Titelaufnahme

Titel
SOA security policy validation and authoring / von Stefan Prennschütz-Schützenau
VerfasserPrennschütz-Schützenau, Stefan
Begutachter / BegutachterinDustdar, Schahram ; Leitner, Philipp
Erschienen2010
Umfangxi, 125 S. : Ill.
HochschulschriftWien, Techn. Univ., Dipl.-Arb., 2010
Anmerkung
Zsfassung in dt. Sprache
SpracheEnglisch
DokumenttypDiplomarbeit
Schlagwörter (DE)SOA, Policy, WS-Security, WS-SecurityPolicy, Schematron, Validation, Best-practice
Schlagwörter (EN)SOA, Policy, WS-Security, WS-SecurityPolicy, Schematron, Validation, Best-practice
URNurn:nbn:at:at-ubtuw:1-42209 Persistent Identifier (URN)
Zugriffsbeschränkung
 Das Werk ist frei verfügbar
Dateien
SOA security policy validation and authoring [1.92 mb]
Links
Nachweis
Klassifikation
Zusammenfassung (Englisch)

A novel policy authoring Method that utilizes Schematron to validate abstract policy defintions against operational policy instances is examined. In a concrete case study, conformance of both (dynamic) WS-Security-augmented SOAP message exchanges and (static) WS-SecurityPolicy policies against WS-I's Basic Security Profile is assessed, by analyzing the results of the Schematron Validation Pipeline. An outline of how the approach can leveraged to express other macro-level security requirements - apart form "WS-I Conformance" - in form of an abstract schema(tron) constraints on policies is given, such as the way messages are to be secured or what algorithms are required.

The presentation concludes with a summation of experiments conducted and lessions for SOA practioners.