Since a few years Service Oriented Architecture has been constantly gaining interest in the IT world. This is no surprise, as the idea itself is very powerful. Development of computer systems out of loosely coupled software services connected via Internet is what most of us did not even dreamed about a few years ago. Solving computational problems should now be as easy as playing with building bricks. Additionally this leads us to an open environment where anyone can join at any time, either as a client or as a service provider.
Despite of many patently obvious advantages, this approach causes also certain new problems, with the authorization being one of the most important of them. In the real world each service provider needs a reliable way to decide whether a client should be allowed to perform certain operation on a given service. This is relatively easy in a limited and static environments, but incomparably much more difficult when considering a truly open environment. Solving this problem requires applying techniques more effective than contemporary.