Abstract
While there are several efforts underway to provide security for the Service Oriented Architecture (SOA), there is no specification or standard defined to provide authorization services for the SOA. The SOA comprises of Web services and business process workflows built using Web services. Based on our analysis of existing authorization frameworks and policy specification models for the SOA, we envisage an authorization framework for the SOA to provide extensions to both the security layers of Web services and business processes separately. Also the Web services Description and Messaging layers must be extended to support authorization services designed for the SOA. In this paper, we lay out the core design principles for authorization services in each of these layers to achieve a comprehensive design of an authorization framework for the SOA.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 1st International Conference on Internet Technologies and Applications, ITA 05 |
| Editors | Vic Grout, Denise Oram, Rich Picking |
| Place of Publication | Wrexham, Wales |
| Publisher | North East Wales Institute |
| Pages | 282-292 |
| Number of pages | 11 |
| ISBN (Print) | 0946881324, 9780946881321 |
| Publication status | Published - Sept 2005 |
| Event | 1st International Conference on Internet Technologies and Applications, ITA 05 - Wrexham, United Kingdom Duration: 7 Sept 2005 → 9 Sept 2005 |
Other
| Other | 1st International Conference on Internet Technologies and Applications, ITA 05 |
|---|---|
| Country/Territory | United Kingdom |
| City | Wrexham |
| Period | 7/09/05 → 9/09/05 |
Keywords
- Access control
- Authorization
- Business processes
- Framework and design principles
- Security
- Web services