The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The emergence of XML-based web services as a new software development paradigm increases the expectations of getting better software that address the various collaboration demands over Internet between organizations, or what's termed virtual Organization (VO). The development of appropriate identity management systems between these heterogeneous security domains will be the key enabler for such collaboration...
Service composition is an effective way to achieve value-added service, which has found wide application in various areas. security design at architecture level is critical to achieve high assurance for these applications. However, most security design techniques for service composition were in ad hoc fashion and fell short in precise notations. This paper proposes a formal aspect-oriented approach...
The service-oriented computing paradigm and its application to support e-Infrastructures offers, at least in principle, the opportunity to realise platforms for multi- and inter-disciplinary research. Augmenting the service-oriented model for e-Research are mechanisms for services to be coupled and enacted in a coordinated manner through workflow environments. Typically workflows capture a research...
Mashups are a new breed of interactive web applications that aggregate and stitch together data retrieved from one or more sources to create an entirely new and innovative set of services. The paradigm is not limited to social networks and many enterprises are redesigning their business processes to create interactive systems in the form of mashups. However, protecting users' private data from unauthorized...
With the Web Services widely used in the distributed systems, the demand for cross-domain authentication is increasing day by day, its security issues become more and more prominent. Aiming at disadvantages of the cross-domain authentication, this article presents a dynamic authentication mechanism crossing domains for Web Services based on SAML. It can achieve single sign-on and improve the interoperability...
To address the challenges in Web services security, the author firstly analyzed threats facing Web services and related security standards, presented integrated security framework based on use of authentication, authorization, confidentiality, and integrity mechanisms for Web services, and proposed how to integrate and implement these security mechanisms in order to make Web services robust against...
Web-based systems are now widely used in many fields. Users are usually required to conduct identity authentication separately when logging in different systems before getting service. For the sake of security, it is improper to use a global identifier and password among several systems. Many approaches are proposed to solve the problem, among which single sign-on (SSO) is most popular schema with...
Service-Oriented Architecture (SOA) is a paradigm for creating and encapsulating business processes in the form of loose-coupling, autonomous and abstracted services. Managing the non-functional requirements of SOA such as security, is an over arching problem due to the wide variety of ways the service consumer can access the services offered by the service provider and the equally varied restrictions...
In modern grids, authentication is usually implemented via an X.509 PKI. Proxy certificates are employed to facilitate interaction with the grid, especially for purposes of delegation and single sign-on. However, due to the nature of proxy credentials, these can be obtained by an unauthorized third party and abused for disruptive actions or unauthorized resource consumption. We propose modifications...
The adoption of ID security authorization is the inevitable trend for the development of Web service security technology according to the requirement of diversification, integration and convenience for Web service. In this paper, a URL-based Web service unified ID authorization model is proposed based on the existent Web service security regulation firstly. Then the key technologies related with the...
A federated security scheme based on WS-Security standard for cross-domain grid is proposed. It integrates the WS-Security standard and the grid security mechanism. A trust model is established based on WS-Trust specification. A communication is established based on WS-SecureConversation specification. The architecture is implemented in a SAML-based federated authentication and authorization cross-domain...
Web service is a new service-oriented computing paradigm which poses the unique security challenges due to its inherent heterogeneity and highly dynamic nature. A key challenge in Web service security is the design of effective access control schemas. However, traditional role-based access control (RBAC) model can not meet the dynamic and context sensitivity features of Web service demands. In this...
One of the most significant difficulties with developing service-oriented architecture (SOA) concerns its security challenges. In particular, the authorization task is especially demanding because of the diverse access requirements within the various SOA environments, such as the business world, the academic setting and the industry atmosphere. In this paper, we propose a 4-attribute vector authorization...
The success of service-oriented architectures (SOAs) and the Web Service technology in fulfilling the business's needs for inter-enterprise processes led to new challenges for security management in federated environments. Because of the predominant aspect of loose coupling in a SOA the issue of where to locate the processes of authentication and authorization, forming together the access control,...
Especially within grid infrastructures driven by high-performance computing (HPC), collaborative online visualization and steering (COVS) has become an important technique to dynamically steer the parameters of a parallel simulation or to just share the outcome of simulations via visualizations with geographically dispersed collaborators. In earlier work, we have presented a COVS framework reference...
This paper presents a service oriented architecture for real-time integration of services, how to distribute them in a local domain and how to define a secure way of accessing resources using users' and services' authorization and authentication. This work take advantage of previous European R&D projects focused on del.ivering applications and utilities in embedded real-time environments and the...
Based on the iDM concept, this paper proposes an extensible data model with an 8-tuple representation, which can not only describe more complex data sources by extending the Group Component, but also contain rule-based security elements, which consist of Access Component and Authorization Component. Data model is detailed and two corresponding examples are analyzed to verify our approach.
The loose coupling of services is a key characteristic for modern IT-systems based on SOA. This paper analyzes the design and realization of SOA security in a SOA-compliant fashion. It focuses on federated authentication and authorization based on Web services security technologies. The SOA-style infrastructure of the eCR specification is used as a practical case study. eCR systems address the exchange...
Service oriented architecture is being commonly used in systems integration, including command and control applications, providing many advantages. But the blind adoption of SOA brings together other concerns, especially when applying an access control mechanism. This paper reviews commonly adopted concepts used in access control in the context of SOA environments and considers some access control...
Conflicts can occur in access control models due to many reasons. Conflict resolution in real-time can be a challenging task due to the complexity of the access control rules. For a large number of access rules for a given service, detecting exactly which rules caused conflicts can be a daunting task. This paper describes an algorithm to resolve conflicts using the ARSL (Authorization Rule Specification...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.