World Wide Web Journal - Special issue on XML: principles, tools, and techniques
Mediation of Trust across Web Services
ICWS '05 Proceedings of the IEEE International Conference on Web Services
Substituting COPS-PR: An Evaluation of NETCONF and SOAP for Policy Provisioning
POLICY '06 Proceedings of the Seventh IEEE International Workshop on Policies for Distributed Systems and Networks
Authorization-Based Access Control for the Services Oriented Architecture
C5 '06 Proceedings of the Fourth International Conference on Creating, Connecting and Collaborating through Computing
An Attribute-Based Access Control Model for Web Services
PDCAT '06 Proceedings of the Seventh International Conference on Parallel and Distributed Computing, Applications and Technologies
Hi-index | 0.00 |
The decentralization of corporate policy administration aiming to maintain the unified management of user permissions is a hard task. The heterogeneity and complexity of corporate environments burdens the security administrator with writing equally complex policies. This paper proposes an architecture based on Web Services, policy provisioning, and authorization certificates, to build up a loosely coupled unified administrative control for corporate environments. A certificate-based permission management scheme is used to derive new policies in the local domains of each branch. These new policies will update the corporate repository which, in turn, will configure the corresponding policies in the local domains of each branch. The Web Services technology provides the underlying protocols for the development of a prototype which shows the feasibility of our proposal.