SOA-Aware Authorization Control

Tahiti, French Polynesia October 29-November 03

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ICSEA.2006.63

International Conference on Software ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Christian Emig Articles by Heiko Schandua Articles by Sebastian Abeck

	ASCII Text	x
	Christian Emig, Heiko Schandua, Sebastian Abeck, "SOA-Aware Authorization Control," Software Engineering Advances, International Conference on, pp. 62, International Conference on Software Engineering Advances (ICSEA'06), 2006.

	BibTex	x
	@article{ 10.1109/ICSEA.2006.63, author = {Christian Emig and Heiko Schandua and Sebastian Abeck}, title = {SOA-Aware Authorization Control}, journal ={Software Engineering Advances, International Conference on}, volume = {0}, year = {2006}, isbn = {0-7695-2703-5}, pages = {62}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICSEA.2006.63}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Software Engineering Advances, International Conference on TI - SOA-Aware Authorization Control SN - 0-7695-2703-5 SP EP A1 - Christian Emig, A1 - Heiko Schandua, A1 - Sebastian Abeck, PY - 2006 KW - null VL - 0 JA - Software Engineering Advances, International Conference on ER -

Christian Emig, Universitat Karlsruhe (TH), Germany

Heiko Schandua, Universitat Karlsruhe (TH), Germany

Sebastian Abeck, Universitat Karlsruhe (TH), Germany

The question how to handle authorization of digital identities in a service-oriented architecture (SOA) remains an open issue. In this paper we present a design pattern for the integration of legacy systems with SOA using out-of-the-box (unmodified) application servers and discuss how the architecture has to be extended by an Identity Management (IdM) infrastructure. We claim that the IdM infrastructure itself must be designed in a service-oriented way to fit into the overall SOA approach. We introduce a possibility how to decouple the policy enforcement point from the application server and propose an architectural design pattern to seamlessly integrate the SOA?s business-related functionality and the IdM infrastructure. An implementation case study illustrates how to apply the invocation pattern for secured web services.

Citation:

Christian Emig, Heiko Schandua, Sebastian Abeck, "SOA-Aware Authorization Control," icsea, pp.62, International Conference on Software Engineering Advances (ICSEA'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.