Distributed Access Control for Web and Business Processes

Middleware influenced the research community in developing a number of systems for controlling access to distributed resources. Nowadays a new paradigm for the lightweight integration of business resources from different partners is starting to take hold – Web Services and Business Processes for Web Services. Security and access control policies for Web Services protocols and distributed systems are well studied and almost standardized, but there is not yet a comprehensive proposal for an access control architecture for business processes. So, it is worth looking at the available approaches to distributed authorization as a starting point for a better understanding of what they already have and what they still need to address the security challenges for business processes

PKI and UDDI based trust centre: an attempt to improve web service security

4 pagesInternational audienceNowadays Internet becomes the most used tool for the ever increasing amount of various transactions between institutions, organizations and more generally between clients and providers. Conducted studies and experiments showed that it is more convenient to provide and achieve these transactions as web services (WS) to guarantee their flexibility and their reuse. So far these services and the corresponding providers' URLs are advertised on specific UDDIs (Universal Description, Discovery and Integration). As such, after finding the requested service any given client contacts the right provider to negotiate the service access procedure. These first contacts between clients and providers are usually and ommonly not protected (Encrypted) yielding enough room for Hackers to intrude into these unprotected messages. In this paper, we propose a securing approach based on both the PKI nfrastructure and some proposed improvements of the UDDI functioning in an attempt to provide adequate security for web service

Forum Session at the First International Conference on Service Oriented Computing (ICSOC03)

The First International Conference on Service Oriented Computing (ICSOC) was held in Trento, December 15-18, 2003. The focus of the conference ---Service Oriented Computing (SOC)--- is the new emerging paradigm for distributed computing and e-business processing that has evolved from object-oriented and component computing to enable building agile networks of collaborating business applications distributed within and across organizational boundaries. Of the 181 papers submitted to the ICSOC conference, 10 were selected for the forum session which took place on December the 16th, 2003. The papers were chosen based on their technical quality, originality, relevance to SOC and for their nature of being best suited for a poster presentation or a demonstration. This technical report contains the 10 papers presented during the forum session at the ICSOC conference. In particular, the last two papers in the report ere submitted as industrial papers

Middleware Design Framework for Mobile Computing

Mobile computing is one of the recent growing fields in the area of wireless networking. The recent standardization efforts accomplished in Web services, with their XML-based formats for registration/discovery, service description, and service access, respectively UDDI, WSDL, and SOAP, certainly represent an interesting first step towards open service composition, which MA supports for mobile computing are expected to integrate within their frameworks soon. A middle-ware that can work even if the network parameters are changed can be a better solution for successful mobile computing. A middle-ware is proposed for handling the entire existing problem in distributed environment. Middleware is about integration and interoperability of applications and services running on heterogeneous computing and communication devices. The services it provides - including identification, authentication, authorization, soft-switching, certification and security - are used in a vast range of global appliances and systems, from smart cards and wireless devices to mobile services and e-Commerce

Web Service Based Universal Management of Workflow Resources

Implementing business process solutions in the way of Web service is being positioned in the center of workflow manag ement. However, there is no robust standard to expose and access workflow resources by Web service interfaces. In this paper, we propose a web service based workflow resource management framework named Universal Resource Manage ment Framework (URMF) with declarations of web service interfaces and interaction protocols among them. We also in troduce a substitutive workflow interface model employing Web services and URMF. Finally, a prototype implementati on model of URMF with J2EE platform is also introduced

Analysis of current middleware used in peer-to-peer and grid implementations for enhancement by catallactic mechanisms

This deliverable describes the work done in task 3.1, Middleware analysis: Analysis of current middleware used in peer-to-peer and grid implementations for enhancement by catallactic mechanisms from work package 3, Middleware Implementation. The document is divided in four parts: The introduction with application scenarios and middleware requirements, Catnets middleware architecture, evaluation of existing middleware toolkits, and conclusions. -- Die Arbeit definiert Anforderungen an Grid und Peer-to-Peer Middleware Architekturen und analysiert diese auf ihre Eignung für die prototypische Umsetzung der Katallaxie. Eine Middleware-Architektur für die Umsetzung der Katallaxie in Application Layer Netzwerken wird vorgestellt.Grid Computing