Authentication and Authorization of Users and Services in Dynamic Military SOA Environments

• Autorzy: Jasiu B. , Śliwa J. , Piotrkowski R. , Goniacz R.
• Języki publikacji: EN

Abstrakty

EN

The problem of user authentication and authorization is usually being solved in a single system. Federated environment assumes heterogeneity of systems, which brings the problem of mutual users and services authentication and authorization. In this article the authors presented security requirements for cross domain information exchange in federated environments and a method of secure access to information resources on the basis of web services. Special attentionwas paid to authentication and authorization of users and services. As opportunities, there were presented solutions verified in multinational experimentations and exercises.

Słowa kluczowe

EN

authentication; authorization; military networks; SOA; web services

• Wydawca: Instytut Łączności - Państwowy Instytut Badawczy
• Czasopismo: Journal of Telecommunications and Information Technology
• Rocznik: 2011
• Tom: nr 1
• Strony: 54--61
• Opis fizyczny: Bibliogr. 8 poz., rys.

Twórcy

autor

Jasiu B.

autor

Śliwa J.

autor

Piotrkowski R.

autor

Goniacz R.

• Military Communication Institute, Warszawska st 22A, 05-130 Zegrze, Poland,

Bibliografia

• [1] NATO Network Enabled Feasibility Study Volume II: Detailed Report Covering a Strategy and Roadmap for Realizing an NNEC Networking and Information Infrastructure (NII), version 2.0.
• [2] Guide to Secure Web Services. NIST Special Publication 800-95, August 2007.
• [3] NATO Network Enabled Feasibility Study Volume I: Overview of the NATO Network-Centric Operational Needs and Implications for the Development of Net-Centric Solutions, version 2.0.
• [4] “NEC Security Research Strategy”, RTO-TR-IST-045 Tech. Rep.
• [5] ITU-T Recommendation X.805 – Security architecture for systems providing end-to-end communications.
• [6] “J. J. Brennan Information Assurance for SOA”, The Mitre Corporation, 2009.
• [7] RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, IETF, 2008.
• [8] “Assertions and Protocols for the OASIS, Security Assertion Markup Language, (SAML) V2.0, OASIS Standard”, 15 March 2005 [Online]. Available: http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf