| 摘要 |
<p>A secure data broker has been developed, which provides a restricted message based data exchange between a client application and a secured information resource (150) by allowing registered or verified messages to be brokered across a security barrier (140). In some configurations, both requests and responses are validated and brokered across the security barrier. In other configurations, either requests or responses are validated. To support validation, messages are formatted in accordance with a predefined message specification for at least part of a transaction path between a client application (e.g., 105) and an information resource accessed by the client application. For example, in one configuration, incoming requests from a client application are received at a proxy that formats a corresponding request message and passes the formatted message to a parser for validation against the predefined message specification (e.g., 130). Typically, predefined message specifications are encoded as a grammar or other functionally descriptive data representation suitable for directing a parser to validate a formatted message against a structured language definition. Message specifications are typically application and transaction specific, although in some implementations, groups of applications and/or transactions may share common message specifications. In one configuration, messages are formatted in accordance with an eXtensible Markup Language (XML) and message specifications are encoded as Data Type Definitions (DTDs).</p> |
