By Topic

Research and design of one security model for service-oriented multi-application architecture

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Xiaojun Wu ; Sch. of Software Eng., Xi''an Jiaotong Univ., Xi''an, China ; Cong Li

Assisted by the so-called service-oriented architecture (SOA) technique, it is more convenient and efficient to integrate multiple web applications. SOA holds lots of advantages, but there are still some security problems challenging us repeatedly. As well known by almost every developer, the security is very important for almost all systems. When considering security problems from the global view, it is essential to understand how the risks related with Internet business can be controlled during the whole development circle. Two typical examples are, respectively, how the security demand can be satisfied, and how the access control can be well done in the integrated system. In order to solve these security problems, this paper proposes one security model by using web service technology. This security model is applicable for service-oriented multi-application architecture, which can provide a comprehensive set of security web services as well as access control methods when the integrated systems are constructed. This security model consists of three parts. Firstly, the security domain includes the users' details and security information. Secondly, the application configuration files system includes the basic information, key, and configuration file of the application. Thirdly, the security manager is the core of this security model. Whenever the application sends request message via web service mechanism, the security manager sends reply message by controlling other two parts. Web services are definitely the important composition of this security model, which can response variant security requirements derived from many kinds of applications. This paper also describes the design and implementation of one instance of this security model.

Published in:

Computer Science and Service System (CSSS), 2011 International Conference on

Date of Conference:

27-29 June 2011