An authorization architecture for web services

Sarath Indrakanti, Vijay Varadharajan

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

3 Citations (Scopus)

Abstract

This paper considers the authorization service requirements for the service oriented architecture and proposes an authorization architecture for Web services. It describes the architectural framework, the administration and runtime aspects of our architecture and its components for secure authorization of Web services as well as the support for the management of authorization information. The proposed architecture has several benefits. It is able to support legacy applications exposed as Web services as well as new Web service based applications built to leverage the benefits offered by the service oriented architecture; it can support multiple access control models and mechanisms and is decentralized and distributed and provides flexible management and administration of Web services and related authorization information. The proposed architecture can be integrated into existing middleware platforms to provide enhanced security to exposed Web services. The architecture is currently being implemented within the.NET framework.

Original languageEnglish
Title of host publicationData and Applications Security XIX
Subtitle of host publication19th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Storrs, CT, USA, August 7-10, 2005. Proceedings
EditorsSushil Jajodia , Duminda Wijesekera
Place of PublicationHeidelberg
PublisherSpringer, Springer Nature
Pages222-236
Number of pages15
ISBN (Electronic)9783540281382
DOIs
Publication statusPublished - 2005
Event19th Annual IFIP WG 11.3 Working Conference on Data and Applications Security Storrs, 2005 - Storrs, United States
Duration: 7 Aug 200510 Aug 2005

Publication series

NameLecture Notes in Computer Science
PublisherSpringer Berlin Heidelberg
Volume3654
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other19th Annual IFIP WG 11.3 Working Conference on Data and Applications Security Storrs, 2005
CountryUnited States
CityStorrs
Period7/08/0510/08/05

Fingerprint

Dive into the research topics of 'An authorization architecture for web services'. Together they form a unique fingerprint.

Cite this