1. A system comprising:
an application server configured to provide an execution environment; and
a process execution engine configured to execute a process model within the execution environment, the process execution engine including
an operational component configured to perform an operation that is associated with the execution of the process model and based on a security policy, and
a security provider configured to determine, based on the operation and on the security policy, at least one security service from among a plurality of security services executing within the process execution engine, and configured to provide the operational component with the at least one security service for use in securing the operation.
2. The system of claim 1 wherein the process model is associated with an application and wherein the operational component includes an execution component that is associated with the process execution engine independently of the application.
3. The system of claim 2 wherein the operational component includes an application component associated with the application.
4. The system of claim 1 wherein the operational component is associated with a policy enforcement point that is configured to analyze the operation to extract security-related, component-specific attributes.
5. The system of claim 4 wherein the policy enforcement point is configured to provide the attributes to a policy decision point that is configured to validate the attributes against the security policy.
6. The system of claim 5 wherein the policy enforcement point is configured to invoke the security provider in response to an affirmative validation decision received from the policy decision point.
7. The system of claim 5 wherein the policy enforcement point, the policy decision point, and the security services are in communication with one another by way of a policy infrastructure.
8. The system of claim 1 wherein the security provider is configured to provide at least two of the plurality of security services in a sequence determined from the security policy.
9. The system of claim 1 wherein the operational component includes one or more of a messaging component, a queue, a task scheduler, a task object, or a presentation component.
10. The system of claim 1 wherein the plurality of security services includes one or more of a key-based cryptography service, a signature creationvalidation service, and an authentication service.
11. A method comprising:
initiating an operation of an operational component executing within a process execution engine, the operation associated with a security policy;
detecting the operation at a security provider executing within the process execution engine;
determining, at the security provider and based on the security policy, at least one security service from among a plurality of security services executing within the process execution engine; and
providing the at least one security service to the operational component for securing the operation.
12. The method of claim 11 wherein detecting the operation comprises:
detecting the operation at a policy enforcement point associated with the operational component;
extracting security-related, component-specific attributes associated with the operation; and
providing the attributes to a policy decision point for validation of the attributes against the security policy.
13. The method of claim 12 wherein providing the at least one security service comprises:
invoking the security provider at the policy enforcement point to provide access to the at least one security service to the operational component.
14. The method of claim 12 wherein providing the at least one security service comprises:
providing at least two of the plurality of security services in a sequence determined by the security provider using the security policy.
15. A process execution engine comprising:
a plurality of security services executing within the process execution engine;
an operational component configured to perform an operation associated with a process model executing within the process execution engine, the operation associated with a security policy;
a policy enforcement point associated with the operational component and configured to extract security-related attributes associated with the operation;
a policy decision point configured to receive the security-related attributes for comparison to the security policy; and
a security provider configured to receive a decision of the policy decision point and determine at least one security service of the plurality of security services, and further configured to provide the operational component with access to the at least one security service.
16. The process execution engine of claim 15, further comprising a policy infrastructure configured to provide for communications between the policy enforcement point, the policy decision point, and the plurality of security services.
17. The process execution engine of claim 16 wherein the process execution engine includes:
a presentation layer configured to interact with an external application to display task data associated with executing the process model to relevant users by way of associated client applications;
a business logic layer configured to coordinate a control flow of the execution of the process model, in association with an underlying application;
an integration layer configured to coordinate interactions between the process execution engine and external process execution engines; and
a security layer including the plurality of security services and associated with the security provider.
18. The process execution engine of claim 17 wherein the policy decision point and the policy infrastructure are included in the security layer.
19. The process execution engine of claim 15 comprising a repository configured to store the security policy, wherein the policy decision point is configured to compare the attributes to the security policy based on an updated version of the security policy stored in the repository during run-time of the process execution engine.
20. The process execution engine of claim 15 wherein the process execution engine is configured to execute within an execution environment of an application server.
The claims below are in addition to those above.
All refrences to claim(s) which appear below refer to the numbering after this setence.
1. A spinal implant, comprising:
an upper portion having a proximal end, a distal end, and a longitudinal axis extending therebetween;
a lower portion having a proximal end , a distal end, and a longitudinal axis extending therebetween;
a hinge portion coupling the upper and lower portion distal ends, the hinge portion having a hinge axis disposed transverse to both the longitudinal axes of the upper and lower portions; and
an expansion element disposed between the upper and lower portions, the expansion element adapted for slidable movement between the upper and lower portions.
2. The spinal implant of claim 1, wherein the hinge axis is disposed at an angle between about fifteen (15) degrees and about forty (40) degrees relative to the longitudinal axes.
3. The spinal implant of claim 1, wherein the expansion element has a variable height along a length of the expansion element.
4. The spinal implant of claim 1, wherein the upper and lower portions each have an opening therethrough, and wherein the openings in the upper and lower portions are aligned.
5. The spinal implant of claim 1, further comprising opposing surfaces defined by a lower surface of the upper portion and an upper surface of the lower portion, wherein the opposing surfaces are adapted to engage the expansion element.
6. The spinal implant of claim 5, wherein the opposing surfaces comprise at least one slot adapted to engage the expansion element.
7. The spinal implant of claim 6, wherein the expansion element has an angled outer surface adapted to engage the at least one slot to alter an overall height of the proximal ends.
8. The spinal implant of claim 6 wherein the opposing surfaces comprise at least two slots adapted to engage the expansion element and provide at least two different overall separation amounts between the proximal ends.
9. The spinal implant of claim 1 wherein the upper portion, lower portion and hinge portion are integrally formed from a biocompatible plastic.
10. The spinal implant of claim 1 wherein the hinge portion comprises an elongate groove formed in an outer surface of the upper and lower portions adjacent the proximal ends.
11. The spinal implant of claim 1 wherein the hinge axis transverse angle generally corresponds to a desired implant implantation angle.
12. The spinal implant of claim 1 wherein the hinge axis is generally perpendicular to the sagital plane when the implant is implanted between two adjacent vertebrae.
13. A spinal implant system, comprising:
a spinal implant as in claim 1; and
an implantation tool for positioning the implant at a desired orientation and moving the expansion clement to a desired location between the upper and lower portions.
14. The spinal implant system of claim 13, further comprising a bone growth promoting substance disposed between the upper and lower portions.
15. The spinal implant system of claim 13, further comprising a funnel member for inserting a bone growth promoting substance in the implant.
16. A method of using a spinal implant, comprising:
providing a spinal implant as in claim 1,
inserting the implant between two adjacent vertebra at a desired angular orientation; and
moving the expansion element to a desired position within the spinal implant, to provide a desired lordosis of the implant between the vertebra.
17. The method of claim 16 wherein the desired angle is transverse to the anterior-posterior axis of the vertebrae, and wherein the desired lordosis is parallel to the anterior-posterior axis of the vertebrae.