Specification and design of advanced authentication and authorization services
نویسندگان
چکیده
A challenging task in security engineering concerns the specification and integration of security with other requirements at the top level of requirements engineering. Empirical studies show that it is common at the business process level that customers and end users are able to express their security needs. Among the security needs of Internet applications, authentication and authorization services are outstanding and, sometimes, privacy becomes a parallel requirement. In this paper, we introduce a methodology for the specification of security requirements and use a case of studies to apply our solution. We further detail the resulting system after extending it with an Authentication and Authorization Infrastructure.
منابع مشابه
Engineering Authorization Services for the Service Oriented Architecture
The service-oriented architecture (SOA) can be used to build new solutions leveraging services, to cleave together existing applications or to cleave apart existing applications. The SOA provides many benefits such as cost saving to organizations by increasing the speed of implementation of any application(s) required and reducing the expenditure on integration technologies. However, security i...
متن کاملAn Authorization Framework for a Grid Based Component Architecture
This paper1 presents an architecture to meet the needs for authentication and authorization in Grid based component systems. While Grid Security Infrastructure (GSI) [1] is widely accepted as the standard for authentication on the Grid, distributed authorization is still an open problem being investigated by various groups [2],[3],[4]. Our design provides authentication and fine-grained authori...
متن کاملINTERNET - DRAFT Diameter NAS Application Feb
This document describes the Diameter protocol application used for Authentication, Authorization and Accounting (AAA) services in the Network Access Server (NAS) environment. This application specification, when combined with the Diameter Base protocol, Transport Profile, and Extensible Authentication Protocol specifications, satisfies typical network access services requirements. Initial deplo...
متن کاملDesign of Integration Security System using XML Security
In this paper, we design an integration security system that provides authentication service, authorization service, and management service of security data and a unified interface for the management service. The interface is originated from XKMS protocol and is used to manage security data such as XACML policies, SAML assertions and other authentication security data including public keys. The...
متن کاملThe Specification and Enforcement of Advanced Security Policies
In a distributed multi-user environment, the security policy must not only specify legitimate user privileges but also aid in the detection of the abuse of the privileges and adapt to perceived system threat conditions. This paper advocates extending authorization policy evaluation mechanisms with a means for generating audit data allowing immediate notification of suspicious application level ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computer Standards & Interfaces
دوره 27 شماره
صفحات -
تاریخ انتشار 2005