Sciweavers

ETRICS
2006

Optimized Workflow Authorization in Service Oriented Architectures

14 years 4 months ago
Optimized Workflow Authorization in Service Oriented Architectures
Abstract. Complex business processes are usually realized by specifying the integration and interaction of smaller modular software components. For example, hitherto monolithic enterprise resource planning systems (ERP) are decomposed into Web services which are then again orchestrated in terms of Web service workflows, bringing about higher levels of flexibility and adaptability. In general, such services constitute autonomous software components with their own dedicated security requirements. In this paper we present our approach for consolidating the access control of (Web service) workflows. The proposed security engineering method allows, first, to determine for whom workflows are executable from a privileges point of view, second, to assess compliance with the principle of least privilege, and, third, helps to reduce policy enforcement costs.
Martin Wimmer, Martina-Cezara Albutiu, Alfons Kemp
Added 22 Aug 2010
Updated 22 Aug 2010
Type Conference
Year 2006
Where ETRICS
Authors Martin Wimmer, Martina-Cezara Albutiu, Alfons Kemper
Comments (0)