About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
ICWS 2006
Conference paper
Adding authentication to model driven security
Abstract
As Service-Oriented Architecture has become popular, security has been a critical issue in multiple security domains using the WS-Security framework. The authentication requirements depend on the application semantics, but configuring authentication is very difficult for someone who is not a security expert, such as an application developer, because it is necessary to understand platform-specific security features and authentication mechanisms. To resolve these difficulties, we propose a framework for platformindependent security configuration based on the Model Driven Architecture. In this paper, we introduce a security qualifier, which is an abstract annotation for specifying authenticated identity on a platform-independent model, and a Security Infrastructure Model which is a model including the platform information required for creating security policies. These ideas make authentication configuration possible without understanding the platform-specific information, such as the federation of the security domain and the relationships of trust between the servers. Our framework allows a non-security expert to configure security easily. We show how to configure the authentication for an ID propagation scenario and discuss advantages of our framework compared to existing tools. © 2006 IEEE.