KIT | KIT-Bibliothek | Impressum | Datenschutz
Open Access Logo
DOI: 10.5445/IR/1000008038

SOA-aware Authorization Control

Emig, Christian; Schandua, Heiko; Abeck, Sebastian

The question how to handle authorization of digital identities in a service-oriented architecture (SOA) remains an open issue. In this paper we present a design pattern for the integration of legacy systems with SOA using out-of-the-box (unmodified) application servers and discuss how the architecture has to be extended by an Identity Management (IdM) infrastructure. We claim that the IdM infrastructure itself must be designed in a service-oriented way to fit into the overall SOA approach. We introduce a possibility how to decouple the policy enforcement point from the application server and propose an architectural design pattern to seamlessly integrate the SOA’s business-related functionality and the IdM infrastructure. An implementation case study illustrates how to apply the invocation pattern for secured web services.

Zugehörige Institution(en) am KIT Institut für Telematik (TM)
Publikationstyp Proceedingsbeitrag
Jahr 2006
Sprache Englisch
Identifikator ISBN: 0-7695-2703-5
URN: urn:nbn:de:swb:90-80380
KITopen-ID: 1000008038
Erschienen in International Conference on Software Engineering Advances (ICSEA 2006)
Externe Relationen Siehe auch
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft KITopen Landing Page