ARO I AAAYA
`
`US 20030097464A1
`
`as United States
`a2) Patent Application Publication co) Pub. No.: US 2003/0097464 Al
`
` Martinezet al. (43) Pub. Date: May22, 2003
`
`
`(54) DISTRIBUTED WEB SERVICES NETWORK
`ARCHITECTURE
`
`Publication Classification
`
`(76)
`
`Inventors: Frank Martinez, La Canada, CA (US);
`Paul Kevin Toth, Daly City, CA (US)
`
`Correspondence Address:
`MARKJ. SPOLYAR
`38 FOUNTAINST.
`SAN FRANCISCO,CA 94114 (US)
`
`(21) Appl. No.:
`
`09/990,722
`
`(22)
`
`Filed:
`
`Nov. 21, 2001
`
`Int. Ch? GO6F 15/173; GOOF 15/16
`(51)
`(52) US. Ch. acsssnsssnsnstntssentntee 709/238; 709/218
`(57)
`ABSTRACT
`,
`Methods, apparatuses and systems facilitating deployment,
`configuration and maintenance of web services networks.
`The present invention features a distributed web services
`network architecture that, in one embodiment, leverages the
`functionality of cxisting network infrastructure to provide a
`low cost, efficient and reliable web services solution. The
`web services network architecture according to the present
`invention can be implemented across any suitable computer
`network, including an intranet or the Internet.
`
`52
`
`53
`
` Failover Root
` Root Engine
`
`Engine
`
`
`
`
`Reporting Node
`
`56
`
`62
`
`56
`
`Google Exhibit 1032
`Google v. VirtaMove
`
`Google Exhibit 1032
`Google v. VirtaMove
`
`

`

`Patent Application Publication May 22,2003 Sheet 1 of 7
`
`US 2003/0097464 Al
`
`22
`
`(|
`=
`
`-
`To
`
`M
`
`I
`
`—_
`
`24
`
`i
`
`20
`
` E
`
`=
`
`CJ
`
`il
`—
`
`ML
`
`M4
`
`;
`
`Fig.1
`
`L_]
`=a
`c=
`
`‘5
`
`i
`
`Co
`
`

`

`Patent Application Publication May 22,2003 Sheet 2 of 7
`
`US 2003/0097464 Al
`
`42
`
`42
`
`42
`
`Root Engine
`
`
`
`54
`
`56
`
`:
`
`
`
`
`
`54
`
`56
`
`56
`
`44
`
`44
`
`44
`
`Fig.2
`
`

`

`Patent Application Publication May 22,2003 Sheet 3 of 7
`
`US 2003/0097464 Al
`
`52
`
`53
`
`Root Engine
`
`Failover Root
`Engine
`
`60
`
`58
`
`60
`
`54
`
`Reporting Node
`
`62
`
`56
`
`
`
`Fig.3
`
`56
`
`

`

`Patent Application Publication May 22,2003 Sheet 4 of 7
`
`US 2003/0097464 Al
`
`
`Root Node 1
`
`Pub 1
`Pub 2
`Pub 3
`
`
`SubA
`Sub B
`UserX
`User Y
`User Z
`|
`
`
`
`
`Service K|Action K1|Action K2) Action K3|Action K4
`
`aeo ee
`
`ee
`—>
`
`
`Engine Node 1
`Engine Node 2
`
`
`User X
`Pub 1
`Pub 3
`Pub 1
`Pub 2
`
`
`User YUser Z
`SubA
`Sub B
`User X
`
`Service K|Action K3 Service K|Action K1|Action K2
`
`
`
`
`
`
`
`
`
`
`
`
`ee
`ee
`
`a
`ao
`
`
`
`
`
`
`
`
`Switch Node 1
`Switch Node 2
`Switch Node 3
`
`
`
`
`
`
`
`
`
`Pub 1 [user|Pub 2Pub 3 Pub 1 User X
`ser
`~
`
`
`
`Sub B
`eer X
`Sub A
`-
`Sub A
`User ¥
`Switch Node 4
`
`User Z
`a
`
`
`Service K|Action K3 Service K|Action K1 Service K|Action K2 |
`
`
`Fig.4
`
`

`

`Patent Application Publication May 22, 2003 Sheet 5 of 7
`
`US 2003/0097464 Al
`
`vV
`
`SP
`
`/POYSTQNd
`
`Jaqiiosqns
`
`cv
`
`vv
`
`cv
`
`vr
`
`vs
`
`cv
`
`
`
`

`

`Patent Application Publication May 22,2003 Sheet 6 of 7
`
`US 2003/0097464 Al
`
`52
`
`Root Engine Node
`
`
`
`
`
`
`
`Subscriber 1
`Subscriber 2
`
`Subscriber 3
`
`
`
`
`
`Subscriber 1
`Subscriber 2
`
`
`
`
`EngineNode
`
`
`Switch
`
`
`Subscriber 1
`
`90
`
`Subscriber 1
`Subscriber 2
`
`Subscriber 2
`
` Network Cloud
`
`Subscriber 1
`
`
`Root Engine Node
`
`
`
`
`
`
`Console
`Subscriber 3
`
`
`
`Application
`
`
`
`EngineNode
`
`
` Switch
`
`
`
`
`Network
`Admin
`
`Subscriber 1
`
`74
`
`

`

`Patent Application Publication May 22,2003 Sheet 7 of 7
`
`US 2003/0097464 Al
`
`Subscriber1
`Subscriber 2
`
`Subscriber 3
`
`Subscriber 1
`
`Subscriber 2
`
`
`
`Root Engine Node
`
`
`
`
` Console
`Application
`
`
`
`EngineNode
`
`
` Network Cloud
`
`
`Switch
`
`
`Subscriber 1
`
`Network
`Admin
`
`
`74
`
`56
`
`Routing Entity) LecalRouting|Chile Node A|Child Node B
`
`Subscriber X|12/10/02; 17:26|12/12/02: 11:16 |40Ma/Om.10:69%
`
`
`
`
`
`
`
`
`12/4/02; 18:16
`
`
`Action|1/6/03;18:45[stewsiaae |1/7/03;19:21|
`
`
`
`
`
`
`
`
`

`

`US 2003/0097464 Al
`
`May 22, 2003
`
`DISTRIBUTED WEB SERVICES NETWORK
`ARCHITECTURE
`
`FIELD OF THE INVENTION
`
`[0001] The present invention relates to computer networks
`and, more particularly, to methods, apparatuses and systems
`facilitating deployment, configuration, and maintenance of
`webservices networks.
`
`BACKGROUND OF THE INVENTION
`
`[0002] Web services networks are rapidly evolving tech-
`nology architectures allowing applications to tap into a
`variety of services in an extremely efficient and cost effec-
`tive manner. Web services enable cost-effective and efficient
`
`collaboration among entities within an enterprise or across
`enterprises. Web services are URL or
`IP addressable
`resources that exchange data and execute processes. Essen-
`tially, web services are applications exposed as services over
`a computer network and employed by other applications
`using Internet standard technologies, such as XML, SOAP,
`WSDL,etc. Accordingly, web applications can be quickly
`and efficiently assembled with services available within an
`enterprise LAN or external services available over open
`computer networks, such as the Internet.
`
`[0003] A web services network can be deployed across an
`enterprise LAN or across a Wide Area Network, such as the
`Internet. A typical web services network includesat least one
`networkservices broker that is operative to receive a service
`request and route the service request
`to the appropriate
`resource. A brokeris a specially configured server or cluster
`of servers acting as an intermediary for web service requests
`and responses. As web services network usage increases,
`however, the broker can become a bottleneck. To ease this
`bottleneck, the prior art solution is simply to add additional
`processing power to the broker (¢.g., additional servers),
`whichis costly, inefficient, and fails to leverage the enter-
`prise’s investments in its existing network infrastructure.
`Moreover, the centralized nature of the broker creates reli-
`ability concerns in that failure of the broker disables the
`applications accessing services through it.
`
`In light of the foregoing and the rapidly expanding
`[0004]
`use of web and networkservices, a need in the art exists for
`methods, apparatuses and systems that reduce the cost
`associated with operating web services networks. In addi-
`tion, a need in the art exists for technology that leverages
`exisling network infrastructure to create an eflicient and cost
`effective web services network. As described below,
`the
`present invention substantially fulfills these and other needs
`associated with web services networks.
`
`SUMMARY OF THE INVENTION
`
`[0005] The present invention provides methods, appara-
`tuses and systemsfacilitating deployment, configuration and
`maintenance of web services networks. The present inven-
`tion features a distributed web services network architecture
`
`leverages the functionality of
`in one embodiment,
`that,
`existing network infrastructure to provide a low cost, effi-
`cicnt and reliable web services solution. The web services
`
`network architecture according to the present invention can
`be implemented across any suitable computer network,
`including an intranct or the Internet.
`
`DESCRIPTION OF THE FIGURES
`
`FIG.1 is a functional block diagram illustrating a
`[0006]
`computer network environment including an embodiment of
`the distributed web scrvices network according to the
`present invention.
`
`FIG.2 is functional block diagram setting forth the
`[0007]
`network architecture associated with an embodiment of the
`
`present invention.
`
`FIG.3 is a functional block diagram providing a
`[0008]
`web services network architecture including reporting func-
`tionality on a dedicated node.
`
`FIG.4 is a diagram illustrating a possible state for
`[0009]
`routing tables across an embodiment of the web services
`network of the present invention.
`
`[0010] FIG. 5 is a functional block diagram showing
`various scenarios associated with routing of service action
`requests.
`
`FIG.6 is a functional block diagram illustrating the
`(0011]
`process flow associated with a routing entry request.
`
`FIG.7 is a functional block diagramsetting forth
`(0012]
`an exemplary process flow associated with routing table
`updates.
`
`FIG.8 is a functional block diagram setting forth
`[0013]
`a process flowassociated with routing table maintenance.
`
`[0014] FIG. 9 is a table illustrating a routing matrix
`according to an embodiment of the present invention.
`
`DESCRIPTION OF PREFERRED
`
`EMBODIMENT(S)
`
`FIG.1 illustrates a computer network environment
`[0015]
`including an embodimentof the present invention. As FIG.
`1 illustrates, the computer network environment comprises
`a plurality of host nodes, such as client computers 22 and
`servers 24, interconnected by computer network 20. Com-
`puter network 20 comprises routers 22 and other networking
`equipment to transmit and route data between host nodes
`connected to the network. Computer network 20 further
`comprises network services engine 54 operably connected to
`at least one routing device augmented to include the func-
`tionality of a network services switch 56 thereby enabling a
`webservices network according to the present invention, as
`more fully described below. In one embodiment, the web
`services network enabled by the present invention employs
`standard Internet protocols, such as SOAP and XML,to
`exchange data. However, any suitable protocols can be used.
`
`I. Network Environment
`
`[0016] The distributed web services network architecture
`according to the present invention comprises at least one
`network services engine 52 or 54 operating in connection
`with at least one least one network services switch 56. FIGS.
`2 and 3 illustrate the distributed web services network
`
`architecture according to onc embodiment of the present
`invention. FIG.2 provides a basic block diagram illustrating
`the topography of a web services network that utilizes one
`or more instances of nctwork scrvices switch 56. FIG. 2 scts
`
`forth a web services network including N subscriber nodes
`42, M publisher nodes 44 and seven routing nodes, four of
`whichare instances of network services switch 56 and three
`
`

`

`US 2003/0097464 Al
`
`May 22, 2003
`
`of which are instances of network services engine 54. The
`directed lines pointing to and from the network sphere
`represent the path taken by service action requests emanat-
`ing from subscriber nodes 42 passing through the network to
`publisher nodes 44. The lines between routing nodesrepre-
`sent routing table dependencies, as more fully described
`below.
`
`[0017] As discussed in more detail below, network ser-
`vices engines 52, 54 include functionality associated with all
`aspects of a web services network, including network and
`routing node configuration, network maintenance, discov-
`ery, registration, subscription, logging and reporting, as well
`as the handling of routing and associated tasks. In one
`embodiment, the functionality of network services engines
`52, 54 are presented as internal web services on the network.
`As discussed below, network services engines 52, 54 are also
`operative to support and maintain network services switches
`56 associated therewith.
`In one form, network services
`engines 52, 54 may be configured to operate in a mode
`where only a subsetof available functionality is enabled. For
`example, a particular engine, such as root engine 52, may be
`configured such that it does not perform routing of service
`action requests and responses. As FIG. 3 shows, each
`network services engine 52, 54 operates independently with
`its own database 60 and its own configuration set. Some of
`the tasks performed by network services engines 52, 54 can
`be quite resource-intensive. Network services engine 54
`supports the creation of highly distributed systems but can
`be a large application requiring large amounts of persistent
`memory and processing power. A good example of this is
`logging of service action requests and responsestraversing
`the network. Because every request and every response that
`flows through a network services engine requires a certain
`amount of metadata to be persisted,
`it is necessary that
`engine 54 be capable of handling a potentially heavy Load
`of database interactions.
`
`[0018] While multiple instances of network services
`engine 54 may beinstalled to support a highly active web
`services network, such a configuration can be very costly
`requiring installation and configuration of multiple, dedi-
`cated servers on computer network 20. The introduction of
`network services switch 56 provides a moreefficient and less
`expensive alternative. Network services switch 56 includes
`a subset of the functionality of network services engine 52
`or 54 and is capable of handling routing of scrvice action
`requests and responses, as well as associated tasks such as
`application-level security. Operation of network services
`switch 56 is designed to reduce the amount of computational
`resources required to function at an acceptable level. Net-
`work services switch 56, in one embodiment, has a small
`footprint, rendering instances of switch 56 suitable for
`installation on embedded systems associated with computer
`network 20, such as network routers 28. For example,
`introduction of network services switch 56 separates routing
`and associated tasks from other web services platform
`functionality, thereby allowing network administrators to
`distribute web services
`routing functionality and the
`resources demanded by such routing tasks across many
`inexpensive nodes in a network environment. Such a con-
`figuration allows for rapid scalability in a highly cast
`efficient manner. Accordingly, embodiments of the present
`invention allow a network administrator to leverage an
`enterprise’s investment in existing network infrastructure to
`create a web services network capable of handling large
`amounts of web servicestraffic.
`
`Inone form, network services switch 56 operates in
`[0019]
`conjunction with a plurality of additional instances of net-
`work services switch 56 installed on existing routing nodes
`in the network infrastructure or on dedicated devices. The
`
`plurality of network services switches depend on one or
`more instances of network services engine 52 and/or 54 to
`handle activities requiring persistent storage of data, such as
`logging, reporting, maintenance and configuration. Unlike
`the web services networks of the prior art, where the web
`services platform is associated with and all web services
`routing occurs at a single point of integration located on a
`server or cluster or servers in a particular network, the web
`services network platform functionality of the present inven-
`tion is distributed across the network environment.
`
`[0020] A. Network Services Engine
`
`[0021] Network services engine 52, 54 supportsall aspects
`of a web services network, including network and routing
`node configuration, security, network maintenance, togging
`and reporting, as well as the handling of routing and
`associated tasks. As discussed below, network services
`engines 52, 54 are also operative to support and maintain
`network services switches 56 associated therewith. In one
`
`form, network services engines 52, 54 may be configured to
`operate in a mode where only a subsetof its functionality is
`enabled. For example, a particular engine, such as root
`engine 52, may be configured such that it does not perform
`routing of service action requests and responses. As FIG. 3
`illustrates, certain instances of the network services engine
`54 are used specifically for gathering reporting data. Such
`instancesare referred to as reporting nodesor servers 58. In
`someconfigurations, reporting node 58is dedicated solely to
`reporting and logging of data associated with usage of web
`services network 40, while, in other configurations, report-
`ing node 58 also supports web services routing functionality.
`
`In one embodiment, the functionality of network
`[0022]
`services engine 54 may be implemented in hardware, soft-
`ware, or a combination of both. In one embodiment, network
`services engine 52, 54 is an application executed by a server
`operably connected to computer network 20 (see FIG. 1).
`The serveris a programmable computer executing computer
`programs, comprising at least one processor, a data storage
`system, at least one input device, and at least one output
`device. In one embodiment, network services engine 52, 54
`comprises a persistent data store, such as network database
`60, 62 respectively. Network databases 60, 62 store web
`services routing table data, as well as configuration data
`relating to the operation of web services network 40. Net-
`work databases 60, 62 are stored in persistent, nonvolatile
`memory, such as a hard-disk drive or any other suitable form
`of persistent memory. In one preferred embodiment, net-
`work databases 60, 62 reside on the same respective servers
`executing the functionality of network services engines 52,
`54. However,
`in another embodiment, a single database
`server can support multiple instances of network database
`60, 62 each associated with a network services engine 52,
`54.
`
`[0023] Network services engine 52, 54 is opcrative to
`maintain and update routing table data for network services
`switches 56 operably connected thereto. Network services
`engines 52, 54 are also capable of making database cntrics
`
`

`

`US 2003/0097464 Al
`
`May 22, 2003
`
`on behalf of network services switches 56, such as for
`service action logging. Network services engines 52, 54 are
`also operative to share web services network configuration
`and/or routing data with other instances of network services
`engine 52, 54 associated with the computer network envi-
`ronment. As discussed below,the routing table data applies
`to the entire web services network notjust a single network
`services engine. Accordingly, a change to routing table data
`must propagate through the web services network,affecting
`every routing node (e.g., engine and/or switch) that enables
`that network.
`
`[0024] Network services engine 52, 54 further supports at
`least one handler that implements a platform service asso-
`ciated with the web services network. A handler is function-
`ality directed to maintenance, configuration, and/or support
`of a web services network. In one embodiment, actions
`associated with handlers are presented as internal web
`services available on one or more instances of network
`
`services engine 52, 54. For example, a handler service action
`may assist end-users with utilization of web services net-
`work 40. For example, a particular handler action, when
`invoked, provides information to a user describing which
`web services he has permission to access. Other handler
`service actions include functionality associated with routing
`entity requests, entity creator requests, and the like (see
`below).
`
`[0025] As discussed in more detail below, a console appli-
`cation allows network administrators to configure network
`services engines 52, 54, network services switches 56 and,
`thus, operation of web services network 40. The console
`application facilitates configuration of all data required for
`routing, security and user management. Network services
`switches 56 depend on instances of network services engine
`52, 54 for routing table and other associated data. Network
`services switches also depend on engines 52, 54 to provide
`functionality allowing for maintenance, configuration and
`support of web services network 40. For example, embodi-
`ments of network services switch 56 do not store routing
`table data in persistent memory, but depend on network
`services engine 52, 54 to provide this information on
`demand and/or by push updates, as required. Accordingly,
`configuration of network services switch 56 entails provid-
`ing a computer network address of a network services
`engine 54 with which it communicates for routing table and
`other configuration data.
`
`[0026] B. Network Services Switch
`
`[0027] Network services switch 56 routes service action
`requests and responses in the same manner as network
`services engine 52, 54. In one embodiment, network ser-
`vices switch 56 is further operative to perform other routing-
`related tasks, such as application-level security. As discussed
`above, however, network services switch 56 relies on one or
`more instances of network services engine 52, 54 for non-
`routing related functionality associated with network 40,
`such as configuration, maintenance, support, logging,etc.
`
`[0028] As discussed above, nctwork services switch 56, in
`one embodiment, has a small footprint enabling its instal-
`lation on standard networking equipment, such as network
`router 28. Although nctwork services switch 56 may run on
`such lightweight hardware platforms, such hardware plat-
`forms mustbe able to accommodate an operating system and
`network scrviccs switch 56. In onc embodiment, the hard-
`
`ware platform should preferably include some form of
`persistent memory, such as a hard drive or an Application
`Specific Integrated Circuit (ASIC), allowing for storage of
`an operating system and an instance of network services
`switch 56. In one embodiment, network services switch 56
`operates in connection with an embedded Linux or Solaris
`operating system including a Java Runtime Environment
`supporting all requisite Java networking libraries. In such an
`embodiment, the hardware platform mustalso be capable of
`executing a servlet engine at a reasonable performancelevel.
`However, network services switch 56 may be implemented
`in other programming environments, such as C or any other
`suitable
`programming
`environment. Suitable
`routing
`devices include Cisco® Content Services Switches, Nortel®
`Alteon 180 routers, andthe like. Of course, network services
`swilch 56 can be ported to any suitable platform or runtime
`environment, including service appliances such as Crystal
`PC® CS200/300, or Hewlett Packard® P4500. To configure
`network services switch 56, a network administrator must
`provide the computer network address of the network ser-
`vices engine to which it can make requests for routing table
`updates, as well as a computer network address of the
`reporting node to which it sends event logging requests.
`
`[0029] One the features enabled by embodiments of the
`present
`invention is inexpensive fail over support.
`It
`is
`important that the disruption of a single network node not
`bring down an entire web services infrastructure. Because it
`is relatively inexpensive to implement network services
`switch 56 at existing routing nodes in a computer network
`environment, it is practical to distribute it in large numbers
`across the network, thereby enhancing a subscriber’s ability
`to employ automated fail over functionality if a particular
`routing node fails.
`
`[0030] C. Platform Services and Console Application
`
`[0031] As discussed above, network services engine 52,
`54 supports handlers implementing platform services, such
`as the registration of end-users and queries for services
`available to a given subscriber. As discussed above, handler
`services are web services accessible by the generation of a
`service action request as any other web service. Accordingly,
`this configuration allows enterprise customers to integrate
`platform services into their own systems and applications, as
`opposed to being forced to access platform services through
`a third-party application interface. Nevertheless, embodi-
`ments of web services network 40 include console applica-
`tion 90 as more fully discussed below. The following also
`illustrates the platform services offered by network services
`engines 52, 54.
`
`[0032] The console application provides an interface
`facilitating access to functionality for network administra-
`tors and other users of the web services network enabled by
`the present invention. For example, console application 90
`provides the user interface through which web services are
`configured, registered, and discovered, by which access to
`those services maybe controlled, by which networkservices
`engines 54 and switches 56 are configured, and by which the
`user rights of those participating in the network may be
`administered. In one embodiment, the console application
`further provides access to service activity reporting capa-
`bilities and customerservice functionality.
`
`[0033] Console application 90 presents the user interface
`by which authenticated end-users intcract with and/or con-
`
`

`

`US 2003/0097464 Al
`
`May 22, 2003
`
`figure the web services network of the present invention. In
`one embodiment, console application 90 is a web-based
`application executed on a server or other computing device
`operably connected to the computer network environment.
`In another embodiment, the console application may reside
`on a desktop computer 22 associated with a network admin-
`istrator. As discussed above, the functionality allowing for
`maintenance, configuration, support and other administra-
`tive tasks associated with web services network 40is, in one
`embodiment, available as web services residing on one or
`more instances of network services engines 52 and/or 54. In
`one embodiment, a set of SNMPinterfaces allow access to
`such administrative functionality without the use of console
`application 90. To implement an end-user command, con-
`sole application 90 generates an appropriate service action
`request and transmils it to a network services engine 52 or
`54. Console application 90 is further operative to allow for
`configuration of all nodes associated with a web services
`network concurrently or individually.
`
`[0034] Console application functionality can be divided,
`for didactic purposes,
`into several
`interrelated areas or
`realms. The console application can include all or a subset
`of the functionality described below. For example, although
`subscribers, in one embodiment, must formally subscribe to
`a service, other embodiments allow for the utilization of
`services without formal subscription protocols.
`
`[0035]
`
`1. Basic Entity Administration
`
`[0036] For illustrative purposes, the various participants
`and components in a web service network will be referred to
`herein as routing entities or entities. In one embodiment, the
`webservices functionality supports the following entities:
`
`[0037] Organizations: An organization can refer to an
`individual, a department within an enterprise, an entire
`enterprise, or any other entity. Both subscribers and pub-
`lishers are types of organizations within the context of the
`console application and a web services network. A sub-
`scriber is an organization running applications that utilize
`one or more webservices. A publisher is an organization
`defining and maintaining at least one service. All end-users
`are considered members of an organization. The words
`“subscriber” and “publisher” are used as modifiers for
`end-users, allowing the console application to present dif-
`ferent interfaces based on the specific role of the user who
`is currently logged on.
`
`Services: A service is a web service or application
`[0038]
`maintained by a publisher. A service includes one or more
`actions. These are web services that have been or will be
`
`integrated into a web services network according to the
`present invention.
`
`[0039] Actions: The functionality offered by a service is
`divided into actions, each of which represents a discrete
`activity that can be performed by a publisher on behalf of a
`subscriber in response to a service request.
`
`[0040] End-Users: An end-user is an individual or com-
`puting unit logged into host node (c.g., clicnt computers 22
`or servers 24) and accessing the console application. End
`user also refers to individuals or entities whose use of a
`
`subscriber application results in a service action request
`being transmitted over the web services network of the
`present invention. Those end-users of the console applica-
`tion posscssing adequate permission levels carry out admin-
`
`istrative tasks with respect to each of these routing entities.
`Such tasks include searching, browsing, creation of new
`entities, editing existing entities, and deletion of obsolete
`entities.
`
`[0041]
`
`2. User Account Management
`
`[0042] The console application also facilitates creation
`and management of user accounts. Each user account has
`associated therewith a set of access privileges to the func-
`tionality available over the console application or other
`administrative tool. An IT administrator may have privileges
`to create and modify user accounts and entities. An admin-
`istrative end-user associated with a subscriber may also have
`the ability to modify or create user accounts within the
`subscriber
`realm. An administrative end-user associated
`
`with a publisher may have access privileges to register or
`delete services or actions within the publisher’s realm. In
`one embodiment, a user account further includes access
`privilege information relating to specific services or actions
`available to the corresponding end-user. The console appli-
`cation supports similar capabilities available with respect to
`entities: searching, browsing, creation of new accounts,
`editing existing accounts, and deletion of obsolete accounts.
`
`[0043]
`
`3. Reporting
`
`[0044] The console application also allows users access to
`a variety of reports supplying information on various aspects
`of web service usage. Both graphical and text-based reports
`can be supplied, constrained, and organized using a variety
`of parameters, including specification of included entities,
`end-users, and date ranges.
`
`[0045]
`
`4. Advanced Entity Administration
`
`[0046] One embodiment of the web services platform
`enabled by the present invention allows for monctization of
`webservices. To facilitate monetization, the console appli-
`cation supports additional
`types of entities and/or entity
`attributes, in addition to the basic ones described above.
`
`[0047] Pricing Models: A pricing modelconsists of one or
`more types of charges, as well as a number of parameters
`(such as price) that provides the means by which amounts
`owed for service usage can be computed. The console
`application allows authenticated end-users to create, edit,
`and delete pricing modelentries.
`
`[0048] Service Offers: When a publisher offers a sub-
`scriber (or group of subscribers) use of a service, this is
`accomplished by creating a “Service Offer.” The Service
`Offer,
`in one embodiment, comprises a pricing model, a
`unique identification (Id) of the Service being offered, and a
`list of subscribers to whom it is being offered. Additional
`terms and conditions may be specified as well. A subscriber
`gains permission to use a service by accepting the proffered
`Service Offer associated with it. Users create, edit and delete
`service offer entries using the console application. In one
`embodiment, when Service Offer detail pages are viewed by
`administrators,
`the number of subscribers accepting that
`Service Offer are shown.
`
`[0049] Organization Groups: The console application also
`allows publishers to place organizations in named groups.
`‘These groupsare then used to establish access control rights
`for services provided by those publishers.
`
`[0050] Access Control: Publishers can control access to
`the services they provide. The process of administering such
`
`

`

`US 2003/0097464 Al
`
`May 22, 2003
`
`access controls is also known as “provisioning.”Once a
`subscriber accepts a service offer, it is incumbent on the
`administrator of the relevant service to provide access in a
`timely manner. This is done by placing organization and
`organization groups (“org groups”) onto the access list
`maintained for that service.
`
`[0051] Additional Computed Fields: In addition to the
`various computed values displayed in entity detail views as
`specified above, several other values can be computed and
`displayed:
`
`1) The number of subscribers to a service, for
`[0052]
`example, can be displayed. ‘his is defined as the sum
`of all subscribers to all Service Offers that include the
`service.
`
`2) The average number of requests per day can
`[0053]
`be shown for both services and service actions.
`
`3) A service action may optionally have a
`[0054]
`counter associated with it that is incremented each time
`the service action is used. The value of this counter is
`available as a computedfield in the service action detail
`and list pages. Users are able to reset
`the counter
`manually, through the service action detail page, or to
`specify a standard timer reset interval (defaults to 24
`hours) through the service action detail page.
`
`[0055] Configurable List Pages: The list view of the Entity
`Administration Page can be configurable, allowing power
`users to pick which fields actually appear on the page. Such
`users will be able to select from amongst a number of
`optionalfields that may be included as columnsin the view.
`For services, one of the optional fields will be “number of
`Subscribers” (as described in the bullet point above) and
`“average number of requests per day.” For Service Actions,
`one of the optional fields may be “average number of
`requests per day.”
`
`[0056]
`
`5. Discovery
`
`[0057] The console application also facilitates and sup-
`ports discovery of web services. Discovery is the process by
`which subscribers search for and browseservices in order to
`make utilization decisions.
`
`[0058]
`
`6. Subscription
`
`[0059] The con