Delegation of access rights in multi-domain service compositions

Laurent Bussard, Anna Nano, and Ulrich Pinsdorf

Abstract

Today, it becomes more and more common to combine services from different providers into one application. Service composition is however difficult and cumbersome when there is no common trust anchor. Hence, delegation of access rights across trust domains will become essential in service composition scenarios. This article specifies abstract delegation, discusses theoretical aspects of the concept, and provides technical details of a validation implementation supporting a variety of access controls and associated delegation mechanisms. Abstract delegation allows to harmonize the management of heterogeneous access control mechanisms and to offer a unified user experience. The authors observe standardization efforts to reduce application and domainspecific delegation mechanisms, but this variety is very unlikely to completely disappear.

Details

Publication typeArticle
Published inIdentity in the Information Society
URLhttp://www.springerlink.com/content/020524p066765742/
VolumeOnlineFirst
PublisherSpringer Verlag
> Publications > Delegation of access rights in multi-domain service compositions