Skip to Main content Skip to Navigation

Federated Access Control in Service Oriented Architecture

Abstract : Service-oriented architectures implemented by web services technologies provide standardized protocols for communicating and sharing information across organizational boundaries. The composition or federation of the services of independent organizations allows them to work together to quickly achieve their common goals. The access control of the shared services becomes an essential requirement for a secure federation of services. The identity federation provides part of the response by allowing users to authenticate once in an organization and to access the services of others with his authorization information or attributes. However, in a federation, the organizations may have different access control models that use authorization attributes with different, or even incompatible semantics. Interoperability between the access control models becomes crucial to the federation of services. Existing federated access control solutions are based on the single sign-on with common authorization attributes or the identity mapping that is not scalable in a service-oriented environment. In this paper, we propose a cross-organizational access control method for the federation of services protected by heterogeneous access control models. Our method is based on a new federation architecture that responds to the heterogeneity of authorization attributes via independent attributes introduced at the federation level.
Complete list of metadata

Cited literature [23 references]  Display  Hide  Download
Contributor : Abdramane BAH Connect in order to contact the contributor
Submitted on : Thursday, April 18, 2019 - 5:25:41 PM
Last modification on : Monday, August 8, 2022 - 5:32:05 PM


Files produced by the author(s)


  • HAL Id : hal-02103825, version 1


Abdramane Bah, Pascal André, Christian Attiogbé, Jacqueline Konaté. Federated Access Control in Service Oriented Architecture. [Research Report] LS2N, Université de Nantes. 2019. ⟨hal-02103825⟩



Record views


Files downloads