Access control for the services oriented architecture

Authors:
Jun Li;Alan H. Karp
Affiliations:
Hewlett-Packard Laboratories, Palo Alto, CA;Hewlett-Packard Laboratories, Palo Alto, CA
Venue:
Proceedings of the 2007 ACM workshop on Secure web services
Year:
2007

Citing 12
Cited 1

Advanced CORBA programming with C++

Advanced CORBA programming with C++
Programming semantics for multiprogrammed computations

Communications of the ACM
Programming .Net Web Services

Programming .Net Web Services
KeyKOS architecture

ACM SIGOPS Operating Systems Review
The Confused Deputy: (or why capabilities might have been invented)

ACM SIGOPS Operating Systems Review
Decentralized Trust Management

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Introduction: Service-oriented computing

Communications of the ACM - Service-oriented computing
Certificate-based authorization policy in a PKI environment

ACM Transactions on Information and System Security (TISSEC)
Service-oriented Software System Engineering Challenges And Practices

Service-oriented Software System Engineering Challenges And Practices
Authorization-Based Access Control for the Services Oriented Architecture

C5 '06 Proceedings of the Fourth International Conference on Creating, Connecting and Collaborating through Computing
Robust composition: towards a unified approach to access control and concurrency control

Robust composition: towards a unified approach to access control and concurrency control
CORBA: integrating diverse applications within distributed heterogeneous environments

IEEE Communications Magazine

Managing access control for things: a capability based approach

Proceedings of the 7th International Conference on Body Area Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

Federated Identity Management (FIdM) is being applied to Services Oriented Architecture (SOA) deployments that cross enterprise boundaries. Though federation is essential in order to address the distributed nature of SOA, these FIdM solutions have been found to be inflexible, unscalable, and difficult to use, manage, and upgrade. We contend that a major reason for these difficulties is that FIdM addresses the wrong aspect of the problem. Specifically, FIdM does not address the federation of access policies. What is needed is a system for Federated Access Management (FAccM). This paper demonstrates the benefits of FAccM over FIdM for SOA deployments and shows how FAccM can be implemented using the existing web services standards.