An MDA-Based Environment for Generating Access Control Policies
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
Intelligent security and access control framework for service-oriented architecture
Information and Software Technology
Portable secure identity management for software engineering
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2
ACConv -- An Access Control Model for Conversational Web Services
ACM Transactions on the Web (TWEB)
Security-aware web service composition approaches: state-of-the-art
Proceedings of the 13th International Conference on Information Integration and Web-based Applications and Services
| Hi-index | 0.00 |
With the mutual consent to use WSDL (Web Service Description Language) to describe web service interfaces and SOAP as the basic communication protocol, the cornerstone for web service-oriented architecture (WSOA) has been established. Considering the momentum observable by the growing number of specifications in the web service domain for the indispensable cross-cutting concern of identity management (IdM) it is still an open issue how a WSOA-aware IdM architecture is built and how it is linked with WSOA's main elements, the web services providing functional core concerns. In this paper we present an access control model for WSOA and a blueprint of a WSOAaware authorization verification service which is part of the IdM architecture. We show the integration of this service with WSOA consisting of both basic and composite web services. Our solution has been tested and evaluated in an implementation case study.