| 摘要 |
Method and apparatus for checking an aggregated web service requested by a terminal user (200). A web service authentication node (208) receives and stores a published description of the aggregated web service, as offered from a primary web service provider (204) and involving one or more sub-services offered from one or more secondary web service providers (206a,b). When the authentication node (208) receives a request made by the user for the aggregated web service, it is checked whether the sub-services and secondary service providers of the aggregated web service are acceptable for the user according to a policy of the user. If all sub-services and secondary service providers are deemed acceptable or safe, the aggregated web service can be authenticated. Otherwise, the request is rejected or the user is warned that the aggregated web service is deemed unsafe. Thereby, access to sensitive user data by secondary service providers can be controlled and made visible. |
