By Topic

Federated security: lightweight security infrastructure for object repositories and Web services

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
M. Hatala ; Sch. of Interactive Arts & Technol., Simon Fraser Univ., Surrey, BC, Canada ; Ty Mey Eap ; A. Shah

To realize the idea of Web services as a scalable technology, enabling access to a provider's resources for a wide range of clients, requires a similar scalable security solution. Management of user accounts for all possible clients in each provider is simply unfeasible. The alternative approach to having federated identity management is currently being developed by main software vendors. In this paper we present the design and implementation of a lightweight security infrastructure, for the federated security, that enable the establishment of a trust federation between several organizations. The infrastructure consists of an augmented security layer placed on top of the Web service protocol. The solution utilizes the latest WS-security specifications and, at the infrastructure level, is compatible with Shibboleth - a federated security solution for Web resources. In order to illustrate the potential of the infrastructure, we describe it in the context of two case studies: an object repository with complex access policies and the connection with the authenticated P2P network for learning resources.

Published in:

International Conference on Next Generation Web Services Practices (NWeSP'05)

Date of Conference:

22-26 Aug. 2005