An Identity and Access Management approach for SOA

2016 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT) Pub Date : 2016-12-01 DOI:10.1109/ISSPIT.2016.7886021

Georgios Katsikogiannis, S. Mitropoulos, C. Douligeris

{"title":"An Identity and Access Management approach for SOA","authors":"Georgios Katsikogiannis, S. Mitropoulos, C. Douligeris","doi":"10.1109/ISSPIT.2016.7886021","DOIUrl":null,"url":null,"abstract":"Various Identity and Access Management (IAM) architectural challenges are emerging for the effective deployment of applications in a Service-Oriented Architecture (SOA) context. SOA solutions should incorporate efficient access control techniques and adopt an optimal setup among countless and complex approaches in providing access control services. Web Single Sign-on (SSO), federated identities, password synchronization and service granularity can be accomplished through the IAM capabilities, so that SOA can address and fulfil most of the contemporary access management challenges. This paper proposes an innovative model to manage the multilevel integration of identity, authentication and authorization modules based on formal policy-based methods and various access control mechanisms in order to provide secure access to the resources. In the proposed model, we analyze and integrate identity, authentication, user roles, authorization access control levels, and rule validation mechanisms. Finally, the model offers policy-based and integration capabilities enabling automated controls, improved efficiency and simplified management.","PeriodicalId":371691,"journal":{"name":"2016 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT)","volume":"124 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISSPIT.2016.7886021","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 11

Abstract

Various Identity and Access Management (IAM) architectural challenges are emerging for the effective deployment of applications in a Service-Oriented Architecture (SOA) context. SOA solutions should incorporate efficient access control techniques and adopt an optimal setup among countless and complex approaches in providing access control services. Web Single Sign-on (SSO), federated identities, password synchronization and service granularity can be accomplished through the IAM capabilities, so that SOA can address and fulfil most of the contemporary access management challenges. This paper proposes an innovative model to manage the multilevel integration of identity, authentication and authorization modules based on formal policy-based methods and various access control mechanisms in order to provide secure access to the resources. In the proposed model, we analyze and integrate identity, authentication, user roles, authorization access control levels, and rule validation mechanisms. Finally, the model offers policy-based and integration capabilities enabling automated controls, improved efficiency and simplified management.

查看原文本刊更多论文

用于SOA的身份和访问管理方法

为了在面向服务的体系结构(SOA)上下文中有效地部署应用程序，出现了各种身份和访问管理(IAM)体系结构挑战。SOA解决方案应该结合有效的访问控制技术，并在提供访问控制服务的无数复杂方法中采用最优设置。Web单点登录(SSO)、联邦身份、密码同步和服务粒度都可以通过IAM功能来实现，这样SOA就可以解决并完成大多数当代访问管理挑战。本文提出了一种基于正式策略方法和各种访问控制机制的身份、认证和授权模块多级集成管理的创新模型，以提供对资源的安全访问。在提出的模型中，我们分析并集成了身份、身份验证、用户角色、授权访问控制级别和规则验证机制。最后，该模型提供基于策略和集成的功能，支持自动化控制、提高效率和简化管理。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2016 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT)

自引率

0.00%

发文量