An Implementation Model for Privacy Aware Access Control in Web Services Environment

The on demand generation of source code and its execution is essential if computers are expected to play an active role in information discovery and retrieval. This paper presents a model of implementation of a source code generator, whose purpose is to generate source code on demand. Theimplementation of the source code generator is fully configurable and its adoption to a new application is done by changing the generator configuration and not the generator itself. The advantage of using the source code generator is rapid and automatic development of a family of application once necessary program templates and generator configuration are made. The model of implementation of the source code generator is general and implemented source code generator can be used in differentareas. We use a source code generator for dynamic generation of ontology supported Web services for data retrieval and for building of different kind of web application.

Download Full-text

Access control enforcement for conversation-based web services

Proceedings of the 15th international conference on World Wide Web - WWW '06 ◽

10.1145/1135777.1135818 ◽

2006 ◽

Cited By ~ 30

Author(s):

Massimo Mecella ◽

Mourad Ouzzani ◽

Federica Paci ◽

Elisa Bertino

Keyword(s):

Web Services ◽

Access Control

Download Full-text

Interoperable Access Control for Geo Web Services in Disaster Management

Remote Sensing and GIS Technologies for Monitoring and Prediction of Disasters - Environmental Science and Engineering ◽

10.1007/978-3-540-79259-8_10 ◽

2008 ◽

pp. 167-178 ◽

Cited By ~ 1

Author(s):

Jan Herrmann

Keyword(s):

Web Services ◽

Access Control ◽

Disaster Management

Download Full-text

A mechanism for operation level role based access control in web services

2017 7th International Conference on Communication Systems and Network Technologies (CSNT) ◽

10.1109/csnt.2017.8418571 ◽

2017 ◽

Author(s):

Ritendra Patel ◽

Urjita Thakar ◽

Vandan Tewari

Keyword(s):

Web Services ◽

Access Control ◽

Role Based Access Control ◽

Role Based

Download Full-text

Privacy Aware Access Control

International Journal of Information Technologies and Systems Approach ◽

10.4018/ijitsa.2017070102 ◽

2017 ◽

Vol 10 (2) ◽

pp. 17-30

Author(s):

Rekha Bhatia ◽

Manpreet Singh Gujral

Keyword(s):

Web Services ◽

Access Control ◽

Research Work ◽

Data Access ◽

The Internet ◽

Sensitive Information ◽

Human Right ◽

Ready Availability ◽

Control Technologies ◽

Technical Solutions

Due to the ever increasing number of web services available through the Internet, the privacy as a fundamental human right is endangered. Informed consent and collection of information are two important aspects while interacting on the Internet through web services. The ease of data access and the ready availability of it through Internet, made it easier for interested parties to intrude into the individual's privacy in unprecedented ways. The regulatory and technical solutions adopted to curb this have achieved only a limited success. The main culprits in this regard are the incompatibilities in the regulatory measures and standards. This research work focuses on privacy preserving access control for sharing sensitive information in the arena of web services, provides some recent outlooks towards the critical need of privacy aware access control technologies and a comprehensive review of the existing work in this arena. Besides, a novel framework for privacy aware access to web services is also provided.

Download Full-text

A Literature Review on Trust Management in Web Services Access Control

International Journal on Web Service Computing ◽

10.5121/ijwsc.2013.4301 ◽

2013 ◽

Vol 4 (3) ◽

pp. 1-19 ◽

Cited By ~ 2

Author(s):

Joseph Manoj R ◽

Chandrasekar A

Keyword(s):

Literature Review ◽

Web Services ◽

Access Control ◽

Trust Management

Download Full-text

Access Control and Information Flow Control for Web Services Security

International Journal of Information Technology and Web Engineering ◽

10.4018/ijitwe.2016010103 ◽

2016 ◽

Vol 11 (1) ◽

pp. 44-76 ◽

Cited By ~ 2

Author(s):

Saadia Kedjar ◽

Abdelkamel Tari ◽

Peter Bertok

Keyword(s):

Web Services ◽

Access Control ◽

Flow Control ◽

Information Flow ◽

Information Flow Control ◽

User Access ◽

Web Services Security ◽

Information Confidentiality ◽

Security Standards

With the advancement of web services technology, security has become an increasingly important issue. Various security standards have been developed to secure web services at the transport and message level, but application level has received less attention. The security solutions at the application level focus on access control which cannot alone ensure the confidentiality and integrity of information. The solution proposed in this paper consists on a hybrid model that combines access control (AC) and information flow control (IFC). The AC mechanism uses the concept of roles and attributes to control user access to web services' methods. The IFC mechanism uses labels to control how the roles access to the system's objects and verify the information flows between them to ensure the information confidentiality and integrity. This manuscript describes the model, gives the demonstration of the IFC model safety, presents the modeling and implementation of the model and a case study.

Download Full-text