	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Alan H. Karp

Fourth International Conference on Creating, Connecting and Collaborating through Computing (C5'06)

Authorization-Based Access Control for the Services Oriented Architecture

University of California, Berkeley, California USA

January 26-January 27

ISBN: 0-7695-2563-6

	ASCII Text	x
	Alan H. Karp, "Authorization-Based Access Control for the Services Oriented Architecture," Creating, Connecting and Collaborating through Computing, International Conference on, pp. 160-167, Fourth International Conference on Creating, Connecting and Collaborating through Computing (C5'06), 2006.

	BibTex	x
	@article{ 10.1109/C5.2006.9, author = {Alan H. Karp}, title = {Authorization-Based Access Control for the Services Oriented Architecture}, journal ={Creating, Connecting and Collaborating through Computing, International Conference on}, volume = {0}, year = {2006}, isbn = {0-7695-2563-6}, pages = {160-167}, doi = {http://doi.ieeecomputersociety.org/10.1109/C5.2006.9}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Creating, Connecting and Collaborating through Computing, International Conference on TI - Authorization-Based Access Control for the Services Oriented Architecture SN - 0-7695-2563-6 SP160 EP167 A1 - Alan H. Karp, PY - 2006 KW - null VL - 0 JA - Creating, Connecting and Collaborating through Computing, International Conference on ER -

Alan H. Karp, Hewlett-Packard Laboratories

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/C5.2006.9

Several attempts at using the Services Oriented Architecture have failed to achieve their goals of scalability, security, and manageability. These systems, which base access decisions on the identity of the requester, have been found to be inflexible, don?t scale well, and are difficult to use and to upgrade. This paper shows that identity-based access control is a key contributor to these failures and proposes another way to approach the problem. Basing access control decisions on authorizations presented explicitly by the requester leads to a more securable and more robust architecture.

Citation:

Alan H. Karp, "Authorization-Based Access Control for the Services Oriented Architecture," c5, pp.160-167, Fourth International Conference on Creating, Connecting and Collaborating through Computing (C5'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.