Optimized Workflow Authorization in Service Oriented Architectures

Wimmer, Martin; Albutiu, Martina-Cezara; Kemper, Alfons

doi:10.1007/11766155_3

Cited by 6 publications

(2 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [1] we presented a security engineering approach for optimizing the access control of Web service compositions by determining the maximum set of authorized subjects. As we will show in this paper, in order to treat generic composite applications, privilege relaxation tests are required in addition.…”

Section: Introductionmentioning

confidence: 99%

“…Therefore, a consolidated policy is required that is tailored to the functionality of the composite application. The consolidation process derives the following information: (1) what are the least required privileges for the execution of the composite application and (2) who is granted these privileges. The first aspect allows to meet the security officer's requirements by defining access rules and role profiles that are restricted to the functionality of the composite application.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Consolidating the Access Control of Composite Applications and Workflows

Wimmer

Kemper

Rits

et al. 2006

Data and Applications Security XX

Self Cite

View full text Add to dashboard Cite

Abstract. The need for enterprise application integration projects leads to complex composite applications. For the sake of security and efficiency, consolidated access control policies for composite applications should be provided. Such a policy is based on the policies of the corresponding autonomous sub-applications and has the following properties: On the one hand, it needs to be as restrictive as possible to block requests which do not comply with the integrated sub-applications' policies. Thereby, unsuccessful executions of requests are prevented at an early stage. On the other hand, the composite policy must grant all necessary privileges in order to make the intended functionality available to legitimate users.In this paper, we present our formal model and respective algorithmic solutions for consolidating the access control of composite applications. The generated policies conform to the presented requirements of the least privileges paradigm and, thus, allow to revise and optimize the access control of composite applications. We demonstrate this by means of Web service workflows that constitute the state of the art for the realization of business processes.

show abstract

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%