Secure Enterprise Services Consumption for SaaS Technology Platforms

Over recent years there has been increased level of discussion on utility pricing for software. The focus of these discussions is to create new operating cost models where the unit costs are directly tied to the business operations to which they contribute. While creating a fine-grained operating cost model is very important for software solutions such as SaaS, the anticipated technology platforms will need to rely on a set of security mechanisms in order to provide a secure and trustworthy service consumption environment. We present an architecture for secure enterprise services consumption management system and a protocol for secure service consumption for service-oriented technology platforms. Our approach is performance sensitive and utilizes a novel combination of asymmetric and symmetric cryptography, and capability based access control. Access to technology platform services is regulated based on the permissions encoded in cryptographic capability tokens. In this paper we report a work in progress.