A collaborative approval process for accessing sensitive data
International Journal of Computer Applications in Technology
The practical application of a process for eliciting and designing security in web service systems
Information and Software Technology
| Hi-index | 0.00 |
Effectively managing security policies in a largedistributed Web Services environment is the key tosecure e-business transactions. Security policy mustensure the end-to-end agreement for many-to-manyinteroperation; ensure the versioning interoperabilityand privacy of collaborating partners; and ensurethe dynamic establishment of security policies becauseany statically defined security policy tends to beunsecured after a certain period of time. The traditionalsecurity policy configuration mechanisms, eitherthe local configuration mechanism or the centralizedconfiguration mechanism, cannot fully meet theabove requirements.In this paper we describe a solution for managingsecurity policies in a collaborative Web Services environment.This solution is based on ebXML CPP/CPAmodel and uses Interoperability Contract Document(ICD). It allows the collaboration parties to establishsecurity policy dynamically for each individual interoperation;makes the selected policy confidential; andaddresses the software, message, and policy versioningand interoperability issues. Our experience revealsthe advantages of this approach over others.