Paper Info
Title
SOA-Aware Authorization Control
Abstract
The question how to handle authorization of digital identities in a service-oriented architecture (SOA) remains an open issue. In this paper we present a design pattern for the integration of legacy systems with SOA using out-of-the-box (unmodified) application servers and discuss how the architecture has to be extended by an Identity Management (IdM) infrastructure. We claim that the IdM infrastructure itself must be designed in a service-oriented way to fit into the overall SOA approach. We introduce a possibility how to decouple the policy enforcement point from the application server and propose an architectural design pattern to seamlessly integrate the SOA¿s business-related functionality and the IdM infrastructure. An implementation case study illustrates how to apply the invocation pattern for secured web services.
Year
DOI
Venue
2006
10.1109/ICSEA.2006.63
Tahiti
Keywords
Field
DocType
design pattern,business-related functionality,invocation pattern,idm infrastructure,architectural design pattern,overall soa approach,identity management,service-oriented architecture,application server,soa-aware authorization control,digital identity,application software,security,protocols,legacy system,authorization,service oriented architecture,web services,web service,investments
Architecture,Software engineering,Computer security,Computer science,Identity management,Web service,Application software,Service-oriented architecture,Legacy system,Design pattern,Application server
Conference
ISBN
Citations 
PageRank 
0-7695-2703-5
5
0.63
References 
Authors
2
3
Name
Order
Citations
PageRank
Christian Emig1536.22
Heiko Schandua250.63
Sebastian Abeck317030.71