Academic
Publications
A Web Service Architecture for Decentralised Identity and Attribute-Based Access Control

A Web Service Architecture for Decentralised Identity and Attribute-Based Access Control,10.1109/ICWS.2009.89,Regina N. Hebig,Christoph Meinel,Michael

A Web Service Architecture for Decentralised Identity and Attribute-Based Access Control   (Citations: 2)
BibTex | RIS | RefWorks Download
The loosely coupled nature of service-oriented architectures raises the question how information for access control can be managed in an efficient way. Several specifications for Web services exist to describe security requirements and to facilitate a provision of identity information. However, the integration of different standards regarding the expression of identity information in policies, claims and assertions comes along with an increased complexity. In order to identify and address the problems occurring with the combined use of standards as XACML, SAML and WS-Trust, we designed and implemented an architecture for identity- and attribute-based access control in decentralized environments. Our implementation provides an automated generation of access control policies in a format called XACML, a way to communicate required user attributes as claims across different domains based on the standards WS-Trust and WS-Policy, and a consistent mapping of retrieved attribute assertions to the XACML attributes in the access control policy.
Conference: International Conference on Web Services - ICWS , pp. 551-558, 2009
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
    • ...Web services, service-oriented architectures, and webbased applications [1] have been key technology drivers for information security, especially for the development of the security standards widely in use today such as eXtensible Access Control Markup Language (XACML) for access control [2], WS-Security for web services security [3], XML Encryption (XML-ENC) for safeguarding confidentiality [4], and XML Digital Signature (XML-DSIG) for ...

    George Hsiehet al. Supporting Secure Embedded Access Control Policy with XACML+XML Securi...

    • ...The web service architecture for decentralized identity- and attribute-based access control by [12] considers many of these issues but is particularly tailored to web services while our approach is open for all kinds of services due to mediation capabilities of ESBs...

    Christoph Fritschet al. Security for Dynamic Service-Oriented eCollaboration - Architectural A...

Sort by: