Patent application number | Description | Published |
20080201179 | OPTIMIZATION OF POLICY ENFORCEMENT - Methods, systems, and machine-readable media are disclosed for improving the efficiency of policy enforcement. According to one embodiment, a method for improving efficiency during enforcement of a policy can comprise determining a topology for the policy. A plurality of equivalent topologies for the policy can then be determined. A cost function can be applied to each of the plurality of equivalent topologies and one of the plurality of equivalent topologies can be selected based on the cost function. | 08-21-2008 |
20080212499 | WEB AND MULTI-MEDIA CONFERENCE - Methods, systems, and machine-readable media are disclosed for providing multi-media conferencing. According to one embodiment, a method for providing a multi-media conference can comprise receiving a request to participate in the conference from a first client via a signaling protocol. For example, the signaling protocol comprises Session Initiation Protocol (SIP) or another signaling protocol. The first client and a media server adapted to support the conference can be invited to join the conference via third-party call control of the signaling protocol. The method can also include assigning a conference identifier to the conference. In such a case, inviting the first client and the media server can comprise sending invitation messages to each of the first client and the media server wherein the invitation messages include the conference identifier. | 09-04-2008 |
20080229388 | DEVICE AGENT - Device agents and methods are disclosed. In one embodiment, the method comprises monitoring, at an access device, at least a subset of device activity. The method further comprises detecting an activity satisfies at least one condition specified by a policy and executing at least one action in the policy associated with the satisfied condition. | 09-18-2008 |
20080232567 | ABSTRACT APPLICATION DISPATCHER - Embodiments of the invention provide systems and methods for providing one or more services in a communication session such as a call or other media exchange independent of supporting network technologies. According to one embodiment, a system for providing one or more services in a communication session can comprise a communication network and an application dispatcher communicatively coupled with the communication network. The application dispatcher can be adapted to determine one or more components for providing at least one service in the communication session and direct the communication session to the one or more components. According to one embodiment, determining the one or more components and directing the communication session to the one or more components can be performed independent of supporting network technologies. | 09-25-2008 |
20080235230 | USING LOCATION AS A PRESENCE ATTRIBUTE - Embodiments of the invention provide systems and methods for determining location of a principal. According to one embodiment, a method of providing location information for a principal can comprise receiving a presence event related to the principal. A location of the principal can be indicated by or determined based on the presence event. The location of the principal can be stored as a location attribute of a presence profile of the principal. The method can further comprise providing access to the location attribute of the presence profile of the principal to one or more subscribers or users of a presence service. In some cases, providing access to the location attribute of the presence profile of the principal to the one or more subscribers can be based on one or more policies of the presence service. | 09-25-2008 |
20080235327 | ACHIEVING LOW LATENCIES ON NETWORK EVENTS IN A NON-REAL TIME PLATFORM - Embodiments of the invention provide systems and methods for providing low-latency handling of events and/or requesting actions of external resources in a real time environment while utilizing non-real time components. According to one embodiment, a system for providing low-latency handling of events in a real time environment while utilizing non-real time components can comprise an external resource and a resource adapter communicatively coupled with the external resource. The resource adapter can be adapted to detect events of the external resource and/or request actions of the external resource. The system can also include at least one local application communicatively coupled with the resource adapter. The local application can have a local interface and the local application can interact with the resource adapter via the local interface. | 09-25-2008 |
20080235354 | NETWORK AGNOSTIC MEDIA SERVER CONTROL ENABLER - Embodiments of the invention provide systems and methods for interacting with a media server on a network and/or protocol agnostic basis. According to one embodiment, a method for controlling a media server can comprise receiving a request to perform a media control function of the media server from an application via a northbound interface of a media server control enabler. The northbound interface can provide an abstract interface for invoking one or more of a plurality of media functions of the media server. The media control function of the media server can be requested via a southbound interface of the media server control enabler. The southbound interface can provide an interface specific to the media server. | 09-25-2008 |
20080235380 | FACTORING OUT DIALOG CONTROL AND CALL CONTROL - Systems, methods, and machine-readable media are disclosed for providing session control and media exchange control that can include and combine, for example, call control and voice access concepts such as dialog (voice dialog, prompts and DTMF) or web/GUI elements. In one embodiment, a method of controlling a media session can comprise establishing a call via a signaling protocol, maintaining control of the call, and passing control of aspects of the call other than call control to a separate media processing module. The media processing module can comprise, for example, a dialog manager. In some implementations a voice access enabler providing a an abstract interface for accessing functions of the dialog controller. | 09-25-2008 |
20080268813 | DEVICE BILLING AGENT - Access devices using billing agents and methods are disclosed. In one embodiment, the method comprises capturing, at an access device, a communication to be transmitted from the access device. The method further comprises determining billing information about the communication and transmitting, from the wireless communications device, the billing information to a billing system. | 10-30-2008 |
20080288966 | CALL CONTROL ENABLER ABSTRACTED FROM UNDERLYING NETWORK TECHNOLOGIES - Embodiments of the invention provide systems and methods for controlling a media session. According to one embodiment, a method for controlling a communication session can comprise receiving a request to perform a call control function from an application via a northbound interface of a call control enabler. The northbound interface can provide an abstract interface for invoking one or more of a plurality of call control functions. The call control function can be requested from a first network resource via a southbound interface of the call control enabler specific to the first network resource. In some cases, results of the call control function can be received from the first network resource via the southbound interface of the call control enabler. The results of the call control function can then be returned to the application via the northbound interface of the call control enabler. | 11-20-2008 |
20090013045 | MOBILE MEETING AND COLLABORATION - A method for coordinating the remote participation of a client device in a meeting within a network comprising the client device and one or more nodes, the meeting involving a multimedia presentation. According to one embodiment, the method includes receiving an invitation for the client device to participate in the meeting, where a user will participate in the meeting using the client device. Temporal information for the meeting is stored. Furthermore, it is determined whether or not to notify the user of the meeting based on the stored temporal information or other information. In the event that the user should be notified, it is determined when to notify the user of the meeting based on the stored temporal information. One or more messages about the meeting are sent for the meeting. In one embodiment, the one or more messages about the meeting includes a reminder to join the meeting. In another embodiment, the one or more messages about the meeting includes an instruction which causes the client device to connect to the meeting without user action. | 01-08-2009 |
20090094451 | RESOURCE CONFIGURATION IN MULTI-MODAL DISTRIBUTED COMPUTING SYSTEMS - A method and system for configuring available resources in real-time to automatically accommodate the needs of the system user in multi-modal distributed computing system is disclosed. Information about the location or environment of a wireless device is used, preferably in combination with user personal preferences and past history to modify the behavior of the wireless device, including the selection of the most appropriate mode of interaction with the device and the activation of applications thereon as appropriate. | 04-09-2009 |
20090187919 | SERVICE ORIENTED ARCHITECTURE-BASED SCIM PLATFORM - Service Capability Interaction Manager (SCIM)-type functionality is provided at a horizontal service layer in an Service Oriented Architecture (SOA)-based approach. SCIM composition is provided at multiple levels, including the level of composition where servlets have full access to the context information of the service layer. SCIM composition also occurs at the level of an application dispatching messages to multiple applications/services for processing the messages. The functionality at the service layer also can be programmed using policies, such that routing decisions can be made dynamically as the result of processing conditions and actions. An incoming message can result in a Web service being triggered that in turn triggers a BPEL or SOA workflow, the workflow calling multiple operations to process the message as a result of a routing table or header, environmental and contextual information at the service level, and other information such as user preference or presence information. | 07-23-2009 |
20090193031 | TIERED PROCESSING FOR XDM AND OTHER XML DATABASES - Embodiments of the invention provide systems and methods for processing of XDM operation to access XML documents in a database or other repository. According to one embodiment, a system for processing requests for information in a data repository can comprise a first tier adapted to receive an eXtensible Markup Language (XML) Configuration Access Protocol (XCAP) request from a client, pre-process the request, and forward the XCAP request based on the pre-processing. A second tier can be communicatively coupled with the first tier. The second tier can be adapted to receive the XCAP request from the first tier, translate the XCAP request to a database request, and forward the database request. A third tier can be communicatively coupled with the second tier. The third tier can be adapted to receive the database request from the second tier and service the database request. | 07-30-2009 |
20090193057 | SERVICE-ORIENTED ARCHITECTURE (SOA) MANAGEMENT OF DATA REPOSITORY - A data repository includes information for multiple data systems, which can each control data in this and a number of other domains. A business process can be launched by one of the data systems to update the target data and any related data in the repository or any other related repository. Any request to update data is intercepted and the business process can launch workflows and apply policies as needed to process the request. Workflows can be associated with the fields being updated or process being executed, such that any update to the target data is also accurately reflected in any other related system. Further, launching a workflow allows processes to be run before the data is updated, such that the data can be modified, added to, rejected, or otherwise processed before being added to the appropriate repositories. | 07-30-2009 |
20090193433 | INTEGRATING OPERATIONAL AND BUSINESS SUPPORT SYSTEMS WITH A SERVICE DELIVERY PLATFORM - A service-oriented approach provides for an integration of components that would otherwise be considered different and unrelated components, such as runtime, business support systems (BSS), operational support systems (OSS), and third party components. Such integration allows messages to be transformed and passed between components as necessary to perform a particular task. For example, a BPEL workflow can be initiated upon receiving a user request through a network and gateway layer which will direct provisioning, activation, and processing via these various components. Identities can be managed across these various layers to provide for seamless end-to-end integration. | 07-30-2009 |
20090201917 | PRAGMATIC APPROACHES TO IMS - Embodiments of the invention provide systems and methods for providing services such as provided by Internet Protocol (IP) Multimedia Subsystem (IMS) with an IP network that is not the IMS. According to one embodiment, a system for providing communication services can comprise a communication network, one or more subsystems communicatively coupled with the network and adapted to provide one or more telco functions, and one or more applications communicatively coupled with the network and adapted to utilize the telco functions. | 08-13-2009 |
20090328051 | RESOURCE ABSTRACTION VIA ENABLER AND METADATA - Embodiments of the invention provide systems and methods for managing an enabler and dependencies of the enabler. According to one embodiment, a method of managing an enabler can comprise requesting a management function via a management interface of the enabler. The management interface can provide an abstraction of one or more management functions for managing the enabler and/or dependencies of the enabler. In some cases, prior to requesting the management function metadata associated with the management interface can be read and a determination can be made as to whether the management function is available or unavailable. Requesting the management function via the management interface of the enabler can be performed in response to determining the management function is available. In response to determining the management function is unavailable, one or more alternative functions can be identified based on the metadata and the one or more Falternative functions can be requested. | 12-31-2009 |
20100005052 | COMPLEMENTING LOCATION AS METADATA - Embodiments of the invention provide systems and methods for complementing data with spatial data. According to one embodiment, a method of complementing data with spatial data can comprise capturing the data with a device. The spatial data for the device can also be captured. For example, the spatial data can comprise a three coordinate location, a direction in which the device/sensor is oriented, e.g., direction/heading, inclination, etc., when capturing the data, a time at which the data is captured, and/or other information. Capturing the spatial data can comprise determining the spatial data with the device or determining the spatial data with an element of a network communicatively coupled with the device. The spatial data can be associated with the data by assigning the spatial data to metadata of the captured data. | 01-07-2010 |
20100005511 | USAGE BASED AUTHORIZATION - Embodiments of the invention provide systems and methods for authorizing a request to access a resource based on a context of the request. According to one embodiment, a method of authorizing a request for a resource based on a context of the request can comprise receiving the request from a requester, identifying the context of the request, and determining whether to authorize the request based on the context of the request. In some cases, the request can include context information describing the context of the request. In such cases, identifying the context can be based at least in part on the context information from the request. Additionally or alternatively, context information describing the context can be requested and received in response to the request. In such a case, identifying the context can be based at least in part on the received context information. | 01-07-2010 |
20100049640 | CHARGING ENABLER - Embodiments of the invention provide systems and methods for providing charging functions. According to one embodiment, a method of charging for services on a communication network can comprise receiving a request to perform a charging function from an application via a northbound interface of a charging enabler. The northbound interface can provide an abstract interface for invoking one or more of a plurality of charging functions. The charging function can be requested from a network resource via a southbound interface of the charging enabler. The southbound interface can provide an interface specific to the network resource. Results of the charging function can be received from the network resource via the southbound interface of the charging enabler and returned to the application via the northbound interface of the charging enabler. | 02-25-2010 |
20100049826 | IN-VEHICLE MULTIMEDIA REAL-TIME COMMUNICATIONS - Embodiments of the invention provide systems and methods for providing an in-vehicle, multimedia, real-time communication system. According to one embodiment, a system for providing in-vehicle communication services can comprise a communications network and a vehicle user agent communicatively coupled with the first communications network, wherein the vehicle user agent publishes one or more published presence attributes. A Service Delivery Platform (SDP) can be communicatively coupled with the communications network. The SDP can provide a presence service adapted to receive the one or more published presence attributes from the vehicle user agent and update a presence profile for the vehicle user agent based on the received presence attributes. The presence attributes can comprise at least one attribute indicating information other than presence information and to provide one or more telco functions to the vehicle user agent. | 02-25-2010 |
20100058436 | SERVICE LEVEL NETWORK QUALITY OF SERVICE POLICY ENFORCEMENT - Embodiments of the invention provide systems and methods for providing service level, policy-based QoS enforcement on a network or networks. According to one embodiment, a system can comprise at least one communications network, a first endpoint communicatively coupled with the communications network, and a second endpoint communicatively coupled with the communications network and can monitor traffic on the communications network between the first endpoint and the second endpoint. A policy enforcer can be communicatively coupled with the network monitor. The policy enforcer can apply one or more policies based the traffic between the first endpoint and the second endpoint. The one or more policies can define a Quality of Service (QoS) for the traffic between the first endpoint and the second endpoint and can apply the policies to affect the traffic between the endpoints to maintain the QoS defined by the one or more policies. | 03-04-2010 |
20100172360 | BEST EFFORT SEAMLESS NETWORK SWITCH IN A MEDIA STREAMING SESSION - Systems, methods, and machine-readable media are disclosed for switching a media streaming session between a plurality of networks. In one embodiment, a method of switching networks in a media streaming session can comprise detecting a plurality of networks available for communication of streaming data. The plurality of networks can include a first network providing a first streaming session and a second network. A determination can be made as to whether to switch the first streaming session from the first network. Determining to switch the first streaming session from the first network to the second network can be based on detecting a loss of the first network, detecting a lower cost alternative to the first network, etc. In response to determining to switch the first streaming session from the first network, the first streaming session can be switched from the first network to the second network. | 07-08-2010 |
20110119391 | PROTOCOL LEVEL COMMUNICATIONS FOR PROTOCOL LEVEL COMPOSITION WITH SESSION SHARING - Embodiments of the invention provide systems and methods for composition of elements in a communication session with session sharing. According to one embodiment, a method for composition of elements in a communication session can comprise processing the communication session with a first element participating in the communication session, updating state information for the communication session with the first element based on the processing of the communication session by the first element, and passing the state information from the first element to a second element participating in the communication session. The method can further comprise receiving the state information from the first element at the second element, processing the communication session with the second element based on the state information for the communication session, and updating the state information for the communication session with the second element based on the processing of the communication session by the second element. | 05-19-2011 |
20110126261 | METHODS AND SYSTEMS FOR IMPLEMENTING SERVICE LEVEL CONSOLIDATED USER INFORMATION MANAGEMENT - Embodiments of the invention provide methods and systems for implementing service level consolidated user information management. According to one embodiment, a method comprises intercepting, at a policy enforcer, a manipulation request of data. The method may further include analyzing the request to determine which data the manipulation request is associated with and, based on that analysis, selecting a policy from a plurality of policies. Furthermore, the method may execute the selected policy. The policy may be configured to direct the policy enforcer to allow the manipulation request to pass through to the associated destination data system to process the request, delegate processing of the manipulation request to at least one of a plurality of data systems, or process the manipulation request by the policy enforcer. | 05-26-2011 |
20110131318 | HIGH AVAILABILITY ENABLER - Embodiments of the invention provide systems and methods for interacting with a high availability session. According to one embodiment, a method of providing high availability can comprise abstracting one or more functions of a high availability infrastructure via a high availability enabler and providing access to the abstracted one or more functions via a northbound interface of the high availability enabler. For example, the one or more functions of the high availability infrastructure can comprise session control, either synchronous session control or asynchronous session control, concurrency management, data distribution, e.g., possibly including storing at least some of the data local to the high availability enabler, caching, session replication, providing fault tolerance, providing predictable latencies, etc. The high availability infrastructure can comprise, for example JGroups, Oracle Coherence, or another high availability infrastructure. The method can include decoupling application level processing from protocol level processing via the high availability enabler. | 06-02-2011 |
20110142211 | MESSAGE FORWARDING - Embodiments of the invention provide systems and methods for handling a communication, for example to provide a forwarding service. According to one embodiment, handling a communication can comprise receiving and storing one or more forwarding instructions, intercepting a message from a first user to a second user at a first address, applying one or more stored forwarding instructions to the message to determine at least one second address, and forwarding the message to the second user at the second address. In some cases, the at least one second address can comprise a plurality of addresses. Additionally or alternatively, the first address can be on a first communication channel and the second address can be on a second communication channel. The message can comprise a voice call, an email, a Short Message Service (SMS) message, a Multimedia Messaging Service (MMS) message, an Instant Message (IM), or another type of message. | 06-16-2011 |
20110145278 | METHODS AND SYSTEMS FOR GENERATING METADATA DESCRIBING DEPENDENCIES FOR COMPOSABLE ELEMENTS - Embodiments of the invention provide systems and methods for generating metadata describing dependencies for composable elements. The method includes maintaining a database of composable elements. Each composable element may have associated metadata to describe dependencies for the composable elements. The method may further include receiving a request to compose two or more of the composable elements into a new element. The method may then compare the dependencies of the two or more composable elements in order to determine dependencies common to the two or more composable elements and unique to the two or more composable elements. Further, the method may determine a level of restriction for each of the common dependencies and generate metadata for the new element to include each of the unique dependencies and each of the common dependencies, wherein the common dependencies are set to the highest level of restriction. | 06-16-2011 |
20110166943 | POLICY-BASED ADVERTISEMENT ENGINE - Embodiments of the invention provide methods and systems for enforcing policy-based advertisements . The method includes receiving a service request from a requestor, intercepting by a policy enforcer, and presenting an advertisement offer, including an advertisement, wherein the advertisement offer includes an associated reduced rate offer for the requested service. The method further includes presenting the advertisement to the requestor in response to accepting the advertisement offer, verifying that the requestor has received, viewed, and/or listened to the advertisement, and presenting the requested service at the associated reduced rate. | 07-07-2011 |
20110167153 | POLICY-BASED EXPOSURE OF PRESENCE - Embodiments of the invention provide methods and systems for enforcing policy-based exposure of presence. The method includes receiving, from a service provider, a request for presence information about a subscriber, intercepting the request at a policy enforcer, and analyzing the request to determine attributes associated with the request. The method further includes, based in part on the determined attributes of the request, applying a policy to the request, and based on the applied policy, filtering the request for presence information about the subscriber. Further, the method includes forwarding the filtered request to a presence server, and publishing, to the service provider, the filtered presence information about the subscriber. | 07-07-2011 |
20110167479 | ENFORCEMENT OF POLICIES ON CONTEXT-BASED AUTHORIZATION - Embodiments of the invention provide methods and systems for enforcing usage/context-based authorization. The method may include generating an authorization context for access to a resource. The access may include a first set of access parameters. The method may further store the authorization context associated with the resource, and intercept an access request for the resource. The access request may include a second set of access parameters. The method may further check the access request against the authorization context to determine if the second set of access parameters matches the first set of access parameters, and in response to the first set of access parameters matching the second set of access parameters, permit access to the resource in accordance with the second set of access parameters. | 07-07-2011 |
20110196728 | SERVICE LEVEL COMMUNICATION ADVERTISEMENT BUSINESS - Embodiments of the invention provide methods and systems for implementing service level advertisement distribution. The method includes receiving a service request from a requesting device, intercepting, by an advertisement application running on the requesting device, the service request, and presenting an advertisement offer including an advertisement. The advertisement offer includes an associated reduced rate offer for the requested service. The method further includes presenting the advertisement to the requesting device, and in response to accepting the advertisement offer, verifying that the requestor has received, viewed, and/or listened to the advertisement. Further, the method includes presenting the requested service at the associated reduced rate. | 08-11-2011 |
20110196974 | SERVICE LEVEL CROSS NETWORK COORDINATED INTERACTION - Embodiments of the invention provide systems and methods for orchestrating or coordinating interactions between different types of networks such as a legacy network and a next generation network. According to one embodiment, a method for coordinating interactions between different types of networks can comprise receiving at a service layer component a communication in a communication session from a first communication network. The communication can be in a first protocol. The communication can be translated from the first protocol to a second protocol with the service layer component, wherein the first protocol is different from the second protocol. One or more additional service layer components for providing at least one service in the communication session can be identified with an application dispatcher of the service layer component. The translated communication can be dispatched to the one or more additional service layer components from the application dispatcher. | 08-11-2011 |
20110196979 | SERVICE DELIVER PLATFORM BASED SUPPORT OF INTERACTIONS BETWEEN NEXT GENERATION NETWORKS AND LEGACY NETWORKS - Embodiments of the invention provide systems and methods for allowing legacy applications to interact with new networks. According to one embodiment, a method for supporting interactions and services between a legacy network and a next generation network can comprise receiving at a service layer component a communication in a communication session from a first communication network. The communication can be in a first protocol. The communication can be translated from the first protocol to a second protocol with the service layer component based on the state of the communication session. The first protocol can be different from the second protocol. | 08-11-2011 |
20110196980 | SERVICE BASED CONSOLIDATION OF APPLICATIONS ACROSS NETWORKS - Embodiments of the invention provide systems and methods for consolidating applications or services across networks to allow the applications or services to be available on networks of different types. According to one embodiment, a method for consolidating applications across a plurality of networks of different types can comprise receiving at a service layer component a communication in a communication session from a first communication network of the plurality of networks. The communication can be in a first protocol. The communication can be translated from the first protocol to a second protocol with the service layer component of based on a state of the communication session. The first protocol can be different from the second protocol. The translated communication can be provided to a component of a second network of the plurality of networks. | 08-11-2011 |
20110197257 | ON DEVICE POLICY ENFORCEMENT TO SECURE OPEN PLATFORM VIA NETWORK AND OPEN NETWORK - Embodiments of the invention provide methods and systems for using policy enforcement for securing open devices and networks. The method includes accessing, by a policy enforcer, a plurality of policies configured to enforce network integrity and monitoring programs and/or services running on a device. The method further includes based on at least one of the plurality of policies, comparing the programs and/or services running on the device against the programs and/or services allowed by the at least one of the plurality of policies, and based on the comparison, determining that the device is running at least one program and/or service disallowed by the at least one policy. Further, the method includes in response, prohibiting access of the device to the network. | 08-11-2011 |
20110197260 | SYSTEM SELF INTEGRITY AND HEALTH VALIDATION FOR POLICY ENFORCEMENT - Embodiments of the invention provide methods and systems for enforcing system self integrity validation policies. The method includes accessing, by a policy enforcer, a plurality of policies configured to enforce system integrity, monitoring system performance to determine actions executed by the system, and based on at least one of the plurality of policies, comparing the system performance with system performance required by the at least one or the plurality of policies. The method further includes, based on the comparison, determining that the system has performed in a manner contrary to the requirements of the at least one policy, and in response, prohibiting access of the system to services provided by a service provider. | 08-11-2011 |
20120047506 | RESOURCE ABSTRACTION VIA ENABLER AND METADATA - Embodiments of the invention provide systems and methods for managing an enabler and dependencies of the enabler. According to one embodiment, a method of managing an enabler can comprise requesting a management function via a management interface of the enabler. The management interface can provide an abstraction of one or more management functions for managing the enabler and/or dependencies of the enabler. In some cases, prior to requesting the management function metadata associated with the management interface can be read and a determination can be made as to whether the management function is available or unavailable. Requesting the management function via the management interface of the enabler can be performed in response to determining the management function is available. In response to determining the management function is unavailable, one or more alternative functions can be identified based on the metadata and the one or more alternative functions can be requested. | 02-23-2012 |
20140012741 | TECHNIQUES FOR CORRELATION OF CHARGES IN MULTIPLE LAYERS FOR CONTENT AND SERVICE DELIVERY - In a method for determining charges for content or services over a network, the method includes determining first charging information for rendering content or a service and usage of a service layer of the network, determining second charging information for usage of a network layer based on transmission related to the requested service or content, and correlating the first charging information and the second charging information to generate a single charge for an overall transaction, wherein the overall transaction includes charges for the content or service, the usage of the service layer of the network, and the usage of the network layer of the network. | 01-09-2014 |
20140075531 | USING IDENTITY/RESOURCE PROFILE AND DIRECTORY ENABLERS TO SUPPORT IDENTITY MANAGEMENT - Embodiments of the present invention provide methods, system and machine-readable media for dynamically providing identity management or other services. According to one embodiment, dynamically providing services can comprise receiving a request related to an unknown principal. A service to which the principal is known can be selected. Once a service to which the principal is known has been located, an identity management result can be obtained from the selected service. The method can further comprise determining based on the identity management result whether the principal is authorized to access a requested resource. In response to determining the principal is authorized, the requested resource can be accessed. | 03-13-2014 |