Web Services Enabled E-Market Access Control Model

With the dramatic expansion of global e-markets, companies collaborate more and more in order to streamline their supply chains. Small companies often form coalitions to reach the critical mass required to bid on large volume or wide ranges of products. Meanwhile, they also compete with one another for market shares. Because of the complex relationships among companies, controlling the access to shared information found in e-markets is a challenging task. Currently, there is a lack of comprehensive access control approaches that can be used to maintain data security in e-markets. We propose to integrate several known access control mechanisms such as role-based access control, coalition-based access control, and relationship driven access control into an e-market access control model (EMAC). In this chapter, we present a Web services-based architecture for EMAC and the associated concepts and algorithms. We also illustrate, via an automotive e-market example, how the EMAC model can support e-market access control.

Download Full-text

Web Services Enabled E-Market Access Control Model

Information Security and Ethics ◽

10.4018/978-1-59904-937-3.ch057 ◽

2008 ◽

pp. 818-836

Author(s):

Harry Wang ◽

Hsing K. Cheng ◽

Leon Zhao

Keyword(s):

Web Services ◽

Access Control ◽

Market Access ◽

Critical Mass ◽

Control Model ◽

Control Mechanisms ◽

Access Control Model ◽

Shared Information ◽

Role Based ◽

Complex Relationships

Download Full-text

An attribute and role based access control model for Web services

2005 International Conference on Machine Learning and Cybernetics ◽

10.1109/icmlc.2005.1527144 ◽

2005 ◽

Cited By ~ 3

Author(s):

Miao Liu ◽

He-Qing Guo ◽

Jin-Dian Su

Keyword(s):

Web Services ◽

Access Control ◽

Control Model ◽

Role Based Access Control ◽

Access Control Model ◽

Role Based

Download Full-text

Context-Aware Environment-Role-Based Access Control Model for Web Services

2008 International Conference on Multimedia and Ubiquitous Engineering (mue 2008) ◽

10.1109/mue.2008.77 ◽

2008 ◽

Cited By ~ 5

Author(s):

Chun-Dong Wang ◽

Ting Li ◽

Li-Chun Feng

Keyword(s):

Web Services ◽

Access Control ◽

Control Model ◽

Role Based Access Control ◽

Context Aware ◽

Access Control Model ◽

Role Based

Download Full-text

An Overview of the HIPAA-Compliant Privacy Access Control Model

Healthcare Information Systems and Informatics ◽

10.4018/978-1-59904-690-7.ch003 ◽

2011 ◽

pp. 40-67

Author(s):

Vivying S.Y. Cheng ◽

Patrick Hung

Keyword(s):

Web Services ◽

Access Control ◽

Health Information ◽

Control Model ◽

National Standards ◽

Personal Health Information ◽

Access Control Model ◽

Layered Architecture ◽

Role Based ◽

Privacy Issues

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a set of rules to be followed by health plans, doctors, hospitals and other healthcare providers in the United States of America. HIPAA privacy rules create national standards to protect individuals’ health information; it is therefore necessary to create standardized solutions to tackle the various privacy issues. This chapter focuses on the e-healthcare privacy issues based on a prior extension of role-based access control (RBAC) model. We review an access control enforcement model in Web services for tackling HIPAA privacy rules and protecting personal health information (PHI) called the Privacy Access Control Model. First, we discuss related backgrounds of, and privacy requirements in the HIPAA legislation. Next, four privacy-related entities (purposes, recipients, obligations, and retentions) are incorporated into the core RBAC model. The HIPAA rules are then embedded into the extended RBAC model as constraints. Then, we present a vocabulary-independent Web services privacy framework in a layered architecture for supporting healthcare applications.

Download Full-text