UDDI Access Control for the Extended Enterprise

An Extended Enterprise is comprised of not only the enterprise itself but also the enterprise's suppliers, clients and other associated organizations. The Extended Enterprise, in response to business needs and decisions, can dynamically alter these interrelationships, for example possibly swapping out some partners and swapping in others. Web services are an appropriate technology choice to facilitate the Extended Enterprise via supporting interoperability. Furthermore, the UDD! Web service standard and in particular a private UDDI registry can enable partner organizations to lookup and discover services of their new partners. As such a private UDDI registry is well suited to allowing potentially regularly changing business partners in an Extended Enterprise to determine how to interoperate with each other. However, different partners, depending on their role, should see a different set of the available services in an enterprises' private UDD! registry. This is for security, business confidentiality and simplicity purposes. As such in this paper we propose how a role-based access control scheme for a private UDD! registry can be utilized to support the Extended Enterprise. Abstract: