Principles for the design of authorization framework for the Service Oriented Architecture

Sarath Indrakanti*, Vijay Varadharajan, Michael Hitchens

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

1 Citation (Scopus)

Abstract

While there are several efforts underway to provide security for the Service Oriented Architecture (SOA), there is no specification or standard defined to provide authorization services for the SOA. The SOA comprises of Web services and business process workflows built using Web services. Based on our analysis of existing authorization frameworks and policy specification models for the SOA, we envisage an authorization framework for the SOA to provide extensions to both the security layers of Web services and business processes separately. Also the Web services Description and Messaging layers must be extended to support authorization services designed for the SOA. In this paper, we lay out the core design principles for authorization services in each of these layers to achieve a comprehensive design of an authorization framework for the SOA.

Original languageEnglish
Title of host publicationProceedings of the 1st International Conference on Internet Technologies and Applications, ITA 05
EditorsVic Grout, Denise Oram, Rich Picking
Place of PublicationWrexham, Wales
PublisherNorth East Wales Institute
Pages282-292
Number of pages11
ISBN (Print)0946881324, 9780946881321
Publication statusPublished - Sep 2005
Event1st International Conference on Internet Technologies and Applications, ITA 05 - Wrexham, United Kingdom
Duration: 7 Sep 20059 Sep 2005

Other

Other1st International Conference on Internet Technologies and Applications, ITA 05
CountryUnited Kingdom
CityWrexham
Period7/09/059/09/05

Keywords

  • Access control
  • Authorization
  • Business processes
  • Framework and design principles
  • Security
  • Web services

Fingerprint Dive into the research topics of 'Principles for the design of authorization framework for the Service Oriented Architecture'. Together they form a unique fingerprint.

Cite this