Show simple item record

dc.creatorKorkeala, Markku
dc.date.accessioned2016-08-03T07:05:11Z
dc.date.available2016-08-03T07:05:11Z
dc.identifier.urihttp://dspace.cc.tut.fi/dpub/handle/123456789/24238
dc.description.abstractIdentity and Access Management systems are usually fundamental services in organizations. In Service-Oriented Architecture (SOA) they can be used to provide three different services: authentication, authorization and information about users and their access rights. For the latter, there has not been a widely used standard in SOA to provide user information to other services. System for Cross-domain Identity Management (SCIM) is a new emerging Representational state transfer (REST) based standard to help provision user information to cloud services. This Master Thesis discusses how SCIM can be used to provide user information to consuming services in a SOA based solution. The first part of the thesis studies what are the advantages and disadvantages using REST based solutions compared to SOAP based solutions. Based on a literary review, REST has better performance, measured by throughout put, and it is independent of data format. SOAP has the advantage of being very standardized and has mature tools and frameworks compared to REST. REST is more based on conventions than standards, so tools and frameworks behave differently which might lead to interoperability problems. The second part of the thesis focuses on whether SCIM can be used to provide user information service to consuming services. Three scenarios were designed and implemented in SCIM to find out whether the access right model of the SCIM is expressive enough and whether the resources defined by SCIM provide a required set of attributes. The presented scenarios have different requirements: the first one models internal access rights of an organization, the second scenario a use case in which an organization offers services to its customers and the third one a use case in which role based access rights are restricted to certain objects. The last two scenarios required extending the SCIM core resource schema. The models were tested in a proof-of-concept implementation and they were able to fulfill all the requirements. This indicates that SCIM can be used to implement user and user’s access right information service. To conclude, a five step process is presented that an organization can use to assess if SCIM is suitable for its use.en
dc.format.extentx, 79
dc.format.mimetypeapplication/pdf
dc.language.isoenen
dc.rightsThis publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
dc.titleSystem for Cross-domain Identity Management for Access Control of SOA Servicesen
dc.title.alternativeSystem for Cross-domain Identity Management palveluiden pääsynhallintaan palvelupohjaisessa arkkitehtuurissa
dc.identifier.urnURN:NBN:fi:tty-201608034381
dc.contributor.laitosTietotekniikan laitos – Department of Pervasive Computingen
dc.contributor.tiedekuntaTieto- ja sähkötekniikan tiedekunta – Faculty of Computing and Electrical Engineeringen
dc.contributor.yliopistoTampereen teknillinen yliopisto - Tampere University of Technology
dc.programmeTietotekniikan koulutusohjelmaen
dc.date.published2016-08-17
dc.permissionPermission granteden
dc.contributor.thesisadvisorSystä, Kari
dc.contributor.degreesupervisorHelenius, Marko
dc.contributor.degreesupervisorSystä, Kari
dc.type.ontasotDiplomityö - Master's thesis


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record