Design of policy-based security mechanisms in a distributed web services architecture

  • Authors:

  • Valentina Casola;Antonino Mazzeo;Nicola Mazzocca;Salvatore Venticinque

  • Affiliations:

  • Dipartimento di Ingegneria dell'Informazione, Seconda Universita' di Napoli, Aversa, CE, Italy;Dipartimento di Informatica e Sistemistica, Universita' degli Studi di Napoli, Federico II, Naples, Italy;Dipartimento di Informatica e Sistemistica, Universita' degli Studi di Napoli, Federico II, Naples, Italy;Dipartimento di Ingegneria dell'Informazione, Seconda Universita' di Napoli, Aversa, CE, Italy

  • Venue:
  • PARA'04 Proceedings of the 7th international conference on Applied Parallel Computing: state of the Art in Scientific Computing
  • Year:
  • 2004

Quantified Score

Hi-index 0.02

Visualization

Abstract

In the recent years, modern complex infrastructures are built on integration and cooperation of legacy and/or new systems; the emerging technology, to primary face the involved interoperability problems, is based on web service solutions. It is based on open standards and common data formats which allow a deep cooperation among Entities and applications and guarantee strong resource sharing. In such context security plays a primary role to control access to data and functionalities offered by distributed services. In this paper we illustrate a policy-based approach to manage security and personalization, in particular we have designed a hybrid infrastructure based on web services in which policy enforcer mechanisms are managed both in a centralized way by the registry server and in a distributed way, i.e. each service implements security mechanisms to authenticate and authorize users. A case study is illustrated showing a distributed architecture for health-care applications.