Solving the Transitive Access Problem for the Services Oriented Architecture

Alan H. Karp; Jun Li

doi:10.1109/ARES.2010.34

A
ARES
2010
2010 International Conference on Availability, Reliability and Security
Abstract - Solving the Transitive Access Problem for the Services Oriented Architecture

	This Article
	Subscribers, please Login Purchase article: $19 PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Alan H. Karp Articles by Jun Li

2010 International Conference on Availability, Reliability and Security

Solving the Transitive Access Problem for the Services Oriented Architecture

Krakow, Poland

February 15-February 18

ISBN: 978-0-7695-3965-2

	ASCII Text	x
	Alan H. Karp, Jun Li, "Solving the Transitive Access Problem for the Services Oriented Architecture," 2012 Seventh International Conference on Availability, Reliability and Security, pp. 46-53, 2010 International Conference on Availability, Reliability and Security, 2010.

	BibTex	x
	@article{ 10.1109/ARES.2010.34, author = {Alan H. Karp and Jun Li}, title = {Solving the Transitive Access Problem for the Services Oriented Architecture}, journal ={2012 Seventh International Conference on Availability, Reliability and Security}, volume = {0}, year = {2010}, isbn = {978-0-7695-3965-2}, pages = {46-53}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2010.34}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - 2012 Seventh International Conference on Availability, Reliability and Security TI - Solving the Transitive Access Problem for the Services Oriented Architecture SN - 978-0-7695-3965-2 SP46 EP53 A1 - Alan H. Karp, A1 - Jun Li, PY - 2010 KW - SOA KW - web services KW - access control KW - RBAC KW - PBAC KW - ABAC KW - ZBAC VL - 0 JA - 2012 Seventh International Conference on Availability, Reliability and Security ER -

Alan H. Karp

Jun Li

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2010.34

A key goal of the Services Oriented Architecture is the composition of independently written and managed services. However, managing access to these services has proven to be a problem. A particularly difficult case involves a service that invokes another service to satisfy an initial request. In a number of cases, implementations are able to achieve either the desired functionality or the required security, but not both at the same time. We say that this service composition suffers from the transitive access problem. We show that the problem arises from a poor choice of access control mechanism, one that uses subject authentication to make access decisions, and that the problem does not occur if we use delegatable authorizations.

Index Terms:

SOA, web services, access control, RBAC, PBAC, ABAC, ZBAC

Citation:

Alan H. Karp, Jun Li, "Solving the Transitive Access Problem for the Services Oriented Architecture," ares, pp.46-53, 2010 International Conference on Availability, Reliability and Security, 2010

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.