Securing web services for deployment in health grids

In this paper we describe an approach to the facilitation of system-wide security that enables fine-grained access control within systems in which third party web services are deployed. The primary motivation for the work comes from the authors’ research into the development of grid-enabled healthca...

Full description

Saved in:
Bibliographic Details
Published in:Future generation computer systems 2006-04, Vol.22 (5), p.547-570
Main Authors: Power, D.J., Politou, E.A., Slaymaker, M.A., Simpson, A.C.
Format: Article
Language:English
Subjects:
Access control
Healthcare
Medical informatics
Security
Web services
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In this paper we describe an approach to the facilitation of system-wide security that enables fine-grained access control within systems in which third party web services are deployed. The primary motivation for the work comes from the authors’ research into the development of grid-enabled healthcare systems (or health grids). Indeed, we would argue that if the e-Health dream is to become reality, then there is a clear need for web services that enable remote access to medical data to be secured in an appropriate fashion. We compare our approach of wrapping web services with alternative approaches based on generic SOAP proxies. As an illustrative example we describe how the OGSA-DAI grid services have been secured via XACML-based access control policies.
ISSN:0167-739X
1872-7115
DOI:10.1016/j.future.2005.09.003