DESIGN AND IMPLEMENTATION OF THE WEB SERVICES AUTHORIZATION ARCHITECTURE

Abstract

A Web service is any service that is available over the Internet that uses a standardized messaging system and is not tied to any one operating system or programming language. This dissertation proposes an authorization architecture for Web services. It describes the architectural framework, the administration and runtime aspects of our architecture and its components for secure authorization of Web services as well as the support for the management of authorization information. The dissertation also describes authorization algorithms that support various . possibilities of collecting credentials required to authorize a client's request. The proposed architecture has several benefits. It is able to support legacy applications exposed as Web services as well as new Web . . service base applications. It can support multiple access control models and mechanisms and is decentralized and distributed and provide flexible management and administration of web services and related information. To test the feasibility of our architecture, it is integrated in the Healthcare domain. The architecture is implemented within the NET framework using C# as a programming language.