Fine Grained A ess Control for SOAP E-Servi es
نویسندگان
چکیده
Lightweight proto ols for remote servi e invo ation via HTTP and XML, su h as SOAP, are rapidly gaining a eptan e among developers of Internet-based e-servi es, espeially be ause of their rewall-traversal apabilities. However, no standard te hnique for a ess ontrol se urity is urrently de ned for either HTTP or SOAP itself. Conerns have been raised about the possibility that di erent SOAP appli ations will deal with embedded se urity in different ways, leading to appli ation-dependent se urity holes. In this paper, we propose an approa h that relies on the XML stru ture of SOAP requests to support ne-grained authorizations at the level of individual XML elements and attributes that ompose a SOAP all. The result is a simple, yet powerful and general, te hnique to enfor e a ess restri tions to SOAP invo ations.
منابع مشابه
Wireless LANs: From WarChalking to Open Access Networks
ABSTRACT This work dis usses the evolution of W-LANs from their urrent status of wireless termination of LAN servi es to a possible global infrastru ture where the a ess networks be ome open to multiple operators and a vehi le of a winwin s enario, where both users and operators bene t from the new network ar hite ture. The idea of Open A ess Networks (OANs) an go beyond wireless HotSpots and b...
متن کاملÓòòòùùòò Òò Ööñññø Ëëòòò
To appear at 9th USENIX Security Symposium, Aug 2000. A Multi-Layer IPse Proto ol Yongguang Zhang Bikramjit Singh HRL Laboratories, LLC fygz,bsinghg hrl. om Abstra t IPse [KA98 ℄ is a suite of standard proto ols that provides se urity servi es for Internet ommuni ations. It prote ts the entire IP datagram in an \end-to-end" fashion; no intermediate network node in the publi Internet an a ess or...
متن کاملApplication Packet Scheduler Admission Control Packet Classifier Policy Control Packet Scheduler
Till Harbaum, Detlef Meier and Matthias Prinke fharbaum|meier|prinkeg ibr. s.tu-bs.de Institute of Operating Systems and Computer Networks Te hni al University of Brauns hweig, Germany Abstra t Todays FPGA te hnology allows re on gurable hardware to be integrated into standard PC hardware as well as into dedi ated router systems. With a hardware like this it is possible to o er support for CPU ...
متن کاملWhat Is the Goal ?
Abstra t. Formal goal and servi e des riptions are the shibboleth of the semanti web servi es approa h, yet the people responsible for reating them are neither ma hines nor logi ians, and rarely even knowledge engineers: the people who need and spe ify fun tionality are not those who provide it, and both may be distin t from the semanti annotators. The gap between users' informal on eptualisati...
متن کامل