Holistic XACML and obligation code automatically generated from ontologically defined rule set
First Claim
Patent Images
1. A system for automatically generating code for an authorization policy for network resources, the system comprising:
- one or more processors; and
a memory in communication with the one or more processors, wherein the memory contains instructions that when executed by the one or more processors, cause the one or more processors to;
automatically generate obligation code for the policy, in a first programming language, wherein rules of the policy are modeled using an ontologically defined ruleset, wherein the obligation code includes a plurality of function calls; and
after generating the obligation code, automatically generate XACML rule code for the policy based on the same ontologically defined ruleset, wherein the first programming language is not XACML, wherein the one or more processors are programmed to generate the XACML rule code for the policy by inserting calling details for each of the plurality of function calls of the obligation code in the XACML code.
1 Assignment
0 Petitions
Accused Products
Abstract
Computer-based systems and methods for automatically generating both XACML rules and processed-based obligation code using a common ontologically defined ruleset.
13 Citations
19 Claims
-
1. A system for automatically generating code for an authorization policy for network resources, the system comprising:
-
one or more processors; and a memory in communication with the one or more processors, wherein the memory contains instructions that when executed by the one or more processors, cause the one or more processors to; automatically generate obligation code for the policy, in a first programming language, wherein rules of the policy are modeled using an ontologically defined ruleset, wherein the obligation code includes a plurality of function calls; and after generating the obligation code, automatically generate XACML rule code for the policy based on the same ontologically defined ruleset, wherein the first programming language is not XACML, wherein the one or more processors are programmed to generate the XACML rule code for the policy by inserting calling details for each of the plurality of function calls of the obligation code in the XACML code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for automatically generating code for an authorization policy for network resources, the method comprising:
-
automatically generating, by a computer system comprising a code generation software module, obligation code for the policy, in a first programming language, wherein rules of the policy are modeled using an ontologically defined ruleset, wherein the obligation code includes a plurality of function calls; and after generating the obligation code, automatically generating, by the computer system, XACML rule code for the policy based on the same ontologically defined ruleset, wherein the first programming language is not XACML, and wherein generating the XACML rule code for the policy comprises inserting calling details for each of the plurality of function calls of the obligation code in the XACML code. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
Specification