JOURNAL OF COMPUTERS (JCP)
ISSN : 1796-203X
Volume : 1    Issue : 8    Date : December 2006

A Policy-driven Approach to Dynamic Composition of Authentication and Authorization Patterns
and Services
Judith E. Y. Rossebø and Rolv Bræk
Page(s): 13-26
Full Text:
PDF (1,144 KB)


Abstract
During the past decade, the telecommunication environment has evolved from single operator
featuring voice services to multi-operator featuring a range of different types of services. Services
are being provided today in a distributed manner in a connectionless environment requiring
cooperation of several components and actors. This paper focuses on the incremental means to
ensure access to services for authorized users only by composing authentication and authorization
patterns and services. We propose a novel framework of authentication and authorization patterns
for securing access to services for authorized users only, and we demonstrate how the patterns can
be dynamically composed with services using a policy-driven approach.

Index Terms
authentication, authorization, access control, policy, service composition