An Access Control Metamodel for Web Service-Oriented Architecture

Author

Emig, Christian ; Brandt, Frank ; Abeck, Sebastian ; Biermann, Jürgen ; Klarl, Heiko

Author_Institution

Univ. Karlsruhe, Karlsruhe

fYear

2007

fDate

25-31 Aug. 2007

Firstpage

57

Lastpage

57

Abstract

With the mutual consent to use WSDL (Web Service Description Language) to describe web service interfaces and SOAP as the basic communication protocol, the cornerstone for web service-oriented architecture (WSOA) has been established. Considering the momentum observable by the growing number of specifications in the web service domain for the indispensable cross-cutting concern of identity management (IdM) it is still an open issue how a WSOA-aware IdM architecture is built and how it is linked with WSOA´s main elements, the web services providing functional core concerns. In this paper we present an access control model for WSOA and a blueprint of a WSOA- aware authorization verification service which is part of the IdM architecture. We show the integration of this service with WSOA consisting of both basic and composite web services. Our solution has been tested and evaluated in an implementation case study.

Keywords

Web services; authorisation; formal specification; formal verification; software architecture; Web service-oriented architecture; access control metamodel; authorization verification service; formal specification; identity management; Access control; Application software; Authorization; Identity management systems; Integrated circuit modeling; Service oriented architecture; Simple object access protocol; Software systems; Testing; Web services;

fLanguage

English

Publisher

ieee

Conference_Titel

Software Engineering Advances, 2007. ICSEA 2007. International Conference on

Conference_Location

Cap Esterel

Print_ISBN

0-7695-2937-2

Electronic_ISBN

978-0-7695-2937-0

Type

conf

DOI

10.1109/ICSEA.2007.15

Filename

4299937