Approaches to Specification and Enforcement of Security Policies
In SOA-Security-Kompendium, a variety of security aspects to be observed with SOA based on Web services and ways to cope with them is described. Approaches to cope with security policy enforcement in general, and of Web services and business processes, in particular, being only part of what is contained there, will be discussed in this chapter. Possible methods include validation (or even verification) prior to execution, or by monitoring and intervening during execution of a program. In addition, because a BPEL-defined business process can itself be considered a Web service, approaches to specify security requirements of Web services and to solve security issues with Web services may also relate to business processes defined this way and, therefore, will be considered in this chapter, too.
KeywordsAccess Control Business Process Security Policy Access Control Policy Simple Object Access Protocol
Unable to display preview. Download preview PDF.