METHOD AND SYSTEM FOR ACCESS CONTROL IN DISTRIBUTED OBJECT-ORIENTED SYSTEMS

摘要

The invention relates to a method and a system for accessing services provided by network resources in communication networks. Access to service capabilities is controlled at the application level by controlling the access through a gateway wherein an object-oriented service architecture, based on abstracted application programming interfaces (APIs), is implemented. Preferably, the service architecture is defined in OSA/Parlay standards. Access control is carried out by means of a logical entity, the Service Reference Monitor (SRM), which is linked to the gateway and configured so that it intercepts all the communications passing between the client applications and the gateway. The SRM captures the object reference to the service capability and assigns to the object reference a lifetime. At the expiry of the lifetime, the SRM destroys the service capability. According to the present invention, the probability of a malicious attack is lowered by limiting the time window of the life of the access to a service.