[Access control mechanisms for authentication in markup language XACML, SAML for a web service]
I would take this opening to express gratitude my study supervisor, family and associates for their support and guidance without which this study would not have been possible.
I, [type your full first titles and last name here], declare that the contents of this dissertation/thesis represent my own unaided work, and that the dissertation/thesis has not before been submitted for learned written test in the direction of any qualification. Furthermore, it comprises my own opinions and not inevitably those of the University.
Signed __________________ Date _________________
Access control mechanisms for authentication in markup language XACML, SAML for a web service
Web Service technology is changing the nature of business by their services to companies around the world on the grid. This makes Web services security and privacy importantly, facilitating access to services. In addition, privacy and security needed for the web and technical assistance in the frame to it all the more gratifying for the demanding business operations. The interest in policy specification languages is increasing thanks to the proliferation of authorization solutions that need to define their resource access policies by means of them. These solutions define their own policy syntax, usually based on XML, which involves the definition of non-interoperable policies and non-heterogeneous environments. XACML has been defined with that purpose and is getting more and more acceptance for those types of environments as a valid alternative to proprietary policies. In this paper, we present the definition of the whole policies set needed in an authorization scenario, specifically, the NAS-SAML, which defines a network access control service based on SAML and the AAA architecture.
The purpose of the study are two related security and privacy standards for Web services to discuss, namely, SAML ((Beatty, 2003) and XACML (OASIS, 2005). SAML is an XML-based framework for communicating user authentication, rights and the Internet (Anderson, Josephson, anger, Simon, Palekar, 2004).. In other movements, managed SAML client authentication, and therefore is to obtain data for authorization (access control) attribute.
Problem Statement
Traditionally, network access control to the login / password mechanism for authentication of users requires different nested grids, which provides a very limited degree of security. Other systems for a more sophisticated approach to mutual authentication via X.509 certificates, identity is based, and therefore provides a higher level of security that public key cryptography uses. These systems are particularly useful for that Internet service provider ...