-
公开(公告)号:US20050268326A1
公开(公告)日:2005-12-01
申请号:US11025488
申请日:2004-12-29
CPC分类号: H04L63/102 , H04L63/1433 , H04L63/20
摘要: Systems and methods for checking security goals of a distributed system are described. In one aspect, detailed security policies are converted into a model. The detailed security policies are enforced during exchange of messages between one or more endpoints. The one or more endpoints host respective principals networked in a distributed operating environment. The model is evaluated to determine if the detailed security policies enforce one or more security goals of at least one of the one or more endpoints.
摘要翻译: 描述了用于检查分布式系统的安全目标的系统和方法。 在一个方面,详细的安全策略被转换为模型。 在一个或多个端点之间的消息交换期间执行详细的安全策略。 一个或多个端点托管在分布式操作环境中联网的各个主体。 评估该模型以确定详细的安全策略是否强制一个或多个端点中的至少一个端点的一个或多个安全目标。
-
公开(公告)号:US20080288622A1
公开(公告)日:2008-11-20
申请号:US11750964
申请日:2007-05-18
摘要: Manual management of server farms is expensive. Low-level tools and the sheer complexity of the task make it prone to human error. By providing a typed interface using service combinators for managing server farms it is possible to improve automated server farm management. Metadata about a server farm is obtained, for example, from disk images, and this is used to generate a typed environment interface for accessing server farm resources. Scripts are received, from a human operator or automated process, which use the environment interface and optionally also pre-specified service combinators. The scripts are executed to assemble and link together services in the server farm to form and manage a running server farm application. By using typechecking server farm construction errors can be caught before implementation.
摘要翻译: 服务器场的手动管理费用很高。 低级工具和任务的复杂性使其容易出现人为错误。 通过使用服务组合器提供一个类型化的接口来管理服务器场,可以改进自动化服务器场管理。 例如,从磁盘映像获取有关服务器场的元数据,这用于生成用于访问服务器场资源的类型化的环境接口。 从人类操作员或自动化过程接收脚本,其使用环境接口和可选地还预先指定的服务组合器。 执行这些脚本以组合和链接服务器场中的服务,以形成和管理正在运行的服务器场应用程序。 通过使用typechecking服务器场构建错误可以在实现之前被捕获。
-
公开(公告)号:US07559080B2
公开(公告)日:2009-07-07
申请号:US11025375
申请日:2004-12-29
IPC分类号: G06F21/00
CPC分类号: H04L63/08 , H04L63/102 , H04L63/12 , H04L63/20
摘要: Systems and methods for automatically generating security policy for a web service are described. In one aspect, one or more links between one or more endpoints are described with an abstract link description. The abstract link description describes, for each link of the one or more links, one or more security goals associated with exchange of message(s) between the one or more endpoints associated with the link. The one or more endpoints host respective principals networked in a distributed operating environment. Detailed security policies for enforcement during exchange of messages between the one or more endpoints are automatically generated from the abstract link description.
摘要翻译: 描述了用于自动生成Web服务的安全策略的系统和方法。 在一个方面,一个或多个端点之间的一个或多个链路用抽象链接描述来描述。 抽象链接描述针对一个或多个链接的每个链接描述与在与链接相关联的一个或多个端点之间的消息交换相关联的一个或多个安全目标。 一个或多个端点托管在分布式操作环境中联网的各个主体。 在一个或多个端点之间的消息交换期间执行的详细的安全策略是从抽象链接描述中自动生成的。
-
公开(公告)号:US20050251853A1
公开(公告)日:2005-11-10
申请号:US11025375
申请日:2004-12-29
CPC分类号: H04L63/08 , H04L63/102 , H04L63/12 , H04L63/20
摘要: Systems and methods for automatically generating security policy for a web service are described. In one aspect, one or more links between one or more endpoints are described with an abstract link description. The abstract link description describes, for each link of the one or more links, one or more security goals associated with exchange of message(s) between the one or more endpoints associated with the link. The one or more endpoints host respective principals networked in a distributed operating environment. Detailed security policies for enforcement during exchange of messages between the one or more endpoints are automatically generated from the abstract link description.
摘要翻译: 描述了用于自动生成Web服务的安全策略的系统和方法。 在一个方面,一个或多个端点之间的一个或多个链路用抽象链接描述来描述。 抽象链接描述针对一个或多个链接的每个链接描述与在与链接相关联的一个或多个端点之间的消息交换相关联的一个或多个安全目标。 一个或多个端点托管在分布式操作环境中联网的各个主体。 在一个或多个端点之间的消息交换期间执行的详细的安全策略是从抽象链接描述中自动生成的。
-
-
-
搜索结果
4 条记录 (耗时 0.018 秒)
