Web services fail to deliver on the promise of ubiquitous deployment and seamless interoperability due to the lack of a uniform, standards-based approach to all aspects of security. In particular, the enforcement of access policies in a service oriented architecture is not addressed adequately. We present a novel approach to the distribution and enforcement of credentials-based access policies for Web services (3PAC) which scales well and can be implemented in existing deployments

Bemmel, J. van

Lagerberg, K.

Wegdam, M.

English

Web Services fail to deliver on the promise of ubiquitous deployment and seamless interoperability due to the lack of a uniform, standards-based approach to all aspects of security. In particular, the enforcement of access policies in a Service Oriented Architecture is not addressed adequately. We present a novel approach to the distribution and enforcement of credentials-based access policies for Web Services (3PAC) which scales well and can be implemented in existing deployments

van Bemmel, Jeroen

University of Twente Research Information

3PAC: Enforcing Access Policies for Web Services

NARCIS 

A rule-based framework for role-based delegation and revocation”,

A secure identity-based capability system”,

A Trustbased Context-Aware Access Control Model for Web-Services”,

Capability-Based Computer System”,.

Kerberos: An Authentication Service for Computer Networks”,

Protocol for the OASIS Security Assertion Markup Language (SAML) v1.1, OASIS Standard,

Proxy-based authorization and accounting for distributed systems,

Role-Based Access Control Models&quot;,

Role-based access control on the web”,

Security: SAML Token Profile 1.0, OASIS Standard,

Security: SOAP Message Security 1.0, OASIS Standard,

Security: UsernameToken Profile 1.0, OASIS Standard,

Service Oriented Computing: Key Concepts and Principles”,

Services security Kerberos token profile, http://www.oasisopen.org/committees/download.php/1049/WSS -Kerberos-03.pdf (visited 20/12/2004)

Towards a credential-based implementation of compound access control policies”,

Vinci: A service-oriented architecture for rapid development of web applications”,

3PAC: Enforcing Access Policies for Web Services

Abstract

Similar works

Full text

Available Versions

University of Twente Research Information

NARCIS