Abstract
Design and management of authorization services in service oriented architectures poses several challenges. In this paper, we propose authorization architecture for business process layer in service oriented architecture. We describe the components and functionalities of the architecture such as authorization policy evaluators, certificate and credential authorities and dynamic attribute services and discuss the security management of these functions at specification time and at run time. Then the paper describes authorization evaluation algorithms and discusses the design choices for evaluation models. Finally, the paper describes the benefits of the proposed architecture, which has been implemented.
| Original language | English |
|---|---|
| Title of host publication | International Conference on Internet and Web Applications and Services |
| Subtitle of host publication | ICIW 2011 ; St. Maarten, The Netherlands, 20 - 25 March 2011 |
| Editors | Mihhail Matskin, Mark Perry, Zaigham Mahmood |
| Publisher | ThinkMind |
| Pages | 188-194 |
| Number of pages | 7 |
| ISBN (Print) | 9781612081243 |
| Publication status | Published - 2011 |
| Event | International Conference on Internet and Web Applications and Services (6th : 2011) - St. Maarten Duration: 20 Mar 2011 → 25 Mar 2011 |
Conference
| Conference | International Conference on Internet and Web Applications and Services (6th : 2011) |
|---|---|
| City | St. Maarten |
| Period | 20/03/11 → 25/03/11 |
Keywords
- Authorization
- Business Processes
- Service Oriented Architectures