Service-oriented architecture (SOA) is a rapidly growing design option expressing a perspective of software architecture that defines the use of loosely coupled (service) applications. This poses unique challenges on securing and governing data exchange. One of the most challenging parts is to provide means for reliable and secure access control to SOA services.
SOA services often return complex data objects to a requester. Hence, security requirements might request abilities of access control to a finer level of granularity than a service itself.
Ubiquitous computing environments of wireless connectivity and widespread diffusion of portable devices offer novel opportunities for users to share resources anywhere and at any time and to form ad-hoc coalitions. In such an environment, context-awareness emerges as a crucial aspect for access control.