On Evolving Organizational Models without Losing Control on Authorization Constraints in Web Service Orchestrations
Providing adequate access control is crucial for the proper execution of any Web Service (WS) orchestration. Typically, access rules and authorization constraints are defined for a WS orchestration and are resolved over an organizational model at runtime in order to find authorized users to perform orchestration tasks. As known from many practical studies, organizational models are frequently subject to change (e.g., outsourcing or restructuring). Although the effects of organizational changes on access rules have been investigated so far, their effects on authorization constraints remain still completely unclear, albeit violating authorization constraints might lead to severe problems such as security holes. In this paper, we systematically investigate the effects of organizational changes on authorization constraints and propose different strategies to cope with possible violations. We evaluate our results along the most common types of authorization constraints and discuss the impact of the selected implementation choice.
Stefanie Rinderle-Ma Maria Leitner
University of Vienna, Austria Faculty of Computer Science
国际会议
上海
英文
128-135
2010-11-10(万方平台首次上网日期,不代表论文的发表时间)