An adaptive authentication and authorization model for service-oriented enterprise computing
Service-oriented enterprise computing is an integration architectural style aimed to expose and consume coarse-grained and fine-grained modularization of business functionalities as services that are being deployed in the loosely coupled organizational environment. The web service is the implementa...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Elsevier
2021-12-01
|
| Series: | Kuwait Journal of Science |
| Online Access: | https://journalskuwait.org/kjs/index.php/KJS/article/view/10745 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849471162930692096 |
|---|---|
| author | Mohamed Ibrahim Beer Mohamed Mohd Fadzil Hassan |
| author_facet | Mohamed Ibrahim Beer Mohamed Mohd Fadzil Hassan |
| author_sort | Mohamed Ibrahim |
| collection | DOAJ |
| description |
Service-oriented enterprise computing is an integration architectural style aimed to expose and consume coarse-grained and fine-grained modularization of business functionalities as services that are being deployed in the loosely coupled organizational environment. The web service is the implementation technology of service-oriented architecture (SOA) where it is built on the existing networking and web interfacing standards as it has to use the web as a medium of communication and does not have any specialized in-built layer for security. The majority of the vendor security products in the market need specialized hardware/software components, eventually they break the standards and principles of service-oriented architecture. The traditional way of problem-solving is not effective for developing security solutions for service-oriented computing, as its boundaries keep expanding beyond a single organizational environment due to the advent of communication and business technologies such as the Internet of Things (IoT), hyper-personalization, and edge computing. Hence, it is a mandatory entity in this digital age of enterprise computing to have a specialized authentication and authorization solution exclusively for addressing the existing security gaps in SOA in an adaptive way-forward approach. In this paper, the security gaps in the existing Identity and Access Management (IDAM) solutions for service-oriented enterprise computing are analyzed, and a novel intelligent security engine which is packed with extended authentication and authorization solution model for service consumption is presented. The authentication and authorization security requirements are considered as cross-cutting concerns of SOA implementation and the solution is constructed as Aspect Oriented Programming (AOP) advices, which enables the solution can be attached as ‘plug & play’ component without changing the underlying source code of the service implementation. For Proof-of-Concept (PoC), the proposed authentication and authorization security model is tested in a large-scale service-oriented enterprise computing environment, and the results have been analyzed statistically. It is evident from the results that the proposed security model addresses security issues comparatively better than existing security solutions.
|
| format | Article |
| id | doaj-art-7669cce85bc7459ca64f7524e778f2dd |
| institution | Kabale University |
| issn | 2307-4108 2307-4116 |
| language | English |
| publishDate | 2021-12-01 |
| publisher | Elsevier |
| record_format | Article |
| series | Kuwait Journal of Science |
| spelling | doaj-art-7669cce85bc7459ca64f7524e778f2dd2025-08-20T03:24:56ZengElsevierKuwait Journal of Science2307-41082307-41162021-12-0149110.48129/kjs.v49i1.10745An adaptive authentication and authorization model for service-oriented enterprise computingMohamed Ibrahim0Beer MohamedMohd Fadzil Hassan1Research ScholarAssociate Professor Service-oriented enterprise computing is an integration architectural style aimed to expose and consume coarse-grained and fine-grained modularization of business functionalities as services that are being deployed in the loosely coupled organizational environment. The web service is the implementation technology of service-oriented architecture (SOA) where it is built on the existing networking and web interfacing standards as it has to use the web as a medium of communication and does not have any specialized in-built layer for security. The majority of the vendor security products in the market need specialized hardware/software components, eventually they break the standards and principles of service-oriented architecture. The traditional way of problem-solving is not effective for developing security solutions for service-oriented computing, as its boundaries keep expanding beyond a single organizational environment due to the advent of communication and business technologies such as the Internet of Things (IoT), hyper-personalization, and edge computing. Hence, it is a mandatory entity in this digital age of enterprise computing to have a specialized authentication and authorization solution exclusively for addressing the existing security gaps in SOA in an adaptive way-forward approach. In this paper, the security gaps in the existing Identity and Access Management (IDAM) solutions for service-oriented enterprise computing are analyzed, and a novel intelligent security engine which is packed with extended authentication and authorization solution model for service consumption is presented. The authentication and authorization security requirements are considered as cross-cutting concerns of SOA implementation and the solution is constructed as Aspect Oriented Programming (AOP) advices, which enables the solution can be attached as ‘plug & play’ component without changing the underlying source code of the service implementation. For Proof-of-Concept (PoC), the proposed authentication and authorization security model is tested in a large-scale service-oriented enterprise computing environment, and the results have been analyzed statistically. It is evident from the results that the proposed security model addresses security issues comparatively better than existing security solutions. https://journalskuwait.org/kjs/index.php/KJS/article/view/10745 |
| spellingShingle | Mohamed Ibrahim Beer Mohamed Mohd Fadzil Hassan An adaptive authentication and authorization model for service-oriented enterprise computing Kuwait Journal of Science |
| title | An adaptive authentication and authorization model for service-oriented enterprise computing |
| title_full | An adaptive authentication and authorization model for service-oriented enterprise computing |
| title_fullStr | An adaptive authentication and authorization model for service-oriented enterprise computing |
| title_full_unstemmed | An adaptive authentication and authorization model for service-oriented enterprise computing |
| title_short | An adaptive authentication and authorization model for service-oriented enterprise computing |
| title_sort | adaptive authentication and authorization model for service oriented enterprise computing |
| url | https://journalskuwait.org/kjs/index.php/KJS/article/view/10745 |
| work_keys_str_mv | AT mohamedibrahim anadaptiveauthenticationandauthorizationmodelforserviceorientedenterprisecomputing AT beermohamed anadaptiveauthenticationandauthorizationmodelforserviceorientedenterprisecomputing AT mohdfadzilhassan anadaptiveauthenticationandauthorizationmodelforserviceorientedenterprisecomputing AT mohamedibrahim adaptiveauthenticationandauthorizationmodelforserviceorientedenterprisecomputing AT beermohamed adaptiveauthenticationandauthorizationmodelforserviceorientedenterprisecomputing AT mohdfadzilhassan adaptiveauthenticationandauthorizationmodelforserviceorientedenterprisecomputing |