Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IEEEARES
2010
IEEE
2010
IEEE
Solving the Transitive Access Problem for the Services Oriented Architecture
: © Solving the Transitive Access Problem for the Services Oriented Architecture Alan H. Karp, Jun Li HP Laboratories HPL-2008-204R1 SOA, web services, access control, RBAC, PBAC, ABAC, ZBAC A key goal of the Services Oriented Architecture is the composition of independently written and managed services. However, managing access to these services has proven to be a problem. A particularly difficult case involves a service that invokes another service to satisfy an initial request. In a number of cases, implementations are able to achieve either the desired functionality or the required security, but not both at the same time. We say that this service composition suffers from the transitive access problem. We show that the problem arises from a poor choice of access control mechanism, one that uses authentication to make access decisions, and that the problem does not occur if we use delegatable authorizations. External Posting Date: November 21, 2008 [Fulltext] Approved for External P...
Real-time TrafficAccess Control | IEEEARES 2010 | Security Privacy | Services Oriented Architecture | Transitive Access Problem |
Related Content
| Added | 17 May 2010 |
| Updated | 17 May 2010 |
| Type | Conference |
| Year | 2010 |
| Where | IEEEARES |
| Authors | Alan H. Karp, Jun Li |
Comments (0)
Researcher Info
|
