Access control and service-oriented architectures

Access Control and Service-Oriented Architectures" investigates in which way logical access control can be achieved effectively, in particular in highly dynamic environments such as service-oriented architectures (SOA's). The author combines state-of-the-art best-practice and projects these onto the SOA. In doing so, he identifies strengths of current approaches, but also pinpoints weaknesses. These weaknesses are subsequently mitigated by introducing an innovative new framework called EFSOC. The framework is validated empirically and preliminary implementations are discussed.

On the Development and Management of Adaptive Business Collaborations.

Today’s business climate demands a high rate of change with which Information Technology (IT)-minded organizations are required to cope. Organizations face rapidly changing market conditions, new competitive pressures, new regulatory fiats that demand compliance, and new competitive threats. All of these situations and more drive the need for the IT infrastructure of an organization to respond quickly in support of new business models and requirements. This dissertation studies the adaptive development and management of such dynamic business models and requirements. A rule based environment is developed in which the people who develop and manage business collaborations in organizations can do so in a way that is as independent of specific implementation technologies as possible; and where they can take business requirements into consideration, and in which they can respond to changes as effectively as possible.

Specification and Querying of Security Constraints in the EFSOC Framework

Service-Oriented Computing is a new paradigm for the specification and deployment of distributed services in highly dynamic environments. The very nature of the context in which service oriented computing thrives imposes unique security requirements. Large scale interconnection of systems and services, rapidly changing service compositions and adhoc composition and invocation of services require a flexible security model that is able to adapt to these changes. In this paper, we present an approach to specification and querying of security (access control) constraints in the context of the event-driven framework for service-oriented computing. 1 1