Identity as a service-towards a service-oriented identity management architecture
EUNICE'07 Proceedings of the 13th open European summer school and IFIP TC6.6 conference on Dependable and adaptable networks and services
Security as a service model in SOA
AIASABEBI'11 Proceedings of the 11th WSEAS international conference on Applied informatics and communications, and Proceedings of the 4th WSEAS International conference on Biomedical electronics and biomedical informatics, and Proceedings of the international conference on Computational engineering in systems applications
| Hi-index | 0.00 |
The question how to handle authorization of digital identities in a service-oriented architecture (SOA) remains an open issue. In this paper we present a design pattern for the integration of legacy systems with SOA using out-of-the-box (unmodified) application servers and discuss how the architecture has to be extended by an Identity Management (IdM) infrastructure. We claim that the IdM infrastructure itself must be designed in a service-oriented way to fit into the overall SOA approach. We introduce a possibility how to decouple the policy enforcement point from the application server and propose an architectural design pattern to seamlessly integrate the SOA's business-related functionality and the IdM infrastructure. An implementation case study illustrates how to apply the invocation pattern for secured web services.