Method and system for synchronized policy control in a web services environment
作者: Heather Maria Hinton , Ivan Matthew Milman
DOI:
关键词: Network security policy 、 Security policy 、 Loose coupling 、 Computer network 、 WS-Policy 、 Space (commercial competition) 、 Computer security 、 Web service 、 Business 、 Service (systems architecture) 、 Object (computer science)
摘要: Access controls for a Web service (which are based on abstract WSDL definitions) defined protected object space and, as such, loosely coupled with the concrete binding derived from those definitions, preferably per level. This WSDL-defined POS is in turn bound to resource-specific definition. loose coupling leveraged allow changes (e.g., updates) binding's be transitively applied application-specific space. If appropriate, may WSDL's Thus, according invention, one-way (typically, resource level POS) or two-way (from and vice versa). technique ensures that different security policies not unintentionally same (for example, one at services entry level, other level). By synchronizing spaces manner described, neither entity deploys application nor administrator need aware of differences between request request.
lens.org 参考文章(24)
Terry Nichols, Enterprise information system architecture (EISA) ,(2005)
John K. Gerken, Douglas B. Davis, Dynamic extension of network-accessible services ,(2008)
Taras Markian Bugir, Andrew Mcculloch, System, program product, and methods to enhance media content management ,(2006)
John Ryan McGarvey, Robert C. Leah, Technique for synchronizing security credentials from a master directory, platform, or registry ,(2000)
John Ryan McGarvey, Robert C. Leah, Technique for synchronizing security credentials using a trusted authenticating domain ,(2000)
Toufic Boubez, Dimitri Sirota, Scott Morrison, System and method for bridging identities in a service oriented architecture ,(2005)
Dimitar V. Angelov, System and method for dynamic web services descriptor generation using templates ,(2005)
Sarath Indrakanti, Vijay Varadharajan, An authorization architecture for web services Lecture Notes in Computer Science. pp. 222- 236 ,(2005) , 10.1007/11535706_17
Ivan Matthew Milman, George Robert Blakely, Wayne Dube Sigler, Configurable password integrity servers for use in a shared resource environment ,(1995)
Alan D. Eldridge, Charles W. Kaufman, Method and apparatus for password based authentication in a distributed system ,(1997)