dRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments
ICDCS '02 Proceedings of the 22 nd International Conference on Distributed Computing Systems (ICDCS'02)
An Intelligent Access Control for Web Services Based on Service Oriented Architecture Platform
SEUS-WCCIA '06 Proceedings of the The Fourth IEEE Workshop on Software Technologies for Future Embedded and Ubiquitous Systems, and the Second International Workshop on Collaborative Computing, Integration, and Assurance (SEUS-WCCIA'06)
WS Binder: a framework to enable dynamic binding of composite web services
Proceedings of the 2006 international workshop on Service-oriented software engineering
A Multipolicy Authorization Framework for Grid Security
NCA '06 Proceedings of the Fifth IEEE International Symposium on Network Computing and Applications
Data and Applications Security XX: 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Sophia Antipolis, France, July 31-August ... (Lecture Notes in Computer Science)
Delegation-Based Security Model for Web Services
HASE '07 Proceedings of the 10th IEEE High Assurance Systems Engineering Symposium
An approach to adapt service requests to actual service interfaces
Proceedings of the 2008 international workshop on Software engineering for adaptive and self-managing systems
The Challenges of Service Evolution
CAiSE '08 Proceedings of the 20th international conference on Advanced Information Systems Engineering
ICSOC'06 Proceedings of the 4th international conference on Service-Oriented Computing
Consolidating the access control of composite applications and workflows
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
A distributed coalition service registry for ad-hoc dynamic coalitions: a service-oriented approach
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
From business process choreography to authorization policies
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
A heterogeneous network access service based on PERMIS and SAML
EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure
| Hi-index | 0.01 |
Today users consume applications composed by services from different providers across trust domains. By experience we know that security requirements and user identity management make services composition difficult. We believe that delegation of access rights across trust domains will become an essential mechanism in services composition scenarios. Users care about security but cannot deal with the variety of existing solutions for access control. A unified interface of access control and delegation is essential for multi-domain composite services. This paper addresses the problem of identity management for service-centric systems and proposes a novel approach based on an abstract delegation framework supporting different access control mechanisms. We show how the abstract delegation framework is designed to give control and clarity to the user consuming applications based on service composition. Besides the theoretical aspects, the paper shares experiences based on scenarios from the automotive industry.