On the design, implementation and application of an authorisation architecture for web services
International Journal of Information and Computer Security
Access control: what is required in business collaboration?
ADC '09 Proceedings of the Twentieth Australasian Conference on Australasian Database - Volume 92
Study on role-based access control model for web services and its application
TELE-INFO'06 Proceedings of the 5th WSEAS international conference on Telecommunications and informatics
An authorization architecture for web services
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Hi-index | 0.00 |
Web Services represent an important technology fordistributed applications and will replace various othertechnologies for distributed application developmentsoon. A lot of problems of the early days of WebServices are solved now. However, for authorizationno appropriate solution is available and ready to use.We define requirements for authorization of WebServices and investigate existing authorizationsolutions concerning these requirements. Based onexisting authorization solutions and the definedrequirements, a Web Service Authorization frameworkis developed. We describe concepts and the design ofthe proposed framework and give an overview ofselected implementation aspects (e.g. authorizationdata access, descriptive deployment). The frameworkemphasizes easy deployment of Web Serviceauthorization and is ready to use. Practical experienceusing the framework concludes the paper.