A reusable intelligent authorization design for web services software security

نویسندگان

  • Weider D. Yu
  • Archana Mansukhani
چکیده

Web services are a new way of thinking in distributed computing. They are an important step towards service-oriented architecture (SOA). Web services are used to obtain service in an open, platform independent way. Recent focus on web services has been in the area of security, which is an ongoing concern in many areas and is very pertinent to web services technology. This paper describes the design of a reusable authorization layer for web services software. This layer resides separate from the web services themselves and uses a rule based inference engine for determining authorization and access rights. It also uses different types of access control to formulate feature-rich rules.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Two Patterns for Web Services Security

Patterns are widely used in software engineering where they have been successful in improving analysis and design by encapsulating the experience of many designers. Security patterns are a recent development as a way to encapsulate the accumulated knowledge about secure systems design. We present here two patterns for web services: 1) a Security Assertion Coordination pattern that coordinates a...

متن کامل

Aiaa - 2000 - 4902 a Federated Intelligent Product Environment

The concept of a federation of distributed devices on a network which enter the federation through a process of "discover" and "join", by which they register with a service request broker and publish the services which they perform is applied to engineering software tools. A highly flexible computer architecture is developed, leveraging emerging web technologies like Sun Microsystems' Jini, RMI...

متن کامل

طبقه‎بندی کاربردی کارکردهای عوامل نرم‎افزاری هوشمند و تطبیق آنها با ویژگی‎های وب‎سایت‎های کتابخانه‎های دیجیتال

Purpose: Web services are presently considered as technologies with highest number of applications for the purpose of providing the automatic, high-quality, and fast information interactions. The aim of this paper is therefore to provide a comprehensive framework for a collection of significant services offered by Farsi websites in libraries to be used in future designs. It also aims to classif...

متن کامل

Principles for the Design of Authorization Framework for the Service Oriented Architecture

While there are several efforts underway to provide security for the Service Oriented Architecture (SOA), there is no specification or standard defined to provide authorization services for the SOA. The SOA comprises of Web services and business process workflows built using Web services. Based on our analysis of existing authorization frameworks and policy specification models for the SOA, we ...

متن کامل

Middleware Support for Complex and Distributed Security Services in Multi-tier Web Applications

The security requirements of complex multi-tier web applications have shifted from simple localized needs, such as authentication or authorization, to physically distributed but actually aggregated services, such as end-to-end data protection, non-repudiation or patient consent management. Currently, there is no support for integrating complex security services in web architectures, nor are app...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2005