Logo des Repositoriums
 
Konferenzbeitrag

Service Oriented Security Architecture

Lade...
Vorschaubild

Volltext URI

Dokumententyp

Text/Conference Paper

Zusatzinformation

Datum

2007

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Gesellschaft für Informatik e. V.

Zusammenfassung

As Service Oriented Architectures (SOA) and Web services are becoming widely deployed, the problematic of security is far from being solved. In an attempt to address this issue, the industry proposed several extensions to the SOAP protocol that currently reached different levels of standardization. However, no architectural guidelines have yet been proposed. In this paper we first outline the security challenges and the specifications that address these challenges and then present our concept - the Service Oriented Security Architecture, SOSA . We argue that the different security functions (authentication, authorization, audit, etc.) should be realized as different stand-alone Web services - security services. These security services can then be chained together by means of Enterprise Application Integration (EAI) techniques such as message routing on Enterprise Services Buses (ESB). Next, we will present a prototypical implementation of this framework and describe our experiences so far. We show that by distributing the security functions, a more flexible architecture can be designed that would lower the costs associated with implementation, administration and maintenance.

Beschreibung

Opincaru, Cristian; Gheorghe, Gabriela (2007): Service Oriented Security Architecture. Enterprise modelling and information systems architectures – concepts and applications. Bonn: Gesellschaft für Informatik e. V.. PISSN: 1617-5468. ISBN: 978-3-88579-213-0. pp. 61-74. Regular Research Papers. St. Goar. October 8-9, 2007

Schlagwörter

Zitierform

DOI

Tags