Analysis of existing authorization models and requirements for design of authorization framework for the Service Oriented Architecture

被引：0

作者：

Indrakanti, S ^{[1
]}

Varadharajan, V ^{[1
]}

Hitchens, M ^{[1
]}

机构：

[1] Macquarie Univ, Dept Comp, N Ryde, NSW 2109, Australia

来源：

ISWS '05: Proceedings of the 2005 International Symposium on Web Services and Applications | 2005年

关键词：

web services; business processes; security; authorization; access control and design principles;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Although there are several efforts underway to provide security for the Service Oriented Architecture (SOA), there is no specification or standard for authorization. We analyse the currently available authorization models for the Web services and business process layers comprising the SOA and highlight the features that are missing in each of them. Based on our analyst's of existing authorization models, we envisage an authorization framework for the SOA to provide extensions to both the security layers of Web services as well as business processes. We lay out separate design principles for authorization services in each of these layers.

引用

页码：35 / 41

页数：7

共 10 条

[1]

AGARWAL S, 2004, AM ASS ARTIFICIAL IN

[2]

Beznosov K., 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99), P310, DOI 10.1109/CSAC.1999.816041

[3]

BURBECK S, 2000, TAO E BUSINESS SERVI

[4]

INDRAKANTI S, 2005, WORKSH WEB SERV MOD

[5]

KOSHUTANSKI H, 2002, DIT02102 U TRENT INF

[6]

KRAFT R, 2002, ACM WORKSH XML SEC F

[7]

MONT MC, 2003, HPL2003144

[8]

VARADHARAJAN V, 2002, LECT NOTES SERIES I

[9]

YAGUE M, 2002, EUR 2002 C WEB GRID

[10]

ZIEBERMAYR T, 2004, INT C WEB SERV ICWS

← 1 →