Web Services Security

RBAC (role-based access control)

motivation for, 35

and XACML, 121

ReauthenticateOnOrAfter, 212

register service (XKMS), 154–156

RelayState, 211

replay attacks, and SOAP-SEC, 77

RequestDenied, 116

RequestID, 245

Requestor, 116

RequestVersionDeprecated, 116

RequestVersionTooHigh, 116

RequestVersionTooLow, 116

ResourceNotRecognized, 116

Responder, 116

routing

among multiple parties, 17–18

between multiple Web services, 48–50

RSA encryption, 26, 52

rules, XACML

“deny” rule, 124–125

obligations in, 124

rule conditions, use of functions in, 123–124

rule definition (target, effect, conditions), 122

typical code for, 122–123