TY - JOUR
T1 - A Security Policy Model for Agent Based Service-Oriented Architectures
AU - Hermann, Eckehard
PY - 2011/8
Y1 - 2011/8
N2 - During the last years service oriented architectures (SOA) have gained in importance, when looking at today's implementation of business processes. A SOA is a loosely coupled system of services, where a service is implemented by an agent. The protection of information and data objects and their well-directed flow are essential for the success of enterprises, which also applies to the communication inside a SOA. To guarantee an approved protection of data objects and to prevent an illegal information flow, approved security policy models are chosen that are suitable for the considered use case. The Limes Security Model [1] is based on a not necessarily symmetric, not necessarily reflexive and not necessarily transitive conflict of interest relation. The model is introduced for pure subject/object relationships, where agents are not taken into account. The current paper extends the Limes Security Model by the support of agents, suitable for the use in a SOA.
AB - During the last years service oriented architectures (SOA) have gained in importance, when looking at today's implementation of business processes. A SOA is a loosely coupled system of services, where a service is implemented by an agent. The protection of information and data objects and their well-directed flow are essential for the success of enterprises, which also applies to the communication inside a SOA. To guarantee an approved protection of data objects and to prevent an illegal information flow, approved security policy models are chosen that are suitable for the considered use case. The Limes Security Model [1] is based on a not necessarily symmetric, not necessarily reflexive and not necessarily transitive conflict of interest relation. The model is introduced for pure subject/object relationships, where agents are not taken into account. The current paper extends the Limes Security Model by the support of agents, suitable for the use in a SOA.
KW - information flow control
KW - principal agent theory
KW - security models
KW - service-oriented architectures
UR - http://www.scopus.com/inward/record.url?scp=80052335954&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-23300-5_2
DO - 10.1007/978-3-642-23300-5_2
M3 - Article
SN - 0302-9743
VL - 6908
SP - 13
EP - 25
JO - Lecture Notes in Computer Science
JF - Lecture Notes in Computer Science
IS - 6908
ER -