Abstract
Service-oriented architecture (SOA) is widely recognized as an especially effective solution for integrating loosely coupled and distributed resources. One of the major challenges in developing SOAbased applications is the management of authorization requirements in distributed environments. This paper proposes a formal authorization model based on a role-based access control model to demonstrate the approach for authorizing service requesters, to access a particular service and information under specific permissions in an SOA. The proposed model defines the authorization relationships and constraints among users (service requesters), roles, permissions, and services according to first-order logic and set theory. Furthermore, role hierarchy and service hierarchy are discussed to fulfill the requirements for authorization hierarchy. Finally, we use a health care system developed in a service-based architecture to demonstrate the utility of the concepts of the proposed authorization model.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
