Abstract: A policy directed, security-centric model driven architecture is described to secure internal web services, such as those implementing service-oriented architecture (SOA), and external web services such as those hosted on a cloud computing platform. A distributed data dictionary hosted across multiple dictionary engines and operating in conjunction with web security services are used to embed security profiles in web services messages and to validate messages that contain such security profiles.

Abstract: A policy directed, security-centric model driven architecture is described to secure internal web services, such as those implementing service-oriented architecture (SOA), and external web services such as those hosted on a cloud computing platform. A distributed data dictionary hosted across multiple dictionary engines and operating in conjunction with web security services are used to embed security profiles in web services messages and to validate messages that contain such security profiles.

Abstract: A method includes receiving, by a first computer, input from a first user. The method further includes creating, by the first computer, a hierarchical class tree implementing security profiles based on the input from the user. The hierarchical class tree identifies data, actions, and behaviors pertaining to content, and the security profiles restrict access and use of that user's content. The method also includes transmitting, by the first computer, a portion of the hierarchical class tree to a second computer. A corresponding apparatus is also provided.

Abstract: A method includes receiving, by a first computer, input from a first user. The method further includes creating, by the first computer, a hierarchical class tree implementing security profiles based on the input from the user. The hierarchical class tree identifies data, actions, and behaviors pertaining to content, and the security profiles restrict access and use of that user's content. The method also includes transmitting, by the first computer, a portion of the hierarchical class tree to a second computer. A corresponding apparatus is also provided.

Abstract: A method includes receiving, by a first computer, input from a first user. The method further includes creating, by the first computer, a hierarchical class tree implementing security profiles based on the input from the user. The hierarchical class tree identifies data, actions, and behaviors pertaining to content, and the security profiles restrict access and use of that user's content. The method also includes transmitting, by the first computer, a portion of the hierarchical class tree to a second computer.

Abstract: A method includes receiving, by a first computer, input from a first user. The method further includes creating, by the first computer, a hierarchical class tree implementing security profiles based on the input from the user. The hierarchical class tree identifies data, actions, and behaviors pertaining to content, and the security profiles restrict access and use of that user's content. The method also includes transmitting, by the first computer, a portion of the hierarchical class tree to a second computer.

Abstract: Provided is a method for intercepting a message between a requesting web service and a source web service, validating the message, logging the result of the validations, and adding a security profile to the message. The method may also include examining the message to determine whether a security profile is embedded therein. If the message is valid, access to the message by the requesting web service is permitted. If the message is not valid, access to the message by the requesting web service is prevented.

Abstract: A policy directed, security-centric model driven architecture is described to secure internal web services, such as those implementing service-oriented architecture (SOA), and external web services such as those hosted on a cloud computing platform. A distributed data dictionary hosted across multiple dictionary engines and operating in conjunction with web security services are used to embed security profiles in web services messages and to validate messages that contain such security profiles.

Abstract: A system for compiling security data from an information network includes at least two network components (30,34), each providing data. A data parser (48,52) is coupled to the network components (30,34). The data parser (48,52) has access to two parser scripts that correspond to the network components' data. Categorized data can be produced by applying the parser scripts to the data received from the network components (30,34).

Abstract: Provided is a method for intercepting a message between a requesting web service and a source web service, validating the message, logging the result of the validations, and adding a security profile to the message. The method may also include examining the message to determine whether a security profile is embedded therein. If the message is valid, access to the message by the requesting web service is permitted. If the message is not valid, access to the message by the requesting web service is prevented.

Abstract: Provided is a method for intercepting a message between a requesting web service and a source web service, validating the message, logging the result of the validations, and adding a security profile to the message. The method may also include examining the message to determine whether a security profile is embedded therein. If the message is valid, access to the message by the requesting web service is permitted. If the message is not valid, access to the message by the requesting web service is prevented.

Abstract: A system for compiling security data from an information network includes at least two network components, each providing data. A data partner is coupled to the network components. The data parser has access to two parser scripts that correspond to the network's component data. Categorized data can be produced by applying the parser scripts to the data received from the network components.

Abstract: Provided is a method for intercepting a message between a requesting web service and a source web service, validating the message, logging the result of the validations, and adding a security profile to the message. The method may also include examining the message to determine whether a security profile is embedded therein. If the message is valid, access to the message by the requesting web service is permitted. If the message is not valid, access to the message by the requesting web service is prevented.