Modeling         Authorization in an SOA based Application Scenario

M. Alam; M. Hafner; R. Breu

Create New Account
Login

Search or Buy Articles
Browse Journals
Browse Proceedings
Submit your Paper
Submission Information
Journal Review
Recommend to Your Library
Call for Papers

Modeling Authorization in an SOA based Application Scenario

M. Alam, M. Hafner, and R. Breu (Austria)

Keywords

Service Oriented Architectures, Authorization, Decentralized User Management, Web Services.

Abstract

We present a novel approach for the speciﬁcation of ac cess rights in a distributed environment based on web ser vices. Our approach overcomes the limitations of tradi tional concepts when applied to scenarios requiring decen tralized user and rights management by merging two con cepts - notably Role Based Access Control and Attribute Based Access Control. We extend the SECTET framework for model driven security in B2B-workﬂow scenarios by an abstract policy speciﬁcation language and deﬁne a ref erence architecture for authorization enforcement in a web services based peer-to-peer environment.

Important Links:

DOI:
From Proceeding (518) Software Engineering - 2006

Go Back