
Time in Patent Office

1,078 Days
Field of Search

None
US Class Current

726/3
CPC Class Codes

G06F 21/629   to features or functions of...

G06F 9/547   Remote procedure calls [RPC...

H04L 63/102   Entity profiles

Optimizing interactions between co-located processes

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Optimizing interactions between co-located processes

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links