Title :
Policy control management for Web Services
Author :
Marcon, Arlindo L., Jr. ; Santin, Altair O. ; de Paula Lima, L.A. ; Obelheiro, Rafael R. ; Stihler, Maicon
Author_Institution :
Grad. Program in Comput. Sci., Pontifical Catholic Univ. of Parana, Parana, Argentina
Abstract :
The decentralization of corporate policy administration aiming to maintain the unified management of user permissions is a hard task. The heterogeneity and complexity of corporate environments burdens the security administrator with writing equally complex policies. This paper proposes an architecture based on Web Services, policy provisioning, and authorization certificates, to build up a loosely coupled unified administrative control for corporate environments. A certificate-based permission management scheme is used to derive new policies in the local domains of each branch. These new policies will update the corporate repository which, in turn, will configure the corresponding policies in the local domains of each branch. The Web Services technology provides the underlying protocols for the development of a prototype which shows the feasibility of our proposal.
Keywords :
Web services; authorisation; Web services; authorization certificates; certificate-based permission management; corporate environment; corporate policy administration; equally complex policies; loosely coupled unified administrative control; policy control management; policy provisioning; security administrator; user permission; Access control; Authorization; Computer science; Information security; Permission; Proposals; Prototypes; Resource management; Service oriented architecture; Web services; Authorization Certificates; Policy Management; Web Services Security;
Conference_Titel :
Integrated Network Management, 2009. IM '09. IFIP/IEEE International Symposium on
Conference_Location :
Long Island, NY
Print_ISBN :
978-1-4244-3486-2
Electronic_ISBN :
978-1-4244-3487-9
DOI :
10.1109/INM.2009.5188786
