| On the distributed computing environment, there are some limitations to share information between different enterprises or institutions. Web Services has the characteristics of loosen-coupling, cross-platform and cross-language and so on. It can provide the solutions for communication between different programs. However, the security problems that Web Services meets in practice have been restricting the development and application of Web Services. Especially, when enterprises adopt different techniques to distribute authorization and control systems, access and request across the system border make it difficult and complex in establishing security strategies and realizing management systems. Current solutions of authorization and access control are researched in this paper, then their advantages and deficiencies analyzed. Finally this paper designs a Single Authorization Management System (SAM) based on SAML and XACML. SAM system adopts SAML exchange mechanism and XACML authorization description mechanism. SAM system effectively combines the merits of SAML and XACML, while making up their deficiencies. |
PDF Full Text Request