• DocumentCode
    2767356
  • Title

    Authorization-Based Access Control for the Services Oriented Architecture

  • Author

    Karp, Alan H.

  • Author_Institution
    Hewlett-Packard Labs., Palo Alto, CA
  • fYear
    2006
  • fDate
    26-27 Jan. 2006
  • Firstpage
    160
  • Lastpage
    167
  • Abstract
    Several attempts at using the services oriented architecture have failed to achieve their goals of scalability, security, and manageability. These systems, which base access decisions on the identity of the requester, have been found to be inflexible, don´t scale well, and are difficult to use and to upgrade. This paper shows that identity-based access control is a key contributor to these failures and proposes another way to approach the problem. Basing access control decisions on authorizations presented explicitly by the requester leads to a more securable and more robust architecture
  • Keywords
    Web services; authorisation; access control decision; authorization-based access control; robust architecture; secure architecture; service oriented architecture; Access control; Authentication; Authorization; Databases; Identity management systems; Security; Semiconductor optical amplifiers; Service oriented architecture; Web services; XML;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Creating, Connecting and Collaborating through Computing, 2006. C5 '06. The Fourth International Conference on
  • Conference_Location
    Berkeley, CA
  • Print_ISBN
    0-7695-2563-6
  • Type

    conf

  • DOI
    10.1109/C5.2006.9
  • Filename
    4019390
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2767356