CHARON framework - Access Control SOAP Services - SAC Requirements

Last Published: 2010-04-20

Main

Welcome
News

About CHARON

What is CHARON?
- What is Service Access Control (SAC)?
- SAC Requirements
- Terminology
- Existing Solutions
- CHARON Architecture
- CHARON Information Model
- CHARON - Sum up the facts
Features and Limitations

Get Components

Documentation

Project Information

CHARON Sub-Projects

Powered by

SANY

ORCHESTRA

SAC Requirements

The CHARON framework has been built with respect to some general requirements to a Service Access Control Architecture.

A favourable Service Access Control Architecture shall be

Flexible: The SAC is applicable for arbitrary services in a large variety of use cases
Non-intrusive:
- Service interfaces, implementations and messages may remain as they are
- Service Messages need not be changed by SAC
- Unsecured clients and services can communicate with secured counterparts
Scalable: An arbitrary number of SAC services can control an arbitrary number of protected services, for management, performance or organisational reasons
Standards based:
- To provide a maximum of interoperability
- To be able to use existing security building blocks
Extensible:
- To be able to incorporate additional security measures (like integrity, encryption)
- To be able to fulfil use case specific requirements (e.g. spatially restricted access)