Building a Distributed Semantic-aware Security Architecture

Abstract: Abstract. Enhancing the service-oriented architecture paradigm with semantic components is a new field of research and goal of many ongoing projects. The results lead to more powerful web applications with less development effort and better user support. While some of these advantages are without doubt novel, challenges and opportunities for the security arise. In this paper we introduce a security architecture built in a semantic service-oriented architecture. Focusing on an attributebased access control appr… Show more

“…First ideas and the preliminary overall architecture of our security infrastructure for Access-eGov have already been presented in [4] and [5]. Similar approaches have as well been identified by [22], [23], [24].…”

“…Currently available implementations of the XACML specification are for example OpenXACML 2 , enterprise-java-xacml from Google code 3 , HERAS XACML 4 , JBoss XACML 5 , and Sun's XACML 6 . At the time we started implementation we selected Sun's XACML implementation as it was the most mature one available.…”

“…Our semantic security architecture for service-oriented systems based on the attribute-based access control paradigm [3] has already been described in [4], [5], [6] and has now successfully been implemented.…”

A Semantic Security Architecture for Web Services The Access-eGov Solution

“…First ideas and the preliminary overall architecture of our security infrastructure for Access-eGov have already been presented in [4] and [5]. Similar approaches have as well been identified by [22], [23], [24].…”

“…Currently available implementations of the XACML specification are for example OpenXACML 2 , enterprise-java-xacml from Google code 3 , HERAS XACML 4 , JBoss XACML 5 , and Sun's XACML 6 . At the time we started implementation we selected Sun's XACML implementation as it was the most mature one available.…”

“…Our semantic security architecture for service-oriented systems based on the attribute-based access control paradigm [3] has already been described in [4], [5], [6] and has now successfully been implemented.…”

A Semantic Security Architecture for Web Services The Access-eGov Solution

“…Eine sorgfältige Erhebung der Anforderungen von Behördenseite hat die Grenzen für die funktionale Spezifikation der für Access-eGov nötigen Komponenten ergeben [15,16]. Abbildung 4 zeigt einen Überblick über die daraus resultierende serviceorientierte Architektur.…”

Eine verteilte Autorisierungsinfrastruktur unter Berücksichtigung von Datenschutzaspekten

“…A parallel evaluation between the identified functional policy requirements and the constraints imposed by the nature of tactical SOA, was undertaken for the examination of suitable security policy frameworks. This examination included commonly used mechanisms, such as WS -Security, SAML [5], XACML [6] and Ponder [7], as well as recent semantic (REI [8], KAOS [9], ROWLBAC [10], Kolter et al [11], Trivellato et al [12]) and trust management frameworks (cassandra [13], Tulip [14], RT [15], Peer-Trust [16]). This analysis promoted the use of web ontology language (OWL) as the most suitable solution in respect to the requirements of tactical SOA.…”

A Security Policy Infrastructure for Tactical Service Oriented Architectures