Abstract : Enforcing complex policies that span organizational domains is an open challenge. Current work on SOA policy enforcement splits security in logical components that can be distributed across domains, but does not offer any concrete solution to integrate this security functionality so that it works across security services for organization-wide policies. In this paper, we propose xESB, an enhanced version of an Enterprise Message Bus (ESB), where we monitor and enforce preventive and reactive policies, both for access control and usage control policies, and both inside one domain and between domains. In addition, we introduce indicators that help SOA administrators assess the effectiveness of their policies. Our performance measurements show that policy enforcement at the ESB level comes with only moderate penalties.
Type de document :
Communication dans un congrès
Masakatsu Nishigaki; Audun Jøsang; Yuko Murayama; Stephen Marsh. 4th IFIP WG 11.11 International on Trust Management (TM), Jun 2010, Morioka, Japan. Springer, IFIP Advances in Information and Communication Technology, AICT-321, pp.63-78, 2010, Trust Management IV. 〈10.1007/978-3-642-13446-3_5〉
https://hal.inria.fr/hal-01061319
Contributeur : Hal Ifip
<>
Soumis le : vendredi 24 novembre 2017 - 17:00:36
Dernière modification le : samedi 25 novembre 2017 - 01:24:00
Gabriela Gheorghe, Stephan Neuhaus, Bruno Crispo. xESB: An Enterprise Service Bus for Access and Usage Control Policy Enforcement. Masakatsu Nishigaki; Audun Jøsang; Yuko Murayama; Stephen Marsh. 4th IFIP WG 11.11 International on Trust Management (TM), Jun 2010, Morioka, Japan. Springer, IFIP Advances in Information and Communication Technology, AICT-321, pp.63-78, 2010, Trust Management IV. 〈10.1007/978-3-642-13446-3_5〉. 〈hal-01061319〉
