-
1.发明申请Comprehensive security architecture for dynamic, web service based virtual organizations 有权基于Web服务的虚拟组织的综合安全体系结构公开(公告)号:US20080104708A1
公开(公告)日:2008-05-01
申请号:US11529954
申请日:2006-09-29
摘要: A comprehensive security architecture for a virtual organization (VO) is disclosed. The comprehensive security architecture uses the same security mechanism or substantially similar security mechanisms to control access to VO infrastructure services as it uses to control access to resource services. Infrastructure services are services used to change the state of the VO and to change membership in the VO. Resource services (e.g. processing a purchase order) are services used in furtherance of achieving the objectives of the VO (e.g. build an aircraft). A security mechanism prevents a service call from accessing the service called until the security mechanism has decided to authorize or deny the service call. A security mechanism may decide to authorize or deny the service call based on details of the service call, a set of role-based access policies, and attributes from the caller's credentials including the caller's role in the VO.
摘要翻译: 披露了虚拟组织(VO)的综合安全架构。 综合安全体系结构使用相同的安全机制或基本类似的安全机制来控制对VO基础设施服务的访问,因为它用于控制对资源服务的访问。 基础设施服务是用于改变VO的状态并改变VO中的成员资格的服务。 资源服务(例如处理采购订单)是用于促进实现VO目标的服务(例如构建飞机)。 安全机制防止服务呼叫访问所调用的服务,直到安全机制决定授权或拒绝服务调用。 安全机制可以基于服务呼叫的细节,一组基于角色的访问策略和来自呼叫者的凭证的属性(包括呼叫者在VO中的角色)来决定授权或拒绝服务呼叫。
-
公开(公告)号:US20070088595A1
公开(公告)日:2007-04-19
申请号:US11253085
申请日:2005-10-17
申请人: Philip Robinson , Yucel Karabulut , Jochen Haller
发明人: Philip Robinson , Yucel Karabulut , Jochen Haller
IPC分类号: G06F15/02
CPC分类号: H04L63/104 , G06F21/335 , G06F21/6218 , G06F2221/2115 , G06Q10/0631 , G06Q10/0633 , G06Q10/06398 , H04L63/0823
摘要: A system and method to collaborate participants of different administrative domains in a workflow process is provided. The system includes a membership module for managing the participants, an event module for correlating activities of the workflow process, the membership module and the event module exchanging information relating to changes in the participants and the activities of the workflow process. The membership module for managing the participants includes registering, identifying, adding, querying and modifying the participants. On the other hand, the event module for correlating activities of the workflow process further includes specifying, executing and terminating the activities.
摘要翻译: 提供了一种在工作流过程中协作不同管理域的参与者的系统和方法。 该系统包括用于管理参与者的成员模块,用于关联工作流过程的活动,成员模块和事件模块交换与参与者的变化和工作流过程的活动有关的信息的事件模块。 用于管理参与者的成员模块包括注册,识别,添加,查询和修改参与者。 另一方面,用于关联工作流过程的活动的事件模块还包括指定,执行和终止活动。
-
公开(公告)号:US20060161272A1
公开(公告)日:2006-07-20
申请号:US11311901
申请日:2005-12-19
申请人: Jochen Haller , Philip Robinson , Yuecel Karabulut
发明人: Jochen Haller , Philip Robinson , Yuecel Karabulut
IPC分类号: G05B13/02
CPC分类号: G06Q10/06
摘要: A computer system, method and computer program for controlling a workflow process. A process modelling unit is configured to define a process model with at least a first task and a second task, wherein the second task needs to comply with a control aspect and depends on the first task, and is further configured to insert into the process model a control task between the first and the second task, wherein the control task is configured to enforce the control aspect on the second task by using a control service of a subsystem. A process execution unit of the system is configured to generate a process instance from the process model and to instantiate a control context to capture the current state of the process instance, the control context being used by an instance of the control task to invoke the control service according to the control aspect.
摘要翻译: 一种用于控制工作流过程的计算机系统,方法和计算机程序。 过程建模单元被配置为使用至少第一任务和第二任务定义过程模型,其中第二任务需要符合控制方面并且依赖于第一任务,并且还被配置为插入到过程模型 所述第一和第二任务之间的控制任务,其中所述控制任务被配置为通过使用子系统的控制服务来对所述第二任务执行所述控制方面。 系统的过程执行单元被配置为从过程模型生成过程实例并且实例化控制上下文以捕获流程实例的当前状态,控制上下文由控制任务的实例使用以调用控件 根据控制方面的服务。
-
公开(公告)号:US08412552B2
公开(公告)日:2013-04-02
申请号:US10950790
申请日:2004-09-28
申请人: Jochen Haller , Philip Robinson
发明人: Jochen Haller , Philip Robinson
IPC分类号: G06Q10/00
CPC分类号: G06Q10/10 , G06Q20/0855 , G06Q30/00
摘要: A trust look-up protocol is described that allows a meta-trusted third party, or trust directory, to mediate between parties of potential business collaborations and trusted third parties that are counted on to authorize or otherwise validate the business collaborations. The trust directory receives a trust request for a collaboration from one or more parties, and, based on the request, determines a specialty of a trusted third party that is suited to the request and the collaboration. The trust directory then obtains interface information for the trusted third party for forwarding to the requesting party. In this way, the trusted third party may make a determination as to whether the requesting party should proceed in the business collaboration. Afterwards, the trust directory may monitor communications that take place as part of the collaboration, for use in evaluating future requests and collaborations.
摘要翻译: 描述了一种信任查询协议,其允许元信任的第三方或信任目录在潜在的商业协作的各方之间进行调解,并且信任的第三方被指望授权或以其他方式验证业务协作。 信任目录接收来自一个或多个方的协作的信任请求,并且基于该请求,确定适合该请求和协作的可信第三方的专长。 然后,信任目录获得用于转发给请求方的可信第三方的接口信息。 以这种方式,可信任的第三方可以确定请求方是否应该进行业务协作。 之后,信任目录可以监视作为协作的一部分进行的通信,用于评估未来的请求和协作。
-
公开(公告)号:US08175907B2
公开(公告)日:2012-05-08
申请号:US11253085
申请日:2005-10-17
申请人: Philip Robinson , Yuecel Karabulut , Jochen Haller
发明人: Philip Robinson , Yuecel Karabulut , Jochen Haller
IPC分类号: G06F9/44
CPC分类号: H04L63/104 , G06F21/335 , G06F21/6218 , G06F2221/2115 , G06Q10/0631 , G06Q10/0633 , G06Q10/06398 , H04L63/0823
摘要: A system and method to collaborate participants of different administrative domains in a workflow process is provided. The system includes a membership module for managing the participants, an event module for correlating activities of the workflow process, the membership module and the event module exchanging information relating to changes in the participants and the activities of the workflow process. The membership module for managing the participants includes registering, identifying, adding, querying and modifying the participants. On the other hand, the event module for correlating activities of the workflow process further includes specifying, executing and terminating the activities.
摘要翻译: 提供了一种在工作流过程中协作不同管理域的参与者的系统和方法。 该系统包括用于管理参与者的成员模块,用于关联工作流过程的活动,成员模块和事件模块交换与参与者的变化和工作流过程的活动有关的信息的事件模块。 用于管理参与者的成员模块包括注册,识别,添加,查询和修改参与者。 另一方面,用于关联工作流过程的活动的事件模块还包括指定,执行和终止活动。
-
公开(公告)号:US07313812B2
公开(公告)日:2007-12-25
申请号:US10453873
申请日:2003-06-04
申请人: Philip Robinson , Jochen Haller
发明人: Philip Robinson , Jochen Haller
摘要: Techniques for providing application layer security may be facilitated by an arbitrator. In general, in one implementation, an arbitrator may receive a security tender including security requirements for an application, search for security services to fulfill the security requirements, determine whether discovered security services can satisfy the security requirements, and, if security services that can satisfy the security requirements exist, generate a security contract for the application, the security contract specifying how the application is to communicate with the security services that can satisfy the security requirements.
摘要翻译: 仲裁员可以方便提供应用层安全性的技术。 一般来说,在一个实现中,仲裁员可以接收包括应用的安全性要求的安全投标,搜索安全服务以满足安全性要求,确定所发现的安全服务是否能够满足安全要求,以及如果可以满足的安全服务 存在安全性要求,为应用程序生成安全合同,指定应用程序如何与可以满足安全要求的安全服务通信的安全合同。
-
公开(公告)号:US20060069658A1
公开(公告)日:2006-03-30
申请号:US10950790
申请日:2004-09-28
申请人: Jochen Haller , Philip Robinson
发明人: Jochen Haller , Philip Robinson
IPC分类号: G06Q99/00
CPC分类号: G06Q10/10 , G06Q20/0855 , G06Q30/00
摘要: A trust look-up protocol is described that allows a meta-trusted third party, or trust directory, to mediate between parties of potential business collaborations and trusted third parties that are counted on to authorize or otherwise validate the business collaborations. The trust directory receives a trust request for a collaboration from one or more parties, and, based on the request, determines a specialty of a trusted third party that is suited to the request and the collaboration. The trust directory then obtains interface information for the trusted third party for forwarding to the requesting party. In this way, the trusted third party may make a determination as to whether the requesting party should proceed in the business collaboration. Afterwards, the trust directory may monitor communications that take place as part of the collaboration, for use in evaluating future requests and collaborations.
-
8.发明授权Comprehensive security architecture for dynamic, web service based virtual organizations 有权基于Web服务的虚拟组织的综合安全体系结构公开(公告)号:US08365298B2
公开(公告)日:2013-01-29
申请号:US11529954
申请日:2006-09-29
IPC分类号: H04L29/06
摘要: A comprehensive security architecture for a virtual organization (VO) is disclosed. The comprehensive security architecture uses the same security mechanism or substantially similar security mechanisms to control access to VO infrastructure services as it uses to control access to resource services. Infrastructure services are services used to change the state of the VO and to change membership in the VO. Resource services (e.g. processing a purchase order) are services used in furtherance of achieving the objectives of the VO (e.g. build an aircraft). A security mechanism prevents a service call from accessing the service called until the security mechanism has decided to authorize or deny the service call. A security mechanism may decide to authorize or deny the service call based on details of the service call, a set of role-based access policies, and attributes from the caller's credentials including the caller's role in the VO.
摘要翻译: 披露了虚拟组织(VO)的综合安全架构。 综合安全体系结构使用相同的安全机制或基本类似的安全机制来控制对VO基础设施服务的访问,因为它用于控制对资源服务的访问。 基础设施服务是用于改变VO的状态并改变VO中的成员资格的服务。 资源服务(例如处理采购订单)是用于促进实现VO目标的服务(例如构建飞机)。 安全机制防止服务呼叫访问所调用的服务,直到安全机制决定授权或拒绝服务调用。 安全机制可以基于服务呼叫的细节,一组基于角色的访问策略和来自呼叫者的凭证的属性(包括呼叫者在VO中的角色)来决定授权或拒绝服务呼叫。
-
公开(公告)号:US07543292B2
公开(公告)日:2009-06-02
申请号:US11311901
申请日:2005-12-19
申请人: Jochen Haller , Philip Robinson , Yuecel Karabulut
发明人: Jochen Haller , Philip Robinson , Yuecel Karabulut
IPC分类号: G06F9/46
CPC分类号: G06Q10/06
摘要: A computer system, method and computer program for controlling a workflow process. A process modeling unit is configured to define a process model with at least a first task and a second task, wherein the second task needs to comply with a control aspect and depends on the first task, and is further configured to insert into the process model a control task between the first and the second task, wherein the control task is configured to enforce the control aspect on the second task by using a control service of a subsystem. A process execution unit of the system is configured to generate a process instance from the process model and to instantiate a control context to capture the current state of the process instance, the control context being used by an instance of the control task to invoke the control service according to the control aspect.
摘要翻译: 一种用于控制工作流过程的计算机系统,方法和计算机程序。 过程建模单元被配置为使用至少第一任务和第二任务定义过程模型,其中第二任务需要符合控制方面并且依赖于第一任务,并且还被配置为插入到过程模型 所述第一和第二任务之间的控制任务,其中所述控制任务被配置为通过使用子系统的控制服务来对所述第二任务执行所述控制方面。 系统的过程执行单元被配置为从过程模型生成过程实例并且实例化控制上下文以捕获流程实例的当前状态,控制上下文由控制任务的实例使用以调用控件 根据控制方面的服务。
-
10.发明授权Method and system for providing a trust-based reputation service for virtual organization formation 有权为虚拟组织形成提供基于信任的信誉服务的方法和系统公开(公告)号:US07818200B2
公开(公告)日:2010-10-19
申请号:US11361284
申请日:2006-02-24
IPC分类号: G06F17/10
CPC分类号: G06F17/30958 , G06Q10/0635 , G06Q10/10 , G06Q30/0201 , G06Q50/01 , H04L63/08 , H04L67/104 , H04L67/1057
摘要: A method and system for a source participant assessing trustworthiness of a destination participant through one or more neighboring participants in a collaborative environment. The method comprises modeling all of the participants as network nodes and relationships between the participants as network paths and identifying a set of the network nodes and the network paths representing the neighboring participants that connects the network node of the source participant to the network node of the destination participant. Each of the network nodes of the neighboring participants as identified has a trust rating with best result, the trust rating is a relative measurement of feedback ratings. The trust rating of a first one of the network nodes of the neighboring participants as identified is computed with the feedback ratings between the first one of the network nodes and others of the network nodes directly connected to the first one of the network nodes. In addition, the trust rating between the first one and a second one of the network nodes is the relative measurement of the feedback ratings of the first one provided for the second one of the network nodes in comparison to the feedback ratings of the first one provided to others of the network nodes, the second one and the others of the network nodes are directly connected to the first one of the network nodes.
摘要翻译: 用于通过协作环境中的一个或多个相邻参与者评估目的地参与者的可信度的源参与者的方法和系统。 该方法包括将所有参与者作为网络节点建模,并将参与者之间的关系建模为网络路径,并且识别一组网络节点和表示将源参与者的网络节点连接到源参与者的网络节点的相邻参与者的网络路径 目的地参与者。 所识别的相邻参与者的每个网络节点具有最佳结果的信任评级,信任评级是反馈评级的相对测量。 所识别的相邻参与者的第一个网络节点的信任等级由第一个网络节点与直接连接到第一个网络节点的网络节点的其他网络节点之间的反馈等级计算。 此外,网络节点中的第一个和第二个之间的信任等级是提供给第二个网络节点的第一个网络节点的反馈等级相对于提供的第一个的反馈等级的相对测量值 对网络节点的其他人,网络节点的第二个和其他网络节点直接连接到第一个网络节点。
-
-
-
-
-
-
-
-
-
搜索结果
37 条记录 (耗时 0.023 秒)
