Architecting Dependable Access Control Systems for Multi-domain Computing Environments [chapter]

Maciej P. Machulak, Simon E. Parkin, Aad van Moorsel
2009 Lecture Notes in Computer Science  
Modern computing systems are built based on Service Oriented Architectures and are made up of multiple distributed components. They often span separate and autonomous domains of administration and involve dynamic collaboration. Resources and services are exposed as Web Services that are a natural choice for achieving interoperability in a heterogeneous computing environment. Access control systems ensure that services are protected against unauthorised access. Architecting such systems in
more » ... domain computing environments poses numerous challenges that must be considered. Such systems must be modular, extensible and should have reusable components. Authorisation needs to span separate and autonomous domains of administration, scale to large user and resource bases and should be efficient enough to handle even fine-grained interactions between highly distributed components. In this paper we present a requirements analysis for architecting dependable access control systems for multi-domain computing environments. In particular, we address those environments that are built based on SOA and use Web Services as the underlying connection technology. We refer to relevant standards and technologies that are of significant importance when architecting access control for such environments. Abstract Modern computing systems are built based on Service Oriented Architectures and are made up of multiple distributed components. They often span separate and autonomous domains of administration and involve dynamic collaboration. Resources and services are exposed as Web Services that are a natural choice for achieving interoperability in a heterogeneous computing environment. Access control systems ensure that services are protected against unauthorised access. Architecting such systems in multi-domain computing environments poses numerous challenges that must be considered. Such systems must be modular, extensible and should have reusable components. Authorisation needs to span separate and autonomous domains of administration, scale to large user and resource bases and should be efficient enough to handle even ¯ne-grained interactions between highly distributed components. In this paper we present a requirements analysis for architecting dependable access control systems for multidomain computing environments. In particular, we address those environments that are built based on SOA and use Web Services as the underlying connection technology. We refer to relevant standards and technologies that are of significant importance when architecting access control for such environments.
doi:10.1007/978-3-642-10248-6_3 fatcat:jaorrw2wv5eihjhqa4ppimvjya