Access control for the services oriented architecture

2 November 2007

conference paper
Published by Association for Computing Machinery (ACM)

p. 9-17
https://doi.org/10.1145/1314418.1314421

Abstract

Federated Identity Management (FIdM) is being applied to Services Oriented Architecture (SOA) deployments that cross enterprise boundaries. Though federation is essential in order to address the distributed nature of SOA, these FIdM solutions have been found to be inflexible, unscalable, and difficult to use, manage, and upgrade. We contend that a major reason for these difficulties is that FIdM addresses the wrong aspect of the problem. Specifically, FIdM does not address the federation of access policies. What is needed is a system for Federated Access Management (FAccM). This paper demonstrates the benefits of FAccM over FIdM for SOA deployments and shows how FAccM can be implemented using the existing web services standards.

Keywords

This publication has 9 references indexed in Scilit:

Authorization-Based Access Control for the Services Oriented Architecture
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2006
Certificate-based authorization policy in a PKI environment
ACM Transactions on Information and System Security, 2003
Introduction
Communications of the ACM, 2003
Paradigm Regained: Abstraction Mechanisms for Access Control
Lecture Notes in Computer Science, 2003
CORBA: integrating diverse applications within distributed heterogeneous environments
IEEE Communications Magazine, 1997
The Confused Deputy
ACM SIGOPS Operating Systems Review, 1988
KeyKOS architecture
ACM SIGOPS Operating Systems Review, 1985
Programming semantics for multiprogrammed computations
Communications of the ACM, 1966
A general-purpose file system for secondary storage
Published by Association for Computing Machinery (ACM) ,1965

Cited by 15 articles