Delegation of access rights in multi-domain service compositions
Today, it becomes more and more common to combine services from different providers into one application. Service composition is however difficult and cumbersome when there is no common trust anchor. Hence, delegation of access rights across trust domains will become essential in service composition scenarios. This article specifies abstract delegation, discusses theoretical aspects of the concept, and provides technical details of a validation implementation supporting a variety of access controls and associated delegation mechanisms. Abstract delegation allows to harmonize the management of heterogeneous access control mechanisms and to offer a unified user experience. The authors observe standardization efforts to reduce application and domain-specific delegation mechanisms, but this variety is very unlikely to completely disappear.
- Delegation of access rights in multi-domain service compositions
- Open Access
- Available under Open Access This content is freely available online to anyone, anywhere at any time.
Identity in the Information Society
Volume 2, Issue 2 , pp 137-154
- Cover Date
- Online ISSN
- Springer Netherlands
- Additional Links
- Access control
- Composite services
- Service oriented architectures
- Industry Sectors