Click here for full text:
Secure Hardware-based Distributed Authorisation Underpinning a Web Service Framework
Casassa Mont, Marco; Baldwin, Adrian; Pato, Joe
Keyword(s): authorisation; access control; secure hardware; web services
Abstract: This paper presents a distributed authorisation model suitable for use in a web service framework where multiple parties are involved in performing a particular transaction. The authorisation model uses a third party authorisation service that checks users or services' credentials against a set of authorisation policies. A traditional service provision model does not scale well for such transactions. The proposed model uses a hardware security appliance to deliver the service to the most appropriate site involved in the transaction. The authorisation model supports a multi-party session so that authorisation policies can be checked and built as part of the web service composition process.
Back to Index