Security System for Distributed Business Applications
Thomas Schmidt (Vienna University of Technology, Austria), Gerald Wippel (Vienna University of Technology, Austria), Klaus Glanzer (Vienna University of Technology, Austria) and Karl Furst (Vienna University of Technology, Austria)
Copyright: © 2008
Internet-focused application components of cooperating enterprises need comprehensive security technologies that go far beyond simple Internet authentication and authorization mechanisms. Basically, authentication is the process of determining the identity of a user or system, whereas authorization is the process of specifying who is allowed to access which resources. XML-based Web services is an upcoming and very promising technology. It enables the communication among Internet application components regardless of their implementation language. A major drawback of existing Web service approaches is the missing security conventions. Therefore, we concentrated all our effort on developing a holistic extended enterprise authentication and authorization system to facilitate agile and secure enterprise-spanning business processes with Web service-enabled application components.