A Framework for Obligation Fulfillment in REST Services

John P. Field, Stephen G. Graham, Tom Maguire


An Obligation is an expression of non-functional or cross-cutting requirements, the scope of which transcends any specific service, but for which the service bears an enforcement responsibility. Example use cases include regulations imposed on handling of Electronic Health Records. We describe the concept of an Obligation, provide example use cases, and then define a general design pattern for when a REST developer should consider their use. We then describe a proof-of-concept implementation that extends the Spring Security framework to support the assertion of Obligations within a RESTful service deployment. This extension may be used to inject a range of Obligation behaviors into a REST service during the design, deployment, and post deployment phases. Our prototype is compatible with the XACML 3.0 core standard.


Bibliography Navigation: Reference List; Author Index; Title Index; Keyword Index

Generated by sharef2html on 2011-04-15, 02:00:41.