Architectural Framework for Web Services Authorization
نویسندگان
چکیده
This paper proposes an authorization architecture for Web services. It describes the architectural framework, the administration and runtime aspects of our architecture and its components for secure authorization of Web services as well as the support for the management of authorization information. The paper also describes authorization algorithms required to authorize a Web service client. The architecture is currently being implemented within the .NET
منابع مشابه
An Authorization Architecture for Web Services
This paper considers the authorization service requirements for the service oriented architecture and proposes an authorization architecture for Web services. It describes the architectural framework, the administration and runtime aspects of our architecture and its components for secure authorization of Web services as well as the support for the management of authorization information. The p...
متن کاملPatterns for the eXtensible Access Control Markup Language
Web services are becoming the way for enterprises to interoperate. Many security standards for them have been developed; one of these is XACML (eXtensible Access Control Markup Language). XACML has been defined by OASIS and it includes a policy, an access decision language, and a specialized web services policy language. We present here three architectural patterns for XACML. The XACML Authoriz...
متن کاملA Controlled Access to Spatial Data on Web
The proliferation of Geographical Information services on the Web is creating unprecedented opportunities for the shared use of geographical information and at the same time an increasing need of controlled access to spatial data. In the paper we present an approach to the definition of an access control system for spatial data on the Web. The goal is to provide a mechanism for controlling what...
متن کاملPrinciples for the Design of Authorization Framework for the Service Oriented Architecture
While there are several efforts underway to provide security for the Service Oriented Architecture (SOA), there is no specification or standard defined to provide authorization services for the SOA. The SOA comprises of Web services and business process workflows built using Web services. Based on our analysis of existing authorization frameworks and policy specification models for the SOA, we ...
متن کاملOn the design, implementation and application of an authorisation architecture for web services
This paper proposes an authorisation architecture for web services. It describes the architectural framework, the administration and runtime aspects of our architecture and its components for secure authorisation of web services as well as the support for the management of authorisation information. The paper then describes the implementation aspects of the architecture. The architecture has be...
متن کامل