A Policy-driven Approach to Dynamic Composition of Authentication and Authorization Patterns and Services

نویسندگان

  • Judith E. Y. Rossebø
  • Rolv Bræk
چکیده

During the past decade, the telecommunication environment has evolved from single operator featuring voice services to multi-operator featuring a range of different types of services. Services are being provided today in a distributed manner in a connectionless environment requiring cooperation of several components and actors. This paper focuses on the incremental means to ensure access to services for authorized users only by composing authentication and authorization patterns and services. We propose a novel framework of authentication and authorization patterns for securing access to services for authorized users only, and we demonstrate how the patterns can be dynamically composed with services using a policy-driven approach.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Dynamic Composition of Services – a Model - Based Approach

This thesis addresses the problem of rapid development and dynamic deploymentof services in the distributed service environment. It is not enough to deploy ser-vices rapidly, as the dynamic service environment is changing continually, requiringservices to be adaptable also. By this we mean, that in addition to being able torapidly deploy new services, it must be possible to dyna...

متن کامل

Specifying Service Composition Using UML 2.x and Composition Policies

In the current and future service environment, service parts are being developed separately while being dynamically combined at runtime. In this paper we address the problem of defining a model-driven process for enabling dynamic composition of services. Composition policies are used to define choices in behaviour under which service roles involved in a composite service can be dynamically comb...

متن کامل

Authentication-driven Authorization on Web Access

Unlike in traditional computing environments such as operating systems or databases, the authorized user set, the mode of access, users’ access rights, etc., are not predefined in WWW. In order to assign privileges to authorized but not predefined users in dynamic access environments, we propose an approach called authentication-driven authorization. In this approach, authentication is integrat...

متن کامل

A Privacy Enabled Fast Dynamic Authentication and Authorization for B3G/4G Mobility

Mobile technologies make their headway by offering more flexibility to end-users and improve the productivities. Within the application of ubiquitous access and pervasive communication, security (or privacy) and QoS (Quality of Service) are two critical factors during global mobility, so how to get a smooth and fast handover based on a user privacy protected infrastructure is our focus. Based o...

متن کامل

Service Oriented Computing

Service-oriented Architectures (SOA) facilitate the dynamic and seamless integration of services offered by different service providers which in addition can be located in different trust domains. Especially for business integration scenarios, Federated Identity Management emerged as a possibility to propagate identity information as security assertions across company borders in order to secure...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:
  • JCP

دوره 1  شماره 

صفحات  -

تاریخ انتشار 2006