Abstract
Although there are several efforts underway to provide security for the Service Oriented Architecture (SOA), there is no specification or standard for authorization. We analyse the currently available authorization models for the Web services and business process layers comprising the SOA and highlight the features that are missing in each of them. Based on our analysis of existing authorization models, we envisage an authorization framework for the SOA to provide extensions to both the security layers of Web services as well as business processes. We lay out separate design principles for authorization services in each of these layers.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 2005 International Symposium on Web Services and Applications, ISWS'05 |
| Place of Publication | USA |
| Publisher | CSREA Press |
| Pages | 35-41 |
| Number of pages | 7 |
| ISBN (Print) | 9781932415728, 1932415726 |
| Publication status | Published - Jun 2005 |
| Event | 2005 International Symposium on Web Services and Applications, ISWS'05 - Las Vegas, NV, United States Duration: 27 Jun 2005 → 30 Jun 2005 |
Other
| Other | 2005 International Symposium on Web Services and Applications, ISWS'05 |
|---|---|
| Country/Territory | United States |
| City | Las Vegas, NV |
| Period | 27/06/05 → 30/06/05 |
Keywords
- Access control and design principles
- Authorization
- Business processes
- Security
- Web services