Today's Web applications are often compositions of distributed yet interconnected services that offer features and data through defined interfaces via standardized protocols. Providing a set of best practices for organizing and utilizing distributed capabilities, the service-oriented architecture design pattern largely contributed to this trend. To react on emerging customer requirements, using agile methodology for Web application development fits well in this context. While it allows promptly responding to change by adjusting the Web application architecture, security must be applied as a holistic approach throughout the entire Web application's lifecycle. There is a need for a flexible, expressive and easy-to-use way to model a Web application's architecture with a strong emphasis on security. This article discusses our work on extending the WebComposition Architecture Model towards a semantically enriched description of a Web application's architecture. For enabling systematic exploitation of such architecture descriptions, we utilize W3C's WebID identity mechanism, the WAC authorization method, and fine-grained filters. We explain how WebID can be applied to allow Web services to mutually authenticate and exchange data, e. g., interface definitions and service parameters, in a controlled way.
About the authors
Dipl.-Inf. Stefan Wild is a researcher at Technische Universität Chemnitz and member of the chair for Distributed and Self-organizing Systems. Prior to that position, he worked for several years as a software developer at IBM Germany R&D. His research focuses on Trustworthy Social Networks. He is interested in the topics of Identity Management, Crowdsourcing and Social Business Computing.
Technische Universität Chemnitz, Str. der Nationen 62, 09111 Chemnitz, Germany, Tel.: +49-371-53139658, Fax: +49-371-531839658
Prof. Dr.-Ing. Martin Gaedke is Full Professor at the Department of Computer Science at the Technische Universität Chemnitz, and owner of the chair for Distributed and Self-organizing Systems. His research focuses on the Internet of Services, Web Engineering, and Business Agility.
Technische Universität Chemnitz, Str. der Nationen 62, 09111 Chemnitz, Germany, Tel.: +49-371-53125530, Fax: +49-371-53125539
©2014 Walter de Gruyter Berlin/Boston