Research on Web Service-Oriented Access Control Model

Access control is an important technique which is used to protect system resources from damage by unauthorized users. With the advantage of web services, the access control module was released as web services interfaces. In order to control accessing to system resources and take advantage of web services,this paper proposes the web service-oriented access control (WSOAC) model. The development of access control is firstly introduced; after that the authors describe this model with two levels—platform and tenant and then present the execution process. At last, the paper summarizes the characteristics of the model and the next step.

Download Full-text

An Access Control Model for Workflow in Service Oriented Environment

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.16-19.288 ◽

2009 ◽

Vol 16-19 ◽

pp. 288-292 ◽

Cited By ~ 2

Author(s):

Yong He Wei ◽

Yong Ping Hao ◽

Yang Wang

Keyword(s):

Distributed Systems ◽

Web Services ◽

Access Control ◽

Control Model ◽

Comprehensive Approach ◽

Workflow Model ◽

Access Control Model ◽

Service Oriented ◽

Separation Of Duty

Workflow access control is an important issue in workflow security. Although there exist some standards for security of Web services and access control for services in distributed systems are well studied, there is a lack of comprehensive approach in access control for web services, especially in workflow. This paper proposes a service oriented workflow model and its access control model. The basic authorization unit is task service which is an abstraction of task in the access control model. In this context, we present the dynamic separation of duty based on task services and their conflict relations. Furthermore, we show this model satisfies access control requirements in workflow.

Download Full-text

Semantic Mapping for Access Control Model

Innovations in SMEs and Conducting E-Business ◽

10.4018/978-1-60960-765-4.ch014 ◽

2011 ◽

pp. 247-262

Author(s):

Yi Zhao ◽

Wolfgang A. Halang

Keyword(s):

Web Services ◽

Access Control ◽

Semantic Web ◽

Control Model ◽

Semantic Web Services ◽

Semantic Mapping ◽

Security Measures ◽

Access Control Model ◽

Attribute Based Access Control ◽

The Web

With the increasing development of the Semantic Web technologies, the Semantic Web has been introduced to apply in the Web Services to integrate data across different applications. For the Semantic Web Services to succeed it is essential to maintain the security of the organizations involved. Security is a crucial concern for commercial and mission critical applications in Web-based environments. To guarantee the security of the Web Services, security measures must be considered to protect against unauthorized disclosure, transfer, modification, or destruction, whether accidental or intentional. Access control is a kind of security measurements to guarantee the service processes, which is defined to allow resource owners to define, manage, and enforce the access conditions for each resource. In this chapter, an attribute based access control model with semantic mapping (SABAC, for short) is proposed to specify access control over attributes defined in domain ontologies. The model is built on the basis of XACML policy language. Semantic mapping process is proved to be syntactical, semantic, and structural. Our SABAC model between the service requester and service provider can make the access to the Semantic Web Services secure.

Download Full-text