Designing a distributed access control processor for network services on the Web

Reiner Kraft
2002 Proceedings of the 2002 ACM workshop on XML security - XMLSEC '02  
The service oriented architecture (SOA) is gaining more momentum with the advent of network services on the Web. A programmable and machine accessible Web is the vision of many, and might represent a step towards the semantic Web. However, security is a crucial requirement for the serious usage and adoption of the Web services technology. This paper enumerates design goals for an access control model for Web services. It then introduces an abstract general model for Web services components,
more » ... g with formal definitions and notation that can be used as a basis to design an access control processor independent of a particular Web service implementation. It follows the design of a distributed access control processor built upon this general model for Web services, along with implementation guidelines and examples. Main goals for a general authorization framework are identified, and design spaces enumerated.
doi:10.1145/764792.764799 dblp:conf/xmlsec/Kraft02 fatcat:ywx3hga2brg25dsywtvu5wsuyu