Title :
Patterns for Authentication and Authorisation Infrastructures
Author :
Erber, Roland ; Schläger, Christian ; Pernul, Günther
Author_Institution :
Univ. of Regensburg, Regensburg
Abstract :
In line with the growing success of e-commerce demands for an open infrastructure providing security services are growing stronger. Authentication and authorisation infrastructures (AAIs) enhanced with an attribute-based access control model (ABAC) offer such services to service federations and customers. As AAIs are a security enhancing technology, design and implementation must comply with extremely high quality standards. Failures and vulnerabilities in the provided basic security services exponentially affect the service providing processes. Various AAI concepts, frameworks, and products have been developed in the past. Building on these experiences, we define a pattern system for AAIs. It will ensure interoperability and quality of future AAI solutions. The derived pattern system consists of security patterns already published and in use, as well as on open standards like SAML and XACML and related patterns. It can be directly used in the software development cycle, as proposed by different methodologies.
Keywords :
authorisation; message authentication; SAML; XACML; attribute-based access control model; authentication and authorisation infrastructures; e-commerce demands; security enhancing technology; security services; service federations; software development cycle; Access control; Authentication; Authorization; Computer architecture; Data security; Databases; Expert systems; Information security; Information systems; Web and internet services;
Conference_Titel :
Database and Expert Systems Applications, 2007. DEXA '07. 18th International Workshop on
Conference_Location :
Regensburg
Print_ISBN :
978-0-7695-2932-5
DOI :
10.1109/DEXA.2007.4
