US2006136555A1PendingUtilityA1

Secure service oriented architecture

46
Assignee: BEA SYSTEMS INCPriority: May 21, 2004Filed: May 19, 2005Published: Jun 22, 2006
Est. expiryMay 21, 2024(expired)· nominal 20-yr term from priority
H04L 67/00H04L 63/08H04L 63/0281H04L 63/04H04L 63/18
46
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A system, method and media for a service oriented architecture. This description is not intended to be a complete description of, or limit the scope of, the invention. Other features, aspects and objects of the invention can be obtained from a review of the specification, the figures and the claims.

Claims

exact text as granted — not AI-modified
1 . A method for processing messages for a service proxy, comprising: 
 conveying a message in a first direction along a first path in a message processing graph wherein the first path includes at least one message processing node;    affording each one of the at least one message processing node the opportunity to process the message and wherein one of the at least one message processing node performs a security function based on at least one portion of the message; and    wherein the at least one message processing node implements an interface and/or a protocol that is compatible with the service proxy.    
     
     
         2 . The method of  claim 1 , further comprising: 
 accepting the message over a secure protocol from one of: a client and another service proxy.    
     
     
         3 . The method of  claim 1 , further comprising: 
 providing the message over a secure protocol to one of: a service and another service proxy.    
     
     
         4 . The method of  claim 1  wherein: 
 the first path is dynamically determined.    
     
     
         5 . The method of  claim 1  wherein: 
 the first path is dynamically determined based on message content.    
     
     
         6 . The method of  claim 1  wherein: 
 a message processing node in the at least one message processing node can be added to or removed from the message processing graph dynamically.    
     
     
         7 . The method of  claim 1  wherein: 
 the security function is capable of at least one of: encrypting, decrypting, digitally signing, digital signature verification, authentication, evaluating a policy, and determining access.    
     
     
         8 . The method of  claim 1  wherein: 
 the first path includes a first message processing node to accept request messages and at least one second message processing node to accept response messages.    
     
     
         9 . The method of  claim 1  wherein: 
 a message processing node in the at least one message processing node is capable of performing at least one of the following: message authentication, message authorization, message validation, message transformation, message routing, performance monitoring, message tracking, message archiving, message logging, message publication, error reporting, and a user-defined process.    
     
     
         10 . The method of  claim 1 , further comprising: 
 conveying a response message through the first path in a direction that is opposite of the first direction.    
     
     
         11 . A machine readable medium having instructions stored thereon to cause a system to: 
 convey a message in a first direction along a first path in a message processing graph wherein the first path includes at least one message processing node;    afford each one of the at least one message processing node the opportunity to process the message wherein one of the at least one message processing node performs a security function based on at least one portion of the message; and    wherein the at least one message processing node implements an interface and/or a protocol that is compatible with the service proxy.    
     
     
         12 . A service proxy for processing messages, comprising: 
 a message processing graph;    a first path in the message processing graph wherein the first path includes at least one message processing node and wherein the first path is capable of conveying a message in a first direction through the message processing graph;    wherein each one of the at least one message processing node is afforded the opportunity to processing the message and wherein one of the at least one message processing node is capable of performing a security function based on at least one portion of the message; and    wherein the at least one message processing node implements an interface and/or a protocol that is compatible with a service proxy.    
     
     
         13 . The service proxy of  claim 12  wherein: 
 the message is accepted over a secure protocol from one of: a client and another service proxy.    
     
     
         14 . The service proxy of  claim 12  wherein: 
 the message is provided over a secure protocol to one of: a service and another service proxy.    
     
     
         15 . The service proxy of  claim 12  wherein: 
 the first path is dynamically determined.    
     
     
         16 . The service proxy of  claim 12  wherein: 
 the first path is dynamically determined based on message content.    
     
     
         17 . The service proxy of  claim 12  wherein: 
 a message processing node in the at least one message processing node can be added to or removed from the message processing graph dynamically.    
     
     
         18 . The service proxy of  claim 12  wherein: 
 the security function is capable of at least one of: encrypting, decrypting, digitally signing, digital signature verification, authentication, evaluating a policy, and determining access.    
     
     
         19 . The service proxy of  claim 12  wherein: 
 the first path includes a first message processing node to accept request messages and at least one second message processing node to accept response messages.    
     
     
         20 . The service proxy of  claim 12  wherein: 
 a message processing node in the at least one message processing node is capable of performing at least one of the following: message authentication, message authorization, message validation, message transformation, message routing, performance monitoring, message tracking, message archiving, message logging, message publication, error reporting, and a user-defined process.    
     
     
         21 . The service proxy of  claim 12  wherein: 
 the first path is capable of conveying a response message in a direction that is opposite of the first direction.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.