The management of web service access is a great challenge primarily in organizations with a high number of web services and various sorts of access authorization. Both organizational and technical hurdles have to be overcome. Technical barriers arise by different security requirements across various systems under consideration of economic conditions. Complex service interaction may be mentioned here, too. Organizational challenges comprehend the identification of requirements, managing the data access and management of changes to permissions. An important issue addresses the effective authorization of users via identity management systems. With established conceptual modeling languages the assignment of roles to the identity management software is an enormous organizational effort. To decrease administration costs we propose a direct connection between an identity management system and enterprise models which contain the organizational responsibilities. This paper describes a method developed at the University of Dresden exemplified in a research project for the construction and administration of an identity management system at the Universities in Hamburg.
Juhrisch, Martin; Dietz, Gunnar; Weller, Jens; and Esswein, Werner, "Towards Business Driven Web Service Authorization – Project Experiences in German University Administrations" (2009). AMCIS 2009 Proceedings. Paper 348.