Jump to main content Hotkeys
Distributed and Self-organizing Systems
Distributed and Self-organizing Systems

PUBLICATION

Utilizing Architecture Models for Secure Distributed Web Applications and Services

Type

Journal Article

Year

2014

Authors

wild

gaedke

Research Area

Intelligent Information Management

Event

Special Issue: Architecture of Web Application / René Peinl

Published in

it - Information Technology

ISBN/ISSN

1611-2776

Download

PDF

Abstract

Today's Web applications are often compositions of distributed yet interconnected services that offer features and data through defined interfaces via standardized protocols. Providing a set of best practices for organizing and utilizing distributed capabilities, the service-oriented architecture design pattern largely contributed to this trend. To react on emerging customer requirements, using agile methodology for Web application development fits well in this context. While it allows promptly responding to change by adjusting the Web application architecture, security must be applied as a holistic approach throughout the entire Web application's lifecycle. There is a need for a flexible, expressive and easy-to-use way to model a Web application's architecture with a strong emphasis on security. This article discusses our work on extending the WebComposition Architecture Model towards a semantically enriched description of a Web application's architecture. For enabling systematic exploitation of such architecture descriptions, we utilize W3C's WebID identity mechanism, the WAC authorization method, and fine-grained filters. We explain how WebID can be applied to allow Web services to mutually authenticate and exchange data, e. g., interface definitions and service parameters, in a controlled way.

Reference

Wild, Stefan; Gaedke, Martin: Utilizing Architecture Models for Secure Distributed Web Applications and Services. it - Information Technology, pp. 112-118, 2014.



Powered by DGS
Edit list (authentication required)

Press Articles