An authorization model without central authority for service collaboration

Ran Yang*, Chuang Lin, Yixin Jiang, Xiaowen CHU

*Corresponding author for this work

Research output: Chapter in book/report/conference proceedingConference proceedingpeer-review

Abstract

In the service-oriented computing, a single transaction initiated by a client might invoke many different services in other administrative domains. Existing models for authorizing the access assume that all services involved in collaboration are managed by the central authority, which is not always a realistic premise. In this paper, we propose a novel authorization model for dynamic service collaboration. With the authorization discovery process, the client can discover the needed authorization for service access available in other autonomous domains. With extensions to SoD relationship, the conflicts of client interests can be formalized and expressed as constraints. The authorization problems are formalized to choose the optimal access path for each task. At last, the example and experiments show the practicality and the effectiveness of our scheme.

Original languageEnglish
Title of host publication2011 IEEE Global Telecommunications Conference, GLOBECOM 2011
DOIs
Publication statusPublished - 2011
Event54th Annual IEEE Global Telecommunications Conference: "Energizing Global Communications", GLOBECOM 2011 - Houston, TX, United States
Duration: 5 Dec 20119 Dec 2011

Publication series

NameGLOBECOM - IEEE Global Telecommunications Conference

Conference

Conference54th Annual IEEE Global Telecommunications Conference: "Energizing Global Communications", GLOBECOM 2011
Country/TerritoryUnited States
CityHouston, TX
Period5/12/119/12/11

Scopus Subject Areas

  • Electrical and Electronic Engineering

User-Defined Keywords

  • Authorization
  • central authority
  • collaboration

Fingerprint

Dive into the research topics of 'An authorization model without central authority for service collaboration'. Together they form a unique fingerprint.

Cite this