Collaborating Services of Dynamic Authentication in Service-Oriented Architecture -Based Business Processes
Main Article Content
Abstract
Modern distributed business applications are embedding an increasing degree of automation and dynamism, from dynamic supply-chain management, enterprise federations, and virtual collaborations to dynamic service interactions across organizations. Such dynamism leads to new challenges in security and dependability. In Service-Oriented Architecture (SOA), collaborating services may belong to different security realms but often need to be engaged dynamically at runtime. If a cross-realm authentication relationship cannot be generated dynamically at runtime between heterogeneous security realms, it is technically difficult to enable dynamic business processes through secure collaborations between services. A potential solution to this problem is to generate a trust relationship across security realms so that a user can use the credential in the local security realm to obtain the credentials to access resources in a remote realm. However, the process of generating such kinds of trust relationships between two disjoint security realms is very complex and time consuming, which could involve a large number of extra operations for credential conversion and require collaborations in multiple security realms. In this paper, we propose a new cross-realm authentication protocol for dynamic service interactions. This protocol does not require credential conversion or establishment of authentication paths.
Keywords: Authentication, inter-Organizational Security, Multi-party interactions, Service-Oriented Architecture, Web Services
Downloads
Article Details
COPYRIGHT
Submission of a manuscript implies: that the work described has not been published before, that it is not under consideration for publication elsewhere; that if and when the manuscript is accepted for publication, the authors agree to automatic transfer of the copyright to the publisher.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work
- The journal allows the author(s) to retain publishing rights without restrictions.
- The journal allows the author(s) to hold the copyright without restrictions.