EFSOC: A Layered Framework for Developing Secure Interactions between Web-Services

Enterprises are rapidly extending their relatively stable and internally-oriented business processes and applications with loosely-coupled enterprise software services in order to support highly dynamic, cross-organizational business processes. These services are no longer solely based on internal e...

Full description

Saved in:
Bibliographic Details
Published in:Distributed and parallel databases : an international journal 2005-09, Vol.18 (2), p.115-145
Main Authors: den Heuvel, Willem-Jan van, Leune, Kees, Papazoglou, Mike P.
Format: Article
Language:English
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Enterprises are rapidly extending their relatively stable and internally-oriented business processes and applications with loosely-coupled enterprise software services in order to support highly dynamic, cross-organizational business processes. These services are no longer solely based on internal enterprise systems, but often implemented, deployed and executed by diverse, external service providers. The ability to dynamically configure cross-organizational business processes with a mixture of internal and external services imposes new security requirements on existing security models.In this paper, we address the problem of defining and enforcing access control rules for securing service invocations in the context of a business process. For this purpose, we amortize existing role-based access control models that allow for dynamic delegation and retraction of authorizations. Authorizations are assigned on an event-driven basis, implementing a push-based interaction protocol between services. This novel security model is entitled the Event-driven Framework for Service Oriented Computing (EFSOC). In addition, this article presents an experimental prototype that is explored using a realistic case study.
ISSN:0926-8782
1573-7578
DOI:10.1007/s10619-005-1400-1