Authorization Service for Web Services and its Implementation

Authors:
Sarath Indrakanti;Vijay Varadharajan;Michael Hitchens
Affiliations:
Macquarie University, Australia;Macquarie University, Australia;Macquarie University, Australia
Venue:
ICWS '04 Proceedings of the IEEE International Conference on Web Services
Year:
2004

Citing 0
Cited 1

Web services enterprise security architecture: a case study

Proceedings of the 2005 workshop on Secure web services

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we introduce the authorization issues forWeb Services. We introduce the authorization serviceprovided by Microsoft® .NET MyServices and then brieflydescribe our proposed modifications and extensions to theauthorization service. We discuss the application of theextended authorization model to a healthcare system builtusing Web Services. We used the XML Access ControlLanguage (XACL) to specify policies in XML and controlaccess to the patient records stored in XML format. Wethen evaluated the suitability of XACL as an authorizationpolicy language for Web Services.