Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICWE
2004
Springer
2004
Springer
Reliable and Adaptable Security Engineering for Database-Web Services
The situation in engineering security for Web services that access databases is as follows: On the one hand, specifications like WSSecurity are concerned with the security management for Web services, while on the other hand there exist well established mechanisms for access control in the area of commercial database systems. In handling security for services that rely on database systems, two extreme approaches can currently be observed: The more database-centric one, where the access control decisions are left to the DBMS, and the service-centric authorization approach. The service-centric approach requires a Web service to run under control of the database system provider as operations like queries and updates have to be executed with comprehensive privileges. Authorization has to be enforced by the service itself. In case access control policies of a service are defined independently with regard to the database policies, authorization mismatches are likely to be induced. In our n...
Real-time TrafficAccess Control | Database | ICWE 2004 | Web Services |
Related Content
| Added | 02 Jul 2010 |
| Updated | 02 Jul 2010 |
| Type | Conference |
| Year | 2004 |
| Where | ICWE |
| Authors | Martin Wimmer, Daniela Eberhardt, Pia Ehrnlechner, Alfons Kemper |
Comments (0)
Researcher Info
|
