Sciweavers

IJISEC
2002

Securing SOAP e-services

14 years 4 days ago
Securing SOAP e-services
Remote service invocation via HTTP and XML promises to become an important component of the Internet infrastructure. Work is ongoing in the W3C XML Protocol Working Group to define a common standard, and solutions like SOAP and XML-RPC are already used in a few situations, demonstrating the potential. However, no standard technique for access control security is currently defined for these protocols. In this paper, we propose an approach that relies on the XML structure of SOAP requests to support fine-grained authorizations at the level of individual XML elements and attributes that compose a SOAP call. The result is a simple yet general technique to specify and enforce fine-grained access control for e-services. Key words SOAP
Ernesto Damiani, Sabrina De Capitani di Vimercati,
Added 22 Dec 2010
Updated 22 Dec 2010
Type Journal
Year 2002
Where IJISEC
Authors Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, Pierangela Samarati
Comments (0)