

Patterns for Authentication and Authorisation Infrastructures

14 years 10 months ago
Patterns for Authentication and Authorisation Infrastructures
In line with the growing success of e-commerce demands for an open infrastructure providing security services are growing stronger. Authentication and Authorisation Infrastructures (AAIs) enhanced with an attribute-based access control model (ABAC) offer such services to service federations and customers. As AAIs are a security enhancing technology, design and implementation must comply with extremely high quality standards. Failures and vulnerabilities in the provided basic security services exponentially affect the service providing processes. Various AAI concepts, frameworks, and products have been developed in the past. Building on these experiences, we define a pattern system for AAIs. It will ensure interoperability and quality of future AAI solutions. The derived pattern system consists of security patterns already published and in use, as well as on open standards like SAML and XACML and related patterns. It can be directly used in the software development cycle, as proposed b...
Roland Erber, Christian Schläger, Günthe
Added 02 Jun 2010
Updated 02 Jun 2010
Type Conference
Year 2007
Authors Roland Erber, Christian Schläger, Günther Pernul
Comments (0)