Web services enterprise security architecture: a case study
Proceedings of the 2005 workshop on Secure web services
Hi-index | 0.00 |
In this paper, we introduce the authorization issues forWeb Services. We introduce the authorization serviceprovided by Microsoft® .NET MyServices and then brieflydescribe our proposed modifications and extensions to theauthorization service. We discuss the application of theextended authorization model to a healthcare system builtusing Web Services. We used the XML Access ControlLanguage (XACL) to specify policies in XML and controlaccess to the patient records stored in XML format. Wethen evaluated the suitability of XACL as an authorizationpolicy language for Web Services.