In the context of Web services, access control presents some interesting challenges, especially when services are exposed to a global audience, with users accessing them from different systems and under different security settings. A decentralized approach to access control, which can be applied to such open environments, is represented by Trust Management. In fact, it is based on the peer-to-peer delegation of access rights among users, also across organizational boundaries, without supposing a-priori the existence of trusted third parties in the system. This article presents dDelega, a Trust Management framework for SOAP-style and REST-style Web services, available as open source software and usable in different application scenarios. The framework allows users to create multiple levels of delegation of access rights for protected resources. It defines various certificates, for binding names, permissions and oblivious attributes to users, adhering to relevant standards, such as WS-Security, SAML and XACML.
dDelega: Trust Management for Web Services / Tomaiuolo, Michele. - In: INTERNATIONAL JOURNAL OF INFORMATION SECURITY AND PRIVACY. - ISSN 1930-1650. - 7:3(2013), pp. 53-67. [10.4018/jisp.2013070104]
dDelega: Trust Management for Web Services
TOMAIUOLO, Michele
2013-01-01
Abstract
In the context of Web services, access control presents some interesting challenges, especially when services are exposed to a global audience, with users accessing them from different systems and under different security settings. A decentralized approach to access control, which can be applied to such open environments, is represented by Trust Management. In fact, it is based on the peer-to-peer delegation of access rights among users, also across organizational boundaries, without supposing a-priori the existence of trusted third parties in the system. This article presents dDelega, a Trust Management framework for SOAP-style and REST-style Web services, available as open source software and usable in different application scenarios. The framework allows users to create multiple levels of delegation of access rights for protected resources. It defines various certificates, for binding names, permissions and oblivious attributes to users, adhering to relevant standards, such as WS-Security, SAML and XACML.| File | Dimensione | Formato | |
|---|---|---|---|
|
dDelega:-Trust-Management-for-Web-Services.pdf
non disponibili
Tipologia:
Documento in Post-print
Licenza:
NON PUBBLICO - Accesso privato/ristretto
Dimensione
757.86 kB
Formato
Adobe PDF
|
757.86 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
|
2013-ijisp-ddelega.pdf
non disponibili
Tipologia:
Documento in Pre-print
Licenza:
Creative commons
Dimensione
395.78 kB
Formato
Adobe PDF
|
395.78 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
