Abstract
This paper presents an extended architecture of a policy definition framework fine-tuned for service-oriented environments conforming to the SOA distributed processing paradigm. We establish key requirements for such a framework, and use these to confront existing distributed policy frameworks. We also define a policy language destined to fulfill all recognized requirements and give a brief overview of its syntax.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
MacKenzie, C.M., Laskey, K., McCabe, F., Brown, P., Metz, R.: Reference Model for Service Oriented Architecture. OASIS Committee Draft 1.0, OASIS Open (2006)
Moses, T.: eXtensible Access Control Markup Language (XACML) version 2.0. OASIS Open (2005)
Bajaj, S., et al.: Web Services Policy 1.2 – Framework (WS-Policy). W3C Member Submission (2006)
Della-Libera, G., et al.: WS-SecurityPolicy. Public Consultation Draft Release, Version 1.1 (2005)
Cantor, S., Kemp, J., Philpott, R., Maler, E.: Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Open (2005)
Becker, M.Y., Fournet, C., Gordon, A.D.: SecPAL: Design and Semantics of a Decentralized Authorization Language. Technical Report MSR-TR-2006-120, Microsoft Research, Cambridge (2006)
Li, N., Mitchell, J.C.: Datalog with constraints: A foundation for trust management languages. In: Dahl, V., Wadler, P. (eds.) PADL 2003. LNCS, vol. 2562, pp. 58–73. Springer, Heidelberg (2003)
Damianou, N., Dulay, N., Lupu, E., Sloman, M.: Ponder: A language for specifying security and management policies for distributed systems. Technical Report, Imperial College, London (2000)
Twidle, K., Dulay, N., Lupu, E., Sloman, M.: Ponder2: A Policy System for Autonomous Pervasive Environments. In: Proc. 5th Int’l Conf. Autonomic and Autonomous Systems ICAS, Valencia, Spain (2009)
Schloegel, K., et al.: Security Policy Automation – from Specification to Device Configuration. In: 26th Army Science Conference (2008)
Jurjens, J.: UMLsec: Extending UML for Secure Systems Development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, p. 412. Springer, Heidelberg (2002)
Lodderstedt, T., Basin, A.D., Doser, J.: SecureUML: A UML-Based Modeling Language for Model-Driven Security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, p. 426. Springer, Heidelberg (2002)
Nadalin, A., Kaler, C., Monzillo, R., Hallam-Baker, P.: Web Services-Security: SOAP Message Security 1.1 (WS-Security 2004). OASIS Open (2006)
ISO/IEC 10181-3:1966 Information technology – Open Systems Interconnection – Security frameworks for open systems: Access control framework (1966)
Westerinen, A., et al.: Terminology for Policy-Based Management, IETF RFC 3198 (2001)
Terry, D.B., Demers, A.J., Petersen, K., Spreitzer, M., Theimer, M., Welch, B.W.: Session guarantees for weakly consistent replicated data. In: 3rd Int’l Conf. Parallel and Distributed Information Systems, Austin (1994)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Brodecki, B., Sasak, P., Szychowiak, M. (2009). Security Policy Definition Framework for SOA-Based Systems. In: Vossen, G., Long, D.D.E., Yu, J.X. (eds) Web Information Systems Engineering - WISE 2009. WISE 2009. Lecture Notes in Computer Science, vol 5802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04409-0_57
Download citation
DOI: https://doi.org/10.1007/978-3-642-04409-0_57
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04408-3
Online ISBN: 978-3-642-04409-0
eBook Packages: Computer ScienceComputer Science (R0)