| Abstract | One under-addressed issue in the field of Web Services composition is authentication between disparate services using different authentication methods or protocols. A Single Sign-On (SSO) framework reduces the burden on the end user to provide authentication credentials to these separate services; thus it is a desirable feature for systems and applications that are based on multiple Web Services. However, true SSO is not feasible in a Web Services context, as individual services can be provided by any parties; they may have arbitrary authentication methods, credential types, or protocols, and may not have an existing trust or federation arrangement with a given external authentication system. Due to these factors, it is valuable to provide a specialized service that can provide authentication information seamlessly to the services selected for a given service-enabled process. This paper introduces a unified authentication framework for accessing heterogeneous Web Services. We propose a credential storage and retrieval mechanism to store authentication data and pass that data to corresponding Web Services clients. Hence, this framework enables authenticated access to Web Services implemented with arbitrary access control methods. |
|---|
