|
Published Articles >> Table of Contents >> Abstract
27th Annual International Computer Software and Applications Conference
p. 610
Managing Security Policy in a Large Distributed Web Services Environment
Symon Chang, Commerce One Inc.
Qiming Chen, Commerce One Inc.
Meichun Hsu, Commerce One Inc.
Full Article Text:
  
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CMPSAC.2003.1245404
Send link to a friend
| Abstract |
|
Effectively managing security policies in a large distributed Web Services environment is the key to secure e-business transactions. Security policy must ensure the end-to-end agreement for many-to-many interoperation; ensure the versioning interoperability and privacy of collaborating partners; and ensure the dynamic establishment of security policies because any statically defined security policy tends to be unsecured after a certain period of time. The traditional security policy configuration mechanisms, either the local configuration mechanism or the centralized configuration mechanism, cannot fully meet the above requirements. In this paper we describe a solution for managing security policies in a collaborative Web Services environment. This solution is based on ebXML CPP/CPA model and uses Interoperability Contract Document (ICD). It allows the collaboration parties to establish security policy dynamically for each individual interoperation; makes the selected policy confidential; and addresses the software, message, and policy versioning and interoperability issues. Our experience reveals the advantages of this approach over others.
|
 Additional Information
|
Citation:
Symon Chang, Qiming Chen, Meichun Hsu,
"Managing Security Policy in a Large Distributed Web Services Environment,"
compsac,
p. 610,
27th Annual International Computer Software and Applications Conference,
2003
|
|
