Access Control for Cross-Organisational Web Service Composition
نویسندگان
چکیده
Service Oriented Architectures (SOA) promise a flexible approach to utilize distributed capabilities that may be located in independent trust domains. These capabilities can be exposed using Web Service technologies, which provide functionality to describe, discover, and invoke exposed services across organisational boundaries. A broad range of SOA-platforms and toolkits are available focusing on Web Service enabling and orchestration within an organisation. This paper addresses an evaluation and classification of different SOA-platforms and security frameworks regarding secure cross-organisational service invocation. To overcome the revealed limitations of existing frameworks, a two layered security architecture is introduced that satisfies the identified security requirements and abstracts from local access control models to enable secure federated cross-organisational services compositions.
منابع مشابه
A model for specification, composition and verification of access control policies and its application to web services
Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...
متن کاملMediating Semantic Web Service Access using the Semantic Firewall
As the technical infrastructure to support Grid environments matures, attention should focus on providing dynamic access to services, whilst ensuring such access is appropriately monitored and secured. Access policies may be dynamic, whereby intra-organisational workflows define local knowledge that could be used to establish appropriate credentials necessary to access the desired service. We d...
متن کاملAn access control framework for web services
The financial assistance of the Department of Labour (DoL) towards this research is hereby acknowledged. Opinions expressed and conclusions arrived at, are those of the author and are not necessarily to be attributed to the DoL. [The figures and tables at the bottom of this document] Purpose – To define a framework for access control for virtual applications, enabled through web services techno...
متن کاملEmbedding Access Control Policy in Web Service Path Composition Algorithm
Web services accomplish requirements, which are complicated functions. To apply web services for a requirement, it should be decomposed into sub-functions for web services. After the decomposition, web services are selected to compose paths. During composition, secure access of web services should be considered. This paper proposes a twoleveled web service access control policy and a web servic...
متن کاملAutomatic QoS-aware Web Services Composition based on Set-Cover Problem
By definition, web-services composition works on developing merely optimum coordination among a number of available web-services to provide a new composed web-service intended to satisfy some users requirements for which a single web service is not (good) enough. In this article, the formulation of the automatic web-services composition is proposed as several set-cover problems and an approxima...
متن کامل