Patently Confusing!

Patently Confusing!

Posted on June 16, 2009 0 Comments

Well, if you track our "space," you'd have seen that Forum has been awarded a patent on XML security appliances. Apparently, it's patent number 7,516,333.

As it turns out, Actional has a patent in the area of web service security too - Patent 7,480,799.

It seems that Forum's patent focuses on appliance devices (hardware) that incorporates acceleration, though doesn't limit itself to web services.

To help compare the difference between the two patents, you might look at the top level claims.

Forum's states that their patent is...

A method for applying security policies to data in a network, said method comprising the steps of: intercepting data being transferred across the network; determining that a security function to be performed can be offloaded for acceleration; utilizing a JAVA.RTM. Cryptographic Engine (JCE) to transparently offload the data; performing the security function in hardware, said hardware performing the steps of: entering a request in a JCE layer for a cryptographic function to be performed; invoking JAVA.RTM. Native Interface (JNI) hooks in a JNI layer to function as an interface to an operating system specific C programming language interface library; unpacking data from the intercepted data so that the unpacked data can be manipulated in the operating system specific programming language; and marshalling the unpacked data in a cryptographic messaging layer so that the unpacked data can be transformed to a standard format.

Whereas our patent is...

A computer-implemented method of implementing security for Simple Object Access Protocol (SOAP) messages which can be exchanged between client and server programs, the method comprising: receiving a SOAP message; determining whether at least one security rule has been defined for the SOAP message, the at least one security rule being defined based on a security policy for exchanging SOAP messages between at least one client program and at least one server program, wherein the at least one security rule includes at least one decryption rule; and performing at least one security related operation on the SOAP message based on the at least one security rule when the determining determines that at least one security rule is associated with the SOAP message, wherein the performing of the at least one operation comprises: determining whether the SOAP message is encrypted, and decrypting the SOAP message based on one or more decryption keys which are associated with the at least one decryption rule.
Looks like ours deals with how policies are applied to SOAP messages, even when they're encrypted.

I want to congratulate Forum for being second to the patent game here... ours just beat theirs, being approved January 20th, 2009.

Of course, we're not new to the patent game. We've got a few around our unique runtime governance technology as well... it's why our competitors are constantly saying, "you know who you do business with" or "you don't want to have all that information in your display, it's too confusing." The method we use to discover services in a network is unique and they can't do it (while running in production all the time, on any protocol, and not affecting performance).

In case the two summaries above aren't enough to put you to sleep on the spot (I've found myself dozing off as I write this myself), below are links to the others. I believe there are also a patent or two pending on the Actional Team Server / Actional Diagnostic technology too.

Patent 5,732,270 (1998)
Patent 6,349,343 (2002)
Patent 7,330,889 (2008)

This last one is the real interesting stuff relative to Actional. The title is "Network Interaction Analysis Arrangement", and relates to the way we (and our partner Software AG) compete successfully against solutions from HP, SOA Software, and Amberpoint.

The abstract:

In a network through which service providing nodes are interconnected, one or more software elements at each service providing node process the network operations. A client interceptor coupled in an examine node to a selected software element intercepts transmissions from the software element to record transmission flow control information. A server interceptor coupled in the examine mode to the selected software element intercepts transmissions to the software element to record transmission flow control information. An administrative node of the network examines the transmission flow control information from the selected software elements to assess network operation.

And the top-level claim:

A computer network interconnecting a plurality of service providing nodes each including software elements for performing computer network tasks and an administrative node for monitoring the computer network tasks, at least one of the service providing nodes comprising: a plurality of software elements in an application layer of the service providing node for coupling to other software elements in the same application layer and in the application layers of other service providing nodes of the network to process operations of the network; an interceptor unit for each software element of the at least one service providing node, the interceptor unit being coupled to its software element in response to selection of the software element by the administrative node for intercepting transmissions in the application layer from the selected software element to other software elements in the same and different service providing nodes and for intercepting transmissions in the application layer to the selected software element from other software elements in the same and different service providing nodes wherein said interceptor unit further forms a record of information pertaining to the transmissions at the selected software element and each record of transmission pertaining information further comprises a chain correlation identifier to identify an operation of a selected software element in its performance of a network task and an interaction correlation identifier to identify an interaction of a selected software element with another software element; and a transfer unit responsive to a transfer command from the administrative node to the selected software element for transferring the record pertaining to transmission pertaining information from the interceptor unit to the administrative node, in order to monitor operations of network tasks.

david bressler

View all posts from david bressler on the Progress blog. Connect with us about all things application development and deployment, data integration and digital business.

Comments

Comments are disabled in preview mode.
Topics

Sitefinity Training and Certification Now Available.

Let our experts teach you how to use Sitefinity's best-in-class features to deliver compelling digital experiences.

Learn More
Latest Stories
in Your Inbox

Subscribe to get all the news, info and tutorials you need to build better business apps and sites

Loading animation