{"title":"联邦安全:对象存储库和Web服务的轻量级安全基础设施","authors":"M. Hatala, Ty Mey Eap, Ashok Shah","doi":"10.1109/NWESP.2005.41","DOIUrl":null,"url":null,"abstract":"To realize the idea of Web services as a scalable technology, enabling access to a provider's resources for a wide range of clients, requires a similar scalable security solution. Management of user accounts for all possible clients in each provider is simply unfeasible. The alternative approach to having federated identity management is currently being developed by main software vendors. In this paper we present the design and implementation of a lightweight security infrastructure, for the federated security, that enable the establishment of a trust federation between several organizations. The infrastructure consists of an augmented security layer placed on top of the Web service protocol. The solution utilizes the latest WS-security specifications and, at the infrastructure level, is compatible with Shibboleth - a federated security solution for Web resources. In order to illustrate the potential of the infrastructure, we describe it in the context of two case studies: an object repository with complex access policies and the connection with the authenticated P2P network for learning resources.","PeriodicalId":433802,"journal":{"name":"International Conference on Next Generation Web Services Practices (NWeSP'05)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":"{\"title\":\"Federated security: lightweight security infrastructure for object repositories and Web services\",\"authors\":\"M. Hatala, Ty Mey Eap, Ashok Shah\",\"doi\":\"10.1109/NWESP.2005.41\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"To realize the idea of Web services as a scalable technology, enabling access to a provider's resources for a wide range of clients, requires a similar scalable security solution. Management of user accounts for all possible clients in each provider is simply unfeasible. The alternative approach to having federated identity management is currently being developed by main software vendors. In this paper we present the design and implementation of a lightweight security infrastructure, for the federated security, that enable the establishment of a trust federation between several organizations. The infrastructure consists of an augmented security layer placed on top of the Web service protocol. The solution utilizes the latest WS-security specifications and, at the infrastructure level, is compatible with Shibboleth - a federated security solution for Web resources. In order to illustrate the potential of the infrastructure, we describe it in the context of two case studies: an object repository with complex access policies and the connection with the authenticated P2P network for learning resources.\",\"PeriodicalId\":433802,\"journal\":{\"name\":\"International Conference on Next Generation Web Services Practices (NWeSP'05)\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-08-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Conference on Next Generation Web Services Practices (NWeSP'05)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NWESP.2005.41\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Next Generation Web Services Practices (NWeSP'05)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NWESP.2005.41","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Federated security: lightweight security infrastructure for object repositories and Web services
To realize the idea of Web services as a scalable technology, enabling access to a provider's resources for a wide range of clients, requires a similar scalable security solution. Management of user accounts for all possible clients in each provider is simply unfeasible. The alternative approach to having federated identity management is currently being developed by main software vendors. In this paper we present the design and implementation of a lightweight security infrastructure, for the federated security, that enable the establishment of a trust federation between several organizations. The infrastructure consists of an augmented security layer placed on top of the Web service protocol. The solution utilizes the latest WS-security specifications and, at the infrastructure level, is compatible with Shibboleth - a federated security solution for Web resources. In order to illustrate the potential of the infrastructure, we describe it in the context of two case studies: an object repository with complex access policies and the connection with the authenticated P2P network for learning resources.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
