Abstract
Web services orchestration is a new research area that focuses on the development of methodologies and techniques for composing web services to support business operations and processes. Despite the promises, the absence of adequate security is a major obstacle in the adoption of web services orchestration. Currently, existing web services orchestration standards do not offer direct support for security, resulting in a gap between the commercial needs and these standards. In this paper, we propose an access control system named Access Control Composer for web services orchestration by leveraging several existing authorization mechanisms. We show how the security gap can be mended by integrating access control techniques into web services orchestration standards. We also present a distributed, loosely-coupled system architecture that leverages several emerging standards, such as BPEL4WS and XACML.
| Original language | English (US) |
|---|---|
| Pages | 4116-4125 |
| Number of pages | 10 |
| State | Published - 2004 |
| Event | 10th Americas Conference on Information Systems, AMCIS 2004 - New York, United States Duration: Aug 6 2004 → Aug 8 2004 |
Conference
| Conference | 10th Americas Conference on Information Systems, AMCIS 2004 |
|---|---|
| Country/Territory | United States |
| City | New York |
| Period | 8/6/04 → 8/8/04 |
Keywords
- Access Control
- BPEL4WS
- Web Services Orchestration
- Workflow Security
- XACML
ASJC Scopus subject areas
- Library and Information Sciences
- Information Systems
- Computer Science Applications
- Computer Networks and Communications