Title :
Handling Multiple Credentials in a Heterogeneous SOA Environment
Author :
Dushin, Fred ; Newcomer, Eric
Author_Institution :
IONA Technol., Dublin
Abstract :
With all the diverse technology in a typical corporate IT environment, it´s no surprise that multiple types and formats of security credentials exist, each one designed to protect its respective software system. We can address the problem of handling multiple credential types and formats in a heterogeneous SOA environment by using a data structure designed not only to store and propagate user credential information but also to accurately reflect trust relationships between credential instances. Modeling credentials in this manner leads to improved assurance for applications that need to enforce security policies, either based on business rules established at the corporate level or by compliance to the relevant security specifications.
Keywords :
data structures; security of data; software architecture; corporate IT environment; data structure; heterogeneous SOA environment; security credential; software system; Communication system security; Computer security; Contracts; Cryptography; Data security; Data structures; Protection; Semiconductor optical amplifiers; Simple object access protocol; Transport protocols; SOA; building security in; security credentials; service-oriented architecture; software development; software life cycle;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2007.110
