Abstract: Systems, methods, and computer products for information sharing using personalized index caching. Exemplary embodiments include a method including receiving a search query history from a node X in a node A, extracting characteristics of an index of the node A, searching the extracted characteristics, which include a file ID that is included in the index of the node A, adding metadata information to the index of the node A, in response to a determination that the node A includes at least one additional local metaindex, searching the at least one additional metaindex with the search query history from the node X in the node A, and merging search results with the metaindex of the node A, wherein the one additional metaindex merged to the metaindex of the node A includes an acquisition path, and sending the metaindex of the node A to the node X.

Abstract: A software development apparatus for developing application software based on an object model that requires security in a web service application is provided. The software development apparatus includes a display unit that displays, in a class diagram of the application software, security annotation for adding security requirements for a service, input means for inputting the security annotation, transforming means for transforming the class diagram into a configuration model based on a markup language, and configuration-file creating means for creating a configuration file based on a markup language by serializing the configuration model based on a markup language. The security annotation includes the security requirements and a token class of a security token that is a certificate for declaring identity of a client to a server.

Abstract: A method for model, based verification of security policies for web service composition. The method includes corresponding to a verification generated by an information Row analysis. The method further includes obtaining an abstracted security qualifier. The method proceeds by presenting the abstracted security qualifier to an application model. The abstracted, security qualifier being presented to the application model as a security requirement. Subsequently, the method proceeds by farther including removing the data security requirement on data utilized in the service from the compliance rule. The method proceeds by processing flow in the application model, such processing being based upon the data security requirement. The method further includes verifying the consistency in response to the processing flow.

Abstract: The present invention creates a SOAP message without using DOM by generating a body part by sequentially performing such a process of a message as encryption or signing for each piece of the message, generating a header part by using information acquired during the process, and by combining the body part and the header part. The present invention also breaks a SOAP message without using DOM by acquiring header information with parsing a received SOAP message and sequentially performing decode or verification of a signature of a body part according to the header information.

Abstract: Methods and arrangements to handle network messages containing security information are disclosed. Embodiments include transformations, code, state machines or other logic to handle network messages containing security information by configuring an application to generate messages containing security information. The configuring may include creating a data structure to store security information of network messages and storing security information, including a specification of a cryptographic key and a specification of a format to represent information about the cryptographic key in the data structure.

Abstract: Methods and arrangements to handle network messages containing security information are disclosed. Embodiments include transformations, code, state machines or other logic to handle network messages containing security information by configuring an application to generate and process security information of network messages. An embodiment may involve creating a data structure to store security information of network messages and storing security information in the data structure. The security information may include a specification of a cryptographic key, a format to represent information about the cryptographic key, a policy to select a security token of a requestor when multiple security tokens are contained in network messages, or a policy to select a security token to determine the degree of trust to provide a message sender. The embodiment may include the generation of security information or consumption of security information of a message utilizing security information stored in the data structure.

Abstract: The present invention creates a SOAP message without using DOM by generating a body part by sequentially performing such a process of a message as encryption or signing for each piece of the message, generating a header part by using information acquired during the process, and by combining the body part and the header part. The present invention also breaks a SOAP message without using DOM by acquiring header information with parsing a received SOAP message and sequentially performing decode or verification of a signature of a body part according to the header information.

Abstract: A software development apparatus for developing application software based on an object model that requires security in a web service application is provided. The software development apparatus includes a display unit that displays, in a class diagram of the application software, security annotation for adding security requirements for a service, input means for inputting the security annotation, transforming means for transforming the class diagram into a configuration model based on a markup language, and configuration-file creating means for creating a configuration file based on a markup language by serializing the configuration model based on a markup language. The security annotation includes the security requirements and a token class of a security token that is a certificate for declaring identity of a client to a server.

Abstract: An authentication system with a single sign on having less influence on the service performance to provide a service via a network. The authentication system comprises a provider 20 for providing a service, a security token service 40, and a proxy service 30 interposed between the security token service 40 and the provider 20. The proxy service 30 preserves an authentication result of the security token service 40, and vicariously executes the authentication for a client based on the authentication result preserved by itself without transferring an authentication request received from the provider 20 to the security token service 40 under certain conditions. Moreover, when it is clear that a service can be provided to the client based on the service use history of the client 10 preserved by itself, the provider 20 provides the service to the client 10 without making the authentication request.

Abstract: The present invention creates a SOAP message without using DOM by generating a body part by sequentially performing such a process of a message as encryption or signing for each piece of the message, generating a header part by using information acquired during the process, and by combining the body part and the header part. The present invention also breaks a SOAP message without using DOM by acquiring header information with parsing a received SOAP message and sequentially performing decode or verification of a signature of a body part according to the header information.